Hi,
I have a concern about the SSTP tunnel setup. I have two mikrotik router (750 and CCS) with current version (6.24) and an SSTP tunnel between them according to the wiki manual. It works perfectly, both side the whole subnet is available through the tunnel.
My issue is how do I limit this tunnel using firewall settings?
I created a simple firewall forward rule that related, established shall be accepted and nothing else, but with this all communication goes through the tunnel. A client from SideA subnet can ping a client in SideB subnet, where clients are PCs and not the routers.
How do I limit that SideB clients (say branch) can only access a few servers in SideA (main office)? If I add the deny rule before related, established rules, the communication stops, but ofc that denies all communication.
Thanks,
Andras
/note: I have submitted this as support ticket too.