MikroTik CHR installation on ESXi tutorial video just been put up!

Be sure to head over to my YouTube channel to check out the new MikroTik CHR tutorial video!

 

MikroTik RouterOS Hairpin NAT with dynamic WAN IP

In this video I go over my fairly well polished MikroTik RouterOS way of getting a hairpin NAT solution and ensuring it has the ability to adjust itself dynamically as and when your WAN IP changes.

It’s super easy, free and requires only a slight change in how you normally apply port forwards.

 

MikroTik Port forwarding tutorial

A short video on how you can do basic port forwarding using the MikroTik RouterOS operating system.

 

MikroTik Easy and Simple DMZ

Whilst going through the MikroTik forums I noticed a post asking about DMZ, whilst this in itself is very easy if you know what you are doing with RouterOS. It may not be if you are new or not well versed in it. Below is my simple “one liner” to get a DMZ working to an IP of your choice. This should be relatively safe to use if you are on the LAN side as it will only push traffic coming to you through your WAN interface. Also note that it will not work for any local requests that need to go through NAT.

/ip firewall nat
add action=dst-nat chain=dstnat comment="DMZ rule [edit the \"in interface\" to your WAN connection and the \"to address\" to your LAN IP]." in-interface=WAN-IN to-addresses=192.168.1.50

Simple. More to come so you can actually get a handle on controlling other services that you may not want to go through the DMZ.

 

Quick site update

So I’ve not posted anything on my blog for a while. Life has been busy with the arrival of both another beautiful baby girl and the very recent furry baby girl. The family life has been fairly hectic. I have though been pressing on and doing a lot of cool Mikrotik oriented stuff, policy based routing, dynamic hairpin nat and I’ve also recently stepped over into the wonderful world of virtualisation and started my own CHR instance!

I’ve also had a huge internet service upgrade (thankyou so much to my ISP).

I have a few tutorials planned out and that are starting to hit the paper/screen and getting ready for polish. Tie that into a complete man cave rework and total redecoration and move around to try and enable me to make more and better video and streaming content.

Good stuff to come!

A quick guide to UPnP on MikroTik Router OS

I’m sure there are vast amounts of write ups on this out there however I thought I’d add my 2p. UPnP is being used increasingly more to poke holes through firewall and NAT to allow services such as online gaming access to the wider world whilst retaining the “easy” aspect of not having to go for static LAN IP’s and port forwarding. Whilst forwarding (or dst-nat) is always preferable UPnP can be used as a “quick” fix to get that “open nat” setting.

To do it correctly within a MikroTik device you will need to use the following but slightly alter it to your use case. Note the external interface in my example is for a pppoe client, this could easily be changed to a hardware interface (such as ether1) and that the internal interface is bridge1, as a general guide line, external should be whatever interface your WAN IP resides and internal should be whichever interface your LAN IP resides.

/ip upnp
set enabled=yes
/ip upnp interfaces
add interface=pppoe-out1 type=external
add interface=bridge1 type=internal