Portforwarding on Mikrotik Router.. help

[acidrain]

Hi guys,

Can anyone help me with port forwarding on a MT router, running ROS 3.19.

Required ports are 41300 - 41960.

So far this is what i got but doesn't seem to work

     chain=srcnat action=masquerade protocol=tcp src-address=172.18.42.96/28 
     dst-address=172.18.42.104 dst-port=41300-41960

Thanks,

 

[fragtion]

Upgrade to 3.22 (at least - it's free!) - check your System->License info, maybe yours is upgradeable further.

Try this:

/ ip firewall nat add chain=dstnat action=netmap src-address=172.18.42.96/28 to-addresses=172.18.42.104 to-ports=41300-41960 protocol=tcp dst-port=41300-41960

Not sure if it's the correct way to portmap a range of ports, but it _should_ work... let me know =)

 

[nahoR]

Upgrade to 3.22 (at least - it's free!)

Should be able to upgrade to 3.30
Upgrade the firmware and license too. Not sure from which version the new license is required, could be from version 4

/ ip firewall nat add chain=dstnat action=netmap src-address=172.18.42.96/28 to-addresses=172.18.42.104 to-ports=41300-41960 protocol=tcp dst-port=41300-41960

I think this should work asswell, maybe check if your ip addresses are correct. This will forward traffic directed to your whole /28 network to the single ip, is that what you wanted?

Form the Mikrotik Wiki:
Port mapping

If you would like to direct requests for a certain port to an internal machine (sometimes called opening a port, port mapping), you can do it like this:

/ip firewall nat add chain=dstnat dst-port=1234 action=dst-nat protocol=tcp to-address=192.168.1.1 to-port=1234


This rule translates to: when an incoming connection requests TCP port 1234, use the DST-NAT action and redirect it to local address 192.168.1.1 and the port 1234

Im not sure what the action=netmap does, maybe change it to action=dstnat?

 

[nahoR]

acidrain: have a look at wiki.mikrotik.com

The documentation is really good, and theres alot of examples

 

[acidrain]

acidrain: have a look at wiki.mikrotik.com

The documentation is really good, and theres alot of examples

I have looked at the mikrotik wiki, thats where i got my settings i posted. As for upgrading, is there any differences on performance when upgrading to a higher version, reason i ask is i have a rb133 and it isn't recommended to run v3 ( hence why i stopped at 3.19 for reasons of certain packages i required )

I have another port forward for another machine to allow vnc access, which works and hence why I'm confused as the settings are exactly the same except the port and the to-address ip

 

[portcullis]

RB133 will be fine on 3.30

Here's one I upgraded last week for a client to 4.11
It's still works

[admin@clientname] /system resource print

uptime: 5d10h4m22s
version: "4.11"
free-memory: 2952kB
total-memory: 13720kB
cpu: "MIPS 4Kc V0.11"
cpu-count: 1
cpu-frequency: 175MHz
cpu-load: 46
free-hdd-space: 35476kB
total-hdd-space: 61440kB
write-sect-since-reboot: 207179
write-sect-total: 302946
bad-blocks: 0%
architecture-name: "mipsle"
board-name: "RB133C"
platform: "MikroTik"

 

[fragtion]

RB113 or 112 will work fine with 4.11 as long as you disable all unused packages and keep cpu/memory-intensive stuff lower, so that means less firewall rules and stuff !

 

[acidrain]

OK cool, will upgrade to 3.30 quickly then try the above nat rules

can't do 4.x as im only upgradable to 3.x

 

[portcullis]

3.30 is very cool.

 

[acidrain]

Got ky port forward working. Thanks to all for your assistance. The problem was rooky mistake, got the to-address op wrong :/