Community discussions

MikroTik App
 
viccas91
just joined
Topic Author
Posts: 3
Joined: Thu Feb 13, 2020 5:18 am

DNS redirect not working.

Tue Dec 06, 2022 3:10 am

Nights everyone (at least here)...

i have what i consider a basic problem, but i can't seem to solve it, so here it's my question.

I need to forward a url/dns to a local server.

Here its my scenario:

Local router (1100ahx4), multiple local networks, one for wired acces to local workstations (172.16.0.0/22), one for comunication to internal services (192.168.0.0/24), one for a public wifi (192.168.200.0/22) and another one for a local wifi (192.168.10.0/22), there's a local dns, that is domain server with Microsoft ISA, some of the networks and devices were already in place when i started to work for this place so don't ask me about some of the subnets and services (it's a medical institution i volunteer for)...

Anyway, the situation i have is that, i have a web server hosting the site's page (172.16.1.3), i need to acces the site, using preferably the url, from the local wifi network (192.168.10.0/22), they need to showcase a web based service they are developing.

I have already tried with mangle rules that don't exclude the local network from interacting with the other networks, including address lists... also tried with nat rules forwarding traffic, with both layer7 and address lists, also tried creating static entries on dns on the router. None work...

So far, my conclusion is that i need a proxy server, but that is the last thing i want, since i have control over the network, but not the server side.

what ideas you guys have to solve this? anything to avoid creating another server on a vm host i have very little access to.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19103
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: DNS redirect not working.

Tue Dec 06, 2022 4:16 am

So on the wifi network, you need to be able to type in the IP Cloud of the router ( or a specific dyndns name that will point to your WANIP )
in format Name:port# that will then reach the server on a separate network.

Sounds pretty basic, no worries about hairpin nat, just need the single forward chain rule allowing dst nat and firewall rules to let the wifi subnet see the server in the other subnet........
and the proper dst-nat rule...........

I must be missing something???

Who is online

Users browsing this forum: anav, apitsos, fibracapi, hatred, iustin, lurker888 and 85 guests