MikroTik

Community discussions
https://forum.mikrotik.com/

IP Service List Question

https://forum.mikrotik.com/viewtopic.php?t=37301

Page 1 of 1

IP Service List Question

Posted: Mon Dec 07, 2009 5:24 pm
by nickryder59
Hi,

I have a routerboard 450 and have restriced all access to it in the IP Service List to all but my public facing IP address.

I sometimes need to access it from a different IP and my question is, how do I allow more than one IP address to access Winbox, SSH, telnet etc?

Many thanks in anticipation.

Re: IP Service List Question

Posted: Mon Dec 07, 2009 5:29 pm
by fewi
Don't use the limitation in "/ip services" and set them back to 0.0.0.0/0 and then use firewall filters to allow access to services.
Code: Select all
/ip firewall address-list
add list=SSH_Access address=10.1.0.2/32
add list=SSH_Access address=172.16.0.2/32
/ip firewall filter
add chain=input dst-port=22 action=drop src-address-list=!SSH_Access
Or something like that. That would drop all SSH access from IPs not on the address-list. Repeat for all other protocols you want to filter.

Re: IP Service List Question

Posted: Mon Dec 07, 2009 6:19 pm
by nickryder59
Brilliant, thank you - it worked just fine (I had to specify TCP).

Nick.
All times are UTC+02:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/