MikroTik

Posted: **Mon Dec 06, 2004 6:52 pm**

Hi there....

I have a Mikrotik running, with a AP, with which clients connect to...now my router connects pppoe through the internet, and is running DDNS to update a DNS name with its new IP address...

Now I have a client who wants to access his computer from the internet...Can anybody please help me!!? I know it is possible, but I dunno how to do it

Darren

Posted: **Mon Dec 06, 2004 8:57 pm**

see documentation: http://www.mikrotik.com/docs/ros/2.8/ip/nat.content
under redirect

example (192.168.255.10 is local webserver):

in-interface=pppoe dst-address=:80 protocol=tcp action=redirect to-dst-address=192.168.255.10 to-dst-port=80

regards
matthias

Posted: **Mon Dec 06, 2004 9:17 pm**

Thanx a million dude....I am getting some where now

Posted: **Tue Dec 07, 2004 10:39 pm**

Can you pleaaaaaaaaaaaase help me out here .. you sem to know something about this.. i can't seem to open port 25 for my mailserver on MK anytime i scan the ports it says closed no matter what i do any ideas???

thanks

Sheldon

Posted: **Tue Dec 07, 2004 10:59 pm**

Can you pleaaaaaaaaaaaase help me out here .. you sem to know something about this.. i can't seem to open port 25 for my mailserver on MK anytime i scan the ports it says closed no matter what i do any ideas???

thanks

Sheldon

If you stopped connection tracking then start it

Posted: **Wed Dec 08, 2004 3:30 am**

i don't even know what that is let alone turn it off LOL....next suggestion.....

do you know how to set it up for a mail server or not?

Posted: **Wed Dec 08, 2004 8:10 pm**

try with action=nat
if it doesn't work again please post the results of these commands:

/ip address export
/ip firewall src-nat export
/ip firewall dst-nat export

Posted: **Fri Dec 10, 2004 8:45 pm**

here is the info you requested

/ ip firewall src-nat
add out-interface=Public action=masquerade comment="" disabled=no
add src-address=192.168.0.30/32 out-interface=Public action=nat comment="this rule allows ONLY THIS PUTER \
ACCESS TO THE NET." disabled=yes
[admin@MikroTik] > /ip firewall dst-nat export
# dec/10/2004 11:51:41 by RouterOS 2.8.19
# software id = IMXI-FLT
#
/ ip firewall dst-nat
add dst-address=68.150.192.222/32:53 protocol=udp action=nat to-dst-address=192.168.0.11 comment="" \
disabled=no
add dst-address=68.150.192.249/32:53 protocol=udp action=nat to-dst-address=192.168.0.2 comment="" \
disabled=no
add dst-address=:25 protocol=tcp action=nat to-dst-address=192.168.0.30 comment="it's gotta be this one or \
the other one CHANGED THIS TO PUBLIC SEE WHAT HAPPENS ...disabled this one to allow new last rule a \
chance to work ????????" disabled=yes
add dst-address=68.150.192.222/32:23 protocol=tcp action=nat to-dst-address=192.168.0.30 comment="for ssh \
access" disabled=no
add dst-address=68.150.192.222/32:22 protocol=tcp action=nat to-dst-address=192.168.0.30 to-dst-port=22 \
comment="" disabled=no
add src-address=192.168.0.30/32 action=accept comment="i don't know he says .30 should be able to get out wit \
htis and a simialr one in forward rules ??????????" disabled=no
add dst-address=68.150.192.222/32:25 protocol=tcp action=nat to-dst-address=192.168.0.30 comment="" \
disabled=no

/ ip address
add address=68.150.192.217/24 network=68.150.192.0 broadcast=68.150.192.255 interface=Public comment="" \
disabled=no
add address=68.150.192.249/24 network=68.150.192.0 broadcast=68.150.192.255 interface=Public comment="" \
disabled=no
add address=68.150.192.222/24 network=68.150.192.0 broadcast=68.150.192.255 interface=Public comment="" \
disabled=no
add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=Local comment="" disabled=no

MikroTik

PORT FORWARDING

PORT FORWARDING

Re: PORT FORWARDING