Community discussions

MikroTik App
 
User avatar
tonyganchev
just joined
Topic Author
Posts: 2
Joined: Wed Aug 03, 2022 9:22 pm

Problem with port forwarding

Wed Aug 03, 2022 9:34 pm

Hello,

I am new to MikroTik routers and I have problem with port forwarding.
Want to ssh my Raspberry PI outside my local network but after trying to access the MikroTik terminal is accessed from outside.
Seems the NAT config is not redirecting to 192.168.0.155 where the Raspberry PI is.

Here is my config ->
# aug/04/2022 21:30:01 by RouterOS 6.48.6
# software id = H8K9-XIZT
#
# model = RB760iGS
# serial number = 
/interface bridge
add name=bridge1
/interface ethernet
set [ find default-name=ether1 ] mac-address=D8:47:32:05:3C:B4
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp ranges=192.168.0.10-192.168.0.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge1 name=dhcp1
/interface bridge port
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ether5
add bridge=bridge1 interface=sfp1
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/ip settings
set accept-redirects=yes accept-source-route=yes
/interface list member
add interface=ether1 list=WAN
add list=LAN
add interface=bridge1 list=LAN
/ip address
add address=192.168.0.1/24 interface=bridge1 network=192.168.0.0
/ip dhcp-client
add disabled=no interface=ether1
/ip dhcp-server lease
add address=192.168.0.252 client-id=1:44:5c:e9:7c:a1:3c mac-address=\
    44:5C:E9:7C:A1:3C server=dhcp1
add address=192.168.0.155 client-id=1:b8:27:eb:81:5b:13 mac-address=\
    B8:27:EB:81:5B:13 server=dhcp1
/ip dhcp-server network
add address=192.168.0.0/24 gateway=192.168.0.1 netmask=24
/ip dns
set servers=0.0.0.0
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=WAN
add action=dst-nat chain=dstnat dst-address=31.13.xxx.xx dst-port=22 \
    in-interface=ether1 protocol=tcp to-addresses=192.168.0.155 to-ports=22
/ip service
set telnet disabled=yes
set www-ssl disabled=no
set api disabled=yes
set api-ssl disabled=yes
/system clock
set time-zone-name=Europe/Sofia
/system identity
set name=RouterOS

Thank you in advance !
 
User avatar
tonyganchev
just joined
Topic Author
Posts: 2
Joined: Wed Aug 03, 2022 9:22 pm

Re: Problem with port forwarding  [SOLVED]

Fri Aug 05, 2022 4:44 pm

Fixed the problem by making some changes on the routes

[admin@RouterOS] /ip firewall nat> print
Flags: X - disabled, I - invalid, D - dynamic 
 0    chain=dstnat action=dst-nat to-addresses=192.168.0.155 to-ports=22 protocol=tcp dst-address=xx.xx.xx.xx dst-port=33655 
      log=no log-prefix="" 

 1    chain=dstnat action=dst-nat to-addresses=192.168.0.155 protocol=tcp dst-address=xx.xx.xx.xx dst-port=80,443 log=no 
      log-prefix="" 

 2    chain=srcnat action=src-nat to-addresses=192.168.0.1 protocol=tcp src-address=192.168.0.0/24 dst-address=192.168.0.0/24 

 3    chain=srcnat action=masquerade out-interface-list=WAN log=no log-prefix=""
The third rule (2) is to access the local IP with the public IP from the local network

And by changing the MikroTik default ssh port from /ip service

Who is online

Users browsing this forum: Bing [Bot], mrz and 60 guests