Just got my first Mikrotik Router and wanting to isolate the 2 subnets from each other. However I do wish both subnets to be able to access one Server on a static ip.
This is what I have so far
ip firewall filter add chain=forward src-address=192.168.2.0/24 dst-address=192.168.5.0/24 action=drop
ip firewall filter add chain=forward src-address=192.168.5.0/24 dst-address=192.168.2.0/24 action=drop
How would I allow the 192.168.5.0/24 subnet to access one static IP (eg; 192.168.2.100) on 192.168.2.0/24, but nothing else?
Thanks for your help, I added the rule. Moved it above the rest of the rules and tried a ping the server but no joy. If I am on the 192.168.2.0/24 subnet I can ping it.
Could there be another setting that is blocking this rule from taking effect. Not sure if having the different subnets on a different interface would make any difference.
Then I disabled all my firewall rules. Still was not able to ping the server from the second subnet (still working from the first one though). Could it be a routing issue?
Each subnet has its own interface on the router. However the Mikrotik automatically creates a route between the interfaces as far as I understand?
Just figured out why the rules were not being followed. It turns out our switch was preventing us from reaching other clients on the network hence the rules had no effect.
Its all working now again. Thank you for your help with this though
