For Mikrotik brand routers, port forwarding is required to be done quite often. However, for network administrators and for unprepared users, the solution to this problem is often quite difficult. The following is a brief instruction, following which you can easily carry out any operations of this type, however, you will have to tinker a bit.
Configuring Mikrotik with port forwarding. Why is this needed?
Before setting up the router, you should dwell a bit on the principles of port forwarding and on what it is all used for.
Mikrotik, , , , , IP, , . , , IP, . , , , , .
Mikrotik . :
-
, . Mikrotik (RDP, FTP ..) , -. 192.168 0.1, 1.1, .
- ( Internet Explorer) 192.168.88.1, admin, , , . , - ( ), , 10-15 .
. : Mikrotik Masquerade ( IP-, ).
Firewall/NAT , . . , .
. , , :
- Torrent: tcp/51413;
- SSH: tcp/22;
- SQL Server: tcp/1433;
- WEB Server: tcp/80;
- telnet: tcp/23;
- RDP: tcp/3389;
- snmp: udp/161 ..
.
. , ( ).
:
- Chain: srcnat , , , dstnat β ( );
- Src. Dst. ;
- tcp, udp ( 6 (tcp);
- Src. Port , .. ;
- Dst. Port ( ): (, 51413 , 3389 RDP ..);
- Any Port , , , ;
- In. Interface: ( ether1-gateway);
- Out. Interface: ( ).
: (RDP) Src. Address IP , . RDP- 3389. , VPN.
Mikrotik (Action). , :
- Action: accept ( ), dst-nat ( netmap);
- To Addresses: , ;
- To Ports: 80, 51413.
Mikrotik: FTP
, , FTP. FTP-, , FileZilla, . FTP Mikrotik, .
, FTP- , 21. .
, , : .
21 :
- Chain: dst-nat;
- Dst. Address: (, 1.1.1.28);
- Protocol: 6 (tcp);
- Dst. Port: 21
- In. Interface: ether1-gateway.
Action :
- Action: dst-nat;
- Dst. Address: , FTPβ;
- To Ports: 21.
(, 50000-50050) , :
Please note that when configuring forwarding for FTP, you need to follow the documentation of the router, and it says that it is not recommended to use the initial threshold of the port range below the value of 1024. This point is also worth considering.
In principle, you can still use the Hairpin NAT Mikrotik function, but it is needed only in cases where you need to log in to an external IP from the local network. In general, you do not need to activate it.