Mikrotik ?ports & forwarding from winbox
What is Mikrotik? And what are its uses?
MikroTik is a Latvian company founded in 1996 to develop routers and wireless ISP systems.
The most important product of this company is the Mikrotik operating system. The operating system is a Mikrotik router built using the Linux kernel. In addition to the ability to install on home computers, the MikroTik operating system is also provided as a software-hardware package. The main product of MikroTik is the Linux-based operating system known as MikroTik RouterOS.
By installing on the same company’s dedicated hardware (RouterBOARD) or standard x86-based computers, it turns the hardware into a network router. It implements many additional features, Such as a firewall, virtual private network (VPN) service provider, and client, shaping and improving the quality of broadband services. It also plays the feature of access points (Access Points) and other features in wireless networks.
To improve the performance level of this operating system, you must obtain a license for each feature. This company’s Microsoft Windows operating system application, Winbox, provides a graphical user interface for configuring the router and monitoring its operation. Meanwhile, RouterOS provides access via FTP, telnet, and SSH. In addition, there is an application program interface (API) for direct access through applications for management and monitoring.
Training courses and official certifications of Mikrotik:
MTCNA Course – Mikrotik Networks Expert
Abbreviation for MikroTik Certified Network Associate
MTCRE Course – Mikrotik Routing and Routing Engineering
Abbreviation for MikroTik Certified Routing Engineer
MTCWE Course – Mikrotik Wireless Engineering and Wireless Networks
Abbreviation for MikroTikS Certified Wireless Engineer
MTCUME Course – Mikrotik User Management Engineering
Abbreviation of MikroTik Certified User Management Engineer
MTCTCE Course – MikrotikS Traffic Control Engineering
Abbreviation of MikroTik Certified Traffic Control Engineer
MTCINE Course – Senior Expert in Mikrotik Communication
Abbreviation of MikroTik Certified Inter-networking Engineer
MTCIPv6E course – IP engineering version 6 Mikrotik
Abbreviation of MikroTik Certified IPv6 Engineer
MTCSE Course – Mikrotik Security Engineering
Abbreviation for MikroTik Certified Security Engineer
MTSWE Course – Mikrotik Switching Engineering
Abbreviation for MikroTik Certified Switching Engineer
MTCEWE Course – Mikrotik Advanced Wireless Network Engineering
Stands for MikroTik Certified Enterprise Wireless Engineer
Mikrotik Port Forwarding from Winbox
Port Forwarding in MikroTikS Router
Port Forwarding is the best way to access your servers from any location without compromising network security. Using Port forwarding, you can access your FTP server, Game server, Web server, NVR, and DVR, running in the private network using your internet WAN IP by Mapping the Port number to a specific server IP address and port number. Suppose you are using the MikroTikS router board and want to forward Ports for your web server, FTP server, and any other that you wish to access from a WAN network. This user manual will give you a brief guide to Port forwarding on MikrotikS from Winbox.
You need to log in to MikroTikS RouterOS from Winbox to set up port forwarding for different servers and applications running on a private network, but you want to access from public networks.
- How to setup VPN in Mikrotik Router for Remote Access
Network connection diagram to setup Port forwarding
You must understand the network diagram and configurations to learn how to port forward in MikrotikS.
In this network diagram, the web server and FTP server are configured to a private IP address that is not accessible from the internet. With Port forwarding, we can access both servers from public internet access using Port Mapping NAT configurations.
MikroTikS router WAN IP Address – 103.79.170.225
MikrotikS LAN IP– 192.168.88.1/24
Web Server IP -192.168.88.100 Webserver Port– 80
FTP server IP – 192.168.88.200 webserver port– 21
- How to Setup MikroTikS WiFi Router in a Repeater Mode
Using port forwarding configuration, we can access the server from the WAN IP address by mapping the port destination to a specific IP address, i.e., web server, FTP server, or ssh server.
- Block Internet Access but keep Local Network access in MikroTikS
Setup Port Forwarding for Web server
If you have a web server configured with a private IP address class and want to access it from the internet without using static IP to web server LAN IP, you must forward the webserver port.
Connect MikroTikS Router to LAN port from Pc/Laptop and login with Winbox configuration utility.
Go to IP- Firewall
Go to the “NAT” tab and follow the configuration below the image.
NAT (network address translation) under the NAT option, you must create a forwarding root assigning source and destination addresses with port numbers.
Press the plus (+) button to create new NAT rules.
General
Chain- select distantly
Dst. Address- 103.79.170.228 (WAN IP address of MikroTik Router configured in Internet Port)
Protocol– TCP
Dst Port– 80 (if you use different port numbers, you can use the same for your server).
Press the Appy button and go to the Action tab
Action – dst-nat
To Addresses: 192.168.88.100 (Web server Local IP address )
To Ports- 80
Press Apply and OK button
Access MikrotikS WAN IP address from different internet. You will get Web server access because of port forwarding.
- 10.0.1.1 Login Password and Username
Port Forwarding for FTP server
FTP (file transfer protocol) server is used to share files using client and server applications. Using port forwarding, you can also create Nat rules to access your FTP server from the internet.
In the diagram FTP Server, the local IP address is 192.168.88.200, and Port number 21
Go to IP – Firewall
NAT tab
Press the + Plus button and create new NAT rules.
Chain- select distantly
Dst. Address- 103.79.170.228 (WAN IP address of MikroTikS Router configured in Internet Port)
Protocol– tcp
Dst Port– 21 (you can forward any port number depending on your server type and assign the port number)
Press Apply button and go to the Action tab
Action
Action – dst-nat
To Addresses: 192.168.88.200 (FTP server Local IP address )
To Ports- 21
Press Apply and OK buttons and the configuration is done.
Now you can access your FTP server (http://103.79.170.228) from the internet using port forwarding methods.
Using port forwarding NAT rules, you can enable and disable SSH and Telenet access for your MikroTikS router from the internet to manage and monitor your network from any location. You can access your DVR, NVR, Gaming server, and any other server using forwarding rules in MicrotikS routers.
