Techsystem wrote Wed Apr 26, 2023 7:35 pm
give an advise or explaination about how can i config this ...
/ip firewall nat
add action=src-nat chain=srcnat comment="defconf: masquerade" out-interface-list=WAN to-addresses=192.168.2.2
.
Ca6ko wrote Fri Apr 28, 2023 10:40 am
For mikrotik you have to turn on the standard NAT and disable unnecessary rules.
add action=src-nat chain=srcnat comment="defconf: masquerade" out-interface-list=WAN to-addresses=192.168.2.2
.
Techsystem wrote Sun Apr 30, 2023 12:26 pm
is there is anything that i have to apply with this rule to make the connection persist..?
.
Ca6ko wrote Wed May 03, 2023 3:22 pm
put these rules above your own and remove unnecessary rules
add action=src-nat chain=srcnat comment="defconf: masquerade" out-interface-list=WAN
.
Techsystem wrote Thu May 04, 2023 11:02 am
so here is my config after your recommendations
add action=src-nat chain=srcnat comment="defconf: masquerade" out-interface-list=WAN to-addresses=192.168.2.2
I give up
.
sorry but really i didn't understand what you meant..!
it seems that i have a logistic problem with your explanation..! do you have a problem with my NAT rule..? here is it as its in the router, just rewrit it in this thread and to agree on some colour
any unnecessary rule write it in
Red and any additional rule write it in
Green, if the rule didn't need change keep it as black.
my NAT rules:
/ip firewall nat
add action=masquerade chain=srcnat dst-address=192.168.1.122 dst-port=38888 \
out-interface=Bridge protocol=tcp src-address=192.168.1.0/24 \
to-addresses=192.168.2.2
add action=dst-nat chain=dstnat dst-address=192.168.2.2 dst-port=38888 \
protocol=tcp to-addresses=192.168.1.122 to-ports=38888
add action=src-nat chain=srcnat comment="defconf: masquerade" \
out-interface-list=WAN to-addresses=192.168.2.2
add action=dst-nat chain=dstnat dst-address=192.168.2.2 dst-port=34567 \
protocol=tcp to-addresses=192.168.1.10 to-ports=34567
add action=dst-nat chain=dstnat dst-address=192.168.2.2 dst-port=554 \
protocol=tcp to-addresses=192.168.1.244 to-ports=554
as i say i apply your rule from asus side.
well i also will be crateful if you explain this line from this post
viewtopic.php?p=1000101#p999769
Mikrotik's Hairpin NAT settings will allow you to access its external address 192.168.2.2 from the network 192.168.1.0/24 !!!
so you mean this is not achievable..? or my understanding of the Hairpin NAT is wrong..?
to update my situation its still not work...