MikroTik

Community discussions
https://forum.mikrotik.com/

Mikrotik Security

https://forum.mikrotik.com/viewtopic.php?t=39572

Page 1 of 1

Mikrotik Security

Posted: Fri Feb 26, 2010 6:14 pm
by willtech
Is there a way to limit access to routerOS to a particular VLAN and block all other access to it? If so how would you do it?

Re: Mikrotik Security

Posted: Fri Feb 26, 2010 6:31 pm
by fewi
First edit "/ip services" and disable everything you don't use. Then filter in the input chain (packets destined for the router directly, not packets being routed through the router) for the ports left open and drop everything not from the management VLAN interface. The below assumes only SSH and Winbox on default ports are left open:
Code: Select all
/ip firewall filter
add chain=input protocol=tcp dst-port=22,8291 in-interface=!ManagementVLANInterface action=drop
There's lots of different firewall rulesets for what you want to do. The wiki lists more exhaustive ways.

Re: Mikrotik Security

Posted: Wed Mar 03, 2010 1:25 am
by willtech
I am sorry for the delay in response but thank you for the information.
All times are UTC+02:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/