Community discussions

MikroTik App
 
User avatar
senseivita
newbie
Topic Author
Posts: 35
Joined: Fri Jan 01, 2021 4:20 am

How do I disable (allow all) the firewall completely?

Tue Apr 13, 2021 10:29 pm

I'm setting up CHR but the ruleset plus policy routing (which I don't know how to do), tunneling stuff, IDS/IPS and reverse proxy is so complicated (and basic, i.e; tunneling) that I' used a couple of pfSense instances chained in front of it instead with static rules to avoid NAT.

If I delete all the rules, remind me, will I get locked out or (frighteningly) defaulted in?

I'm a little confused because I cannot connect from the mobile app neither with the L3 nor the L2 addresses and I'm supposed to have a rule allowing all RFC1918-sourced traffic on all internal interfaces --or-- all interfaces since the firewall is not on the edge anymore. I'd use a network switch to route and call it a day but none of my switches route IPv6, which I want to add afterwards. :(

Does the firewall need to NAT if I'd wanted to use the captive portal in the future? It's not that important though, pfSense can handle it too but I'm curious about Mikrotik's portal API.

Thanks!
 
joegoldman
Forum Veteran
Forum Veteran
Posts: 766
Joined: Mon May 27, 2013 2:05 am

Re: How do I disable (allow all) the firewall completely?

Wed Apr 14, 2021 1:41 am

You can just disable ALL rules in /ip firewall filter - as a stop gap to disable any and all firewall rules related to blocking access.

Disabling all shouldn't be an issue - but RouterOS also has a safe mode (For every management type except API) where by you can make these changes and if you are kicked out of the router for any reason it will revert back.

Who is online

Users browsing this forum: Ahrefs [Bot] and 42 guests