Hello!

I have an SXT LTE and wanted to limit access to ssh, www and winbox access only from local network.
Found some info and added such line

/ip firewall filter
add action=drop chain=input dst-port=8291 protocol=tcp

Thats for winbox, but as it seems it drops connection from everywhere, even from LAN?
What did I misconfigure?
I can access SXT LTE trough mactel from wifi router, but would be nice to do that from winbox on my laptop.

As for info I have connected to ether port of SXT LTE another mikrotik wifi router which acts as dhcp server for all my devices.
Probably it's not "nice" configuration of networks - since i'm new to all routeros stuff.

add the following over that rule to allow lan access or you can just drop input only from your wan interface

add the following over that rule to allow lan access

Code: Select all

/ip firewall filter
chain=input action=accept src-address=YourLanRange dst-port=8291 protocol=tcp

or you can just drop input only from your wan interface

Code: Select all

/ip firewall filter
chain=input action=drop in-interface=YourWanInterface

Thank You, getting clearer and clearer with every answer