Syed Jahanzaib Personnel Blog to Share Knowledge !

January 29, 2012

Mikrotik / Linux Port Forwarding to Local Server on LAN

Filed under: Linux Related, Mikrotik Related — Tags: , — Syed Jahanzaib / Pinochio~:) @ 9:50 AM

Mikrotik Port Forwarding to Local Server

If you want to host any web server (or any other service like RDP or Game Server) behind mikrotik server and you want it to be publicly available for all internet users, you can use port forwarding and create one dstnat rule as below.Just make sure this rule comes above any masquerading rule.

Scenario:

DSL MODEM WAN IP = 221.xxx.xxx.xxx
DSL LAN IP = 192.168.1.1

MIKROTIK WAN IP = 192.168.1.2
MIKROTIK LAN IP = 192.168.0.1

WEB SERVER IP = 192.168.0.50

First setup port forwarding in your dsl modem to forward port 80 request to your mikrotik, I am not showing DSL modem config, as its very different for every mode, search for your modem confg page on howto do port forwarding. Just an example here for my Wi.Fi MODEM page.

Then in mikrotik , add an rule to forward port 80 request to your local web server, (one that is hosted behind your mikrotik server, on local user LAN)

MIKROTIK RULE :

/ip firewall nat
add action=dst-nat chain=dstnat disabled=no dst-port=80 in-interface=WAN2-QUBEE protocol=tcp to-addresses=192.168.0.50 \
to-ports=80

The above rule result would be something like below.

.

Linux Port Forwarding to Local Server

Linux WAN IP = 221.132.112.9 [Connected with WAN]
Linux LAN IP = 10.0.0.1 [Connected with User LAN]
Mikrotik LAN IP = 10.0.0.2 [Connected with User LAN or with SQUID]

sysctl net.ipv4.ip_forward=1

iptables -t nat -A PREROUTING -p tcp –dport 8291 -j DNAT –to-destination 10.0.0.2:8291

iptables -t nat -A POSTROUTING -j MASQUERADE

Regard’s
Syed Jahanzaib

The Silver is the New Black Theme. Blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

Join 2,339 other followers