Community discussions

MikroTik App
 
garethiowc
just joined
Topic Author
Posts: 9
Joined: Wed Dec 03, 2014 12:33 am

firewall

Wed Aug 02, 2017 7:03 pm

Hi all,

so i've recently passed my MTCNA and i'm really enjoying working with mikrotik hardware.

So i'd like to know a bit more about what i need to do with the firewall to stay safe.

Here is my current config:
/ip firewall filter
add action=drop chain=input comment="Drop DNS on WAN" dst-port=53 \
    in-interface=pppoe-out1 protocol=udp
/ip firewall nat
add action=masquerade chain=srcnat out-interface=pppoe-out1
/ip firewall service-port
set ftp disabled=yes
set tftp disabled=yes
set irc disabled=yes
set h323 disabled=yes
set sip disabled=yes
any pointers would be great

I'm planning on doing the rest of the courses at a later date :)

Many thanks
Gareth
Last edited by garethiowc on Wed Aug 02, 2017 7:58 pm, edited 1 time in total.
 
pe1chl
Forum Guru
Forum Guru
Posts: 6676
Joined: Mon Jun 08, 2015 12:09 pm

Re: firewall

Wed Aug 02, 2017 7:16 pm

Change you rules to drop input from the interface that you really are using for your internet connection.
Apparently PPPoE has been configured but it does not work. When this dump was made from an operational
router, not a router you plan to connect to internet later (and using PPPoE), you need to change that interface.

Who is online

Users browsing this forum: Google [Bot], Shy and 28 guests