Port Forwarding/Routing to work around IP conflict.

Posted: Mon Jun 22, 2020 7:52 pm
by gblackwo
I have an IP conflict that I'm trying to solve with a mAP router. Normally I would fix an IP conflict by changing a network on one of the ends, but I don't have that option here. In this case, I just need a few services to communicate.

Office LAN is, office router lives at

We have an IPSEC tunnel that advertises cellular devices onto a local office subnet at Workstations on can communicate with this subnet. In this scenario, a workstation at is trying to communicate with the end device.

The specific cellular modem WWAN IP is
The modem LAN IP is
Modem is forwarding certain service ports to on the mAP.

Mikrotik mAP ether1 address is
Mikrotik mAP bridge address is
The ether2 port (part of the bridge) is plugged into an unmanaged switch of the local equipment.

The local device on the bridge side of the mAP that we are attempting to communicate with lives at Unfortunately, I can't change this without breaking the equipment.

From a workstation at in the office, I can access the Mikrotik remotely at (winbox) and (webfig). This works fine. I've created filter rules and port forwards in the mAP to allow and send certain traffic (ports 2222 and 44818) onward to the local device at, but it is not working so far. I've tried marking the WAN connection and routing and tried to make sure responses to would be sent back up the WAN, but at this point I don't think the local device at is even seeing the initial syn sent. I tried putting a laptop on the local network with this address and ran wireshark and did not see anything.

I'm hoping someone can take a look at my NAT/mangle and routing rules and point out something dumb that I am doing.

Please let me know if I can add any additional information. Thanks for the help.