I am trying to run a webcam plugged into ether1.

My backhaul link is on wlan1 and my hotspot is setup on interface wlan2

I am using NAT and have the public IP address of 64.74.213.78 coming to my mikrotik.

I cant seem to get it to go through my mikrotik to the webcam ion ether 1 with and IP of 192.168.251.10

Please help.. the webcam works great if connected locally to the mikrotik.. WE had a deadline of July first.. and that is now.. THe camera is working great, I just need outside connectivitiy

HELP please
javascript:emoticon(':oops:')
Embarassed

here is my current setup

[admin@DeerCreek] > export
# jan/01/2000 12:34:59 by RouterOS 2.8.27
# software id = D0YE-9B0
#
/ interface ethernet
set ether1 name="ether1" mtu=1500 arp=enabled disable-running-check=yes \
auto-negotiation=yes full-duplex=yes cable-settings=default speed=100Mbps \
disabled=no
set ether2 name="ether2" mtu=1500 arp=enabled disable-running-check=yes \
auto-negotiation=yes full-duplex=yes cable-settings=default speed=100Mbps \
disabled=no
/ interface wireless
set wlan1 name="wlan1" mtu=1500 arp=enabled disable-running-check=no \
prism-cardtype=200mW radio-name="00026F09A1E7" mode=station \
ssid="SurfnetAP6" frequency=2457 band=2.4ghz-b scan-list=default-ism \
rate-set=default supported-rates-b=1Mbps,2Mbps,5.5Mbps,11Mbps \
supported-rates-a/g="" basic-rates-b=1Mbps basic-rates-a/g="" \
max-station-count=2007 tx-power=default periodic-calibration=default \
fast-frames=no dfs-mode=none antenna-mode=ant-a wds-mode=disabled \
wds-default-bridge=none wds-ignore-ssid=no update-stats-interval=disabled \
default-authentication=no default-forwarding=yes hide-ssid=no \
802.1x-mode=none disconnect-timeout=3s on-fail-retry-time=100ms \
disabled=no
set wlan2 name="wlan2" mtu=1500 arp=reply-only disable-running-check=no \
prism-cardtype=200mW radio-name="00026F33AD65" mode=ap-bridge \
ssid="Surfnet" frequency=2452 band=2.4ghz-b scan-list=default-ism \
rate-set=default supported-rates-b=1Mbps,2Mbps,5.5Mbps,11Mbps \
supported-rates-a/g="" basic-rates-b=1Mbps basic-rates-a/g="" \
max-station-count=2007 tx-power=default periodic-calibration=default \
fast-frames=no dfs-mode=none antenna-mode=ant-a wds-mode=disabled \
wds-default-bridge=none wds-ignore-ssid=no update-stats-interval=disabled \
default-authentication=yes default-forwarding=no hide-ssid=no \
802.1x-mode=none disconnect-timeout=3s on-fail-retry-time=100ms \
disabled=no
/ interface wireless nstreme
set (unknown) enable-nstreme=no enable-polling=yes framer-policy=none \
framer-limit=3200
set (unknown) enable-nstreme=no enable-polling=yes framer-policy=none \
framer-limit=3200
/ interface wireless security
set wlan1 security=none algo-0=none key-0="" algo-1=none key-1="" algo-2=none \
key-2="" algo-3=none key-3="" transmit-key=key-0 sta-private-algo=none \
sta-private-key="" radius-mac-authentication=no
set wlan2 security=none algo-0=none key-0="" algo-1=none key-1="" algo-2=none \
key-2="" algo-3=none key-3="" transmit-key=key-0 sta-private-algo=none \
sta-private-key="" radius-mac-authentication=no
/ interface wireless align
set frame-size=300 active-mode=yes receive-all=no \
audio-monitor=00:00:00:00:00:00 filter-mac=00:00:00:00:00:00 ssid-all=no \
frames-per-second=25 audio-min=-100 audio-max=-20
/ interface wireless access-list
add mac-address=00:02:6F:33:AD:68 interface=wlan1 authentication=no \
forwarding=no skip-802.1x=no private-algo=none private-key="" comment="" \
disabled=no
add mac-address=00:02:6F:35:30:41 interface=wlan1 authentication=yes \
