Настройка nat, Help me please или помогите
Добавлено: 05 ноя 2017, 00:08
Доброй ночи, товарищи! Поделитесь опытом, где я что то упускаю? Внутри сети есть iis работает на 80 и на 9000 порту, пытаюсь пробросить 9000 из вне внутрь и в итоге ничего не выходит...(
ps когда пытаюсь подключиться по 9000 порту счетчик пакетов не увеличиваетстя
Заранее благодарен!
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; ;;; Drop all INVALID
chain=input action=drop connection-state=invalid
1 chain=forward action=drop connection-state=invalid
2 ;;; ;;; Allow all ESTABLISHED
chain=input action=accept connection-state=established
3 chain=forward action=accept connection-state=established
4 ;;; ;;; Allow all RELATED
chain=input action=accept connection-state=related
5 chain=forward action=accept connection-state=related
6 ;;; ;;; Allow ICMP from all
chain=input action=accept protocol=icmp
7 ;;; Allow DNS from LAN
chain=input action=accept protocol=udp src-address=192.168.88.0/24 dst-port=53
10 ;;; ;;; Allow HTTP from local network
chain=input action=accept protocol=tcp src-address=192.168.88.0/24 dst-port=80 log=no log-prefix=""
11 ;;; ;;; Allow HTTPS from all
chain=input action=accept protocol=tcp dst-port=443 log=no log-prefix=""
12 ;;; ;;; Allow WINBOX from Home
chain=input action=accept protocol=tcp src-address=192.168.88.0/24 dst-port=8291
13 ;;; ;;; Allow NTP from LAN
chain=input action=accept protocol=udp src-address=192.168.88.0/24 dst-port=123
14 chain=input action=accept connection-state=new protocol=tcp dst-port=9000
15 chain=forward action=accept connection-state=established,related protocol=tcp dst-port=9000 log=no log-prefix=""
16 ;;; ;;; Allow 9000 from all
chain=input action=accept protocol=tcp dst-port=9000
17 ;;; ;;; DROP ALL REQUEST
chain=input action=drop
/ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=srcnat action=masquerade src-address-list=local-lan log=no log-prefix=""
1 chain=srcnat action=masquerade out-interface=ether1-gateway
2 ;;; Web server
chain=dstnat action=dst-nat to-addresses=192.168.88.249 to-ports=9000 protocol=tcp in-interface=ether1-gateway dst-port=9000 log=no log-prefix=""
ps когда пытаюсь подключиться по 9000 порту счетчик пакетов не увеличиваетстя
Заранее благодарен!
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; ;;; Drop all INVALID
chain=input action=drop connection-state=invalid
1 chain=forward action=drop connection-state=invalid
2 ;;; ;;; Allow all ESTABLISHED
chain=input action=accept connection-state=established
3 chain=forward action=accept connection-state=established
4 ;;; ;;; Allow all RELATED
chain=input action=accept connection-state=related
5 chain=forward action=accept connection-state=related
6 ;;; ;;; Allow ICMP from all
chain=input action=accept protocol=icmp
7 ;;; Allow DNS from LAN
chain=input action=accept protocol=udp src-address=192.168.88.0/24 dst-port=53
10 ;;; ;;; Allow HTTP from local network
chain=input action=accept protocol=tcp src-address=192.168.88.0/24 dst-port=80 log=no log-prefix=""
11 ;;; ;;; Allow HTTPS from all
chain=input action=accept protocol=tcp dst-port=443 log=no log-prefix=""
12 ;;; ;;; Allow WINBOX from Home
chain=input action=accept protocol=tcp src-address=192.168.88.0/24 dst-port=8291
13 ;;; ;;; Allow NTP from LAN
chain=input action=accept protocol=udp src-address=192.168.88.0/24 dst-port=123
14 chain=input action=accept connection-state=new protocol=tcp dst-port=9000
15 chain=forward action=accept connection-state=established,related protocol=tcp dst-port=9000 log=no log-prefix=""
16 ;;; ;;; Allow 9000 from all
chain=input action=accept protocol=tcp dst-port=9000
17 ;;; ;;; DROP ALL REQUEST
chain=input action=drop
/ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=srcnat action=masquerade src-address-list=local-lan log=no log-prefix=""
1 chain=srcnat action=masquerade out-interface=ether1-gateway
2 ;;; Web server
chain=dstnat action=dst-nat to-addresses=192.168.88.249 to-ports=9000 protocol=tcp in-interface=ether1-gateway dst-port=9000 log=no log-prefix=""