Community discussions

MikroTik App
Topic Author
Posts: 26
Joined: Thu May 02, 2013 4:37 am

Firewall blocking bridge to bridge traffic

Fri Sep 05, 2014 7:44 am

My bridge interface is configured with the firewall option off:
 > interface bridge settings print 
            use-ip-firewall: no
   use-ip-firewall-for-vlan: no
  use-ip-firewall-for-pppoe: no
            allow-fast-path: yes
Yet I see blocked traffic destined to my (tap mode) openvpn client that's in the same bridge-local bridge group:
02:52:36 firewall,info forward: in:bridge-local out:bridge-local, src-mac dc:9f:db:0b:73:6
7, proto ICMP (type 0, code 0),>, len 84
What gives? If I temporarily disable the default "forward" block, traffic flows.

In the snippet above is a device off a switch port and is the OpenVPN client.

Of note, the traffic FROM the openvpn client is never blocked, just the traffic from the attached device. Traffic in this case is a simple ping from the openvpn client to the device attached to the switch port.

Who is online

Users browsing this forum: Google [Bot], xt22 and 213 guests