Hi everybody,
I need your help with IP isolation. My Mikrotik has: 1ether - wan,2ether(master)-ether5 are the bridge(192.168.0.0/24) and wlan1 has own dhcp pool 192.168.10.0/24. When I tried to interface wireless set wlan1 default-forwarding=no then I can ping from pc(ether2) to my mobile device over wifi. can you help me with that? THX. Azi
The “/ip firewall filter” (specifically its forward chain) is your friend. Default config has everything allowed, except unsolicited traffic from WAN. So just add other blocking rules you need. Or block everything by default and only specifically allow selected traffic.