You are running version 6, I am checking against version 7 so some things are a bit different.
I do not understand what you mean by:
What old rule? The firewall one?
“Add the permit at the bottom part” means that the rules to accept the traffic go at the bottom. You had no rule in the forward chain so everything was accepted. “/ip/firewall filter” is fine.
If there are errors, please make a copy-paste of the command and the error message. As I said, I am using ROS7 and some commands may be different.
For NTP:
/system ntp client set primary-ntp=192.36.143.130
/system ntp client set secondary-ntp=200.160.0.8
That’s right, I’m referring to that old and only rule that was in the firewall:
When I removed the rule, the websites I mentioned in the first post stopped working again. Is it because the rule allowed general access?
The only lines that I believe I didn’t include are these:
Sorry, I found the issue. I couldn’t use the command that switched the position:
So, I made the change manually, putting the accept rule first and then the masquerade rule. By reversing the sequence, the websites are working now. Is this the correct sequence?
vingjfg
December 22, 2023, 1:48pm
23
Sorry, I found the issue. I couldn’t use the command that switched the position:
So, I made the change manually, putting the accept rule first and then the masquerade rule. By reversing the sequence, the websites are working now. Is this the correct sequence?
It’s fine. The one I sent has the address-list WAN instead of the out-interface but that is the same thing.’
Regarding the firewall rule, none of the commands I provided should have removed anything from the “chain=input” - Note that the commands I send you contains everything needed to remove the unneeded statements so you should NOT remove anything by hand yourself.
Sorry, I found the issue. I couldn’t use the command that switched the position:
So, I made the change manually, putting the accept rule first and then the masquerade rule. By reversing the sequence, the websites are working now. Is this the correct sequence?
It’s fine. The one I sent has the address-list WAN instead of the out-interface but that is the same thing.’
Regarding the firewall rule, none of the commands I provided should have removed anything from the “chain=input” - Note that the commands I send you contains everything needed to remove the unneeded statements so you should NOT remove anything by hand yourself.
I understand, I didn’t remove anything, just changed the sequence.
Well, all the issues have been resolved, and I really appreciate your help. You’ve completed the configuration of my MikroTik.
Wishing you all the best, thank you very much, Vingjfg.
vingjfg
December 22, 2023, 2:55pm
25
Thanks, same to you.
You still have several things to fix on this Mikrotik thouhg. Don’t forget about them.
Sure, I will check the explanations in forums and watch more videos about MikroTik.