MikroTik

Posted: **Tue Aug 02, 2016 1:20 pm**

hello,

this is my configuration

wan public ip 2.2.2.2
lan router ip 192.168.1.254
lan router ip mikrotik 192.168.1.1
lan internal mikrotik 192.168.10.1
lan internal server 192.168.10.200

i need to forward port 22 from wan to lan internal server

the port forward is ok but all ssh request have source ip 192.168.10.1 . is possible preserve original public ip that request ssh (ex 3.3.3.3 to 192.168.10.200)

Thanks

Posted: **Tue Aug 02, 2016 5:00 pm**

Normally that is what happens.
Probably you have done both srcnat and dstnat for the packet? (maybe as part of experimenting)
You need to do only dstnat to get the behaviour you want there.

Posted: **Tue Sep 06, 2016 3:33 pm**

the port forward is ok but all ssh request have source ip 192.168.10.1 . is possible preserve original public ip that request ssh (ex 3.3.3.3 to 192.168.10.200)

Sounds like your masquerade rule is the cause.
You should only let the masquerade rule apply to traffic leaving your WAN interface.

For example:

/ip firewall nat
add action=masquerade chain=srcnat out-interface=WAN

Posted: **Fri Sep 09, 2016 6:43 pm**

the port forward is ok but all ssh request have source ip 192.168.10.1 . is possible preserve original public ip that request ssh (ex 3.3.3.3 to 192.168.10.200)
Sounds like your masquerade rule is the cause.
You should only let the masquerade rule apply to traffic leaving your WAN interface.

For example:
Code: Select all
/ip firewall nat
add action=masquerade chain=srcnat out-interface=WAN

ok thanks

MikroTik

port forward lost source ip

port forward lost source ip

Re: port forward lost source ip

Re: port forward lost source ip

Re: port forward lost source ip