MikroTik

Community discussions
https://forum.mikrotik.com/

Wan IP block

https://forum.mikrotik.com/viewtopic.php?t=117464

Page 1 of 1

Wan IP block

Posted: Fri Jan 27, 2017 2:39 pm
by tcppho3nix
guys im really new and i have a simple question i think :)) i need to configure mikrotik that has wan ip hided (not accasable to other ips) and then i need to do a rule that will give my home wan ip accses to routers wan ip.. i just need to know how to the the firewall rule..

input (wan ip) action drop to all
then how to do the rule to accept 1 or more specific wan addreses to acces the router?

thanks :)

Re: Wan IP block

Posted: Sat Jan 28, 2017 9:04 pm
by lbachero
You can do it like this:
Code: Select all
/ip firewall filter add chain=input protocol=tcp dst-port=21-23,80,8291,8728,8729 src-address-list=!trust action=drop
So, put your IP in trust list:
Code: Select all
 /ip firewall address-list add list=trust address=X.X.X.X comment="Home Public IP"
;)

Re: Wan IP block

Posted: Sun Jan 29, 2017 6:39 am
by rextended
You can do it like this:
Code: Select all
/ip firewall filter add chain=input protocol=tcp dst-port=21-23,80,8291,8728,8729 src-address-list=!trust action=drop
So, put your IP in trust list:
Code: Select all
 /ip firewall address-list add list=trust address=X.X.X.X comment="Home Public IP"
;)
TCP: 20,21,22,23,53,80,443,1723,8291,8728,8729
UDP: 53,67,68,69,123,161,5678,20561
and add connection-state=new on rule......
All times are UTC+02:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/