Greetings to all,
I need some help. I have configured an cisco 3750 switch to create vlan and connected with mikrotik. Mikrotik have no firewall/nat rule at a moment.
Configuration of switch is as follow
Port 1 trunk = Connected with Mikrotik
Port 2 = Laptop-A
Port 3 = Laptop-B
Mikrotik vlan interfaces are configured accordingly and users are getting different subnet ips as configured.
But issue is that Laptop-A user can communicate with Laptop-B user. How can I stop there communication at switch level ? is there any generic command i can use to Block ALL communications between all VLAN's (except communication with the mikrotik)
Currently I have to create Filter rule at Mikrotik in order to prevent communication from subnet a - b , but if I have 20 or 30 ports , do i have to configure 20-30 filters rules in mikrotik?
Re: Cisco VLAN isolation with Mikrotik
is creating such rule will be fine ? any side effects of it?
Code: Select all
/ip firewall filter
add chain=forward comment=to_WAN" out-interface=WAN
add action=reject chain=forward comment="Block vlan subnets in forward" reject-with=icmp-net-prohibited src-address=\
192.168.0.1-192.168.255.255Who is online
Users browsing this forum: No registered users and 46 guests