Community discussions

MikroTik App
just joined
Topic Author
Posts: 1
Joined: Mon Oct 17, 2022 11:08 pm

Let's Encrypt

Mon Oct 17, 2022 11:23 pm

Hello everyone,

I have been doing a setup with a FreePBX server which I need to pass an SSL certificate with Let's Encrypt.

I have a DST-NAT pointing to port 80, but it refuses the connection, I tested with a server outside the Mikrotik and it certified.

But with the one behind the Mikrotik it is not working, I must do something else?

I will be attentive to your answers.
User avatar
Frequent Visitor
Frequent Visitor
Posts: 79
Joined: Tue Feb 18, 2020 7:06 am
Location: Australia

Re: Let's Encrypt

Wed Oct 19, 2022 10:19 am

Without more information (such as the config on your MikroTik - see my signature on how to export one if you don't already know) it's hard to say where the problem is. My first thought would be to check that the FreePBX server itself is accepting connections on port 80 (and 443 since you want to use HTTPS). If it isn't that would explain the problem. The other thing to do is confirm that your firewall rule on the MikroTik is correct. You should have rules like the following to forward ports 80 and 443:

ip firewall nat add chain=dstnat action=dst-nat to-addresses=[FreePBX LAN IP] to-ports=80 protocol=tcp dst-port=80 comment="FreePBX HTTP Port forwarding"
ip firewall nat add chain=dstnat action=dst-nat to-addresses=[FreePBX LAN IP] to-ports=443 protocol=tcp dst-port=443 comment="FreePBX HTTPs Port forwarding"

These, along with the masquerade rule that you should already have (otherwise you wouldn't be able to connect to the Internet), should be all that you require.

You can find more information on the 3CX website about configuring MikroTik for a PBX (Yes, I know the instructions are for 3CX but they are a decent guide for the MikroTik configuration).

Who is online

Users browsing this forum: No registered users and 3 guests