Firewall NAT error

RouterOS Beginner Basics
1

Hi,

I’m setting up my Mikrotik router with a Guest Wifi network.
The problem is that I want to block all websites except for one or two in the guest network.
I’ve tried to follow some online examples, but when I’m configuring the NAT to redirect all traffic to port 8080 (web proxy), I select as In. Interface WLAN2 which is the wifi guest network, so that the blocking will apply only to the users who are on the guest network, but I got an error, as shown in the attached picture.

If I select the In. Interface as bridge the rule works, but the blocking will apply to WLAN1 also, which is the passworded WLAN and shouldn’t have any restrictions.
Anyone knows what is wrong here?

Thanks

2

Hi.

I can’t see your picture. Can you export your firewall configuration?

3

Here you have the link with the picture:
https://www.dropbox.com/s/j7haohpdkmokfg9/Capture.PNG?dl=0

I can’t export the config now, as the router is at home and I’m at the office.

4

In the newest version of RouterOs, this message is because you have wlan or some port inside a bridge. You need to apply the rule to the bridge

I you want two independent networks you can’t have bridge ports. In order to have to different subnet you need an IP segment for each port or vlan

5

Hi,

Let me explain what I need as probably it’s easier.
I need to have a regular wlan network with password with no limitations and then a second (guest) wlan network without authentication and that has only access to 3 websites.
So I configured the guest wlan and was trying to set the rules for it.

What’s the easiest way to accomplish what I need?

Thanks

6

Assign your guest Network a different subnet.

Example
Your LAN - 192.168.1.0/24
WLAN - 192.168.2.0/24
Guest WLAN - 192.168.3.0/24

Change your firewall rule to match the bridge as the in interface and add an additional condition to match SRC to your guest WLAN subnet. 192.168.3.0/24 in our example.

Sent from my Nexus 6P using Tapatalk