Я вообще не могу заставить dst-nat работать. Похоже, работает только один dst-nat. Если я включаю, скажем, веб-сервер, даже порт 2004 перенаправляет меня на веб-сервер вместо удаленного ПО, и наоборот.
/ ip firewall nat add chain=srcnat out-interface=ether1 action=masquerade comment="" disabled=no add chain=dstnat in-interface=ether1 action=dst-nat to-addresses=192.168.0.2 to-ports=2004 comment="RemotelyAnywhere" disabled=yes add chain=dstnat in-interface=ether1 action=dst-nat to-addresses=192.168.0.2 to-ports=80 comment="Web Server" disabled=yes
/ ip firewall connection tracking set enabled=yes tcp-syn-sent-timeout=2m tcp-syn-received-timeout=1m tcp-established-timeout=5d tcp-fin-wait-timeout=2m tcp-close-wait-timeout=1m tcp-last-ack-timeout=30s tcp-time-wait-timeout=2m tcp-close-timeout=10s udp-timeout=30s udp-stream-timeout=3m icmp-timeout=30s generic-timeout=10m
/ ip firewall filter add chain=input protocol=icmp action=accept comment="" disabled=no
/ ip firewall nat add chain=srcnat out-interface=ether1 action=masquerade comment="" disabled=no add chain=dstnat in-interface=ether1 action=dst-nat to-addresses=192.168.0.2 to-ports=2004 comment="RemotelyAnywhere" disabled=yes add chain=dstnat in-interface=ether1 action=dst-nat to-addresses=192.168.0.2 to-ports=80 comment="Web Server" disabled=yes
/ ip firewall connection tracking set enabled=yes tcp-syn-sent-timeout=2m tcp-syn-received-timeout=1m tcp-established-timeout=5d tcp-fin-wait-timeout=2m tcp-close-wait-timeout=1m tcp-last-ack-timeout=30s tcp-time-wait-timeout=2m tcp-close-timeout=10s udp-timeout=30s udp-stream-timeout=3m icmp-timeout=30s generic-timeout=10m
/ ip firewall filter add chain=input protocol=icmp action=accept comment="" disabled=no