forwarding=yes skip-802.1x=no private-algo=none private-key="" comment="" \
disabled=no
/ interface bridge port
set ether1 bridge=none priority=128 path-cost=10
set ether2 bridge=none priority=128 path-cost=10
set wlan1 bridge=none priority=128 path-cost=10
set wlan2 bridge=none priority=128 path-cost=10
/ interface l2tp-server server
set enabled=no mtu=1460 mru=1460 authentication=mschap2,mschap1,chap,pap \
default-profile=default
/ interface pptp-server server
set enabled=no mtu=1460 mru=1460 authentication=mschap2,mschap1 \
keepalive-timeout=30 default-profile=default
/ ip pool
add name="wlan2-pool" ranges=192.168.230.100-192.168.230.254
add name="dhcp_pool1" ranges=192.168.254.100-192.168.254.254
add name="Basic" ranges=192.168.3.100-192.168.3.250
add name="Advanced" ranges=192.168.4.100-192.168.4.250
add name="Premium" ranges=192.168.5.100-192.168.5.250
add name="HotSpot" ranges=192.168.2.100-192.168.2.250
/ ip telephony region
/ ip telephony gatekeeper
set gatekeeper=none remote-id="" remote-address=0.0.0.0
/ ip telephony aaa
set use-radius-accounting=no interim-update=0s
/ ip telephony codec
move G.711-uLaw-64k/sw
move G.711-ALaw-64k/sw
move G.729A-8k/sw
move G.729-8k/sw
move G.723.1-6.3k/sw
move GSM-06.10-13.2k/sw
move LPC-10-2.5k/sw
/ ip service
set telnet port=23 address=0.0.0.0/0 disabled=no
set ftp port=21 address=0.0.0.0/0 disabled=no
set www port=8081 address=0.0.0.0/0 disabled=no
set hotspot port=80 address=0.0.0.0/0 disabled=no
set ssh port=22 address=0.0.0.0/0 disabled=no
set hotspot-ssl port=443 address=0.0.0.0/0 certificate=none disabled=no
/ ip upnp
set enabled=no allow-disable-external-interface=yes show-dummy-rule=yes
/ ip arp
/ ip socks
set enabled=no port=1080 connection-idle-timeout=2m max-connections=200
/ ip dns
set primary-dns=66.151.140.2 secondary-dns=192.168.171.1 \
allow-remote-requests=no cache-size="2048 kB" cache-max-ttl=7d
/ ip address
add address=192.168.254.1/24 network=192.168.254.0 broadcast=192.168.254.255 \
interface=ether2 comment="" disabled=no
add address=192.168.230.1/24 network=192.168.230.0 broadcast=192.168.230.255 \
interface=wlan2 comment="" disabled=no
add address=192.168.3.1/24 network=192.168.3.0 broadcast=192.168.3.255 \
interface=wlan2 comment="" disabled=no
add address=192.168.4.1/24 network=192.168.4.0 broadcast=192.168.4.255 \
interface=wlan2 comment="" disabled=no
add address=192.168.5.1/24 network=192.168.5.0 broadcast=192.168.5.255 \
interface=wlan2 comment="" disabled=no
add address=192.168.2.1/24 network=192.168.2.0 broadcast=192.168.2.255 \
interface=wlan2 comment="" disabled=no
add address=192.168.251.1/24 network=192.168.251.0 broadcast=192.168.251.255 \
interface=ether1 comment="" disabled=no
add address=64.74.213.78/32 network=64.74.213.78 broadcast=64.74.213.78 \
interface=wlan1 comment="" disabled=yes
/ ip firewall
set input name="input" policy=accept comment=""
set forward name="forward" policy=accept comment=""
set output name="output" policy=accept comment=""
add name="hotspot-temp" policy=none comment="limit unauthorized hotspot \
clients"
add name="hotspot" policy=none comment="account authorized hotspot clients"
/ ip firewall rule forward
add dst-address=192.168.251.10/32 action=accept comment="" disabled=no
add dst-address=192.168.242.242/32:80 protocol=tcp action=accept comment="" \
disabled=no
add dst-address=64.74.213.78/32 action=accept comment="" disabled=no
add in-interface=wlan2 action=jump jump-target=hotspot-temp comment="limit \
