LetsEncrypt/Port Forwarding - Trouble accessing internally

rpress · February 13, 2018, 5:11pm

Here are my NAT rules for HA/Mosquitto:

add action=masquerade chain=srcnat comment="Assistant, Mosquitto SNAT" dst-address=192.168.22.16 dst-port=8123,8883 out-interface=bridge1 protocol=tcp src-address=192.168.22.0/24

add action=dst-nat chain=dstnat comment="Assistant, Mosquitto DNAT" dst-address=!192.168.22.0/24 dst-port=8123,8883 protocol=tcp to-addresses=192.168.22.16

add action=dst-nat chain=dstnat comment="Letsencrypt DNAT" dst-port=80 in-interface=ether1-wan protocol=tcp to-addresses=192.168.22.16 to-ports=81

dmnbars · February 13, 2018, 5:39pm

many thanks! It works!

ffcadenas · July 30, 2020, 3:56pm

Perfect. I was cracy looking for a solution. This answer is work very well. Thanks

brano1990 · December 16, 2021, 7:41pm

hi i am solving a similar problem

I can’t authorize Let’s Encrypt
via microtik

how did you open the ports?

any settings?

i use mikrotik cloud
.sn.mynetname.net

setting

certfile: fullchain.pem
challenge: http
dns: {}
domains:

1111225115.sn.mynetname.net
email: [email protected]
keyfile: privkey.pem