Skip to content Skip to sidebar Skip to footer

Securing Your Network With MikroTik Router Firewall Settings

Have you ever wondered how to ensure that your MikroTik router is safe from unauthorized access? Look no further, port knocking is a solution that will help secure your router.

Port knocking is a security technique that involves a series of connection attempts to a sequence of closed ports to trigger the opening of a port. In this post, we will cover in detail how to set up port knocking on a MikroTik router to enhance its security.

Steps to configure port knocking on a MikroTik router

The following are the steps to configure port knocking:

1. Creating Firewall Rules

The first step is to create firewall rules to accept and deny traffic into your network. It is important to note that port knocking utilizes port sequences to grant access, and therefore, you will not be able to open a port unless you have sent a sequence of packets to knock or request access.

For instance, to open port 22 (SSH), port 2222, and port 3389 (RDP), you can create a firewall rule that only allows traffic from a specific IP address that has been authenticated by the port knocking sequence:

 /ip firewall filter add action=drop chain=input comment="default drop inbound traffic" in-interface=ether1 add action=accept chain=input comment="allow loopback traffic" in-interface=loopback add action=accept chain=input comment="accept established,related connections" connection-state=established,related add action=accept chain=input comment="allow ICMP" protocol=icmp add action=drop chain=input comment="drop invalid connections" connection-state=invalid add action=jump chain=input comment="jump to port knock chain" dst-port=443 protocol=tcp jump-target=port-knock add action=jump chain=input comment="jump to port knock chain" dst-port=80 protocol=tcp jump-target=port-knock add action=drop chain=input comment="drop everything else" /ip firewall filter add action=add-src-to-address-list address-list="knock_ports" address-list-timeout=300s chain=port-knock comment="Add address to allow rule" passthrough=no protocol=tcp src-address=!192.168.1.0/24 src-port=1234,5678,9012 /ip firewall filter add action=accept chain=forward comment="allow ssh access" dst-port=22 protocol=tcp src-address-list="knock_ports" add action=accept chain=forward comment="allow 2222 access" dst-port=2222 protocol=tcp src-address-list="knock_ports" add action=accept chain=forward comment="allow 3389 access" dst-port=3389 protocol=tcp src-address-list="knock_ports" 

Once you have created the rules as outlined above, you can now test the functionality of your MikroTik port knocking setup. However, first, we must configure the MikroTik router to capture and log the port knocking sequence.

2. Configuring MikroTik to Capture Port Knocking Sequence

Next, you need to configure the MikroTik to capture the sequence of ports that have been knocked to grant access to a specific port. To do this, you need to create a chain item that logs the matching packets as follows:

 /ip firewall filter add action=add-src-to-address-list address-list=knock_ports address-list-timeout=300s chain=port-knock comment="Add address to allow rule" passthrough=no protocol=tcp src-address=!192.168.1.0/24 src-port=1234,5678,9012 add action=log chain=port-knock comment="log port knock attempt" log-prefix="PortKnockAttempt" passthrough=yes 

The above code will append the IP addresses to the address list once the appropriate sequence has been received. You can then use this address list to add rules to the firewall chain for each protected service.

3. Test your MikroTik Firewall

With the above settings in place, you can now test your MikroTik Firewall by trying to connect to the ports you have protected. If you do the sequence correctly, you should be granted access to the protected ports.

Conclusion

Port knocking is a great way to enhance the security of your MikroTik router. It provides an additional layer of protection that ensures that only authorized access is granted to your network. By following the steps outlined above, you can configure port knocking on your MikroTik router and enjoy better security for your network. However, it is important to note that while port knocking is a useful security measure, it is not a replacement for other security measures such as a strong password or other access control mechanisms.

If you have any questions or concerns about configuring your MikroTik router for port knocking, feel free to reach out to a MikroTik expert for further assistance. Remember, secure networks are key to protecting sensitive data and mitigating cyber threats.

MikroTik Firewall : Securing your Router with Port Knocking
mikrotik firewall securing knocking router port slideshare


MikroTik Firewall : Securing your Router with Port Knocking
firewall mikrotik securing knocking


MikroTik Firewall : Securing your Router with Port Knocking
mikrotik firewall knocking router


MikroTik Firewall : Securing your Router with Port Knocking
firewall mikrotik knocking



Post a Comment for "Securing Your Network With MikroTik Router Firewall Settings"