I am setting up a MikroTik RB2011 and I am trying to configure the fire wall so that anyone trying to access the admin page from outside of the 160.7.240.0/24 network gets dropped. Ive tried a few different methods, but setting up firewalls isn’t my strongest quality. a little help on this would be greatly appreciated. thanks
What you want to do is to block certain traffic:
This should get you started
14 ;;; Drop SSH(TCP) to WAN
chain=input action=reject reject-with=icmp-network-unreachable protocol=tcp src-address-list=drop_traffic in-interface=ether5 dst-port=22
log=yes log-prefix=""
15 ;;; Drop SSH(UDP) to WAN
chain=input action=reject reject-with=icmp-network-unreachable protocol=udp src-address-list=drop_traffic in-interface=ether5 dst-port=22
log=yes log-prefix=""
16 ;;; Drop Telnet to WAN
chain=input action=reject reject-with=icmp-network-unreachable protocol=tcp src-address-list=drop_traffic in-interface=ether5 dst-port=23
log=yes log-prefix=""
Why action is reject with icmp reply? Do drop without waste of resources of your router.
/ip service
set ssh address=160.7.240.0/24
set telnet address=160.7.240.0/24
set www address=160.7.240.0/24
set ftp address=160.7.240.0/24