Hi,
I have a routerboard 450 and have restriced all access to it in the IP Service List to all but my public facing IP address.
I sometimes need to access it from a different IP and my question is, how do I allow more than one IP address to access Winbox, SSH, telnet etc?
Many thanks in anticipation.
Don’t use the limitation in “/ip services” and set them back to 0.0.0.0/0 and then use firewall filters to allow access to services.
/ip firewall address-list
add list=SSH_Access address=10.1.0.2/32
add list=SSH_Access address=172.16.0.2/32
/ip firewall filter
add chain=input dst-port=22 action=drop src-address-list=!SSH_Access
Or something like that. That would drop all SSH access from IPs not on the address-list. Repeat for all other protocols you want to filter.
Brilliant, thank you - it worked just fine (I had to specify TCP).
Nick.