Page 1 of 1
How to access APs on different NATted network
Posted: Thu May 10, 2012 3:48 pm
by krisan
I need someone to help me on how to be able access my APs in 3 different cell site in one location.
I have 3 site running at the moment with different ISP, i am using in each of the site RB493 as the router, and another RB433AH as the AP that connect the clients.
The 1st site LAN ip address is 10.10.40.0/24 and the AP ip address is 10.10.40.253/24
The 2nd site LAN ip address is 10.10.50.0/24 and the AP ip address is 10.10.50.253/24
The 3rd site LAN ip address is 10.10.60.0/24 and the AP ip address is 10.10.60.253/24, this is where i want to manage the other 2 APs. I am able to enter the router because its having public IP address. I am not able to access the APs because they are using local IP address.
Please can someone tell me what i need to do to be able to access that APs?
Thanks to all the MK experts in the forum.
Re: How to access APs on different NATted network
Posted: Thu May 10, 2012 4:00 pm
by cbrown
Re: How to access APs on different NATted network
Posted: Thu May 10, 2012 4:11 pm
by dcwifi
try this on RB493 at site 1:
ip firewall nat add chain=dstnat protocol=tcp dst-address=publicip dst-port=publicport to-addresses=10.10.40.253 to-ports=22
Re: How to access APs on different NATted network
Posted: Fri May 11, 2012 12:03 pm
by krisan
Thanks to you.
I will try it and get back to you.
Re: How to access APs on different NATted network
Posted: Tue May 15, 2012 11:26 pm
by krisan
try this on RB493 at site 1:
ip firewall nat add chain=dstnat protocol=tcp dst-address=publicip dst-port=publicport to-addresses=10.10.40.253 to-ports=22
Please i am a bit confuse with this firewall rule. can u explain it in a simple term?
How to access APs on different NATted network
Posted: Wed May 16, 2012 2:25 am
by cbrown
It confused me too....
Re: How to access APs on different NATted network
Posted: Wed May 16, 2012 2:39 am
by SurferTim
I access my routers with SSH. If that is what you want to do, then log in to the router with the public ip. I'll presume you connected to 10.10.40.x/24 network router. Once you are logged in, then
Then you should be logged into 10.10.40.253.
Otherwise, VPN is the most secure of the alternatives.
Re: How to access APs on different NATted network
Posted: Wed May 16, 2012 3:06 am
by dcwifi
this may help:
http://wiki.mikrotik.com/wiki/Manual:IP/Firewall/NAT
if your 1st site RB493 public IP is 123.123.123.123, and you want to access RB433AH by SSH, then set this on RB493:
ip firewall nat add chain=dstnat protocol=tcp dst-address=123.123.123.123 dst-port=2233 to-addresses=10.10.40.253 to-ports=22
dst-port=2233 could be any number except 22 because RB493 has port 22 open by default.
If you still can't access to the RB433AH, make sure RB433AH has a default route to RB493.
this works for me.
Re: How to access APs on different NATted network
Posted: Wed May 16, 2012 3:21 am
by dcwifi
try this on RB493 at site 1:
ip firewall nat add chain=dstnat protocol=tcp dst-address=publicip dst-port=publicport to-addresses=10.10.40.253 to-ports=22
Please i am a bit confuse with this firewall rule. can u explain it in a simple term?
In simple term, it's port forwarding.
RB493 check what public port request from it public interface, then forward the request to the LAN to port 22.