Greetings,
I purchased my first MikroTik (Routerboard RB2011UAS-2HnD-IN) and I am running RouterOS v. 6.5.
I am having issues with the MikroTik communicating with the internet for essential services. I thought anything originating from the MikroTik would use the chain=output.
I cannot get DNS queries, SNTP, services to function when rule # 8 is in place. I enabled a logging rule and have confirmed the services to be blocked.
I have a default deny rule which drops all traffic destine for the MikroTik (chain=input) from my WAN bridge interface.
0 ;;; Allow Ping Traceroute Traffic
chain=input action=accept protocol=icmp in-interface=BRWAN
1 ;;; allow inbound WinBox
chain=input action=accept protocol=tcp dst-port=8291
2 X ;;; Allow DNS Queries originating from MikroTik
chain=output action=accept protocol=udp dst-port=53
3 X chain=output action=accept protocol=tcp dst-port=53
7 ;;; drop all
chain=input action=log in-interface=BRWAN log-prefix=“fw-dropall”
8 chain=input action=drop in-interface=BRWAN
Any ideas? What have I done wrong?