Community discussions

MikroTik App
 
HHarley
just joined
Topic Author
Posts: 4
Joined: Wed Dec 07, 2005 9:43 am

can't access internal server via domain name!

Wed Dec 07, 2005 10:13 am

Hello, can anybody help me?

I have set my MT 2.9.6 with nat and port forward as below:
[admin@MikroTik] ip firewall nat> print
Flags: X - disabled, I - invalid, D - dynamic

1 chain=dstnat in-interface=pppoe-out1 protocol=tcp dst-port=80
action=dst-nat to-addresses=192.168.123.250 to-ports=80

2 chain=srcnat out-interface=pppoe-out1 src-address=192.168.123.0/24
action=masquerade

I can access the web server via IP address from local PC and from Internet via domain name, but I can't access the web server via domain name from local PC, who can help me???

Thanks a lot
 
cmit
Forum Guru
Forum Guru
Posts: 1547
Joined: Fri May 28, 2004 12:49 pm
Location: Germany

Wed Dec 07, 2005 10:28 am

Most likely because when you access it via the name, this will resolve to the public ip address of your router (assumption here, as you have not written this part of information).
But there's nothing configured in your MikroTik router (as far as you have told us) that would allow access from the internal net to the (internal) web server via its' public ip address.

You could either:
- create a static dns entry with the server name pointing to the internal ip address if you are using the RouterOS dns cache. Then requests from users using the RouterOS machine as dns server would get back the internal ip for the hostname and things should work
- or you could try to create a second dst-nat rule to redirect http traffic FROM the internal net to the public ip of your router TO the internal web server. Something like (not tested!):
chain=dstnat in-interface=ether2 protocol=tcp dst-address=1.2.3.4/32 dst-port=80 action=dst-nat to-addresses=192.168.123.250 to-ports=80
Assuming "1.2.3.4" is your public ip address where the servers' host name ist pointing to and that "ether2" is your internal ethernet interface.

Best regards,
Christian Meis
 
HHarley
just joined
Topic Author
Posts: 4
Joined: Wed Dec 07, 2005 9:43 am

Wed Dec 07, 2005 1:15 pm

Christian Meis;

Thanks for your reply

I am using DDNS and PPPOE dialout, and I have not sataic IP address, So Would you please give me the other advice ??

Best
Harely
 
jaytcsd
Member
Member
Posts: 334
Joined: Wed Dec 29, 2004 9:50 am
Location: Pittsboro IN
Contact:

Thu Dec 08, 2005 5:11 am

I think this was covered in this topic from last month.
http://forum.mikrotik.com//viewtopic.php?t=5509

Who is online

Users browsing this forum: No registered users and 28 guests