Hi there thanks for being patient!
No you dont have to change any rules I would just disable that particular subnet from the list.
I will take a look at the config.
(1) I dont know why you have these rules as my arp knowledge and uses is next to nil........ so they clearly serve a purpose but beyond me. So I am asking only to learn on this comment.
/ip arp
add address=192.168.10.254 comment="DVR Hikvision" interface=5DVR \
mac-address=54:C4:15:D7:71:50
add address=192.168.0.249 comment="UBLOCK8 Android TV BOX" interface=\
4wireless mac-address=C0:45:F1:CA:65:91
add address=192.168.0.2 interface=4wireless published=yes
Hi Anav,
Thanks for looking.
i think i play around with this the first time setting up mikrotik to have a static rule but doesn't serve anything.
(2) add address=192.168.0.0/16 comment=RFC6890 list=not_in_internet
As stated, disable or remove this from your non in internet list.
i've tried to disable it. still doesn't work. something seem to be blocking or there is no rule to allow it?
(3) the first firewall rule in the config can be moved down with the other forward chain rules. Suggesting putting it before the drop all else rule.
add action=accept chain=forward comment="Allow connection to routers" \
dst-address-list=WirelesRouterList src-address=192.168.8.100
already move it down. but still cannot connect to router
(3) Change tools mac winbox mac server from service port only to ALL,
Why you ask because you wish to access winbox from more than just serviceport subnet!!!
Suggest with that try changing neighbours discovery from serviceport to ALL as well.
the winbox mac server is ok already, i didn't change to service port, cmiiw but this is for connecting using macaddress, so i think should be safe if from service port only (port2) ?
to access the router using winbox from pc & laptop & mobiles , the firewall rules is input type "Allowed Admin Access" andthis ok already, only certain ip can connect
by the way, the 3 wireless router is assigned static ip, does this causes why i can't connect ?
You do not have the required permissions to view the files attached to this post.