Answer the question
In order to leave comments, you need to log in
R
R
Roman2015-11-13 23:01:23
Roman, 2015-11-13 23:01:23
Mikrotik port forwarding from LAN?
Good afternoon!
I can’t forward port 80 from the local network, I googled several solutions, but none of them work from the local network, there are no problems from the Internet.
192.168.1.11 - web server, 1.1.1.1 - external ip of Mikrotik
I found the 1st method somewhere on Habré.
add action=dst-nat chain=dstnat comment=web dst-address=1.1.1.1 \
dst-port=80 in-interface=Wan1 protocol=tcp to-addresses=192.168.1.11 \
to-ports=80
add action=dst -nat chain=dstnat dst-address=1.1.1.1 \
dst-port=80 in-interface=Local protocol=tcp src-address=192.168.1.0/24 \
to-addresses=192.168.1.11 to-ports=80
add action =src-nat chain=srcnat dst-address=192.168.1.11 \
dst-port=80 out-interface=Local protocol=tcp src-address=192.168.1.0/24 \
to-addresses=192.168.1.1
2nd option, Hairpin on wiki
add action=dst-nat chain=dstnat comment=web dst-address=1.1.1.1 \
dst-port=80 protocol=tcp to-addresses=192.168.1.11 \
to-ports=80
add action=masquerade chain=srcnat dst-address=192.168.1.11 \
dst-port=80 out -interface=Local protocol=tcp src-address=192.168.1.0/24 \
to-addresses=192.168.1.1
What did I do wrong?
3 answer(s)
@Uvetrom
@alegzz
@Nerwin
R
Roman, 2015-11-14 @Uvetrom
Oleg, thanks for the advice...
But the problem was solved by itself, I don’t believe in mysticism.
I don’t want to say that, but SAMO suddenly worked when I tried the second option again.
Do not understand why.
A
alegzz, 2015-11-13 @alegzz
add action=src-nat chain=srcnat dst-address=192.168.1.11 \
dst-port=80 out-interface=Local protocol=tcp src-address=192.168.1.0/24 \
to-addresses=192.168.1.1 - what is it ? o_o
O
Oleg Nerwin, 2015-11-14 @Nerwin
Can the firewall allow forward lan-lan?
/ip firewall filter
add chain=forward in-interface=local out-interface=local
Similar questions
M
D
T
N
T
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question