MikroTik

Hi,

I need some help with setting up my RB750 to control when people access the internet as certain times are cheeper the others.

I need the router to provide secure firewall on WAN side,
bridged connection on LAN ports which is a green zone,
during office hours i must block all www browsing accept for whatsapp and some bank sites
other hours i can remove the www block
email must be available all the time.

Any help would be appreciated as i have been trying to get this going for a couple of days with layer 7 but it never recognise any patterns so i thought maybe there is a wiz out there who can help

thanks

Good day,

I can give you a basic way of doing this.

Secure firewall shouldn't be much hassle, you can find losts of examples on the forum.

Blocking all www fraffic (80/443) will be easy, but allowing whats app and the banks may cause some problems.

With whats app you will need to find out what ip subnet it connects to.

Using something like wireshark will help you to see the ip's and ports it uses.

The bank sites might be the biggest pain since the authentication and the actual banking site is not always in the same subnet.

Removing and enabling the rules can be done with scripts and schedulers.

For mail you can allow the main ports in the firewall (587/25/110/993).

There is most probably a better way to do this like using a web proxy of some kind, but this should get you going in the right direction

maybe using opendns can help

Thanks, I got the block all stuff working but as you said, easy with scheduler and script but the allow whattsap is not going so well