Community discussions

MikroTik App
 
2-PeK
just joined
Topic Author
Posts: 9
Joined: Mon Dec 06, 2004 6:26 pm

PORT FORWARDING

Mon Dec 06, 2004 6:52 pm

Hi there....

I have a Mikrotik running, with a AP, with which clients connect to...now my router connects pppoe through the internet, and is running DDNS to update a DNS name with its new IP address...

Now I have a client who wants to access his computer from the internet...Can anybody please help me!!? I know it is possible, but I dunno how to do it :oops:

Darren
 
User avatar
mag
Member
Member
Posts: 378
Joined: Thu Jul 01, 2004 12:32 pm
Location: Cologne, NRW, Germany
Contact:

Re: PORT FORWARDING

Mon Dec 06, 2004 8:57 pm

see documentation: http://www.mikrotik.com/docs/ros/2.8/ip/nat.content
under redirect

example (192.168.255.10 is local webserver):
in-interface=pppoe dst-address=:80 protocol=tcp action=redirect to-dst-address=192.168.255.10 to-dst-port=80
regards
   matthias
 
2-PeK
just joined
Topic Author
Posts: 9
Joined: Mon Dec 06, 2004 6:26 pm

Mon Dec 06, 2004 9:17 pm

Thanx a million dude....I am getting some where now :D
 
ssteele
just joined
Posts: 7
Joined: Sat Nov 27, 2004 10:24 pm

Tue Dec 07, 2004 10:39 pm

Can you pleaaaaaaaaaaaase help me out here .. you sem to know something about this.. i can't seem to open port 25 for my mailserver on MK anytime i scan the ports it says closed no matter what i do any ideas???

thanks

Sheldon
 
User avatar
[ASM]
Member Candidate
Member Candidate
Posts: 285
Joined: Sun Jun 06, 2004 12:59 am
Location: Sofia, Bulgaria
Contact:

Tue Dec 07, 2004 10:59 pm

Can you pleaaaaaaaaaaaase help me out here .. you sem to know something about this.. i can't seem to open port 25 for my mailserver on MK anytime i scan the ports it says closed no matter what i do any ideas???

thanks

Sheldon
If you stopped connection tracking then start it
 
ssteele
just joined
Posts: 7
Joined: Sat Nov 27, 2004 10:24 pm

Wed Dec 08, 2004 3:30 am

i don't even know what that is let alone turn it off LOL....next suggestion..... :roll:

do you know how to set it up for a mail server or not?
 
User avatar
[ASM]
Member Candidate
Member Candidate
Posts: 285
Joined: Sun Jun 06, 2004 12:59 am
Location: Sofia, Bulgaria
Contact:

Wed Dec 08, 2004 8:10 pm

try with action=nat
if it doesn't work again please post the results of these commands:
/ip address export
/ip firewall src-nat export
/ip firewall dst-nat export
 
ssteele
just joined
Posts: 7
Joined: Sat Nov 27, 2004 10:24 pm

Fri Dec 10, 2004 8:45 pm

here is the info you requested :)

/ ip firewall src-nat
add out-interface=Public action=masquerade comment="" disabled=no
add src-address=192.168.0.30/32 out-interface=Public action=nat comment="this rule allows ONLY THIS PUTER \
ACCESS TO THE NET." disabled=yes
[admin@MikroTik] > /ip firewall dst-nat export
# dec/10/2004 11:51:41 by RouterOS 2.8.19
# software id = IMXI-FLT
#
/ ip firewall dst-nat
add dst-address=68.150.192.222/32:53 protocol=udp action=nat to-dst-address=192.168.0.11 comment="" \
disabled=no
add dst-address=68.150.192.249/32:53 protocol=udp action=nat to-dst-address=192.168.0.2 comment="" \
disabled=no
add dst-address=:25 protocol=tcp action=nat to-dst-address=192.168.0.30 comment="it's gotta be this one or \
the other one CHANGED THIS TO PUBLIC SEE WHAT HAPPENS ...disabled this one to allow new last rule a \
chance to work ????????" disabled=yes
add dst-address=68.150.192.222/32:23 protocol=tcp action=nat to-dst-address=192.168.0.30 comment="for ssh \
access" disabled=no
add dst-address=68.150.192.222/32:22 protocol=tcp action=nat to-dst-address=192.168.0.30 to-dst-port=22 \
comment="" disabled=no
add src-address=192.168.0.30/32 action=accept comment="i don't know he says .30 should be able to get out wit \
htis and a simialr one in forward rules ??????????" disabled=no
add dst-address=68.150.192.222/32:25 protocol=tcp action=nat to-dst-address=192.168.0.30 comment="" \
disabled=no




/ ip address
add address=68.150.192.217/24 network=68.150.192.0 broadcast=68.150.192.255 interface=Public comment="" \
disabled=no
add address=68.150.192.249/24 network=68.150.192.0 broadcast=68.150.192.255 interface=Public comment="" \
disabled=no
add address=68.150.192.222/24 network=68.150.192.0 broadcast=68.150.192.255 interface=Public comment="" \
disabled=no
add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=Local comment="" disabled=no

Who is online

Users browsing this forum: dvreshta, MSN [Bot], scorptec and 180 guests