I have a bit of analysis paralysis...we have an older Adtran router in our company network that needs to replaced. I suggested using a Mikrotik CCR I am not a router pro. I've been staring at the way Adtran configures all of its routing rules and trying to map that to how a CCR-1036-8G would need to be configured to replicate the routing policies. I have a little exposure to Cisco ACLs on ASAs and the Adtran has similar methods of how it configures the routing functions but thru a GUI interface. The two main things I need to get right/some help on is mapping the Adtran firewall/routing rules to the RouterOS configs and getting our VPN service correct so our road warriors and connect to our network remotely.
The Adtran defines two "Security Zones" - one is "Public" and one is "Private". Each interface on the router is assigned to either of these. The Public zone is used by the WAN port, and all the LAN ports are in the Private zone. Each Security Zone has multiple "Policies" defined (what Action to take, eg., NAT, ALLOW, DISCARD, etc). Each Policy will have "Traffic Selectors" configured, which is a more familiar Type (Permit/Deny), Protocol (Any, TCP, UDP, etc) Source IP/Ports, Dest IP/Ports. Then the Adtran has a subsection under the Firewall menu that defines "ACL Lists" that have your same Traffic Selectors configs (Type,Protocol,Source, Destination). These ACLs are applied to the Private and Public policy-class.
What I've gotten myself all wrapped up around is trying to map the Mikrotik firewall configs to the Adtran Zones/Policies/ACLs/Traffic Selectors. Does anybody have any guidance on helping me understand the basic Mikrotik mappings?
Thanks in advance,
David