I'm attempting to use a CHR in a fresh AWS environment. I have an extremely simple configuration on the CHR to enable masquerade and RDP port forwarding. The firewall is currently running as a t3.small instance (2 CPU / 2 GB). The machines behind the CHR are not able to download any files and web browsing is spotty - some sites seem to load fine and other partially load and eventually timeout. Response time seems to be fast until there is any significant bandwidth trying to get across.
Here is my config:
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip dhcp-client
add add-default-route=no disabled=no interface=ether1
add dhcp-options=hostname,clientid disabled=no interface=ether2
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether2 src-address=172.27.0.0/22
add action=dst-nat chain=dstnat dst-address=172.30.0.11 dst-port=3389 protocol=tcp to-addresses=172.27.0.20
/ip route
add distance=1 dst-address=172.27.0.0/22 gateway=172.27.0.1
What am I missing here?