Hello,
i set up port forward
/ip firewall nat add chain=dstnat dst-port=1234 action=dst-nat protocol=tcp to-address=192.168.1.1 to-port=1234
Now it works from outside, for example 159.148.60.20:1234, (my IP)
but when i try to connect from computer in my network, it doesn't forward to right computer.
I need to create another rule?
Re: RB750G port forwarding
This is because devices are from the same network and can reach each other directly.
http://wiki.mikrotik.com/wiki/Hairpin_NAT
http://wiki.mikrotik.com/wiki/Hairpin_NAT
Re: RB750G port forwarding
thanks for your replay! 
but i have another question.
In the link, there is note:
"The rule below is very specific to only apply to the traffic that the issue could occur with - if there are many servers the issue occurs with, the rule could be made broader to save having one such exception per forwarded service."
How to make it "broader", if i have multiple servers and ports?
but i have another question.
In the link, there is note:
"The rule below is very specific to only apply to the traffic that the issue could occur with - if there are many servers the issue occurs with, the rule could be made broader to save having one such exception per forwarded service."
How to make it "broader", if i have multiple servers and ports?
Re: RB750G port forwarding
Code: Select all
/ip firewall nat
add chain=srcnat src-address=192.168.1.0/24 \
dst-address=192.168.1.2 protocol=tcp dst-port=80 \
out-interface=LAN action=masqueradeCode: Select all
/ip firewall nat
add chain=srcnat src-address=192.168.1.0/24 \
dst-address=192.168.1.0/24 \
out-interface=LAN action=masqueradeRe: RB750G port forwarding
What do I need to set up to make a dns entry resolve to the right places?
eg.
www.my750g.co.nz --> myPublicIP... -->iface1<--RB750G-->iface2(192.168.2.1)<-dumb switch->192.168.1.150(MyWebServer)
How do I set up the dns correctly so that my desktop(192.168.1.123) also sees 'myWebServer' for port 80...
With my old linux box this was simple... I just ran the web server on 192.168.2.1 and if I wanted to expose the web server on .150 I'd just use a rewrite rule on apache on .1 to write the content from .150.
But with my new 750 as the firewall I'm not running a web server on it but I still want my domain name to resolve correctly for each service.
ssh for example I want to go to the 750.
SMTP & www I want on .150
Can anyone point me to what I need to read or share some example set up scripts?
TIA
D
eg.
www.my750g.co.nz --> myPublicIP... -->iface1<--RB750G-->iface2(192.168.2.1)<-dumb switch->192.168.1.150(MyWebServer)
How do I set up the dns correctly so that my desktop(192.168.1.123) also sees 'myWebServer' for port 80...
With my old linux box this was simple... I just ran the web server on 192.168.2.1 and if I wanted to expose the web server on .150 I'd just use a rewrite rule on apache on .1 to write the content from .150.
But with my new 750 as the firewall I'm not running a web server on it but I still want my domain name to resolve correctly for each service.
ssh for example I want to go to the 750.
SMTP & www I want on .150
Can anyone point me to what I need to read or share some example set up scripts?
TIA
D
Re: RB750G port forwarding
Just port forward only the relevant services to whatever machine runs them. Maybe I'm misunderstanding what you're trying to do?
Re: RB750G port forwarding
In my case I just recently had a site where the customer was using an ip address to direct traffic at a database/application server.Maybe I'm misunderstanding what you're trying to do?
The client software was configured the same for users both in the building on the local lan and outside the building at remote sites.
The Thompson router supplied by the ISP simply redirected the requests for the ip/port combination to the internal machine.
Even the internal machine (server) was being used as a client, and it's client software would send requests to the router which would then come back at it self. (Yes I know how dumb that sounds, but it worked and they weren't about to pay anyone to set up a more technically better solution).
However, I can see what the 750 can do, so I think I'll go off and have a play and just nut it out.