Created
January 3, 2013 01:11
-
-
Save hanigamal/4439967 to your computer and use it in GitHub Desktop.
Mikrotik Script: Webserver behind NAT
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /ip firewall | |
| dst-nat protocol=tcp dst-port=80 Action dst-nat to-address=20.20.20.45 to-ports=80 | |
| add action=dst-nat chain=dstnat comment="" disabled=no dst-port=80 protocol=tcp to-addresses=20.20.20.45 to-ports=80 | |
| #Creating pppoe interface and ADSL internet connection | |
| / interface pppoe-client | |
| add name="pppoe-out1" max-mtu=1480 max-mru=1480 interface=ether5 \ | |
| user="USERNAMEl" password="PASSWORD" profile=default \ | |
| service-name="" ac-name="" add-default-route=yes dial-on-demand=no \ | |
| use-peer-dns=yes allow=pap,chap,mschap1,mschap2 disabled=no | |
| #Adding Source NAT for Internet access | |
| / ip firewall nat | |
| add chain=srcnat src-address=YOUR NETWORK ADDRESS/MASK action=masquerade comment="" \ | |
| disabled=no | |
| #Adding Destination NAT for WEB server access | |
| / ip firewall nat | |
| add chain=dstnat in-interface=pppoe-out1 protocol=tcp dst-port=80 \ | |
| action=dst-nat to-addresses=YOUR SERVER ADDRESS to-ports=80 comment="" \ | |
| disabled=no | |
| #Setting mangle for ADSL (works with T-Com...) | |
| / ip firewall mangle | |
| add chain=forward protocol=tcp tcp-flags=syn action=change-mss \ | |
| new-mss=clamp-to-pmtu comment="ADSL Internet" disabled=no |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment