Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /ip firewall filter
- add action=accept chain=input comment="allow in established" connection-state=established
- add action=accept chain=input comment="allow in related" connection-state=related
- add action=accept chain=input comment="allow icmp in" protocol=icmp
- add action=accept chain=input comment="allow MGMT-ACL address list inbound mgmt" protocol=tcp src-address-list=MGMT-ACL
- add action=accept chain=forward src-address-list=Telnyx
- add action=accept chain=forward dst-address-list=Telnyx
- add action=drop chain=input comment="default drop input"
- /ip firewall nat
- add action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=out,none out-interface-list=WAN
- add action=dst-nat chain=dstnat dst-address=<public-ip> dst-port=9000-10999 protocol=udp to-addresses=<local-ip> to-ports=9000-10999
- add action=dst-nat chain=dstnat dst-address=<public-ip> dst-port=5060 protocol=tcp to-addresses=<local-ip> to-ports=5060
- add action=dst-nat chain=dstnat dst-address=<public-ip> dst-port=5090 protocol=tcp to-addresses=<local-ip> to-ports=5090
- add action=dst-nat chain=dstnat dst-address=<public-ip> dst-port=5061 protocol=tcp to-addresses=<local-ip> to-ports=5061
- add action=dst-nat chain=dstnat dst-address=<public-ip> dst-port=5060 protocol=udp to-addresses=<local-ip> to-ports=5060
- add action=dst-nat chain=dstnat dst-address=<public-ip> dst-port=5090 protocol=udp to-addresses=<local-ip> to-ports=5090
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
