Good afternoon all together,

I just started with my Mikrotik router and I'm not quite 100% sure how to configure it. I would like to know:
- How can I hange the access on the WAN port for the webif form port 80 to secured ssl-port 433? I activated port 443 in the /IP-SERVICES bit but when I try to open it in my browser nothing happens.
- In addition to that I would like to allow only SSH and SSL on my WAN interface for now. No other connections should be allowed on the WAN interface (but of course my Wifi and internal network should still be able to open webpages). How would a firewall config look like? I used the last two days with different tries but the only thing I was able to do was to block all traffic or nothing.

I would be very thankful for some help from the board.

kind regards
Schnapsbrenner

To allow only SSH and SSL on your WAN interface (must change the interface to your WAN):

Also a good practice to use SAFE MODE when adding firewall rules. In winbox click the button at the top left side. For CLI, CTRL+X.

**This will block everything except tcp/22 and tcp/443 destined for the router on your selected interface. You may consider adding the winbox port tcp/8291**

/ip firewall filter
add action=drop chain=input comment="Allow SSL and SSH" disabled=no in-interface=YOURINTERFACENAME protocol=tcp ports=!22,443

Thanks a lot it worked out very well

To allow only SSH and SSL on your WAN interface (must change the interface to your WAN):

Also a good practice to use SAFE MODE when adding firewall rules. In winbox click the button at the top left side. For CLI, CTRL+X.

**This will block everything except tcp/22 and tcp/443 destined for the router on your selected interface. You may consider adding the winbox port tcp/8291**

/ip firewall filter
add action=drop chain=input comment="Allow SSL and SSH" disabled=no in-interface=YOURINTERFACENAME protocol=tcp ports=!22,443

Great, no problem.