MikroTik

Dear All,

I need some help with configuring port forwarding on a Mikrotik RB951G-2Hnd.
It seems that my Mikrotik router is behind a Carrier Grade NAT (CGN). The IP Address in the Mikrotik configuration is from 100.64.0.0/10, but when I check my public IP I can see something totally different, and my public IP address is changing dynamically.

After some searching on google I found this article: https://wiki.mikrotik.com/wiki/Manual:I ... Source_NAT
Tha last part is about Carrier-Grade NAT, but I could not really figure out how to apply this to my router.

I also enabled DDNS in the Miktortik configuration, but it is not working properly and I get this error message:
DDNS server received request from IP 94.248.149.102 but your local IP was 100.64.151.58; DDNS service might not work.

Can someone please help me with how I can configura a NAT rule or something, so that I can reach my Mikrotik router from outside of my LAN?

Unfortunately, there is now way to forward traffic to you from ISP router, except you working in this ISP

You can try this script for double NAT

https://wiki.mikrotik.com/wiki/Dynamic_ ... behind_NAT

This is completely up to your ISP. Technically there is nothing you can do. When the traffic heads to "your public IP", it's the router that holds that IP address can decide what to do with that traffic. That router belongs to the ISP.

However I am almost certain your ISP would provide you with an Public IP, in exchange for cash

You can setup a MikroTik Cloud Hosted Router on Amazon AWS and use that as a VPN concentrator. Then you can connect your device (laptop, phone, etc) to the VPN and also connect your MikroTik at home to the VPN to get remote access without a public IP.

If you just want to be able to connect via ssh and manage your devices you can use a tor hidden service, if you want to host something on the internet then you have to ask you isp for upnp on your interface or static port nat mapping or 1:1.