I think you are just missing the DST address. On the first screen of the rule.
At the moment the rule wants any traffic to 3389 to go to your internal machine. Just set the DST IP address that will be on the packets and poof. Regards Alexander Alexander Neilson Neilson Productions Ltd [email protected] 021 329 681 > On 20/05/2014, at 6:09 am, Josh Luthman <[email protected]> wrote: > > I have my local network masqueraded to enable me to use a wan address and > nat right back to local services (ie typing luthman.com:80 is easier than > 192.168.1.10:80) > > The problem is that the NAT rule is catching traffic to other hosts as > well, as you can see: > > add chain=dstnat dst-port=3389 protocol=tcp \ > action=dst-nat to-addresses=192.168.21.192 to-ports=3389 > > Is there a way to fix this ONE rule so it works for outside dsnat, inside > dstnat, but doesn't effect me going to 3389 on everything else? > > Josh Luthman > Office: 937-552-2340 > Direct: 937-552-2343 > 1100 Wayne St > Suite 1337 > Troy, OH 45373 > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: > <http://mail.butchevans.com/pipermail/mikrotik/attachments/20140519/94aefca2/attachment.html> > _______________________________________________ > Mikrotik mailing list > [email protected] > http://mail.butchevans.com/mailman/listinfo/mikrotik > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6151 bytes Desc: not available URL: <http://mail.butchevans.com/pipermail/mikrotik/attachments/20140520/7c5eb990/attachment.bin> _______________________________________________ Mikrotik mailing list [email protected] http://mail.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
