Wed Apr 19, 2023 11:33 pm
Your config seems to be indicating issues???? What are those???
/interface list member
add interface=ether1 list=WAN
add interface=Bridge list=LAN
add interface=*9 list=LAN
add interface=*F list=LAN
add interface=*D list=LAN
and
/ip dhcp-server alert
add disabled=no interface=Bridge on-alert=\
":log error message=\"Rogue DHCP Server Discovered\""
Your using this crappy rule for port forwarding which one should not use with a more complex setup. Not in my setup!!
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface-list=WAN
The masquerade rule I show is also NOT THIS In fact this looks like butchery ...........
/ip firewall nat
add action=src-nat chain=srcnat comment="defconf: masquerade" \
out-interface-list=WAN to-addresses=192.168.2.2
So its the wrong format altogether for normal nat rule,
You are missing the hairpin nat rule AND
all your dst-nat rules are in the wrong format.
Summary, you actually need to read it this time and take notes!!! ( and refrain from making false claims )