Is it possible to set up a Mikrotik unit, like RB951 or RB433, as a bridge and have it act as a firewall? Have tried to find some simple description (using Winbox) here, but it seems quite complex or hard to understand.
My scenario is this:
I'm sharing a 100Mbit fiber Internet connection among some users at different locations. Distribution is done with wireless Mikrotik units, and all of these have public IPs. The different users also have Mikrotik units as routers with NAT and firewall between the public net and their LAN. All these Mikrotik units are therefore exposed to the Internet through their public IPs.
I'm looking for a way to have an "edge" firewall (a bridge) for the entire setup - in other words a bridge with 2 Ethernet ports - one to my fiber modem and the other to my Mikrotik network.
Is it possible to configure a bridge with firewall rules to protect the other Mikrotik units?
Is there some description how to do this - with Winbox (if possible)?