ddns problem please..me..

LEEHYUNWOO · Wed Mar 25, 2020 6:18 am

Reinstall the routeros 6.46.4 as netinstall.
However, the same problem occurred.

A. PING is communicated to the ISP address.
B. DDNS address is out of communication by calling a 404 or 400 error.
C. quick setup not working!!
D. ERROR COMMENT : (IP CLOUD (DDNS)) router is behind a NAT. Remote connection might not work.
Please help me.... I haven't been working for days....

my network inter-vlan & L2TP VPN!

[cskisa@Router] >/system identity set name=”Router”
[cskisa@Router] >/interface bridge add name=BR1 protocol-mode=none vlan-filtering=no
[cskisa@Router] >/interface bridge port
[cskisa@Router] >/interface bridge port add bridge=BR1 interface=Gi0/1
[cskisa@Router] >/interface bridge port add bridge=BR1 interface=Gi0/2
[cskisa@Router] >/interface bridge port add bridge=BR1 interface=Gi0/3
[cskisa@Router] >/interface bridge port add bridge=BR1 interface=Gi0/4
[cskisa@Router] >/interface bridge port add bridge=BR1 interface=Gi0/5
[cskisa@Router] >/interface bridge port add bridge=BR1 interface=Gi0/6
[cskisa@Router] >/interface bridge port add bridge=BR1 interface=Gi0/7
[cskisa@Router] >/interface bridge port add bridge=BR1 interface=Gi0/8
[cskisa@Router] >/interface bridge port add bridge=BR1 interface=Gi0/9
[cskisa@Router] >/interface bridge port add bridge=BR1 interface=Gi0/10
[cskisa@Router] >/interface bridge port add bridge=BR1 interface=Gi0/11
[cskisa@Router] >/interface bridge port add bridge=BR1 interface=Gi0/12
[cskisa@Router] >/interface bridge vlan add bridge=BR1 tagged=BR1,Gi0/1 vlan-ids=20
[cskisa@Router] >/interface bridge vlan add bridge=BR1 tagged=BR1,Gi0/1 vlan-ids=30
[cskisa@Router] >/interface bridge vlan add bridge=BR1 tagged=BR1,Gi0/1 untagged=Gi0/2,Gi0/3,Gi0/4,Gi0/5,Gi0/6,Gi0/7,Gi0/8,Gi0/9,Gi0/10,Gi0/11,Gi0/12 vlan-ids=100
[cskisa@Router] >/interface vlan add interface=BR1 name=MGMT-VLAN vlan-id=100
[cskisa@Router] >/ip address add address=200.168.10.1/24 interface=MGMT-VLAN
[cskisa@Router] >/ip dns set allow-remote-requests=yes servers=”9.9.9.9”
[cskisa@Router] >/ip dhcp-client add interface=Gi0/0
[cskisa@Router] >/ip dhcp-client enable 0
[cskisa@Router] >/interface vlan add interface=BR1 name=SUPERMICRO-VLAN vlan-id=20
[cskisa@Router] >/ip address add interface=SUPERMICRO-VLAN address=200.168.20.1/24
[cskisa@Router] >/ip pool add name=SUPERMICRO-POOL ranges=200.168.20.2-200.168.20.254
[cskisa@Router] >/ip dhcp-server add address-pool=SUPERMICRO-POOL interface=SUPERMICRO-VLAN name=SUPERMICRO-DHCP disabled=no
[cskisa@Router] >/ip dhcp-server network add address=200.168.20.0/24 dns-server=200.168.10.1 gateway=200.168.20.1
[cskisa@Router] >/interface vlan add interface=BR1 name=IBM-VLAN vlan-id=30
[cskisa@Router] >/ip address add interface=IBM-VLAN address=200.168.30.1/24
[cskisa@Router] >/ip pool add name=IBM-POOL ranges=200.168.30.2-200.168.30.254
[cskisa@Router] >/ip dhcp-server add address-pool=IBM-POOL interface=IBM-VLAN name=IBM-DHCP disabled=no
[cskisa@Router] >/ip dhcp-server network add address=200.168.30.0/24 dns-server=200.168.10.1 gateway=200.168.30.1
[cskisa@Router] >/ip pool add name=MGMT-POOL ranges=200.168.10.10-200.168.10.254
[cskisa@Router] >/ip dhcp-server add address-pool=MGMT-POOL interface=MGMT-VLAN name=MGMT-DHCP disabled=no
[cskisa@Router] >/ip dhcp-server network add address=200.168.10.0/24 dns-server=200.168.10.1 gateway=200.168.10.1
[cskisa@Router] >/interface list add name=WAN
[cskisa@Router] >/interface list add name=VLAN
[cskisa@Router] >/interface list add name=MGMT

