Hi Forum.
This is my setup.
ether1 192.168.1.99/24
ether2 192.168.88.254/25
basic NAT, DHCP server and DNS.
Everything works really well but the main reason I'm doing this is i want to plug a computer into ether2 and let it just have internet and internet only. At the moment it has access to the rest of the internal network on ether1.
The reason this is is that the person who uses the computer gets lots of virus's and breaks the other computers on the network.
So the plan is to put the person on a separate network with the RB750 in-between the computer and the internet but also without access to any of the other computers on ether1
Is this as simple as some firewall rules or a bit more than that.
Any help and ideas or ways of doing this would be much appreciated.
Thanks
Joseph
Re: Block internal traffic
Code: Select all
/ip firewall filter
add chain=forward src-address=192.168.88.128/25 dst-address=192.168.1.0/24 action=drop
add chain=forward dst-address=192.168.88.128/25 src-address=192.168.1.0/24 action=dropRe: Block internal traffic
Thanks fewi!!
Worked sweet as.
Worked sweet as.
Re: Block internal traffic
Hi there, this doesn´t works for me.
Im trying to block the access from one user to DVR, both have static local IP assigned and both are in the same subnet.
Network = 100.2.1.0/24
DVR = 100.2.1.84
USER = 100.2.1.242
I will really apresiate your help!!
Regards
Im trying to block the access from one user to DVR, both have static local IP assigned and both are in the same subnet.
Network = 100.2.1.0/24
DVR = 100.2.1.84
USER = 100.2.1.242
I will really apresiate your help!!
Regards