cbpapi
asked on
Mikrotik Port Forwarding for web server
Hello,
I'm trying to port forward my web server so it is accesible from the internet. The server uses both 80 and 443 ports. The problem is that if I try to port forward these ports to the server's IP, the rest of the internal network can't access web pages. I suppose that happens because the router forwards all traffic on these ports to the server. What could I do to solve this problem?
Some Info:
Router: Mikrotik Routerboard RB951-2n, RouterOS version 6.4
Server Internal IP: 192.168.2.2
I'm trying to port forward my web server so it is accesible from the internet. The server uses both 80 and 443 ports. The problem is that if I try to port forward these ports to the server's IP, the rest of the internal network can't access web pages. I suppose that happens because the router forwards all traffic on these ports to the server. What could I do to solve this problem?
Some Info:
Router: Mikrotik Routerboard RB951-2n, RouterOS version 6.4
Server Internal IP: 192.168.2.2
I do suspect the internal clients is going through the NAT public IP hence causing internal traffic to have issue e.g. internal hairpin. they corrected the issue by adding a single src-nat rule to masquerade any traffic sourced from (internal) 192.168.1.0/24 destined to (internal) 192.168.1.0/24. @ http://gregsowell.com/?p=4242
ASKER
Actually my problem is that because I port forward ports 80 and 443 to my web server, all traffic on these ports gets to the web server, so other computers in my internal network can't access web resources like google.com or facebook.com. When I type any public web address, it gets redirected to my web server (In my case 192.168.2.2).
Which webserver are you using.????
I think port forwarding was not done correctly.
Ded9
I think port forwarding was not done correctly.
Ded9
ASKER
I'm using an IP PBX's (Elastix) website which is based on Apache.
Did you enter the right ip address in the router to forward ports..
Ded9
Ded9
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I think you have nailed the issue. ..
You can close the question if no further assistance.
Ded9
You can close the question if no further assistance.
Ded9
ASKER
Seems to work out.
Check this article
Check wolfeee comments
http://community.spiceworks.com/topic/219094-cannot-view-company-website-internally-but-can-see-it-externally
Or SNAT based solution
http://syneto.net/knowledgebase/how-to-access-an-internal-server-dnat-ed-using-its-external-ip-from-the-internal-network/
Ded9