[cskisa@Router] >/interface list member add interface=Gi0/0 list=WAN
[cskisa@Router] >/interface list member add interface=MGMT-VLAN list=VLAN
[cskisa@Router] >/interface list member add interface=SUPERMICRO-VLAN list=VLAN
[cskisa@Router] >/interface list member add interface=IBM-VLAN list=VLAN
[cskisa@Router] >/interface list member add interface=MGMT-VLAN list=MGMT
[cskisa@Router] >/ip firewall filter add chain=input action=accept connection-state=established,related 
comment=”Allow Estab & Related
[cskisa@Router] >/ip firewall filter add chain=input action=accept in-interface-list=VLAN comment=”Allow VLAN”
[cskisa@Router] >/ip firewall filter add chain=input action=accept in-interface-list=VLAN dst-port=53 protocol=udp 
connection-state=new comment=”VLAN DNS ACCESS”
[cskisa@Router] >/ip firewall filter add chain=input action=accept in-interface-list=VLAN dst-port=53 protocol=tcp 
connection-state=new comment=”VLAN DNS ACCESS”
[cskisa@Router] >/ip firewall filter add chain=input action=drop comment=”Drop FTP,SSH,Telnet from inbound” 
dst-port=21,22,23,137,139,445 protocol=tcp
[cskisa@Router] >/ip firewall filter add chain=forward action=accept connection-state=established,related comment=”Allow Estab & Related”
[cskisa@Router] >/ip firewall filter add chain=forward action=accept connection-state=new in-interface-list=VLAN 
out-interface-list=WAN comment=”VLAN Internet Access only”
[cskisa@Router] >/ip firewall nat add chain=srcnat action=masquerade out-interface-list=WAN comment=”Default masquerade”
[cskisa@Router] >/interface bridge port set bridge=BR1 interface=Gi0/1 ingress-filtering=yes frame-types=admit-only
-vlan-tagged
Number : 0
[cskisa@Router] >/interface bridge port set bridge=BR1 interface=Gi0/2 pvid=100 ingress-filtering=yes frame-types=admit-only-untagged-and-priority-tagged
Number : 1
[cskisa@Router] >/interface bridge port set bridge=BR1 interface=Gi0/3 pvid=100 ingress-filtering=yes frame-types=admit-only-untagged-and-priority-tagged
Number : 2
[cskisa@Router] >/interface bridge port set bridge=BR1 interface=Gi0/4 pvid=100 ingress-filtering=yes frame-types=admit-only-untagged-and-priority-tagged
Number : 3
[cskisa@Router] >/interface bridge port set bridge=BR1 interface=Gi0/5 pvid=100 ingress-filtering=yes frame-types=admit-only-untagged-and-priority-tagged
Number : 4
[cskisa@Router] >/interface bridge port set bridge=BR1 interface=Gi0/6 pvid=100 ingress-filtering=yes frame-types=admit-only-untagged-and-priority-tagged
Number : 5
[cskisa@Router] >/interface bridge port set bridge=BR1 interface=Gi0/7 pvid=100 ingress-filtering=yes frame-types=admit-only-untagged-and-priority-tagged
Number : 6
[cskisa@Router] >/interface bridge port set bridge=BR1 interface=Gi0/8 pvid=100 ingress-filtering=yes frame-types=admit-only-untagged-and-priority-tagged
Number : 7
[cskisa@Router] >/interface bridge port set bridge=BR1 interface=Gi0/9 pvid=100 ingress-filtering=yes frame-types=admit-only-untagged-and-priority-tagged
Number : 8
[cskisa@Router] >/interface bridge port set bridge=BR1 interface=Gi0/10 pvid=100 ingress-filtering=yes frame-types=admit-only-untagged-and-priority-tagged
Number : 9
[cskisa@Router] >/interface bridge port set bridge=BR1 interface=Gi0/11 pvid=100 ingress-filtering=yes frame-types=admit-only-untagged-and-priority-tagged
Number : 10
[cskisa@Router] >/interface bridge port set bridge=BR1 interface=Gi0/12 pvid=100 ingress-filtering=yes frame-types=admit-only-untagged-and-priority-tagged
Number : 11
[cskisa@Router] >/ip neighbor discovery-settings set discover-interface-list=MGMT
[cskisa@Router] >/tool mac-server mac-winbox set allowed-interface-list=MGMT
[cskisa@Router] >/tool mac-server set allowed-interface-list=MGMT
[cskisa@Router] >/interface bridge set BR1 vlan-filtering=yes
[cskisa@Router] >/interface l2tp-server add name=KWS user=””
[cskisa@Router] >/ip pool add name=KWS ranges=200.168.40.2-200.168.40.254
[cskisa@Router] >/ppp profile add change-tcp-mss=yes local-address=200.168.40.1 name=KWS remote-address=KWS 
use-encryption=yes
[cskisa@Router] >/interface l2tp-server server set default-profile=KWS enabled=yes ipsec-secret=spacezone18!@# 
use-ipsec=yes
[cskisa@Router] >/ip cloud set ddns-enabled=yes ddns-update-interval=1m
[cskisa@Router] >/ip firewall filter add action=accept chain=input comment=L2TP dst-port=1701 protocol=udp
[cskisa@Router] >/ip firewall filter add action=accept chain=input comment=L2TP dst-port=4500 protocol=udp
[cskisa@Router] >/ip firewall filter add action=accept chain=input comment=L2TP dst-port=500 protocol=udp
[cskisa@Router] >/ip firewall filter add action=accept chain=input comment=L2TP protocol=ipsec-esp
[cskisa@Router] >/ip firewall filter add action=accept chain=input comment=L2TP protocol=ipsec-ah
[cskisa@Router] >/ppp secret add local-address=200.168.40.1 name=NA password=NA profile=KWS remote-address=200.168.40.18
[cskisa@Router] >/interface ethernet set Gi0/1 arp=proxy-arp

