I connected Mikrotik to ATT Fiber directly on sfp-sfpplus1. Used QuickSet to get started. Had to fix DHCP server network.
Router IP is 192.168.0.2
Networks is 192.168.0.0/24
Also, did few more steps to get access to ATT SFP module web interface:
Code: Select all
/ip address add address=192.168.11.2/24 interface=sfp-sfpplus1
/ip route print
DST-ADDRESS GATEWAY DISTANCE
DAc 192.168.0.0/24 bridge1 0
DAc 192.168.11.0/24 sfp-sfpplus1 0
# Clone Mac for ATT
/interface ethernet set sfp-sfpplus1 mac-address=ac:8f:a9:31:**:**
Then I added 2 port forwarding rules and I see this:
Code: Select all
/ip firewall nat print
Flags: X - disabled, I - invalid; D - dynamic
0 chain=srcnat action=masquerade out-interface-list=WAN
1 chain=dstnat action=dst-nat to-addresses=192.168.0.202 to-ports=80 protocol=tcp in-interface-list=WAN dst-port=80
2 chain=dstnat action=dst-nat to-addresses=192.168.0.202 to-ports=443 protocol=tcp in-interface-list=WAN dst-port=443
I tried logs:
Code: Select all
/ip firewall nat set [find where chain=dstnat and dst-port=80] log=yes log-prefix="HTTP-FWD "
I used Torch and I can see incoming requests (mostly to port 443) - see screenshot. Not sure, how to interpret it.
What do I miss? How can I troubleshoot it?