Community discussions

MikroTik App
 
dotvalue
just joined
Topic Author
Posts: 4
Joined: Thu Mar 06, 2014 7:43 pm

open a range of ports... Like all of them.

Thu Mar 06, 2014 7:46 pm

Yes I do know this is insecure, but I would like to know how to do it. I have a specific usage case where I have a bunch of PLCs and I am not sure what ports they communicate on. And yes it is a huge variety, enough that I dont want to manage port configurations. What is the best way to do this with the firewall filter rules?
 
shane3673
just joined
Posts: 6
Joined: Fri Mar 07, 2014 12:26 am

Re: open a range of ports... Like all of them.

Fri Mar 07, 2014 8:11 pm

If you leave you firewall filters blank it will allow everything through.
You can also make a filter rule that is blank and action set to allow.
You can also create a filter rule that the action is set to allow, and when setting it up mark TCP or UDP (whichever you want or create 2 rule to do both) then in DST Port do a range like so depending on your needs 0-40000.
If you are doing this in NAT so you want to Port Forward all ports to one device you create a rule using the chain dst-nat mark the incoming interface as you WAN interface leave everything else blank and on action select dst-nat, to address to whatever the Ip of the device your port forwarding to
 
nerdtron
Member Candidate
Member Candidate
Posts: 123
Joined: Sat Nov 30, 2013 7:49 am

Re: open a range of ports... Like all of them.

Tue Mar 11, 2014 3:36 am

I'm not sure if this is what you wanted, but are you talking about DMZ?
http://forum.mikrotik.com/viewtopic.php?f=14&t=38916
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 24642
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: open a range of ports... Like all of them.

Tue Mar 11, 2014 9:40 am

There is conflicting terminology here.

Are you looking to forward ports (to allow connections to internal network device), or open ports (to allow connections to your router)?
No answer to your question? How to write posts
 
dotvalue
just joined
Topic Author
Posts: 4
Joined: Thu Mar 06, 2014 7:43 pm

Re: open a range of ports... Like all of them.

Tue Mar 11, 2014 2:38 pm

First guy who responded understood what I wanted to do, it worked. Thanks guys!
 
Lakis
Forum Veteran
Forum Veteran
Posts: 701
Joined: Wed Sep 23, 2009 7:52 pm

Re: open a range of ports... Like all of them.

Tue Mar 11, 2014 6:24 pm

in ip firewall nat> add this two rules

0 chain=dstnat action=dst-nat to-addresses=192.168.88.100(unit or pc ip that u want to forward all ports) protocol=tcp in-interface=WAN

1 chain=srcnat action=masquerade

this should open-redirect all ports

After adding these rules it’s probable that u cannot open Mikrotik unit Web because port 80 is also redirected

Who is online

Users browsing this forum: 4drik, bhandutneha, oskarsk, robertkjonesjr and 87 guests