Page 1 of 1
How to get a request like "sometime.myddns.com:port" to work from local network instead of using 192.168.x.x
Posted: Thu Aug 23, 2018 4:53 pm
by trebew
This can be a newbie question but I really have no idea how to do… I have an address name linked to my public address (DDNS) and I want to use it locally, I mean, Instead of using 192.168.x.x, I need to use somename.myddns.com:port locally and it redirects to my local network instead of searching the internet DNS. With the ISP modem/router it works fine, not needing any configuration, but when I installed Mikrotik router it stopped working and I don’t know how to set it up.
The request somename.myddns.com:port is working fine externally, but when try to use it locally it doesn't work.
Re: How to get a request like "sometime.myddns.com:port" to work from local network instead of using 192.168.x.x [SOLVED]
Posted: Thu Aug 23, 2018 5:02 pm
by nescafe2002
Look into Hairpin NAT:
https://wiki.mikrotik.com/wiki/Hairpin_NAT
Generic example (check and correct subnets for your own network):
/ip firewall nat
add chain=srcnat src-address=192.168.88.0/24 \
dst-address=192.168.88.0/24 \
out-interface-list=LAN action=masquerade
It will translate the connections from local addresses to local addresses as if the connections were coming from the router itself.
Re: How to get a request like "sometime.myddns.com:port" to work from local network instead of using 192.168.x.x
Posted: Thu Aug 23, 2018 5:16 pm
by pe1chl
When you are not sending different port numbers to different servers it could be better to put a static
entry for somename.myddns.com in the DNS service with the address of the internal server (192.168.x.x)
so that internal clients asking for somename.myddns.com get directly connected to the server without NAT.
Of course this only works when everyone on the local network uses the MikroTik's DNS.
In a slightly larger network (e.g. business) you would handle this on your local DNS server (split DNS).
Re: How to get a request like "sometime.myddns.com:port" to work from local network instead of using 192.168.x.x
Posted: Thu Aug 23, 2018 5:38 pm
by trebew
Look into Hairpin NAT:
https://wiki.mikrotik.com/wiki/Hairpin_NAT
Generic example (check and correct subnets for your own network):
/ip firewall nat
add chain=srcnat src-address=192.168.88.0/24 \
dst-address=192.168.88.0/24 \
out-interface-list=LAN action=masquerade
It will translate the connections from local addresses to local addresses as if the connections were coming from the router itself.
Thanks, I think that is what I need. I'll test and reply back here.
When you are not sending different port numbers to different servers it could be better to put a static
entry for somename.myddns.com in the DNS service with the address of the internal server (192.168.x.x)
so that internal clients asking for somename.myddns.com get directly connected to the server without NAT.
Of course this only works when everyone on the local network uses the MikroTik's DNS.
In a slightly larger network (e.g. business) you would handle this on your local DNS server (split DNS).
As I understand this works if I need to redirect to a specific IP address right... but I need it to pass through the other NAT rules (using port numbers to reach different local IPs), so I think the solution nescafe2002 presented fits better for me.
Re: How to get a request like "sometime.myddns.com:port" to work from local network instead of using 192.168.x.x
Posted: Thu Aug 23, 2018 6:52 pm
by Steveocee
Hairpin NAT is what you need. Have a look at my video which shows you how to do this;
https://www.youtube.com/watch?v=_kw_bQyX-3U
Re: How to get a request like "sometime.myddns.com:port" to work from local network instead of using 192.168.x.x
Posted: Thu Aug 23, 2018 8:42 pm
by trebew
Thanks all for helping me, it worked just fine with Hairpin Nat indeed!