MikroTik

Community discussions
https://forum.mikrotik.com/

Multiple WAN IP's & Port Forward

https://forum.mikrotik.com/viewtopic.php?t=111728

Page 1 of 1

Multiple WAN IP's & Port Forward

Posted: Thu Sep 01, 2016 12:10 pm
by jamesredvers
Hi,

Just CCR1036-12G-4S running 6.34.3 for a client with a 1Gb WAN connection. It is in and working fine in terms of throughput etc.

Where I am stuck is that we have 5 useable public IP addresses. I have added 2 of them to the SFP1 port and setup a port forward for 3389 traffic. When connecting externally I can connect to their TS farm from either public IP address. I now want to only allow access from 1 specific public IP but cannot get this to work. I have created a dstnat rule as mentioned above which works for ALL public IP addresses currently.

All help welcomed :-)

Cheers,

Stuart.

Re: Multiple WAN IP's & Port Forward

Posted: Fri Sep 02, 2016 2:09 pm
by voxmaster
Try to use dst-address= instead of in-interface=
Code: Select all
/ip firewall nat add action=dst-nat chain=dstnat comment=RDP dst-address=[YOUR-PREFERRED-PUBLIC-IP] dst-port=3389 protocol=tcp to-addresses=[Internal-IP] to-ports=3389
/ip firewall nat add action=dst-nat chain=dstnat comment=RDP dst-address=[YOUR-PREFERRED-PUBLIC-IP] dst-port=3389 protocol=udp to-addresses=[Internal-IP] to-ports=3389

Re: Multiple WAN IP's & Port Forward

Posted: Fri Sep 02, 2016 4:49 pm
by Rudios
Or even combine both in-interface AND dst-address.
All times are UTC+02:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/