{"id":373,"date":"2022-07-18T23:08:03","date_gmt":"2022-07-18T23:08:03","guid":{"rendered":"https:\/\/www.sutelcom.com\/?p=373"},"modified":"2024-04-15T10:19:11","modified_gmt":"2024-04-15T15:19:11","slug":"configuracion-routerboard-mikrotik-para-que-pueda-ser-webserver-o-pagina-web-en-lan-and-wan","status":"publish","type":"post","link":"https:\/\/www.sutelcom.com\/2022\/07\/18\/configuracion-routerboard-mikrotik-para-que-pueda-ser-webserver-o-pagina-web-en-lan-and-wan\/","title":{"rendered":"Mikrotik Routerboard configuration so you can see webserver or web page on LAN and WAN"},"content":{"rendered":"\n
<\/pre>\n\n\n\nMikrotik Routerboard configuration so you can see webserver or web page on LAN and WAN<\/strong><\/pre>\n\n\n\nConfiguracion Routerboard Mikrotik para que pueda ser webserver o pagina web en LAN and WAN<\/p>\n\n\n\n
<\/p>\n\n\n\n
Paso 1 validar que todo este normal en \n\/ip firewall filter\n\nadd action=accept chain=input comment=\\\n \"defconf: accept established,related,untracked\" connection-state=\\\n established,related,untracked\nadd action=drop chain=input comment=\"defconf: drop invalid\" connection-state=\\\n invalid\nadd action=accept chain=input comment=\"defconf: accept ICMP\" protocol=icmp\nadd action=accept chain=input comment=\\\n \"defconf: accept to local loopback (for CAPsMAN)\" dst-address=127.0.0.1\nadd action=drop chain=input comment=\"defconf: drop all not coming from LAN\" \\\n in-interface-list=!LAN\nadd action=accept chain=forward comment=\"defconf: accept in ipsec policy\" \\\n ipsec-policy=in,ipsec\nadd action=accept chain=forward comment=\"defconf: accept out ipsec policy\" \\\n ipsec-policy=out,ipsec\nadd action=fasttrack-connection chain=forward comment=\"defconf: fasttrack\" \\\n connection-state=established,related\nadd action=accept chain=forward comment=\\\n \"defconf: accept established,related, untracked\" connection-state=\\\n established,related,untracked\nadd action=drop chain=forward comment=\"defconf: drop invalid\" connection-state=\\\n invalid\nadd action=drop chain=forward comment=\"defconf: drop all from WAN not DSTNATed\" \\\n connection-nat-state=!dstnat connection-state=new in-interface-list=WAN \\\n log=yes log-prefix=\"I just dropped this\"\n<\/code><\/pre>\n\n\n\n
Paso 2\nCalocar esta configuracion\n\n\/ip firewall nat\nadd action=masquerade chain=srcnat out-interface=WAN\nadd action=dst-nat chain=dstnat comment=\"NAT for web server\" dst-address=\\\n aaa.aaa.aaa.aaa dst-address-type=local dst-port=80 log=yes log-prefix=\\\n \"NAT for web server\" protocol=tcp to-addresses=192.168.1.sss to-ports=8083\nadd action=masquerade chain=srcnat comment=\"Hairpin for web server\" \\\n dst-address=iii.iii.iii.iii dst-address-type=local to-ports=8083 log=yes log-prefix=\\\n \"Hairpin for web server\" protocol=tcp src-address=192.168.0.0\/24<\/code><\/pre>\n\n\n\n
FUENTE<\/p>\n\n\n\n