Hairpin NAT http://gregsowell.com/?p=4242
Bryon -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Ty Featherling Sent: Monday, April 28, 2014 4:15 PM To: Mikrotik discussions Subject: Re: [Mikrotik] local access to a NAT'ted address No dice. No packets even hit that rule. -Ty On Mon, Apr 28, 2014 at 3:04 PM, Josh Luthman <[email protected]>wrote: > Try... > > /ip firew nat > add action=masquerade chain=srcnat comment="masq lan for port forwarding" \ > dst-address=192.168.0.0/24 src-address=192.168.0.0/24 > > > Josh Luthman > Office: 937-552-2340 > Direct: 937-552-2343 > 1100 Wayne St > Suite 1337 > Troy, OH 45373 > > > On Mon, Apr 28, 2014 at 4:01 PM, Ty Featherling > <[email protected] > >wrote: > > > Here is what I have right now. > > > > /ip address > > add address=207.235.20.130/25 interface=bridgeWAN > > network=207.235.20.128 add address=192.168.0.1/24 > > interface=bridgeLAN network=192.168.0.0 add > > address=207.235.20.132/25 interface=bridgeWAN network=207.235.20.128 > > > > /ip firewall nat > > add action=dst-nat chain=dstnat dst-address=207.235.20.132 in-interface=\ > > bridgeWAN to-addresses=192.168.0.231 add action=src-nat > > chain=srcnat out-interface=bridgeWAN src-address=\ > > 192.168.0.231 to-addresses=207.235.20.132 add action=src-nat > > chain=srcnat src-address=192.168.0.0/24to-addresses=\ > > 207.235.20.130 > > > > > > -Ty > > > > > > On Mon, Apr 28, 2014 at 2:57 PM, Josh Luthman > > <[email protected]>wrote: > > > > > Share your config? Just make sure to masquerade the private/lan > > > side > and > > > then a simple dst nat rule. > > > > > > > > > Josh Luthman > > > Office: 937-552-2340 > > > Direct: 937-552-2343 > > > 1100 Wayne St > > > Suite 1337 > > > Troy, OH 45373 > > > > > > > > > On Mon, Apr 28, 2014 at 3:53 PM, Ty Featherling < > [email protected] > > > >wrote: > > > > > > > I have a server on my LAN here that I am 1:1 natting behind a > > > > public address. The srcNAT + dstNAT rules are working > > > > wonderfully but I find > > > when > > > > I try to access the server on it's public address from within my > > > > LAN > I > > > > can't reach it. From outside it works fine. > > > > > > > > It there another rule I need to allow this to work? My local > > > > machines access this server on it's local address but my phone > > > > is configured > to > > > > reach it via it's public and fails when I am in the office. > > > > > > > > -Ty > > > > -------------- next part -------------- An HTML attachment was > > > > scrubbed... > > > > URL: < > > > > > > > > > > http://mail.butchevans.com/pipermail/mikrotik/attachments/20140428/d2b > 8d5a1/attachment.html > > > > > > > > > _______________________________________________ > > > > Mikrotik mailing list > > > > [email protected] > > > > http://mail.butchevans.com/mailman/listinfo/mikrotik > > > > > > > > Visit http://blog.butchevans.com/ for tutorials related to > > > > Mikrotik RouterOS > > > > > > > -------------- next part -------------- An HTML attachment was > > > scrubbed... > > > URL: < > > > > > > http://mail.butchevans.com/pipermail/mikrotik/attachments/20140428/6b6 > 2f5b1/attachment.html > > > > > > > _______________________________________________ > > > Mikrotik mailing list > > > [email protected] > > > http://mail.butchevans.com/mailman/listinfo/mikrotik > > > > > > Visit http://blog.butchevans.com/ for tutorials related to > > > Mikrotik RouterOS > > > > > -------------- next part -------------- An HTML attachment was > > scrubbed... > > URL: < > > > http://mail.butchevans.com/pipermail/mikrotik/attachments/20140428/bbd > e0494/attachment.html > > > > > _______________________________________________ > > Mikrotik mailing list > > [email protected] > > http://mail.butchevans.com/mailman/listinfo/mikrotik > > > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik > > RouterOS > > > -------------- next part -------------- An HTML attachment was > scrubbed... > URL: < > http://mail.butchevans.com/pipermail/mikrotik/attachments/20140428/f03 > b0d5a/attachment.html > > > _______________________________________________ > Mikrotik mailing list > [email protected] > http://mail.butchevans.com/mailman/listinfo/mikrotik > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik > RouterOS > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.butchevans.com/pipermail/mikrotik/attachments/20140428/eb9c37be /attachment.html> _______________________________________________ Mikrotik mailing list [email protected] http://mail.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS _______________________________________________ Mikrotik mailing list [email protected] http://mail.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
