hello dear forum users,
i am quite new to the whole mikrotik world and would like to ask for advice and a checkup whether or not my settings are adequate enough in terms of security. I am experiencing an odd problem – via VPN I can ping my first router and access it but not my second router nor Switch 1 and Switch 2. But Switch 3 and the other access points are reachable without any problem. I can however reach Router2 and the missing Switches via MACTelnet from Router1. Could somebody please have a look at my configuration and offer advice on how to properly set up one’s firewall?
My setup is as follows:
Router1 and Router2 are connected via VRRP, which are bound to each vlan interface.
Each vlan (L2 and L3) are assigned to bridge1.
VLAN 100-108 are my guest vlans which are only allowed to communicate with the internet. Same goes with every other vlan unless specified (correctly I hope) within the firewall rules
VLAN140 is my management vlan, where servers, and Mikrotik devices reside. I can reach every other vlan and Mikrotik devices normally.
Router2 is configured exactly the same way as Router1 and the Switches have no rules at all.
Thank you and kind regards
router1_config.txt (31.5 KB)