Community discussions

MikroTik App
 
sporkman
newbie
Topic Author
Posts: 26
Joined: Thu May 02, 2013 4:37 am

Firewall blocking bridge to bridge traffic

Fri Sep 05, 2014 7:44 am

My bridge interface is configured with the firewall option off:
 > interface bridge settings print 
            use-ip-firewall: no
   use-ip-firewall-for-vlan: no
  use-ip-firewall-for-pppoe: no
            allow-fast-path: yes
Yet I see blocked traffic destined to my (tap mode) openvpn client that's in the same bridge-local bridge group:
02:52:36 firewall,info forward: in:bridge-local out:bridge-local, src-mac dc:9f:db:0b:73:6
7, proto ICMP (type 0, code 0), 10.210.0.115->10.210.0.50, len 84
What gives? If I temporarily disable the default "forward" block, traffic flows.

In the snippet above 10.210.0.115 is a device off a switch port and 10.210.0.50 is the OpenVPN client.

Of note, the traffic FROM the openvpn client is never blocked, just the traffic from the attached device. Traffic in this case is a simple ping from the openvpn client to the device attached to the switch port.

Who is online

Users browsing this forum: Google [Bot], xt22 and 213 guests