access for unauthorized hotspot clients" disabled=no
add action=jump jump-target=hotspot comment="account traffic for authorized \
hotspot clients" disabled=no
/ ip firewall rule hotspot
add dst-address=192.168.251.10/32 action=accept comment="" disabled=no
add dst-address=64.74.213.78/32 action=accept comment="" disabled=no
add dst-address=192.168.242.244/32:80 protocol=tcp action=accept comment="" \
disabled=no
/ ip firewall rule hotspot-temp
add flow=hs-auth action=return comment="return, if connection is authorized" \
disabled=no
add protocol=icmp action=return comment="allow ping requests" disabled=no
add dst-address=:53 protocol=udp action=return comment="allow dns requests" \
disabled=no
add dst-address=64.74.213.78/32 action=accept comment="" disabled=no
add dst-address=192.168.242.244/32:80 protocol=tcp action=accept comment="" \
disabled=no
add action=reject comment="reject access for unauthorized hotspot clients" \
disabled=no
/ ip firewall rule input
add dst-address=192.168.242.244/32:80 protocol=tcp action=accept comment="" \
disabled=no
add dst-address=192.168.251.10/32 action=accept comment="" disabled=no
add dst-address=64.74.213.78/32 action=accept comment="" disabled=no
add in-interface=wlan2 dst-address=:80 protocol=tcp action=jump \
jump-target=hotspot comment="account traffic from hotspot clients to \
hotspot servlet" disabled=no
add in-interface=wlan2 dst-address=:80 protocol=tcp action=accept \
comment="accept requests for hotspot servlet" disabled=no
add in-interface=wlan2 dst-address=:67 protocol=udp action=accept \
comment="accept requests for local DHCP server" disabled=no
add in-interface=wlan2 action=jump jump-target=hotspot-temp comment="limit \
access for unauthorized hotspot clients" disabled=no
/ ip firewall rule output
add src-address=:80 out-interface=wlan2 protocol=tcp action=jump \
jump-target=hotspot comment="account traffic from hotspot servlet to \
hotspot clients" disabled=no
/ ip firewall service-port
set ftp ports=21 disabled=no
set pptp disabled=yes
set gre disabled=yes
set h323 disabled=yes
set mms disabled=no
set irc ports=6667 disabled=no
set quake3 disabled=no
set tftp ports=69 disabled=no
/ ip firewall mangle
add dst-address=192.168.242.244/32:80 protocol=tcp action=accept \
mark-flow=hs-auth comment="" disabled=no
add dst-address=64.74.213.78/32 action=accept mark-flow=hs-auth comment="" \
disabled=no
add dst-address=192.168.251.10/32 action=accept mark-flow=hs-auth comment="" \
disabled=no
/ ip firewall src-nat
add src-address=192.168.251.0/24 action=masquerade comment="" disabled=yes
add src-address=192.168.251.10/32 action=nat to-src-address=64.74.213.78 \
comment="" disabled=yes
add src-address=192.168.0.0/16 action=nat to-src-address=192.168.242.244 \
comment="" disabled=no
add src-address=192.168.2.0/24 action=masquerade comment="" disabled=no
/ ip firewall dst-nat
add src-address=192.168.251.10/32 action=nat to-dst-address=64.74.213.78 \
comment="" disabled=yes
add dst-address=64.74.213.78/32 action=nat to-dst-address=192.168.251.10 \
comment="" disabled=no
add dst-address=192.168.242.244/32:80 protocol=tcp action=nat \
to-dst-address=192.168.251.10 to-dst-port=80 comment="" disabled=no
add in-interface=wlan2 protocol=tcp flow=!hs-auth action=redirect \
to-dst-port=80 comment="redirect unauthorized hotspot clients to hotspot \
service" disabled=no
add in-interface=wlan2 dst-address=:80 protocol=tcp action=redirect \
to-dst-port=80 comment="transparent HTTP proxy for hotspot clients" \
