Community discussions

MikroTik App
 
cork893
just joined
Topic Author
Posts: 1
Joined: Tue Aug 31, 2021 8:18 pm

On home network, block all but internet traffic from router devices

Tue Aug 31, 2021 8:28 pm

I bought a hEX router in order to isolate a work computer from the home network. We currently have a combo modem/router that is not very configurable, so I got the hEX.

I have the hEX wan/port 1 plugged into one of the ethernet ports on the modem/router.

Home network is 192.168.0.0/24 and gateway is 192.168.0,1.

Isolated router is 192.168.88.0/24 (the default), which probably doesn't matter.

I know I can just block the home network via:

add chain=forward dst-address=192.168.0.0/24 action=drop

Except that I want to allow traffic to the gateway, 192.168.0.1.

How do I exclude that one address from being dropped? The rest of the router configuration (apart from password) is the default currently.
 
ConnyMercier
Forum Veteran
Forum Veteran
Posts: 723
Joined: Tue Dec 17, 2019 1:08 pm

Re: On home network, block all but internet traffic from router devices

Mon Nov 08, 2021 12:28 am

To directly answer your Question,
you only need an additional Firewall-Rule placed before your "block-Rule"
Something like:
add chain=forward dst-address=192.168.0.1 action=accept
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 18958
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: On home network, block all but internet traffic from router devices

Mon Nov 08, 2021 3:13 am

Post your hex config
/export hide-sensitive file=anynameyouwish for review.

this can be simply resolved quickly once provided.

Who is online

Users browsing this forum: Bing [Bot] and 75 guests