Good Evening,
I’m new to mikrotik and I wanted to setup an interface port on my RB3011 to act as an out of band Interface.
What I want to achieve is to use an Interface (Let’s say eth10) as a management interface completely separated from the main router logic.
Here is my network:
Eth1: Wan:(IP 100.100.100.100/29)
Eth6: Lan:(IP 192.168.88.1/24)
Eth10:Mgmt:(IP 192.168.10.10/24)
What I did:
- remove eth10 from the default bridge and made another bridge (bridge2) with this only interface
- created an input chain firewall rule to permit winbox management on this interface
Until this point everything works fine
Then I have to specify a gw for eth10, so I created a separate vrf (mgmt-vrf)
As soon as I assign eth10 to mgmt-vrf I loose winbox on this interface.
I also tried to speficy vrf on firewall policy I created at point 2, but nothing changes.
If I log firewall policy I see Syn packets coming from my pc attached to eth10, but no syn-ack coming back.
What am I doing wrong?
Thanks in advance.
Cristiano