Community discussions

MikroTik App
 
jennerfernandesfilho
just joined
Topic Author
Posts: 3
Joined: Sun Jan 22, 2023 3:41 am

Help with firewall drop rules priority

Sun Jan 22, 2023 4:04 am

Hi there,

I have installed a Mikrotik RB750g3 on my environment, and i did the follow schema.

I have two networks, a DMZ and LAN. And the traffic between is limited. Basically, the only traffic allowed from the LAN is the Web Server access who's has located in DMZ. So, I did the follow configuration.

I create a rule to allow the source and destination IP address and ports forward traffic to my Web Server and near bellow, a rule to drop every traffic else. But, when I enable the drop rule, all my traffic is dropped, include the traffic that I set to be allowed above.

A think that maybe issue of priority, but I can't make it work!

Someone can Help?
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19099
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Help with firewall drop rules priority

Mon Jan 23, 2023 4:00 am

Sure
/export file=anynameyouwish ( minus router serial # and any public WANIP information )
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11433
Joined: Thu Mar 03, 2016 10:23 pm

Re: Help with firewall drop rules priority

Mon Jan 23, 2023 9:05 am

A think that maybe issue of priority, but I can't make it work!

Firewall rules are evaluated from top to bottom. And that's the priority. So if rules are in order you described with so many words, then your allow rule is faulty and doesn't really catch the traffic it's supposed to. So follow advice by @anav ... and describe (with details) what kind of traffic is supposed to be allowed. Then we (@anav in particular :wink:) will be able to check validity of your setup.

Please post complete config, sometimes reason for something not working hides in configuration subtree which inexperienced user doesn't suspect.

Who is online

Users browsing this forum: Bing [Bot], lurker888 and 21 guests