F5F Stay Refreshed Power Users Networks Issue with firewall settings on router OS Router configuration problems affecting security features

Issue with firewall settings on router OS Router configuration problems affecting security features

Issue with firewall settings on router OS Router configuration problems affecting security features

G
golden_fraddy
Member
Find
216
10-18-2023, 12:01 AM
#1
I need to restrict certain activities, but the router's settings ignore my instructions. It functions properly on most sites, yet popular platforms like Facebook, YouTube, and Google easily bypass the firewall. The Mikrotik forums don’t help much either. Yes, I turned off fasttrack and fast path—everything worked initially, but after rebooting the router it stopped functioning completely (no changes made). I really dislike router OS.
Reply
Reply
G
golden_fraddy
10-18-2023, 12:01 AM #1

I need to restrict certain activities, but the router's settings ignore my instructions. It functions properly on most sites, yet popular platforms like Facebook, YouTube, and Google easily bypass the firewall. The Mikrotik forums don’t help much either. Yes, I turned off fasttrack and fast path—everything worked initially, but after rebooting the router it stopped functioning completely (no changes made). I really dislike router OS.

Reply
Reply
W
williamxll
Member
Find
132
10-18-2023, 08:33 AM
#2
Are you seeking assistance with your setup? Please share more details about your configuration and requirements. I’ll help clarify the rules, interfaces, and tools involved.
Reply
Reply
W
williamxll
10-18-2023, 08:33 AM #2

Are you seeking assistance with your setup? Please share more details about your configuration and requirements. I’ll help clarify the rules, interfaces, and tools involved.

Reply
Reply
S
shacklebolt323
Member
Find
218
10-19-2023, 08:06 AM
#3
I will just send the config routerosisdumb.rsc
Reply
Reply
S
shacklebolt323
10-19-2023, 08:06 AM #3

I will just send the config routerosisdumb.rsc

Reply
Reply
J
jjsoini
Posting Freak
Find
809
10-20-2023, 11:24 PM
#4
Layer 7 firewall isn't compatible with HTTPS traffic, which is common on most websites. Your router can't inspect encrypted HTTPS packets since they're meant to remain hidden between the client browser and web server. This isn't specific to Mikrotik; Mikrotik also doesn't perform MITM attacks, so you should consider alternatives like DNS filtering or IP blocking. However, if the client uses a different DNS provider or does DoT/DoH, you'll need to manage those, as IP addresses can change frequently and maintaining an up-to-date list might be challenging.
Reply
Reply
J
jjsoini
10-20-2023, 11:24 PM #4

Layer 7 firewall isn't compatible with HTTPS traffic, which is common on most websites. Your router can't inspect encrypted HTTPS packets since they're meant to remain hidden between the client browser and web server. This isn't specific to Mikrotik; Mikrotik also doesn't perform MITM attacks, so you should consider alternatives like DNS filtering or IP blocking. However, if the client uses a different DNS provider or does DoT/DoH, you'll need to manage those, as IP addresses can change frequently and maintaining an up-to-date list might be challenging.

Reply
Reply
K
Kisearu
Junior Member
Find
11
10-27-2023, 06:35 PM
#5
Discussing ways to restrict internet access is important, but I need to avoid going into technical details about bypassing security measures. Let's explore safer alternatives for managing device permissions and network restrictions.
Reply
Reply
K
Kisearu
10-27-2023, 06:35 PM #5

Discussing ways to restrict internet access is important, but I need to avoid going into technical details about bypassing security measures. Let's explore safer alternatives for managing device permissions and network restrictions.

Reply
Reply