I need someone to help me on how to be able access my APs in 3 different cell site in one location.
I have 3 site running at the moment with different ISP, i am using in each of the site RB493 as the router, and another RB433AH as the AP that connect the clients.
The 1st site LAN ip address is 10.10.40.0/24 and the AP ip address is 10.10.40.253/24
The 2nd site LAN ip address is 10.10.50.0/24 and the AP ip address is 10.10.50.253/24
The 3rd site LAN ip address is 10.10.60.0/24 and the AP ip address is 10.10.60.253/24, this is where i want to manage the other 2 APs. I am able to enter the router because its having public IP address. I am not able to access the APs because they are using local IP address.
Please can someone tell me what i need to do to be able to access that APs?
Thanks to all the MK experts in the forum.
Re: How to access APs on different NATted network
You will need to do something along these lines.
http://wiki.mikrotik.com/wiki/PPTP_VPN_ ... tal_Office
http://wiki.mikrotik.com/wiki/PPTP_VPN_ ... tal_Office
Re: How to access APs on different NATted network
try this on RB493 at site 1:
ip firewall nat add chain=dstnat protocol=tcp dst-address=publicip dst-port=publicport to-addresses=10.10.40.253 to-ports=22
ip firewall nat add chain=dstnat protocol=tcp dst-address=publicip dst-port=publicport to-addresses=10.10.40.253 to-ports=22
Re: How to access APs on different NATted network
Thanks to you.
I will try it and get back to you.
I will try it and get back to you.
Re: How to access APs on different NATted network
try this on RB493 at site 1:
ip firewall nat add chain=dstnat protocol=tcp dst-address=publicip dst-port=publicport to-addresses=10.10.40.253 to-ports=22
Please i am a bit confuse with this firewall rule. can u explain it in a simple term?
How to access APs on different NATted network
It confused me too....
Re: How to access APs on different NATted network
I access my routers with SSH. If that is what you want to do, then log in to the router with the public ip. I'll presume you connected to 10.10.40.x/24 network router. Once you are logged in, then
Then you should be logged into 10.10.40.253.
Otherwise, VPN is the most secure of the alternatives.
Code: Select all
/sys
ssh 10.10.40.253
Otherwise, VPN is the most secure of the alternatives.
Re: How to access APs on different NATted network
this may help:
http://wiki.mikrotik.com/wiki/Manual:IP/Firewall/NAT
if your 1st site RB493 public IP is 123.123.123.123, and you want to access RB433AH by SSH, then set this on RB493:
ip firewall nat add chain=dstnat protocol=tcp dst-address=123.123.123.123 dst-port=2233 to-addresses=10.10.40.253 to-ports=22
dst-port=2233 could be any number except 22 because RB493 has port 22 open by default.
If you still can't access to the RB433AH, make sure RB433AH has a default route to RB493.
this works for me.
http://wiki.mikrotik.com/wiki/Manual:IP/Firewall/NAT
if your 1st site RB493 public IP is 123.123.123.123, and you want to access RB433AH by SSH, then set this on RB493:
ip firewall nat add chain=dstnat protocol=tcp dst-address=123.123.123.123 dst-port=2233 to-addresses=10.10.40.253 to-ports=22
dst-port=2233 could be any number except 22 because RB493 has port 22 open by default.
If you still can't access to the RB433AH, make sure RB433AH has a default route to RB493.
this works for me.
Re: How to access APs on different NATted network
try this on RB493 at site 1:
ip firewall nat add chain=dstnat protocol=tcp dst-address=publicip dst-port=publicport to-addresses=10.10.40.253 to-ports=22
Please i am a bit confuse with this firewall rule. can u explain it in a simple term?
In simple term, it's port forwarding.
RB493 check what public port request from it public interface, then forward the request to the LAN to port 22.