Hi guys,
Any helps would be appreciated. Trying to get Hairpin NAT working on my LAN at home and followed the exact instructions as in http://wiki.mikrotik.com/wiki/Hairpin_NAT, which has not worked. Only difference is that I am using the 172.x.x.x addressing scheme over a bridged "LAN" interface.

[/size]

The other rules are just torrent and game forwarding rules to other machines.
Funny enough, on this Mikrotik I have 2 LANs. One handing out a 192 and the other handing out 172's with the HTTPS server physical connected to the Mikrotik but part of one of the LAN Bridges when the client is on either of these networks trying to connect to the HTTP server it just times out. I've also attached some wireshark captures. Any help would be appreciated.

172.29.1.10 is the client .11 is the HTTP server

Try setting:

just did that and no difference at all, I can capture packets now if you wish based on that change!?

PS thanks for the fast response.

add action=dst-nat chain=dstnat comment="HTTP Server" disabled=no \
dst-address=83.141.117.106 dst-port=80 in-interface="IBB DSL WAN" \
protocol=tcp to-addresses=172.29.1.11 to-ports=80

It seems in-interface="IBB DSL WAN" is causing this problem. Http requests from LAN interface are not being DST-NATed to 172.29.1.11. Try to unset in-interface.

Problem with that is, thats the WAN interface in which WAN based clients will connect.


[EDIT] I stand very much corrected. I unset that, it neither worked for LAN or WAN based customer.
I then instead of unsetting "IBB DSL WAN" (which is the WAN ppoe dialer for the DSL) I used "DSL link" which is the actual physical port.

Thank you for all the help, that would have seemed to work perfectly.

Rattle

Hello,

I have same problem and i tried from many sites but still UN-successful can any body help me.

NAT- HairPin problem solved after upgrade router firmware