Dear All,
Could you please help me.
I’m using RouterBoard 750, 2.38.
I connect all my computers 192.168.1.1/24 with port1. I wonder if I want to block computer A 192.168.1.10/24 to communicate with computer B 192.168.1.11/24 it’s possible to do that?
Please help!!!
Thank you
You can use this rule to block traffic from one host to another host. This will block all traffic both directions. You can also modify it to only block specific traffic or to block a whole subnet from another host/ subnet. Using this rule with an address list can be very helpful as well.
/ip firewall filter
add action=drop chain=forward dst-address=192.168.1.11 src-address=192.168.1.10
The problem with that is since they are presumably connected to a switch/hub connected to port one that traffic will never go through the router. So you can’t block it. Computers don’t need to hit the router for “local” traffic.
really thanks for you replay !!!
But I’m using with a normal switch connected to ether1 (192.168.1.1/24) and all my computer connected to that switch , and i wonder if the Mikrotik can block all the communication from Computer A 192.168.1.10/24 to Computer B 192.168.1.11/24.
Super Thank you all.
As efaden stated in post 3, the traffic between computer A and computer B never even gets to the MikroTik router, so it has no control in your current configuration.
My name is _______ and I approve this message.
Brother for this kind of security you need managed switch because that kind of switches have mac address table filtration and using managed switches u can use more secure option which is “VLAN tagging” but as for simple solution u should connect both nodes to router ports directly but rb 750 router does not have more then 5 ports so you can use 4 ports as switch except 1 which is mostly assigned for WAN connection
Really thank for your advise
I’m really appreciated
Thank you