Community discussions

MikroTik App
  4. RouterOS
  5. General

Nat Rule applied to Ipsec tunnel

Post Reply
 
in4ni
Member Candidate
Member Candidate
Topic Author
Posts: 191
Joined: Thu Dec 09, 2004 4:22 am
Location: Jax, Fl USA

Nat Rule applied to Ipsec tunnel

Mon Feb 02, 2015 6:52 pm

I have a simple NAT rule to redirect port 80 to my DVR (see below) ether 1 is my WAN interface
;;; DVR
chain=dstnat action=dst-nat to-addresses=192.168.2.60 to-ports=8866
protocol=tcp in-interface=ether1 dst-port=8866

Today I established a IPsec tunnel however ALL port 80 requests (no matter the IP) from the remote locations are getting re-directed to to my DVR using the NAT rule, How can I prevent the NAT rule from applying to tunneled traffic?


Thank you
Top
 
jarda
Forum Guru
Forum Guru
Posts: 7756
Joined: Mon Oct 22, 2012 4:46 pm

Re: Nat Rule applied to Ipsec tunnel

Mon Feb 02, 2015 9:03 pm

There is nothing about port 80 in your rule. There is probably other rule that makes it...
Top
 
in4ni
Member Candidate
Member Candidate
Topic Author
Posts: 191
Joined: Thu Dec 09, 2004 4:22 am
Location: Jax, Fl USA

Re: Nat Rule applied to Ipsec tunnel

Mon Feb 02, 2015 9:39 pm

here is the rule
chain=dstnat action=dst-nat to-addresses=192.168.2.60 to-ports=80-81
protocol=tcp in-interface=ether1 dst-port=80-81
Top
 
jarda
Forum Guru
Forum Guru
Posts: 7756
Joined: Mon Oct 22, 2012 4:46 pm

Re: Nat Rule applied to Ipsec tunnel

Tue Feb 03, 2015 8:30 am

What about using exclusion on src address?
Top
 
in4ni
Member Candidate
Member Candidate
Topic Author
Posts: 191
Joined: Thu Dec 09, 2004 4:22 am
Location: Jax, Fl USA

Re: Nat Rule applied to Ipsec tunnel

Tue Feb 03, 2015 1:20 pm

That is a good Idea, Ill give it a try





Thank you
Top
Post Reply

Who is online

Users browsing this forum: Ahrefs [Bot], Bing [Bot], mansuramir and 135 guests
  4. RouterOS
  5. General