Mikrotik dst-nat timeout

Question

I have installed a brand new Mikrotik RB2011UiAS-2HnD-IN in our Office. Everything is working except port forwarding :( I have disabled all other rules and filters but nothing helped . I am able to ping the client from Mikrotik . When I am trying to connect the port from out of office I see the that Statistics of dst-nat rule changes packets and bytes , but after few seconds it timed outs

/ip firewall nat
add action=dst-nat chain=dstnat dst-port=3389 in-interface=pppoe-out1 \
    protocol=tcp to-addresses=192.168.1.101 to-ports=3389

Is there anything other that I have to check ?

do you have masquerading/src-nat going back from 192.168.1.101? — damolp, Aug 26 '15 at 16:41
Also, does the windows box allow RDP connections from outside your lan? Can you see any packets arriving on the windows box (with wireshark for example) ? By default windows firewall does not allow RDP except for local connections. — Cha0s, Aug 27 '15 at 10:06

NetVicious · Answer 1 · 2016-06-20T09:01:40.107

2

As damolp said you need to add a masquerade to go outside your network.

Run this:

/ip firewall nat add chain=srcnat action=masquerade out-interface=pppoe-out1

edited Jun 20 '16 at 09:01

answered Oct 14 '15 at 17:23

NetVicious

462
5
17

Mikrotik dst-nat timeout

1 Answers1