Hi,
I need to create a firewall for my lan network comprising of 700 nodes and different ip pools.
I plan to use bridging feature for it.
Following is what I have in mind
1> Connect 2 nic’s (eth0, eth1) on the mikrotik
2> Bridge the two of them
3> incoming data → eth0 mikrotik → eth1 mikrotik → outgoing data
Am I right about the above configuration???
If the above is right, then how do I manage the firewall?
Where do I put the IP Address?
Since I have 3 different networks (10.10.0.0/16, 10.15.0.0/16 and 10.12.122.0/24), will assigning an IP to mikrotik from any one network still process packets of the remaining 2 networks?
Hi,
Transparent traffic shaper can be the right word for the setup needed. If I am not mistaken, the bridge will process all traffic irrespective of ip address. Then why did you say that ip of all the networks be needed. I needed the ip address for management only.
Hi,
Apologies for the delay. Glad to inform you that all went well and the bridge is working as desired. I also downloaded the firewall rules from the mikrotik demo router and have put it on mine.
Another query that I am now having is on the mikrotik site the rules were for a router so the input output and forward chains were designed accordingly.
But incase of a bridge the necessary components missing in the forward chain in comparison to input chain will have to be added right?
Also how do I allow only my local network ip pools to communicate thus denying all other locally created customer ip pools.
The IP pools I am using are
10.12.122.0/24
10.15.6.0/24
10.10.10.024
