Community discussions

MUM Europe 2020
L
R

Question about hairpin nat

Locked
 
ik3umt
Member Candidate
Member Candidate
Topic Author
Posts: 255
Joined: Tue Jul 08, 2014 3:58 pm

Question about hairpin nat

Mon Oct 24, 2016 9:39 am

As per wiki :

Image

Basic config :
Code: Select all
/ip firewall nat
add chain=dstnat dst-address=1.1.1.1 protocol=tcp dst-port=80 action=dst-nat to-address=192.168.1.2
add chain=srcnat out-interface=WAN action=masquerade
Hairpin NAT:
Code: Select all
/ip firewall nat
add chain=srcnat src-address=192.168.1.0/24  dst-address=192.168.1.2 protocol=tcp dst-port=80 out-interface=LAN action=masquerade
What if I have mutiple services (ports) to reach into 192.168.1.2 server ??
Could I simply omit "dst-port=80" on hairpin rule ?
Top
 
User avatar
blajah
Member Candidate
Member Candidate
Posts: 224
Joined: Fri Jun 12, 2015 8:58 pm
Location: Belgrade, Serbia
Contact:
Contact blajah

Re: Question about hairpin nat

Mon Oct 24, 2016 11:16 am

That should work.
I have bigger routing table.
Top
Locked

Who is online

Users browsing this forum: No registered users and 21 guests