I
I
inogda_dobriy2015-11-19 11:54:41
NAS
inogda_dobriy, 2015-11-19 11:54:41

Mikrotik rb951g 2hnd how to make friends with QNAP_NAS?

Behind the Mikrotik is a NAS whose settings are set to receive a static internal IP network - it receives it, everything is OK.
when trying to get to the NAS via internal IP on port 80, there are no problems. But when you try to get to it from the outside using its name registered on its DDNS service option 2:
1- if the port is not forwarded, then we get to Mikrotik
2-if it is forwarded, then nothing happens - just eternal page loading and that's it.
I tried to forward the ports with my hands and tried the internal utility of the NAS (he can do it himself via UPnP and it worked with another router), everything is included on Mikrotik UPnP.
+ 80 is not the only port that needs to be forwarded to it (there are also 20,21,8080,8081,1723,1194), but here at least one to deal with.
Help if anyone has come across

Answer the question

In order to leave comments, you need to log in

5 answer(s)
Y
Yaroslav Eremin, 2015-11-19
@YaroslavEremin

Do you have a router registered?
print NAT rules set
disable www service on mikrotik:
/ip service
set www disabled=yes
if it doesn't help, use packet sniffer on mikrotik and see what's with the packets there

I
inogda_dobriy, 2015-11-19
@inogda_dobriy

IP services are disabled in general, everything except winbox.
there is only one NAT rule:
chain=srcnat action=masquerade out-interface=ether1-gateway log=no log-prefix=""
sniffer what does it make sense to sniff? incoming traffic on the 1st port or what? Or both that and that and then to compare?
I figured out the guest WiFi ... there was a small conflict in the Firewall. But the speed still cuts

L
LESHIY_ODESSA, 2015-11-20
@LESHIY_ODESSA

Well, look, you have two devices and both have port 80. There are several options here.
1. Disable port 80 on Mikrotik, and instead use hhtp S - port 443. It is generally logical, correct and safe to encrypt all traffic from you to the Mikrotik web interface.
2. Use not port 80 on Mikrotik, but another one. Also one of the security chips. Hacker bots scan port 80 by default, so why not move it to 4444 for example
. 3. Use forwarding from outside to the NAS with a different port. That is,
add action=netmap chain=dstnat dst-port= 8090 protocol=tcp to-addresses=10.1.1.2 to-ports= 80
That is, from the outside, the NAS will have port 8090, and then it taxis to port 80 of the NAS. That is, to get to the web interface of the NAS there will be a URL - name.DynDNS.org: 8090
Opening the NAS outside is not very safe, or rather not safe at all. Usually they use VPN to the local area where the NAS is located.
Mikrotik has built-in FTP, so port 21 will also conflict.

Z
Zommer693, 2017-11-27
@Zommer693

So how did it all work out?
I have the same problem at the moment and I have no idea how to solve it.
Tell me plz.

B
BobbyGun, 2019-05-05
@BobbyGun

Solved through DMZ elementary.
Here is how it is written.
https://asp24.com.ua/blog/mikrotik-router-os-nastr...

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question