Answer the question
In order to leave comments, you need to log in
A
A
AntonJZ2019-03-15 23:01:57
AntonJZ, 2019-03-15 23:01:57
Mikrotik. 4 subnets. How to do it right?
Good day !
The task I do not think is simple (but for me, as far from this topic, it is very difficult)
There is a mikrotik.
There is internet.
There is a LAN network 192.168.80.0/24
We must also add 3 subnets so that they do not see each other, but can exchange files via NAS (exchanger, connected as a network drive) and have the Internet.
NAS is located at 192.168.80.28
Internet (port #1)
LAN 192.168.80.0/24 (port 2)
1st subnet 192.168.90.0/27 (port #3)
2nd subnet 192.168.100.0/27 (port #4)
3rd subnet 192.168.110.0/27 (port #5)
Please help.
3 answer(s)
@hempy80
@Diman89
D
Dmitry, 2019-03-16 @hempy80
With the addition of subnets, I hope you can handle it. And the restriction can be done like this.
/ip firewall address-list add address=192.168.90.0/27 list=privatelans
/ip firewall address-list add address=192.168.100.0/27 list=privatelans
/ip firewall address-list add address=192.168.110.0/27 list= privatelans
/ip firewall filter add action=reject chain=forward src-address-list=privatelans dst-address-list=privatelans
The first three commands will create an address list with isolated subnets. The fourth command will add a filter rule that blocks traffic between them. It must be raised above all allowing rules. If there are no deny rules to the 192.168.80.0/24 subnet, then all three will have access to it.
D
Diman89, 2019-03-15 @Diman89
if there are no prohibiting rules in the firewall - by default Mikrotik will allow traffic between subnets, so you need to make such rules (prohibiting) and make an exception in them in the form of a NAS
Similar questions
A
D
R
D
Drawn2020-10-01 05:05:34
A very large amount of traffic is leaving the IP camera, how to fix it?
5Reply
T
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question