I was pretty big into Mikrotik in years past, but haven't been active in some time.
I just picked up a RB2011 and want to forward ports 80, 443, and 50500 for my network storage device. When I dstnat those ports below it kills my ability to browse using a device on the inside of my network. This has to be something simple, please help. I'm not sure how traffic originating from the outside and destined for my network storage is treated. Ideally it should be handled by the forward chain, but it will have a destination IP of the WAN side of the router. So that makes me think imput chain. /ip firewall filter add chain=input protocol=icmp add chain=input connection-state=established add chain=input connection-state=related add action=drop chain=input in-interface=ether1-gateway add chain=forward connection-state=established add chain=forward connection-state=related add action=drop chain=forward connection-state=invalid /ip firewall nat add action=masquerade chain=srcnat out-interface=ether1-gateway to-addresses=0.0.0.0 add action=dst-nat chain=dstnat comment=Foscam-1 dst-port=8080 protocol=tcp to-addresses=192.168.55.200 to-ports=8080 add action=dst-nat chain=dstnat comment=Foscam-2 dst-port=8081 protocol=tcp to-addresses=192.168.55.201 to-ports=8081 add action=dst-nat chain=dstnat comment=IX2 disabled=yes dst-address-type="" dst-port=80 protocol=tcp to-addresses=192.168.55.54 to-ports=80 add action=dst-nat chain=dstnat comment=IX2 disabled=yes dst-address-type="" dst-port=443 protocol=tcp to-addresses=192.168.55.54 to-ports=443 add action=dst-nat chain=dstnat comment=IX2 disabled=yes dst-port=50500 protocol=tcp to-addresses=192.168.55.54 to-ports=50500 add action=dst-nat chain=dstnat comment=Casey7-RDP dst-port=3389 protocol=tcp to-addresses=192.168.55.52 to-ports=3389 add action=dst-nat chain=dstnat comment=HTPC7-Plex dst-port=32400 protocol=tcp to-addresses=192.168.55.50 to-ports=32400 add action=dst-nat chain=dstnat comment=HTPC7-CetonApp dst-port=5832 protocol=tcp to-addresses=192.168.55.50 to-ports=5832 Thanks, Casey -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.butchevans.com/pipermail/mikrotik/attachments/20140607/7f0955d3/attachment.html> _______________________________________________ Mikrotik mailing list [email protected] http://mail.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
