MikroTik

Hi,

I configured mikrotik to show a hotspot informative page showing coverage using a range 192.168.182.x/24 for this. Also I have a few WRT54G configured in subnet 192.168.183.x/24.
Mikrotik have 3 interfaces:

1º Internet 192.168.2.x
2º Lan 192.168.0.x
3º Wireless 192.168.182.x (APs 192.168.183.x)

I want to have SNMP access from 192.168.2.x network to 192.168.183.x and allow these APs to reach SNMP server on 192.168.2.x.

Could anyone help me please?

Regards.

You will probably need to dstnat/srcnat an ip into your localnet

/ip firewall nat
add chain=dstnat action=dst-nat dst-address=192.168.2.x to-addresses=192.168.183.y place-before=0
add chain=srcnat action=src-nat src-address=192.168.183.y to-addresses=192.168.2.x place-before=0

I would recommend this only if you have more than one ip assigned to your WAN interface. Otherwise, you will not be able to access the WAN router.

Hi,

I have tried the above firewall rules and it dont work. I have tried:

/ip firewall nat
add chain=dstnat action=dst-nat dst-address=192.168.2.25 to-addresses=192.168.183.1 place-before=0
add chain=srcnat action=src-nat src-address=192.168.183.1 to-addresses=192.168.2.25 place-before=0

What I'm doing wrong? I only need access to port 161 SNMP of the AP from 192.168.2.0 network.

Best regards.

If you want just that one port redirected:

/ip firewall nat
add chain=dstnat action=dst-nat dst-address=192.168.2.25 dst-port=161 to-addresses=192.168.183.1 to-ports=161 place-before=0
add chain=srcnat action=src-nat src-address=192.168.183.1 src-port=161 to-addresses=192.168.2.25 to-ports=161 place-before=0

Hi again,

Dont work as expected. I enable these firewall rules, and I ping from mikrotik to 192.168.2.25 and I get no response. I think something is wrong.
What can I check?

Regards.

You are not going to get a response from your internal server if you are using ICMP (ping) to that address. Different protocol. That goes to the router. It is not forwarded to the internal server. Only port 161 is forwarded.