413 private links
o redirect specific requests to a specific address on the internal network, use dst-nat, follow the steps below:
how easy it is to set up an IP tunnel between two locations. This will allow you to access files on a server and share printers between two locations, no matter how far apart. In addition, it enhances data security by encrypting packets as they travel through the tunnel. To accomplish this task, you will need two Mikrotik routers, one at each location, and two public IP addresses.
While having a rugged router at the core of your network is highly recommended, the security settings required to keep the network behind it fully secured can never be over emphasized. In this post, we will look at 9 settings required on a Mikrotik router to keep the network secured.
We can redirect dns requests on Mikrotik to the IP address on the LAN interface of the Mikrotik router, assuming we want the Mikrotik router to serve as the dns server for all connected LAN users, or to the IP address of a locally hosted dns server. There are many reasons for doing this; top most on the list is security.
A. Force Redirect to OPENDNS (without PI hole)
/ip dns
set allow-remote-requests=yes servers=208.67.222.222,208.67.220.220
/ip nat
add action=redirect chain=dstnat dst-port=53 in-interface-list=LAN protocol=tcp
add action=redirect chain=dstnat dst-port=53 in-interface-list=LAN protocol=udp
B. Force OPEN DNS (via PI hole)
/ip firewall nat
add chain=dstnat in-interface-list=LAN protocol=tcp dst-port=53 action=dst-nat to-addresses=10.0.0.31 to-ports=53
add chain=dstnat in-interface-list=LAN protocol=udp dst-port=53 action=dst-nat to-addresses=10.0.0.31 to-ports=53
add chain=srcnat src-address=10.0.0.0/24 dst-address=10.0.0.0/24 action=masquerade