I've seen in the forum some complaints saying that IPv4 independent mapping and filtering NAT was not working.

For memory, "endpoint independent mapping and filtering NAT", RFC5780, is a more modern name for the old RFC3489 "full cone NAT".

It is a type of NAT where foreign IP addresses traffic can enter from the WAN to the LAN through previously opened ports.

This can be useful for gamers that need to play in a team with direct connections, without need for a server or a TURN relay. This gives a shorter latency, and remove the dependency from a server that can become a dead end in the long term.

I was curious because Mikrotik said that it was working. My feeling was that it was working too, but i needed to do a test to prove it.

My test indicate that it is working. But a firewall forward rule must be added to allow foreign IP addresses traffic to enter through the opened ports. I think that other testers did forget that, like i did when i tested it the very first time.

If this rule is not added, endpoint independent filtering (full cone) does not work.


See here :

viewtopic.php?p=1056825#p1056825

And here for the full discussion :

viewtopic.php?p=1056825#p1056825