Page 1 of 1
Access own public internet IP from local LAN
Posted: Mon Mar 31, 2014 5:20 pm
by kneuzgi
Hi
I have a dynamic internet ip address from the provider and i've added a port forwarding on my mikrotik router
so that i can access a host behind. From all other network it's working fine but not from the local LAN
I'd like to access from local LAN (192.168.88.x) my dyndns IP address
Actually it's not possible. I guess I have to do some config changes....
Thanks for any help
Regards
Kneuzgi
Re: Access own public internet IP from local LAN
Posted: Mon Mar 31, 2014 5:43 pm
by CelticComms
Re: Access own public internet IP from local LAN
Posted: Mon Mar 31, 2014 6:11 pm
by kneuzgi
Thanks for this tip
These two lines are in default config:
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1-gateway
add action=masquerade chain=srcnat comment="default configuration" out-interface=sfp1-gateway
I've added following:
/ip firewall nat
add chain=srcnat src-address=192.168.88.0/24 \
dst-address=192.168.88.2 protocol=tcp dst-port=80 \
out-interface=all-wireless action=masquerade
but it's not working ....
I guess I'm doing something wrong but I do not know what ??
Any help will be appreciated
Thank you very much
Re: Access own public internet IP from local LAN
Posted: Mon Mar 31, 2014 8:35 pm
by francisuk24
have a dynamic internet ip address from the provider and i've added a port forwarding on my mikrotik router
so that i can access a host behind. From all other network it's working fine but not from the local LANi
You need to create NAT rule.
Replace 192.168.88.x with your internal IP and port 8081
/ip firewall nat
add chain=dstnat action=dst-nat to-addresses=192.168.88.x to-ports=8081 protocol=tcp dst-port=8081
Re: Access own public internet IP from local LAN
Posted: Thu Apr 03, 2014 6:00 pm
by kneuzgi
now it's possible to reach my mikrotik router over the public internet address (without going external, means traffic stays in the LAN)
my next problem is that i'd like to access my webcam (external link) over Wifi (internal LAN)
example external URL: mywebcam.dyndns.org:1234 (url with port 1234)
internal url: 192.168.88.22:80 (LAN IP address with default web port 80)
how can I solve that ?
Thanks
Re: Access own public internet IP from local LAN
Posted: Fri Apr 04, 2014 1:20 am
by maomanna
/ip firewall nat
set chain=dstnat action=dst-nat to-addresses=192.168.88.22 to-ports=88 protocol=tcp dst-address='external ip' dst-port=12340
Re: Access own public internet IP from local LAN
Posted: Fri Apr 04, 2014 10:09 pm
by j7n
You could avoid having separate port forwarding rules for traffic coming from LAN and WAN, by using "dst-address-type=local" to match the address of any router's interface.
/ip firewall nat
add action=dst-nat chain=dstnat dst-address-type=local dst-port=1234 protocol=tcp to-addresses=192.168.88.22 to-ports=80
dst-port and to-ports don't have to match.