Open Mikrotik Port So Anyone Have Access To Internal Server
Hello everyone,
Have you ever create a server and willing to open it to internet? Yes, this is the tutorial of it.
I will tell you how to open ports on router so the internet can access your server. It requires feature called NAT in our router. NAT is Network Address Translation, which method of remapping one IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device (From Wikipedia).
Let's say someone from internet request access to our server which has the Public IP of 10.10.10.1. And our server has local IP with 192.168.1.1 address. That's different class of IP, how could it be possibly connect?
If we configure NAT, we can make it connected. The mechanism is simple, someone request to 10.10.10.1, NAT will just directly send the request to our 192.168.1.1 and sending the requested packet back but still using the 10.10.10.1 address.
That's the basic fundamental of it, now here's how to make your server accessible from internet :
- The first time to do, is to login to your mikrotik. You can use winbox or accessing it via browser by typing your ip address and login port;
- In the left panel, select IP > Firewall > NAT > Add New;
- Some information that you need to fill is :
a. Chain : make it dstnat;
b. Dst Address : Type in your public IP address (In this case, 10.10.10.1)c. Protocol : select 6 (TCP)d. Dst Port : Type the port that you wish to open. (In this case, port 80)e. In Interface : Select the interface that are used for your internet as main entry wayf. Action : make it dst-natg. To Addresses : Type your Server Address (In this case, 192.168.1.1)h. To Ports : Type the port that you wish to direct to this server (In this case, port 80 too) - Save it.
Wait for a minute and now you will be able to access it from internet. For testing purpose, use your mobile data in your smartphone, then access it via browser. If you are using website address but still not work, try to type your public IP (in this case, 10.10.10.1). It should be working now.
If Not?
Well, if it's not working, you need to know what message appear in the screen.
Connection Refuse : Means that your NAT setting is working, but your firewall block it.
Connection Timeout : Means that the request to the server is over-limit the time.
If Not?
Well, if it's not working, you need to know what message appear in the screen.
Connection Refuse : Means that your NAT setting is working, but your firewall block it.
Connection Timeout : Means that the request to the server is over-limit the time.