disabled=no
/ ip firewall connection tracking
set enabled=yes tcp-syn-sent-timeout=2m tcp-syn-received-timeout=1m \
tcp-established-timeout=5d tcp-fin-wait-timeout=2m \
tcp-close-wait-timeout=1m tcp-last-ack-timeout=30s \
tcp-time-wait-timeout=2m tcp-close-timeout=10s udp-timeout=30s \
udp-stream-timeout=3m icmp-timeout=30s generic-timeout=10m
/ ip accounting
set enabled=no threshold=256
/ ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ ip policy-routing
/ ip policy-routing rule
add src-address=0.0.0.0/0 dst-address=0.0.0.0/0 flow="" interface=all \
action=lookup table=main comment="" disabled=no
/ ip policy-routing table main
add dst-address=0.0.0.0/0 gateway=192.168.242.1 preferred-source=0.0.0.0 \
comment="" disabled=yes
/ ip neighbor discovery
set ether1 discover=yes
set ether2 discover=yes
set wlan1 discover=yes
set wlan2 discover=yes
/ ip route
add dst-address=0.0.0.0/0 preferred-source=0.0.0.0 gateway=192.168.242.1 \
distance=1 comment="" disabled=yes
/ ip dhcp-client
set enabled=yes interface=wlan1 host-name="" client-id="" \
add-default-route=yes use-peer-dns=yes
/ ip dhcp-server
add name="HotSpot-DCHP" interface=wlan2 lease-time=14s address-pool=HotSpot \
add-arp=yes authoritative=yes disabled=no
add name="dhcp1" interface=ether2 lease-time=3d address-pool=dhcp_pool1 \
add-arp=no authoritative=no disabled=no
/ ip dhcp-server lease
/ ip dhcp-server network
add address=192.168.2.0/24 gateway=192.168.2.1 netmask=24 \
dns-server=66.151.140.2 comment=""
add address=192.168.3.0/24 gateway=192.168.3.1 netmask=24 \
dns-server=66.151.140.2,66.151.140.3 comment=""
add address=192.168.4.0/24 gateway=192.168.4.1 netmask=24 \
dns-server=66.151.140.2,66.151.140.3 comment=""
add address=192.168.5.0/24 gateway=192.168.5.1 netmask=24 \
dns-server=66.151.140.2,66.151.140.3 comment=""
add address=192.168.230.0/24 gateway=192.168.230.1 dns-server=66.151.140.2 \
comment=""
add address=192.168.254.0/24 gateway=192.168.254.1 dns-server=66.151.140.2 \
comment=""
/ ip hotspot
set use-ssl=no hotspot-address=192.168.230.1 dns-name="66.151.140.1" \
status-autorefresh=1m universal-proxy=yes parent-proxy=0.0.0.0:0 \
auth-requires-mac=no auth-mac=yes auth-mac-password=yes \
auth-http-cookie=no http-cookie-lifetime=1d \
allow-unencrypted-passwords=no login-mac-universal=no \
split-user-domain=no
/ ip hotspot profile
set default name="default" shared-users=1 mark-flow="hs-auth" \
login-method=dhcp-pool keepalive-timeout=2m
/ ip hotspot server
add name="HotSpot" dhcp-server=HotSpot-DCHP lease-time=1d login-delay=10s \
address-pool=Basic
/ ip hotspot walled-garden
add dst-host="192.168.251.10" dst-port=80 action=allow comment="" disabled=no
add dst-host="64.74.213.78" dst-port=80 action=allow comment="" disabled=no
add dst-host="192.168.242.244" dst-port=80 action=allow comment="" \
disabled=no
/ ip hotspot aaa
set use-radius=yes accounting=yes interim-update=1m
/ ip hotspot universal service-port
set ftp ports=21 disabled=no
/ ip ipsec proposal
add name="default" auth-algorithms=sha1 enc-algorithms=3des lifetime=30m \
lifebytes=0 pfs-group=modp1024 disabled=no
/ ip web-proxy
set enabled=no src-address=0.0.0.0 port=3128 hostname="proxy" \
transparent-proxy=no parent-proxy=0.0.0.0:0 \
cache-administrator="webmaster" max-object-size="4096 kB" \
cache-drive=system max-cache-size=none
/ ip web-proxy access
add dst-port=!443,563 method=connect action=deny comment="allow CONNECT only \
to SSL ports 443 \[https\] and 563 \[snews\]" disabled=no
/ ip web-proxy cache
