Hi all,
I have been trying to find information on what to put in the firewall for basic rules. Here is what I need:
External WAN ETH1
Internal LAN ETH2
DHCP on ETH2
10.1.1.0/24 on ETH2
nat outbound traffic from LAN to WAN using WAN’s IP.
Allow inbound from WAN to LAN for winbox managing
port forward 446 to 10.1.1.5
portforward 3389 to 10.1.1.6
tahnks for your help
Default config
Default config
Default config
You’ll need to change the various LAN addresses from the default of 192.168.88.x to 10.1.1.x. There are 3 main places.
Default config
Not actually to the LAN, but to the router itself. Do you really need to manage the router from the WAN side, rather than from a machine on the LAN? This will involve adding a simple accept rule to the input chain. I’d strictly limit the source addresses allowed.
You’ll need to add a couple of /ip firewall nat rules to map those ports in and a couple of accept rules in the forward chain. Be careful though, RDP is currently a very popular service to attack.
BTW - What hardware are you using? The defaults about are true for models like the RB750, RB450, … but may not hold for all.
Exactly, im using the x86 PC version of 5.6
Im installing this in a ESXi host.
There is no default setup, so I need to enter everything manualy.
Is there a howto on basic setup of firewall rules? At least that would get me started.