Hi all mikrotik encoders.
I face a challenge and hope it might be solved even if it is far out.
I have a wifi network only for computers running VPN tunnels so in the firewall I have set it only to allow traffic to 4 specific gateways, and it has been running really well for over 6 years now, but that’s not how it should be anymore.
Now one company has chosen to make a split tunnel on their system, so my fine firewall programming no longer works for this system the other systems run as they should.
Now I want to hear if it is possible to set up rules in firewall based on parts of computer name? all these systems running on this network are called something with XXX- so DKN-cbc8923 and all names can be seen in DHCP.
Is it possible to make a rule that looks at parts of the name e.g. DKN- * so all computers starting with this name can access the Internet and everything else wound kicked?
You can’t make a firewall rule looking at device’s hostname. But if devices get leases from your DHCP server, you could use lease script to check their hostnames and update address lists, and those could then be used by firewall rules.
Hi Sob and thanks for your reply.
Yes my DHCP server is the same MT Router.
Maybe you have an example lease script about this you might want to share here?
Regards
Jimmy
Nope, sorry. It should be easy, but RouterOS scripting doesn’t like me, so even seemingly easy things take too much time. But it’s not universal, some people seem to get along with it just fine, so check the manual for some examples and maybe you’ll be among the lucky ones.
the other systems run as they should.