Hello all,
I got a simple network and I need some help.
my network diagram is :
In mikrotik ports 2-5 are bridge.
pc4 shares file folders so pc1,pc2,pc3 can access them
but also pc4 have enable remote desktop and http service(80,443) and I want to restrict the
access for those only from pc1.
I tried with firewall forward rules but I didn't work so i need some suggestions.
thank you.
Allow Remote Access (RDP) from Specific IP
You do not have the required permissions to view the files attached to this post.
-
-
CZFan
Forum Guru
- Posts: 2098
- Joined:
- Location: South Africa, Krugersdorp (Home town of Brad Binder)
- Contact:
Re: Allow Remote Access (RDP) from Specific IP
Try below, (Have not tested it)
OR below, but MUST enable "Use IP Firewall" in bridge for this to work, which I believe will break Fasttrack.
Code: Select all
/interface bridge filter
add action=drop chain=forward dst-port=80 in-interface=!ether2 ip-protocol=tcp mac-protocol=ip out-interface=ether5
add action=drop chain=forward dst-port=443 in-interface=!ether2 ip-protocol=tcp mac-protocol=ip out-interface=ether5
add action=drop chain=forward dst-port=3389 in-interface=!ether2 ip-protocol=tcp mac-protocol=ip out-interface=ether5
add action=drop chain=forward dst-port=3389 in-interface=!ether2 ip-protocol=udp mac-protocol=ip out-interface=ether5
Code: Select all
/ip firewall filter
add action=drop chain=forward dst-port=80,443,3389 in-bridge-port=!ether2 out-bridge-port=ether5 protocol=tcp
add action=drop chain=forward dst-port=3389 in-bridge-port=!ether2 out-bridge-port=ether5 protocol=udp
Re: Allow Remote Access (RDP) from Specific IP
Thanks for the replay.
I'll try it and I post results.
Thank you.
I'll try it and I post results.
Thank you.
Who is online
Users browsing this forum: kevinlukas1235 and 13 guests