arc/notes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3a62a38f44
notes/IT/Deployment docs/Configuring hairpin NAT on a Mikrotik router.md

18 lines
880 B
Markdown
Raw Normal View History

vault backup: 2024-07-05 11:55:23
2024-07-05 17:55:23 +00:00
Hairpin NAT enables a device on the LAN to access another device on the LAN via the public IP
https://help.mikrotik.com/docs/display/ROS/NAT#NAT-HairpinNAT
From the RouterOS CLI, enter NAT configuration mode:
```
/ip firewall nat
```
vault backup: 2024-07-05 12:00:23
2024-07-05 18:00:23 +00:00
Configure NAT to forward any traffic from the LAN net that's directed at the WAN IP to forward that traffic back to the the server in question (You can only forward to a single IP):
```
vault backup: 2024-07-05 12:05:23
2024-07-05 18:05:23 +00:00
```
vault backup: 2024-07-05 12:10:23
2024-07-05 18:10:23 +00:00
I first tried `add action=masquerade chain=srcnat dst-address=192.168.0.6 out-interface=LAN protoco ol=tcp src-address=192.168.0.0/24`, but was getting the error `input does not match any value of interface`.
Following the advice from <https://superuser.com/questions/1242353/routeros-hairpin-nat-produces-input-does-not-match-any-value-of-interface>, I changed `out-interface` to `out-interface-list`, and the command completed without any errors.
Reference in New Issue Copy Permalink