Hello guys

Please I need help

I have my main mikrotik router 1100 with public ip on eth 1 154.73.xxx.xxx and on eth2 there are 30+ rb951 connected to ether 2 on network 192.168.11.0/24

and also I have VPS server with public ip 107.173.xxx.xxx

I'm running PRTG Server on the VPS to monitor my router.
I can successfully monitor the main router troug its public ip 154.73.xxx.xxx but now I want to monitor the other routers on eth2 but the routers doesn't have public ip, so I tried to port forward udp161 the snmp port but is doesnt work

I tried the following:

/ip firewall nat add chain= distant dst-address=154.73.xxx.xxx protocol = udp dst-port= 1611 action= DST-nat to-address= 192.168.11.13 to-ports=161

But when I add new device to PRTG Server using 154.73.xxx.xxx:1611 is not pulling anything from the router, and also the rule static is showing 0 packets.

Please help
And thanks in advance

Any update guys ?

If rule's counter shows zero, it means that no matching packet arrived.

Do you have any point I can start from to investigate the issue?

I assume that "chain= distant" is either typo or some automatic "correction". Otherwise dstnat happens before filter, so it can't be blocking it on this router. It could be blocked by another dstnat rule that would be before this one and would also match, e.g. if you'd be doing 1:1 NAT for everything that comes to 154.73.xxx.xxx. If it's not this, then look at the other side, if packets are really sent from VPS.