add url="cgi-bin \\?" action=deny comment="don't cache dynamic http pages" \
disabled=no
/ system logging
set default-remote-address=0.0.0.0 default-remote-port=514 \
disk-buffer-lines=100 memory-buffer-lines=100
/ system logging facility
set Firewall-Log local=memory remote=none remote-address=0.0.0.0 \
remote-port=0 prefix="" echo=no
set PPP-Account local=memory remote=none remote-address=0.0.0.0 remote-port=0 \
prefix="" echo=no
set PPP-Info local=memory remote=none remote-address=0.0.0.0 remote-port=0 \
prefix="" echo=no
set PPP-Error local=memory remote=none remote-address=0.0.0.0 remote-port=0 \
prefix="" echo=no
set System-Info local=memory remote=none remote-address=0.0.0.0 remote-port=0 \
prefix="" echo=no
set System-Error local=memory remote=none remote-address=0.0.0.0 \
remote-port=0 prefix="" echo=no
set System-Warning local=memory remote=none remote-address=0.0.0.0 \
remote-port=0 prefix="" echo=no
set Telephony-Info local=memory remote=none remote-address=0.0.0.0 \
remote-port=0 prefix="" echo=no
set Telephony-Error local=memory remote=none remote-address=0.0.0.0 \
remote-port=0 prefix="" echo=no
set Web-Proxy-Access local=memory remote=none remote-address=0.0.0.0 \
remote-port=0 prefix="" echo=no
set ISDN-Info local=memory remote=none remote-address=0.0.0.0 remote-port=0 \
prefix="" echo=no
set Hotspot-Account local=memory remote=none remote-address=0.0.0.0 \
remote-port=0 prefix="" echo=no
set Hotspot-Info local=memory remote=none remote-address=0.0.0.0 \
remote-port=0 prefix="" echo=no
set Hotspot-Error local=memory remote=none remote-address=0.0.0.0 \
remote-port=0 prefix="" echo=no
set IPsec-Event local=memory remote=none remote-address=0.0.0.0 remote-port=0 \
prefix="" echo=no
set IKE-Event local=memory remote=none remote-address=0.0.0.0 remote-port=0 \
prefix="" echo=no
set IPsec-Warning local=memory remote=none remote-address=0.0.0.0 \
remote-port=0 prefix="" echo=no
set System-Echo local=memory remote=none remote-address=0.0.0.0 remote-port=0 \
prefix="" echo=yes
set OSPF-Info local=memory remote=none remote-address=0.0.0.0 remote-port=0 \
prefix="" echo=no
set Wireless-Info local=memory remote=none remote-address=0.0.0.0 \
remote-port=0 prefix="" echo=no
/ system upgrade mirror
set enabled=no primary-server=0.0.0.0 secondary-server=0.0.0.0 \
check-interval=1d user=""
/ system watchdog
set reboot-on-failure=no watch-address=none watchdog-timer=no \
ping-start-after-boot=5m
/ system identity
set name="DeerCreek"
/ system serial-console
set enabled=yes port=serial0
/ system gps
set enabled=no set-system-time=no
/ system lcd
set enabled=no type=powertip
/ system lcd page
set time display-time=5s disabled=yes
set resources display-time=5s disabled=yes
set uptime display-time=5s disabled=yes
set packets display-time=5s disabled=yes
set bits display-time=5s disabled=yes
set version display-time=5s disabled=yes
set ether1 display-time=5s disabled=yes
set ether2 display-time=5s disabled=yes
set wlan1 display-time=5s disabled=yes
set wlan2 display-time=5s disabled=yes
/ system routerboard health
set state-after-reboot=enabled
/ system routerboard bios
set
/ system ups
set enabled=no off-line-time=5m min-run-time=5m alarm-setting=immediate \
rtc-alarm-setting=none
/ system ntp server
set enabled=no broadcast=no multicast=no manycast=yes
/ system ntp client
set enabled=no mode=unicast primary-ntp=0.0.0.0 secondary-ntp=0.0.0.0
/ port
set serial0 name="serial0" baud-rate=9600 data-bits=8 parity=none stop-bits=1 \
flow-control=hardware
