Community discussions

MikroTik App
 
Bowen73
just joined
Topic Author
Posts: 12
Joined: Thu May 28, 2020 12:24 pm

Port forwarding issues VeeamPN

Thu Feb 03, 2022 5:41 pm

Im having an issue with port forwarding

I have dual Wan setup on ports 1 & 2 (1 is a static IP, 2 is dhcp and they're bonded for load balance etc).
I have VeeamPN installed on a VM when I try and access the external IP from another network I cannot access it (page not found) but when I'm on the local network using the wan IP I can access it?!

the same goes with the VeeamPN VPN ports. i have the dst address as the wan IP. and udp ports 6179 (for client to site VPN) and 1194 (site to site) forwarded to the relevant ports and IP of the veeamPN VM. i have the client to site config saved on OpenVPN client. and when i connect on the local network using the WAN IP it connects. when i connect to another network and try to connect it refuses to connect and I'm at a loss at what the problem is.

Im still finding my way around the mikrotik so could do with some pointers

Ive exported the firewall rules:
# feb/03/2022 15:59:24 by RouterOS 6.49
# model = RB750Gr3
/ip firewall mangle
add action=mark-connection chain=input in-interface=ether1_ISP1 \
    new-connection-mark=ISP1 passthrough=yes
add action=mark-connection chain=input in-interface=ether2_ISP2 \
    new-connection-mark=ISP2 passthrough=yes
add action=mark-routing chain=output connection-mark=ISP1 new-routing-mark=\
    ISP1 passthrough=yes
add action=mark-routing chain=output connection-mark=ISP2 new-routing-mark=\
    ISP2 passthrough=yes
/ip firewall nat
add action=dst-nat chain=dstnat comment="CCTV Port Forward" dst-address=\
    81.xxx.xxx.xxx dst-port=8240 log=yes log-prefix=CCTV_ protocol=tcp \
    to-addresses=10.11.xxx.xxx to-ports=8240
add action=dst-nat chain=dstnat comment="VeeamPN Pot 1194 S2S" disabled=yes \
    dst-address=81.xxx.xxx.xxx dst-port=1194 log=yes log-prefix=VeaamPN-s2s \
    protocol=udp to-addresses=10.11.xxx.xxx
add action=dst-nat chain=dstnat comment="VeeamPN Port 6179 C2S" dst-address=\
    81.xxx.xxx.xxx dst-port=6179 log=yes log-prefix=VeamPN-c2s protocol=udp \
    to-addresses=10.11.xxx.xxx
add action=dst-nat chain=dstnat comment="VeeamPN Port 80" dst-address=\
    81.xxx.xxx.xxx log=yes log-prefix=veeam_vpn protocol=tcp to-addresses=\
    10.11.xxx.xxx
add action=masquerade chain=srcnat comment="masq. vpn traffic" disabled=yes \
    src-address=192.168.89.0/24
add action=masquerade chain=srcnat src-address=10.11.xxx.0/24
add action=masquerade chain=srcnat out-interface=ether1_ISP1 \
    out-interface-list=WAN
I would also point out that the CCTV port forwarding doesn't work either! using the app with the external IP and correct port/login etc and it wont connect. so something isn't happy somewhere.


cheers

Who is online

Users browsing this forum: No registered users and 15 guests