Community discussions

MikroTik App
 
blackoutfolo
just joined
Topic Author
Posts: 19
Joined: Mon Apr 30, 2018 6:52 am

CGNAT nightmare

Sun May 02, 2021 7:22 am

Hello. As the title says I am looking for a way to port foward servers and services through a vpn install on vps and its public ip in order to get rid of this CGNAT nightmare that ISP provide to their clients. Many people are in this situation and are looking for a solution. Please take a look at these 2 scenarios to see how we can do it.
I specify that I do not want a solution based on Ngrok, zerotier or ssh reverse tunneling.
Image
Image
 
User avatar
MickeyT
Member Candidate
Member Candidate
Posts: 125
Joined: Tue Feb 18, 2020 7:06 am
Location: Australia

Re: CGNAT nightmare

Thu May 13, 2021 9:53 am

I agree that CGNAT causes nightmares. You will need to use OpenVPN with TCP as CGNAT causes all sorts of problems with UDP (MikroTik only supports TCP connections for OpenVPN at the moment and L2TP requires UDP).

Once you have the VPN tunnel setup you will need to:
  • Configure port forwarding from the VPS to the MikroTik over the VPN tunnel (Each service will require a unique dedicated port unless you have multiple Internet IPs).
  • Configure port forwarding on the MikroTik to the correct device (The external port needs to be unique - if you don't have multiple IPs - but not the port on the receiving device as you can configure port routing based on the incoming port).

This is a very basic overview of what you will need to do and you can, of course, do much more complex routing if you want.

Who is online

Users browsing this forum: adrianmartin16, almdandi, Amazon [Bot], Bing [Bot], marekm and 73 guests