because I'm a glutton for punishment i put in a nice lil Mikrotik RouterOS switch. Works wonderfully but now I need to forward ports and make sure they are open on the outside.
For the life of me I have searched, tried, googled, and done everything short of pleading with this device to figure out how to forward ports from the internet to a local LAN based IP.
Rules I've tried (names changed to protect the innocent):
1.
/ip firewall nat add chain=dstnat dst-port=9881 action=dst-nat protocol=tcp to-address=INTERNAL.HOST to-port=9881
2.
/ip firewall nat
add chain=dstnat action=dst-nat in-interface-list=WAN protocol=tcp dst-port=9881 to-addresses=INTERNAL.HOST to-ports=9881
3.
/ip firewall nat add chain=dstnat action=dst-nat to-addresses=INTERNAL.HOST protocol=tcp dst-address=INTERNAL.GATEWAY in-interface=ether1 dst-port=9881
/ip firewall nat add chain=dstnat action=dst-nat to-addresses=INTERNAL.HOST protocol=udp dst-address=INTERNAL.GATEWAY in-interface=ether1 dst-port=9881
/ip firewall filter add chain=forward action=accept connection-nat-state=dstnat protocol=tcp dst-address=INTERNAL.HOST dst-port=9881
/ip firewall filter add chain=forward action=accept connection-nat-state=dstnat protocol=udp dst-address=INTERNAL.HOST dst-port=9881
Nothing, can't show the port is open and external clients can't connect to it.
Anyone who is a Mikrotik expert I'd love to have feedback.
For the life of me I have searched, tried, googled, and done everything short of pleading with this device to figure out how to forward ports from the internet to a local LAN based IP.
Rules I've tried (names changed to protect the innocent):
1.
/ip firewall nat add chain=dstnat dst-port=9881 action=dst-nat protocol=tcp to-address=INTERNAL.HOST to-port=9881
2.
/ip firewall nat
add chain=dstnat action=dst-nat in-interface-list=WAN protocol=tcp dst-port=9881 to-addresses=INTERNAL.HOST to-ports=9881
3.
/ip firewall nat add chain=dstnat action=dst-nat to-addresses=INTERNAL.HOST protocol=tcp dst-address=INTERNAL.GATEWAY in-interface=ether1 dst-port=9881
/ip firewall nat add chain=dstnat action=dst-nat to-addresses=INTERNAL.HOST protocol=udp dst-address=INTERNAL.GATEWAY in-interface=ether1 dst-port=9881
/ip firewall filter add chain=forward action=accept connection-nat-state=dstnat protocol=tcp dst-address=INTERNAL.HOST dst-port=9881
/ip firewall filter add chain=forward action=accept connection-nat-state=dstnat protocol=udp dst-address=INTERNAL.HOST dst-port=9881
Nothing, can't show the port is open and external clients can't connect to it.
Anyone who is a Mikrotik expert I'd love to have feedback.