Community discussions

MikroTik App
  4. RouterOS
  5. General

IP Service List Question

Post Reply
 
nickryder59
just joined
Topic Author
Posts: 11
Joined: Thu Sep 10, 2009 1:09 pm

IP Service List Question

Mon Dec 07, 2009 5:24 pm

Hi,

I have a routerboard 450 and have restriced all access to it in the IP Service List to all but my public facing IP address.

I sometimes need to access it from a different IP and my question is, how do I allow more than one IP address to access Winbox, SSH, telnet etc?

Many thanks in anticipation.
Top
 
fewi
Forum Guru
Forum Guru
Posts: 7717
Joined: Tue Aug 11, 2009 3:19 am

Re: IP Service List Question

Mon Dec 07, 2009 5:29 pm

Don't use the limitation in "/ip services" and set them back to 0.0.0.0/0 and then use firewall filters to allow access to services.
Code: Select all
/ip firewall address-list
add list=SSH_Access address=10.1.0.2/32
add list=SSH_Access address=172.16.0.2/32
/ip firewall filter
add chain=input dst-port=22 action=drop src-address-list=!SSH_Access
Or something like that. That would drop all SSH access from IPs not on the address-list. Repeat for all other protocols you want to filter.
Top
 
nickryder59
just joined
Topic Author
Posts: 11
Joined: Thu Sep 10, 2009 1:09 pm

Re: IP Service List Question

Mon Dec 07, 2009 6:19 pm

Brilliant, thank you - it worked just fine (I had to specify TCP).

Nick.
Top
Post Reply
  4. RouterOS
  5. General