How to forward the IP address of the host that initiates the connection when port forwarding to the server?

V

Vitaly Gusev2020-07-23 12:08:12

network hardware

Vitaly Gusev, 2020-07-23 12:08:12

Good afternoon!

Look, there is a mail server. Internet access via mikrotik.
On Mikrotik, I forward port 25 to the server. I'm testing the connection and I see that the server sees the connection from the internal IP address of the Mikrotik, and not from the IP address of the host from which I connected to port 25.
Those. Mikrotik natit not only on the outside, but also inside.
How to make forwarding work without changing the IP?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

V

Vladimir, 2020-07-23
@MechanID

Your question is already half the answer, if Mikrotik nats and inside, then you need to figure out why it is so configured and whether it can be removed. (you can - without breaking something else)
With a normal nata, this should not be.
for example:
chain=dstnat action=dst-nat to-addresses=10.10.0.80 to-ports=443 protocol=tcp dst-address=xxx.xxx.xxx.237 in-interface=ether6 dst-port=443 log=no log -prefix=""
There will be normal nat and server 10.10.0.80 sees connections from external ip addresses and nginx logs them correctly.

A

akelsey, 2020-07-23
@akelsey

Most likely, the nat rule is made not simply, but very simply.
/ip firewall nat add action=masquerade
Specify the normal interfaces in the rule, and the subnets that will be pulled.
Out interface = "toISP"
Src. Address = "192.168.0.0/16" (well, or your subnet.)