set serial1 name="serial1" baud-rate=9600 data-bits=8 parity=none stop-bits=1 \
flow-control=hardware
/ ppp profile
set default name="default" local-address=0.0.0.0 remote-address=0.0.0.0 \
session-timeout=0s idle-timeout=0s use-compression=no \
use-vj-compression=no use-encryption=no require-encryption=no only-one=no \
change-tcp-mss=yes tx-bit-rate=0 rx-bit-rate=0 incoming-filter="" \
outgoing-filter="" dns-server="" wins-server="" comment=""
/ ppp aaa
set use-radius=no accounting=yes interim-update=0s
/ routing ospf
set router-id=0.0.0.0 distribute-default=never redistribute-connected=no \
redistribute-static=no redistribute-rip=no redistribute-bgp=no \
metric-default=1 metric-connected=20 metric-static=20 metric-rip=20 \
metric-bgp=20
/ routing ospf area
set backbone area-id=0.0.0.0 authentication=none disabled=no
/ routing bgp
set enabled=no as=1 router-id=0.0.0.0 redistribute-static=no \
redistribute-connected=no redistribute-rip=no redistribute-ospf=no
/ routing rip
set redistribute-static=no redistribute-connected=no redistribute-ospf=no \
redistribute-bgp=no metric-static=1 metric-connected=1 metric-ospf=1 \
metric-bgp=1 update-timer=30s timeout-timer=3m garbage-timer=2m
/ queue type
set default name="default" kind=pfifo bfifo-limit=15000 pfifo-limit=50 \
red-limit=60 red-min-threshold=10 red-max-threshold=50 red-burst=20 \
sfq-perturb=5 sfq-allot=1514 pcq-rate=0 pcq-limit=50 pcq-classifier=""
set ethernet-default name="ethernet-default" kind=pfifo bfifo-limit=15000 \
pfifo-limit=50 red-limit=60 red-min-threshold=10 red-max-threshold=50 \
red-burst=20 sfq-perturb=5 sfq-allot=1514 pcq-rate=0 pcq-limit=50 \
pcq-classifier=""
set wireless-default name="wireless-default" kind=sfq bfifo-limit=15000 \
pfifo-limit=50 red-limit=60 red-min-threshold=10 red-max-threshold=50 \
red-burst=20 sfq-perturb=5 sfq-allot=1514 pcq-rate=0 pcq-limit=50 \
pcq-classifier=""
set synchronous-default name="synchronous-default" kind=red bfifo-limit=15000 \
pfifo-limit=50 red-limit=60 red-min-threshold=10 red-max-threshold=50 \
red-burst=20 sfq-perturb=5 sfq-allot=1514 pcq-rate=0 pcq-limit=50 \
pcq-classifier=""
/ user
add name="admin" group=full address=0.0.0.0/0 comment="system default user" \
disabled=no
/ user group
add name="read" policy=local,telnet,ssh,!ftp,reboot,read,!write,!policy,test,w\
eb
add name="write" policy=local,telnet,ssh,!ftp,reboot,read,write,!policy,test,w\
eb
add name="full" policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,web
/ user aaa
set use-radius=no accounting=yes interim-update=0s default-group=read

I could not tell form your question... what is the ip address of wan2 that has hotspot? Note that wan2 and eithernet port can't be on same ip subnet/range.

Turns out the camera was mis-configured.. I didnt configure it, so it took me awahile to look at the camera.. and sure enough no default gateway was set.. now it is working great!

What is the web page for your web cam?

we have a few running as test runs, nothing exciting, but working on them slowly

http://www.yobbo.co.nz/webcams.htm

What is the web page for your web cam?

we have a few running as test runs, nothing exciting, but working on them slowly

http://www.yobbo.co.nz/webcams.htm

Live cam offline???

we just set up the webcam for the customer that got us a great Access Point location
Soon the webcam will be on hiwy17.com, but first shes working out some camera issues with the camera manufacture.

The live camera is for when we do live shows from around CHCH.