Hi

I use 3xMT for WLAN and linux-based serwer as router. I would like to use Winbox to access all MT's from Internet side.
There is prerouting rule on serwer:
iptables -t nat -A PREROUTING -p tcp -d x.x.x.x --dport 1234 -j DNAT --to 192.168.1.200:80
iptables -t nat -A PREROUTING -p tcp -d x.x.x.x --dport 3987 -j DNAT --to 192.168.1.200:3987
that makes that I can access to one MT by x.x.x.x:1234.

And now there is problem with prerouting for second MT, because I can't use 3987 port for next MT.
There is some solution to use unencrypted connection on 3986 port for second router, but what with third MT.
Is there some possibility to use another port (then 3987 and 3986) for Winbox?

I do this by simply dst-nat each box with both ports and allowing established connections... I log into the first router then enable the dst-nat rule and change the to-dst-address to each subsequent router ... I have logged onto 4 routers this way... my entire network is src-nat behind one ip and uses static routing

get multiple static IP's and do 1 to 1 nat.. or setup a PPTP tunnel to the private network and manage them that way.. I'd go with the PPTP tunnel.. added layer of security.

Thanks for advices. I think I do 1 to 1 nat with static IP's. But before I will receive more static IP's (it will last about month) i try wifiradio's idea.