Dropping traffic from ether3 to ether2
Posted: Thu Jan 05, 2012 6:26 am
I have a kind of elementary question.
I am using a RB433. It is using RouterOS v5.10. I would like to completely separate traffic on ports 2 and 3, and not allow any connection between the two ports.
Port 2 is a 10.10.0.1/24 and port 3 is a 192.168.1.1/24.
I tried creating a drop rule and also a reject rule on the forward chain with source address 10.10.0.0/24 and destination 192.168.1.0/24 and vise versa. I am still able to ping the 10.10.0.1 from a 192.168.1.x address and see devices behind that port. I also tried dropping and rejecting (tried 2 different rules) from 10.0.0.0/8 to 192.168.1.0/24 and vise versa, to no avail.
Any ideas? What I am trying to do is have my internal office traffic on the 10.10.0.1/24 and "public" traffic on 192.168.1.1/24 and make sure "public" customers cannot see my internal network.
Any help would be greatly appreciated. Thanks.
I am using a RB433. It is using RouterOS v5.10. I would like to completely separate traffic on ports 2 and 3, and not allow any connection between the two ports.
Port 2 is a 10.10.0.1/24 and port 3 is a 192.168.1.1/24.
I tried creating a drop rule and also a reject rule on the forward chain with source address 10.10.0.0/24 and destination 192.168.1.0/24 and vise versa. I am still able to ping the 10.10.0.1 from a 192.168.1.x address and see devices behind that port. I also tried dropping and rejecting (tried 2 different rules) from 10.0.0.0/8 to 192.168.1.0/24 and vise versa, to no avail.
Any ideas? What I am trying to do is have my internal office traffic on the 10.10.0.1/24 and "public" traffic on 192.168.1.1/24 and make sure "public" customers cannot see my internal network.
Any help would be greatly appreciated. Thanks.