erlinden · Wed Mar 25, 2020 9:07 am

I think you don't have a DDNS problem, but (as RouterOS is telling you) your MikroTik router is behind a NAT router. Therefor, it does not get a public IP address assigned on the WAN interface. Is it correct that the WAN interface of your MikroTik is connected to (i.e.) the ISP modem/router? Or is in between the modem and your MikroTik an additional router?

Steveocee · Wed Mar 25, 2020 9:53 am

Just a thought, if you are behind a NAT then the DDNS not working is not going to be an issue unless your ISP is going to forward some ports for you.

One of those problems where you change the batteries in the smoke alarm after the fire.

Zacharias · Wed Mar 25, 2020 10:09 am

Why do you need the DDNS service ?

LEEHYUNWOO · Wed Mar 25, 2020 10:56 am

Rebuilds answers

LEEHYUNWOO · Wed Mar 25, 2020 11:57 am

I think you don't have a DDNS problem, but (as RouterOS is telling you) your MikroTik router is behind a NAT router. Therefor, it does not get a public IP address assigned on the WAN interface. Is it correct that the WAN interface of your MikroTik is connected to (i.e.) the ISP modem/router? Or is in between the modem and your MikroTik an additional router?

Yes, My home in the Modem is "Iptime router" and " Mikrotik RB1100AHx4 router" connection.

LEEHYUNWOO · Wed Mar 25, 2020 11:58 am

Why do you need the DDNS service ?

I'm at DDNS. I need to use L2TP VPN.

LEEHYUNWOO · Tue Apr 28, 2020 7:22 pm

I have restored it to the previous version.
And solved.
Thanks to everyone who helped.

ddns problem please..me.. [SOLVED]

ddns problem please..me..

Re: ddns problem please..me..

Re: ddns problem please..me.. [SOLVED]

Re: ddns problem please..me..

Re: ddns problem please..me..

Re: ddns problem please..me..

Re: ddns problem please..me..

Re: ddns problem please..me..