chain = input add action = drop comment = "Drop everything else"
But this blocks my access to the VPN service and "no-ip" service can not updating
i try to open port 1701 and its not work
I'd love to get help
Router Security
I try to close all ports with the command
chain = input add action = drop comment = "Drop everything else"
But this blocks my access to the VPN service and "no-ip" service can not updating
i try to open port 1701 and its not work
I'd love to get help
chain = input add action = drop comment = "Drop everything else"
But this blocks my access to the VPN service and "no-ip" service can not updating
i try to open port 1701 and its not work
I'd love to get help
Re: Router Security
Rules are processed in order. You'll need to add action allow rules for each service above the drop rule.
Code: Select all
/ip firewall filter
add action=accept chain=input comment="accept established,related" connection-state=established,related
add action=accept chain=input comment=SSTP dst-port=443 protocol=tcp
add action=accept chain=input comment="GRE for IPIP" protocol=gre
add action=accept chain=input comment="L2TP + IPSEC VPN" dst-port=500,1701,4500 protocol=udp
add action=accept chain=input protocol=ipsec-esp
add action=drop chain=input comment="drop all from WAN" in-interface=ether1
add action=accept chain=forward comment="accept established,related" connection-state=established,related
add action=drop chain=forward comment="drop invalid" connection-state=invalid
add action=drop chain=forward comment="drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface=ether1