Firewall for PublicIP on Vlan
Posted: Fri Oct 25, 2024 12:34 am
Hello and welcome,
I have a maybe obvious question. I have been struggling with the on-prem email server for several days.
I decided to temporarily change the concept and instead of keeping it behind NAT, it got a public IP address (let's say 10.0.1.200).
My Mikrotik router has a public address of 10.0.1.100. Generally, public addressing goes to eth1 as VLAN 80 and the VM with the email server is also assigned to this VLAN. This vlan is connected to BRIDGE with other ports and vlans.
And now my question... how can I apply firewall rules to such a system?
I wanted to block all communication with this server via the DROP rule at this moment.
I tried by setting
chain input,
dst. addresses 10.0.1.200
In Interface (eth1 or vlan 80)
action drop
but unfortunately it didn't work.
I would like some tips on how to deal with this issue
Regards !
I have a maybe obvious question. I have been struggling with the on-prem email server for several days.
I decided to temporarily change the concept and instead of keeping it behind NAT, it got a public IP address (let's say 10.0.1.200).
My Mikrotik router has a public address of 10.0.1.100. Generally, public addressing goes to eth1 as VLAN 80 and the VM with the email server is also assigned to this VLAN. This vlan is connected to BRIDGE with other ports and vlans.
And now my question... how can I apply firewall rules to such a system?
I wanted to block all communication with this server via the DROP rule at this moment.
I tried by setting
chain input,
dst. addresses 10.0.1.200
In Interface (eth1 or vlan 80)
action drop
but unfortunately it didn't work.
I would like some tips on how to deal with this issue
Regards !
