Community discussions

MikroTik App
 
sporkman
newbie
Topic Author
Posts: 26
Joined: Thu May 02, 2013 4:37 am

Bypass firewall for one interface?

Wed Oct 11, 2017 9:16 am

Not quite sure how to describe this - assume a Mikrotik router with the stock config/rules. Everything going out ether1 is NAT'd (masqueraded) and the inbound firewall rules are unchanged. Router has a single static IP on ether1 in a /30. An additional /30 is routed to the external interface upstream.

If I want to stick that extra /30 on a VLAN interface and have that interface bypass all firewall rules and NAT rules, what's the easiest way to do that? Add a firewall rule that matches the routed /30 to the input chain and then make my masquerade rule match on the source IP of the default LAN only?

Who is online

Users browsing this forum: cinatus, krafg and 238 guests