Mikrotik sip alg11/5/2023 Additional information is that my router has two subnets 192.168.88.xx(main subnet) &. Will implement VPN once routerOS 7 is out of beta. To my understanding, my firewall is already is on per with 3cx guidelines. Protocol=tcp to-addresses=192.168.188.29 to-ports=5090Īdd action=dst-nat chain=dstnat comment="3CX Tunnel UDP" dst-port=5090 \ Ipsec-policy=out,none out-interface-list=WANĪdd action=dst-nat chain=dstnat comment=pihole_bypass dst-address=\ġ92.168.188.25 dst-port=53 protocol=udp to-addresses=192.168.88.1ġ92.168.188.25 dst-port=53 protocol=tcp to-addresses=192.168.88.1Īdd action=dst-nat chain=dstnat comment="Resilio Sync (UDP)" dst-address=\Ġ.0.0.0 dst-port=58444 in-interface-list=WAN protocol=udp to-ports=58444Īdd action=dst-nat chain=dstnat comment="3CX Presence and Provisioning HTTPS" \ĭst-port=5001 protocol=tcp to-addresses=192.168.188.29 to-ports=5001Īdd action=dst-nat chain=dstnat comment="3CX SIP UDP" dst-port=5060 protocol=\ In-interface-list=LAN out-interface-list=WANĪdd action=accept chain=forward dst-address=192.168.188.0/24 src-address=\Īdd action=accept chain=forward dst-address=192.168.88.0/24 src-address=\Īdd action=drop chain=forward comment="Drop All Else"Īdd action=masquerade chain=srcnat comment="defconf: masquerade" \ In-interface-list=LAN src-address-list=allowed_to_routerĪdd action=accept chain=input in-interface-list=LAN port=53 protocol=tcpĪdd action=accept chain=input in-interface-list=LAN port=53 protocol=udpĪdd action=accept chain=forward comment="defconf: accept in ipsec policy" \Īdd action=accept chain=forward comment="defconf: accept out ipsec policy" \Īdd action=fasttrack-connection chain=forward comment="defconf: fasttrack" \Īdd action=accept chain=forward comment="defconf: accept established,related" \Īdd action=drop chain=forward comment="defconf: drop invalid" \Īdd action=accept chain=forward comment=" Allow Port Forwarding - DSTNAT" \Ĭonnection-nat-state=dstnat connection-state=new in-interface-list=WANĪdd action=accept chain=forward comment="ENABLE LAN to WAN" \ Add action=accept chain=input comment="defconf: accept established,related" \Īdd action=drop chain=input comment="defconf: drop invalid" connection-state=\Īdd action=accept chain=input comment="defconf: accept ICMP" protocol=icmpĪdd action=accept chain=input comment="Allow ADMIN to Router" \
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |