For those who are starting out, 'srcnat' is typically associated with internal users wanting access to the internet. The 'source' IP is kept private through translation to the external IP. 'dstnat' is typically used when needing to port forward from the internet to the internal network. It allows an external IP to translate to an internal IP. Obviously, this is greatly simplied and there are other uses but it will help those dealing with Mikrotik's many, many, many (!) features.
Glad to see you doing mikrotik videos not enough on RUclips. I purchased my first mikrotik router 3 years ago and thought I was decent with routers but found out quickly I'm not as good as I thought I was. Great product at an amazing entry level price. You never have to reboot the thing it just runs. I use the mikrotik router with ubiquiti wifi ap's
Thank you so much I have the same mikrotik interface and it was confusing at first but after your video it's like a dream come true to do port forwarding
As much of a ubnt fan i am like you and Chris, were using more and more Mikrotik at work and its really great. The RB750gr3 aka Hex is fantastic value for money, winbox with its MAC discovery and connection abilites makes it so easy to work with. I've been wanting to try out configuring the Hex with fail over WAN to usb LTE modem. Looking forward to more Mikrotik content!
One nice thing about using Winbox instead of the web interface is that it splits that long page up into several tabs, most notably "General" where you can do the basic stuff (chain, which inbound IP or interface, etc.), "Advanced" where you can configure things like choosing a list of addresses allowed to trigger the rule (address lists are created under IP-Firewall-Address Lists) and Action where you can specify what the rule does (accept, drop, dst-nat, etc.). Also useful may be going into the top-level Interfaces area and adding a Comment to your WAN connection - in Winbox that shows up on lists, not sure offhand about the web interface. Another useful note if you're just learning is that everything you can configure through the UI can also be configured from the Terminal interface - including by pasting rules in. That lets you drop things in (probably adding "disabled=yes" as part of the rule), then inspect them in the GUI if that's easier for you. The text export or paste also ends up meaning that it's easy to configure a router, dump relevant config as text, tweak as appropriate, then push it back into the router.
Although I already knew how to port forward in a Mikrotik, I still have a lot to learn. Its great to see Mikrotik videos using the web interface. Many vids out there using winbox, but running Linux exclusively, the web interface is what I have to use. And it appears to do everything that winbox does. Mikrotiks are very powerful and I hope to see more about them on your channel. Maybe some topics on VLAN's? I have done it, but it always confuses me on how to do an access/edge port versus a trunk port. Love UBNT gear too so keep up the good work there as well!
6 лет назад
You can use winbox through Wine (is it Vine or Wine)
Hay man I know this vidio was done a while back but just want to ask a quick question about port forwarding. I'm struggling to find out what is what on my mikrotik hap ac2. I'm trying to port forward my ps4 to a games port like call of duty modern warfare, Fortnite. Is there any chance you could help me out would be much appreciated 🙏
I am trying to remote desktop in to a computer using the wan Ip address and I can do it from my phone using my phone internet and I can connect to it from a different computer using the mobile hotspot internet, but I can't connect to it using the WAN ip address on the same LAN. Is there something else I need to add in the port forwarding to get an outgoing connection, this way I can connect to it from other places maybe, or will it not connect there too?
Nice video. I'd agree with another comment below that there aren't that many decent Mikrotik videos out there on the web. It's good quality kit with high end features all across the range. I'm still dubious about putting it into production, especially in the data centre, but I wouldn't have any issues with it being in a small office/home office environment.
How do you do port forwarding when you have your mikrotik as a bridge? I can see for the above that your Address aquisition is Automatic while mine is static. I want to be able to access a server outside my network. Thanks
Hello, i have an issue with one mikrotik RB, i want to open port 8100 but still blocked, i log the NAT rule, and i can see de conection try, but its rejected, can u help me with this
good afternoon could you help me out with my mikrotik basebox 2......i want the best performance from it plus the hotspot feature on it keeps asking some customers to sign in again every 2mins
Thanks man, really helped me alot. I´m a pc gamer and ubisoft simply doesn´t want to rent servers, so the online play is peer to peer connected :/ :D Thanks again, you really helped me!
im hosting a game server and need to port forward for people to join. i have to say this video left me even more confused then when i started. how is it so complicated? seems like its just a few clicks on other routers
So I have a strange question for you that no one seems to be able to help me with. I am attempting to play a game called artemis bridge( a bridge ship simulator game) and my apartment complex recently upgraded all of our internet. The long and the short of it is, I need to forward the external port 2010 to the internal port 2010 to allow others to join my game through my ip address, and the further I read the documentation the less it makes sense, and no one seems to have a walk through for this setup. Btw my place is now running off of mikrotik router OS 6.40.9 so please help a guy out if you can.
First make sure that you know the details on "my apartment complex recently upgraded all of our internet." thing because this can screw things up. Is there some FW already in front of the apartment complex that is managed by the ISP ? Or does each tenant has their own ISP router/modem . Does your Mikrotik work with PPPoE or something ? How is the "Internet" side configured ? The solution is really in this video : make 1 "NAT" entry, type "dst nat" and just fill TCP and port 2010 and select "In-Interface" and select the interface on which Internet arrives at your Mikrotik. Then in the action-section select "dst-nat", fill out the internet PC/system IP on which you play in the "to address" and fill 2010 in the "to ports" and you are set. Your PC has a *fixed* LAN IP address ? (the one on which you play Artemis) It better. You now have a permanent mapping ---> Good luck!
Hello, I need help ... I describe the problem below: I have a home working lab... I also have a Mikrotik HeX PoE to configure, the purpose is as follows: - Mikrotik in my laboratory to connect with the Mikrotik in my client's office - I have a Public Static IP - My clients don't all have a Public Static IP I really need someone to help me! Greetins. Mr. Manuele
Hi! Hope that someone still reads commets. I have a problem that just messes with my mind for a while now. I am new to this all stuff and I have to make my first port forwarding. Scenario goes like this: I have a neighbour that has a site that he wan't to access from the outside world. I have do the forwarding to his internal IP address as shown and I can see that there are bytes and packets flowing when I type my external adddress together with forwarded port in the search engine but after some time it just shows "Time limit exceeded". I would really appreaciate some help because I just simply do not know what to do. I do not have ANY firewall rules (no blocking and stuff), my internet works okay but I just can't get past this stuff. My ISP has opened that given port I try to use as far as I know. Thank You in advance!
For those who are starting out, 'srcnat' is typically associated with internal users wanting access to the internet. The 'source' IP is kept private through translation to the external IP. 'dstnat' is typically used when needing to port forward from the internet to the internal network. It allows an external IP to translate to an internal IP. Obviously, this is greatly simplied and there are other uses but it will help those dealing with Mikrotik's many, many, many (!) features.
Glad to see you doing mikrotik videos not enough on RUclips. I purchased my first mikrotik router 3 years ago and thought I was decent with routers but found out quickly I'm not as good as I thought I was. Great product at an amazing entry level price. You never have to reboot the thing it just runs. I use the mikrotik router with ubiquiti wifi ap's
Oh my God thank you man!!! Finally I've successfully learned to open ports, I was never able to do this before.
Thank you so much I have the same mikrotik interface and it was confusing at first but after your video it's like a dream come true to do port forwarding
As much of a ubnt fan i am like you and Chris, were using more and more Mikrotik at work and its really great. The RB750gr3 aka Hex is fantastic value for money, winbox with its MAC discovery and connection abilites makes it so easy to work with. I've been wanting to try out configuring the Hex with fail over WAN to usb LTE modem. Looking forward to more Mikrotik content!
One nice thing about using Winbox instead of the web interface is that it splits that long page up into several tabs, most notably "General" where you can do the basic stuff (chain, which inbound IP or interface, etc.), "Advanced" where you can configure things like choosing a list of addresses allowed to trigger the rule (address lists are created under IP-Firewall-Address Lists) and Action where you can specify what the rule does (accept, drop, dst-nat, etc.).
Also useful may be going into the top-level Interfaces area and adding a Comment to your WAN connection - in Winbox that shows up on lists, not sure offhand about the web interface.
Another useful note if you're just learning is that everything you can configure through the UI can also be configured from the Terminal interface - including by pasting rules in. That lets you drop things in (probably adding "disabled=yes" as part of the rule), then inspect them in the GUI if that's easier for you. The text export or paste also ends up meaning that it's easy to configure a router, dump relevant config as text, tweak as appropriate, then push it back into the router.
Although I already knew how to port forward in a Mikrotik, I still have a lot to learn. Its great to see Mikrotik videos using the web interface. Many vids out there using winbox, but running Linux exclusively, the web interface is what I have to use. And it appears to do everything that winbox does. Mikrotiks are very powerful and I hope to see more about them on your channel. Maybe some topics on VLAN's? I have done it, but it always confuses me on how to do an access/edge port versus a trunk port. Love UBNT gear too so keep up the good work there as well!
You can use winbox through Wine (is it Vine or Wine)
Thank you for posting this. It was very helpful.
Wow man you saved my life, peace
Hay man I know this vidio was done a while back but just want to ask a quick question about port forwarding. I'm struggling to find out what is what on my mikrotik hap ac2. I'm trying to port forward my ps4 to a games port like call of duty modern warfare, Fortnite. Is there any chance you could help me out would be much appreciated 🙏
Do you have an suggestions for connecting a Mikrotik Router with a Mikrotik AP? They don't seem to be working together
video minute 6.46, I understand that ether1 is your WAN with public ip, correct?
I am trying to remote desktop in to a computer using the wan Ip address and I can do it from my phone using my phone internet and I can connect to it from a different computer using the mobile hotspot internet, but I can't connect to it using the WAN ip address on the same LAN. Is there something else I need to add in the port forwarding to get an outgoing connection, this way I can connect to it from other places maybe, or will it not connect there too?
Thank you for the wonderful learning videos.
When using an uncommon port make sure its in the firewall Filter rules as well, above the final blocking rules
I had a funny UDP joke to tell, but I lost it somewhere...
Stick to TCP jokes!!
Nice video. I'd agree with another comment below that there aren't that many decent Mikrotik videos out there on the web. It's good quality kit with high end features all across the range. I'm still dubious about putting it into production, especially in the data centre, but I wouldn't have any issues with it being in a small office/home office environment.
Willie Howe fair comment. If it works for the people that use them then power to them.
How do you do port forwarding when you have your mikrotik as a bridge? I can see for the above that your Address aquisition is Automatic while mine is static. I want to be able to access a server outside my network. Thanks
awesome videos! i am part of a growing WISP and look forward to more Tik content!
how can be creat voip routes ?
Does it work for a webserver?
Hello, i have an issue with one mikrotik RB, i want to open port 8100 but still blocked, i log the NAT rule, and i can see de conection try, but its rejected, can u help me with this
good afternoon could you help me out with my mikrotik basebox 2......i want the best performance from it plus the hotspot feature on it keeps asking some customers to sign in again every 2mins
Thanks man, really helped me alot. I´m a pc gamer and ubisoft simply doesn´t want to rent servers, so the online play is peer to peer connected :/ :D Thanks again, you really helped me!
@willie, can you help with setting open vpn on mikrotik
How do I make a game server from my router?
I need to set my NAT to open to play videogmaes online, but putting in the ports i have to use to do it, my nat is still strict. why?
Excelente Video. igual paso a paso todo me funciono, eres grande Bro.
im hosting a game server and need to port forward for people to join. i have to say this video left me even more confused then when i started. how is it so complicated? seems like its just a few clicks on other routers
HI Willie Howe
Can you make video for mikrotik online games priority
Separate gaming and browsing ba? haha
how to loopback ?
So I have a strange question for you that no one seems to be able to help me with. I am attempting to play a game called artemis bridge( a bridge ship simulator game) and my apartment complex recently upgraded all of our internet. The long and the short of it is, I need to forward the external port 2010 to the internal port 2010 to allow others to join my game through my ip address, and the further I read the documentation the less it makes sense, and no one seems to have a walk through for this setup. Btw my place is now running off of mikrotik router OS 6.40.9 so please help a guy out if you can.
First make sure that you know the details on "my apartment complex recently upgraded all of our internet." thing because this can screw things up.
Is there some FW already in front of the apartment complex that is managed by the ISP ? Or does each tenant has their own ISP router/modem . Does your Mikrotik work with PPPoE or something ? How is the "Internet" side configured ?
The solution is really in this video : make 1 "NAT" entry, type "dst nat" and just fill TCP and port 2010 and select "In-Interface" and select the interface on which Internet arrives at your Mikrotik. Then in the action-section select "dst-nat", fill out the internet PC/system IP on which you play in the "to address" and fill 2010 in the "to ports" and you are set.
Your PC has a *fixed* LAN IP address ? (the one on which you play Artemis) It better.
You now have a permanent mapping
--->
Good luck!
how forward if i have a mikrotik hap lite rb941-2nd and rblhg5nd ?? plz need help
Open router's IP address and simply follow the guide.
Hey Willie.
Thanx mate. This helps.
I can't connect with my buffalo NAS outside my lan, has the port forwarding, UPnP, all enabled, but not working!
Nice tutorial my friend
How come you didn't have to configure a corresponding "Filter Rule" to make a hole in the firewall?
I have the som problem, just got mikrotik, just opening in NAT is not working
Thanks for your demo. :)
hi willie
can you a make video for dota 2 or online games. to make it priority 1. tnx.
A German man walked up to the immigration desk at Warsaw airport. the immigration officer ask occupation the German replies no just a holiday
thank you so much it helped me much ..
Hello,
I need help ... I describe the problem below:
I have a home working lab...
I also have a Mikrotik HeX PoE to configure, the purpose is as follows:
- Mikrotik in my laboratory to connect with the Mikrotik in my client's office
- I have a Public Static IP
- My clients don't all have a Public Static IP
I really need someone to help me!
Greetins.
Mr. Manuele
TO RESET MIKROTIK ROUTER: Remove power, press reset button immediately after plugging back in and hold button until user led flashes
thank you very much friend
How do you get your password
I have a TCP joke for you. Did you get it? Did you get it?
pal, you are conneting to a private ip, to see it working you need to disable the wifi in your phone and use a public ip "will not work:("
Yes I saw that too. That does NOT confirm that the setup is working !!!!! The cell phone was CLEARLY connecting to an internal 192. address.
Hi! Hope that someone still reads commets. I have a problem that just messes with my mind for a while now. I am new to this all stuff and I have to make my first port forwarding. Scenario goes like this: I have a neighbour that has a site that he wan't to access from the outside world. I have do the forwarding to his internal IP address as shown and I can see that there are bytes and packets flowing when I type my external adddress together with forwarded port in the search engine but after some time it just shows "Time limit exceeded". I would really appreaciate some help because I just simply do not know what to do. I do not have ANY firewall rules (no blocking and stuff), my internet works okay but I just can't get past this stuff. My ISP has opened that given port I try to use as far as I know.
Thank You in advance!
Why did the scarecrow win an award?
Because he was out-standing in his field
It took 6 years for someone to comment, damn😂
Awesome thanks
Please dont say son many things that you make it hard make it simple and just what we need period
Thanks!!!
Muchas gracias
UDP packet bar walks a into
tnx
Don't buy Mictotik if you are not IT specialist
Sorry you talk to much I had to walk away
are you bleaching your teeth?