Why does forwarded port not work from LAN?

R

ruskella2014-09-05 17:53:05

Computer networks

ruskella, 2014-09-05 17:53:05

Hello, there is mikrotik, domain: domain.ru, how to configure it so that you can get to the server behind the router via domain.ru:81 both from the local area and via the Internet?
Router :
External : 1.1.1.1
Local : 192.168.1.1
Forwarded port 81 to the server
Server :
IP : 192.168.1.2
web port : 80
Task:
1) Being on external ip, suppose: 2.2.2.2 , referring to 1.1.1.1: 81 , the server should answer
2) Being on the local network at: 192.168.1.3 , referring to 1.1.1.1:81, the server should answer
That is, from the Internet I get to the server, but from the local network the domain does not go, how to configure it correctly?

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

R

ruskella, 2014-09-05
@ruskella

There is a solution, but it is not convenient if there are many ports:

/ip firewall nat chain=dstnat action=netmap to-addresses=192.168.1.2 to-ports=80 protocol=tcp packet-mark=1

/ip firewall nat chain=srcnat action=src-nat to-addresses=192.168.1.1 packet-mark=1

/ip firewall mangle chain=prerouting action=mark-packet new-packet-mark=1 passthrough=yes protocol=tcp src-address=192.168.1.0/24 dst-address=1.1.1.1 dst-port=81

Description of these commands in the comment above

D

dannyzubarev, 2014-09-08
@dannyzubarev

Hairpin NAT

A

Andrew, 2014-09-05
@OLS

As a workaround: write on the hosts of the local network in the hosts file the correspondence of domain.ru to the gray IP address of the server