User:TomJepp/RouterOS L2TP: Difference between revisions
Content deleted Content added
No edit summary |
|||
| Line 424: | Line 424: | ||
set allow-remote-requests=yes |
set allow-remote-requests=yes |
||
/ip firewall filter |
/ip firewall filter |
||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
add action=accept chain=input comment=\ |
add action=accept chain=input comment=\ |
||
"input: allow established & related traffic" connection-state=\ |
"input: allow established & related traffic" connection-state=\ |
||
| Line 435: | Line 430: | ||
"forward: allow established & related traffic" connection-state=\ |
"forward: allow established & related traffic" connection-state=\ |
||
established,related |
established,related |
||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
add action=drop chain=input comment="input: drop all remaining traffic" |
add action=drop chain=input comment="input: drop all remaining traffic" |
||
add action=drop chain=forward comment="forward: drop all remaining traffic" |
add action=drop chain=forward comment="forward: drop all remaining traffic" |
||
| Line 448: | Line 448: | ||
add address=2001:8b0:db8:acb1::1 interface=bridge-l2tp-lan |
add address=2001:8b0:db8:acb1::1 interface=bridge-l2tp-lan |
||
/ipv6 firewall filter |
/ipv6 firewall filter |
||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
add action=accept chain=input comment="input: allow all ICMP" protocol=icmpv6 |
add action=accept chain=input comment="input: allow all ICMP" protocol=icmpv6 |
||
add action=accept chain=forward comment="forward: allow all ICMP" protocol=\ |
add action=accept chain=forward comment="forward: allow all ICMP" protocol=\ |
||
| Line 455: | Line 461: | ||
add action=accept chain=forward comment="forward: allow all from L2TP LAN" \ |
add action=accept chain=forward comment="forward: allow all from L2TP LAN" \ |
||
in-interface=bridge-l2tp-lan |
in-interface=bridge-l2tp-lan |
||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
add action=drop chain=input comment="input: drop all remaining traffic" |
add action=drop chain=input comment="input: drop all remaining traffic" |
||
add action=drop chain=forward comment="forward: drop all remaining traffic" |
add action=drop chain=forward comment="forward: drop all remaining traffic" |
||