/caps-man manager interface set find default=yes forbid=yes add disabled=no interface=ether2 set enabled=yes Read: How to configure Mikrotik GRE Tunnel for Site to Site VPN using IPSEC for encryption. Secure internal network from guest. On the RB750, configure a firewall filter rule to drop all packets coming from the Guest vlan to Vlan10.
![No Forward Interface Vlan 1 No Forward Interface Vlan 1](http://teachweb.milin.cc/images/datacommunicatie/routing_switching/3.2.2.2_resetting_the_trunk_to_default_state_figure_1.png)
I'm currently having some problems configuring the VLAN in our network.Description: get the VOIP phones in to the VLAN2 with the MikroTik RouterBoard HAP. VPN configuration is on this device for the SIP server, so this is required in the network setup.Mikrotik setup:ether1.
Hello,I am unable to do a working port forward.My SetupTestwise I would like to do a ssh port 22 forward to some IP address.firewall ruleNAT ruleDiagnostics/States/StatesI already looked through the 'Port Forward Troubleshooting' guide and from my perspective everything looks working (I am no expert:) ).Its not just port 22, I tried already other ports and there are the same problems. We have besides that rules nothing that should conflict with that rules and a rather basic setup besides the different vlans. Otherwise everything else looks working just I can't open any port that is behind the pfsense (opening a port to the pfsense works).Opening the ssh connection from the pfsense box works too.I have sadly no idea where I should look at at the moment. Maybe its some trivial change needed.Any help or pointer would be great, if you need some log etc. Pls ask.best regards. Said in:our network map doesn't show the VLANs10.24.10.xx - VLAN1010.24.20.xx - VLAN20.said in:However, you have to state a unique destination IP which should be forwarded.isn't it done due that?said in:It would help if you could get rid of the double nat that will occur.This is sadly not possible at all, I have no access to that box at all (some vendor crap) but the same setup is reported working properly so I can guess at least it works. Like said creating an port forward to the pfense box works like a charm.I can only phone the vendor and ask for stuff that get changed then, I never saw the interface at all so I can only suspect what is done here.
If you have an idea what might break it I can ask the vendor if they have set some setting etc that might have an negative impact. Maybe the router doing some nasty stuff, I can't rule that out but thats like a dark hole for me so I would at least rule out that I am doing some obvious mistake at the pfsense settings. Said in:No, the destination address in the NAT rule is 'any'.I changed Dest. Address to VLAN10 address and at least I get some sign of life at my box.