X
X
xxxMaMoNTxxx2020-02-21 01:28:52
VPN
xxxMaMoNTxxx, 2020-02-21 01:28:52

How to properly forward to a web server behind NAT?

There is a microtic on static 1.1.1.1, local ip 192.168.0.1. A bunch of different zyxel routers connect to it, in which the "use to access the Internet" checkbox is turned off in the ppptp settings. These suxels are configured for port forwarding from the pptp interface to specific local devices. The problem is that behind one of these zukhels there is a web server that does not want to show the real addresses of visitors in any way, instead of them, the Mikrotik address 192.168.0.1 is lit everywhere.

The scheme in short looks like this:
1.1.1.1| Mirkotik |192.168.0.1| <-----(vpn)------192.168.0.50 | Zyxel |192.168.100.4| <----(lan) ----192.168.100.10 |web server|
Used rules:

chain=dstnat action=netmap to-addresses=192.168.0.50 to-ports=80 protocol=tcp dst-address=1.1.1.1 in-interface=pppoe-out1 dst-port=80 log=yes log-prefix=""

chain =srcnat action=masquerade out-interface=Zyxel_VPN_WEB log=yes log-prefix=""

Changing out-interface in Mirkotik does not affect anything. When you check the "Use to access the Internet" box in the zixel, everything starts working as it should, but in my case, accessing the Internet through that interface is not acceptable.

Answer the question

In order to leave comments, you need to log in

1 answer(s)
G
Gregory, 2020-02-21
@Maxlinus

mikrotik-ukraine.blogspot.com/2016/11/vpn-mikrotik.html
and what is configured on zyxel?

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question