Port Forwarding Not Working

jonnes86 · Sat Mar 11, 2023 6:42 am

I am currently trying to forward port 9186 to the internal IP 192.168.1.82.
My modem from the ISP is on passthrough mode because I have a /29 static public IP block.
So my Port 1 WAN port is my public static IP.
My current config is below; I'm certain I'm just overlooking something.
Appreciate any assistance.

# mar/10/2023 22:32:52 by RouterOS 7.8
# software id = 58XR-BMWS
#
# model = RB3011UiAS
/interface bridge
add ingress-filtering=no name=loopback vlan-filtering=yes
/interface ethernet
set [ find default-name=ether1 ] name=WAN
set [ find default-name=sfp1 ] disabled=yes
/interface vlan
add interface=ether6 name=vlan1 vlan-id=6
/ip pool
add name="LAN Pool" ranges=192.168.1.2-192.168.1.254
/ip dhcp-server
add address-pool="LAN Pool" interface=loopback name="LAN DHCP"
/port
set 0 name=serial0
/interface bridge port
add bridge=loopback interface=ether2
add bridge=loopback interface=ether3
add bridge=loopback interface=ether4
add bridge=loopback interface=ether5
add bridge=loopback interface=ether6
add bridge=loopback interface=ether7
add bridge=loopback interface=ether8
add bridge=loopback interface=ether9
add bridge=loopback interface=ether10
add bridge=loopback disabled=yes interface=all
/interface bridge vlan
add bridge=loopback untagged=ether6 vlan-ids=6
/ip address
add address=192.168.1.1/24 interface=loopback network=192.168.1.0
add address=111.22.33.44/29 interface=WAN network=111.22.33.44
/ip dhcp-server config
set store-leases-disk=10m
/ip dhcp-server network
add address=192.168.1.0/24 dns-server=1.1.1.1,8.8.8.8,9.9.9.9 gateway=\
    192.168.1.1
/ip dns
set servers=1.1.1.1,8.8.8.8,9.9.9.9
/ip firewall nat
add action=masquerade chain=srcnat out-interface=WAN
add action=masquerade chain=srcnat dst-address=192.168.1.0/24 src-address=\
    192.168.1.0/24
add action=dst-nat chain=dstnat disabled=yes dst-address=104.59.23.105 \
    dst-port=9186 protocol=tcp to-addresses=192.168.1.82
add action=dst-nat chain=dstnat dst-address=!111.22.33.44 dst-address-type=\
    local dst-port=9186 protocol=tcp to-addresses=192.168.1.82
/ip firewall service-port
set ftp disabled=yes
set tftp disabled=yes
/ip route
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=111.22.33.44 \
    pref-src="" routing-table=main scope=30 suppress-hw-offload=no \
    target-scope=10
/ip upnp
set allow-disable-external-interface=yes enabled=yes
/ip upnp interfaces
add interface=WAN type=external
add interface=loopback type=internal
/system clock
set time-zone-name=America/Chicago
/system identity
set name=Core

anav · Sat Mar 11, 2023 8:55 pm

(1) What is vlan1 (id=6), it has no IP Pool no structure..............and NO purpose.
Get rid of it in both the definition of a vlan part and get rid of /interface bridge vlan rules, without the vlan you dont need it.

(2) WHY DUPLICATE DST NAT RULES??

(3)What is the purpose of this rule.......
add action=dst-nat chain=dstnat dst-address=!104.59.23.105 dst-address-type=\
local dst-port=9186 protocol=tcp to-addresses=192.168.1.82

NOT Required/Format WRONG for fixed/static WANIPs...... GET RID OF IT, the first rule is fine.

jonnes86 · Sun Mar 12, 2023 2:36 am

I believe the VLAN was from something else I had been trying to work on, I've removed that.

The NAT rules were from another post I had been reading in attempt to fix my issue, but it has also been removed.

See the current config, port 9186 still is not forwarding correctly.

# mar/11/2023 18:34:04 by RouterOS 7.8
# software id = 58XR-BMWS
#
# model = RB3011UiAS
/interface bridge
add ingress-filtering=no name=loopback vlan-filtering=yes
/interface ethernet
set [ find default-name=ether1 ] name=WAN
set [ find default-name=sfp1 ] disabled=yes
/ip pool
add name="LAN Pool" ranges=192.168.1.2-192.168.1.254
/ip dhcp-server
add address-pool="LAN Pool" interface=loopback name="LAN DHCP"
/port
set 0 name=serial0
/interface bridge port
add bridge=loopback interface=ether2
add bridge=loopback interface=ether3
add bridge=loopback interface=ether4
add bridge=loopback interface=ether5
add bridge=loopback interface=ether6
add bridge=loopback interface=ether7
add bridge=loopback interface=ether8
add bridge=loopback interface=ether9
add bridge=loopback interface=ether10
add bridge=loopback disabled=yes interface=all
/ip address
add address=192.168.1.1/24 interface=loopback network=192.168.1.0
add address=111.22.33.44/29 interface=WAN network=111.22.33.44
/ip dhcp-server config
set store-leases-disk=10m
/ip dhcp-server network
add address=192.168.1.0/24 dns-server=1.1.1.1,8.8.8.8,9.9.9.9 gateway=\
    192.168.1.1
/ip dns
set servers=1.1.1.1,8.8.8.8,9.9.9.9
/ip firewall nat
add action=masquerade chain=srcnat out-interface=WAN
add action=masquerade chain=srcnat dst-address=192.168.1.0/24 src-address=\
    192.168.1.0/24
add action=dst-nat chain=dstnat disabled=yes dst-address=111.22.33.44 \
    dst-port=9186 protocol=tcp to-addresses=192.168.1.82
/ip firewall service-port
set ftp disabled=yes
set tftp disabled=yes
/ip route
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=111.22.33.44 \
    pref-src="" routing-table=main scope=30 suppress-hw-offload=no \
    target-scope=10
/ip upnp
set allow-disable-external-interface=yes enabled=yes
/ip upnp interfaces
add interface=WAN type=external
add interface=loopback type=internal
/system clock
set time-zone-name=America/Chicago
/system identity
set name=Core

anav · Sun Mar 12, 2023 1:30 pm

Since you have no vlans on the bridge, turn vlan-filtering OFF.

Other than that I dont see any other issues which leads me to believe you are probably not getting a reachable public IP.

Port Forwarding Not Working

Port Forwarding Not Working

Re: Port Forwarding Not Working

Re: Port Forwarding Not Working

Re: Port Forwarding Not Working

Who is online