Hello everybody,
i really don’t understand what is wrong with my config. Let’s say that I created link aggregation from mikrotik to switch and put a vlans on it. For example:
/interface bonding
add mode=802.3ad name=BAGG slaves=ether2,ether3 transmit-hash-policy=layer-2-and-3
/interface vlan
add interface=BAGG name=“vlan100 - OFFICE” vlan-id=100
add interface=BAGG name=“vlan200 - OFFICE 2” vlan-id=200
There is also trunk from switch to server which is set up to permit all vlans. Lets assume that in VLAN 200 is workstation, I want to block a specific port like 3389 on forward chain from this ws. When I create forward rule in order to block even whole traffic from WS to server, this rule just doesn’t work. Any traffic is match. If I block something ouside this VLAN firewall works well.
Do I miss someting?