Just pinning this here for a direct link to the MikroTik firewall docs :D help.mikrotik.com/docs/display/ROS/Firewall+and+Quality+of+Service

Thanks for producing all these videos, you make learning about mikrotik easier and more fun !

Man, Gothic 1 and 2 were such awesome games. I still replay them every few years and besides a bit of jank they hold up really well still. Great video!

How very timely that I saw your month old VLAN video only 3 days after this one. Great content, definitely earned a subscriber. I weighed up the choice between Mikrotik and Ubiquiti a year ago and settled with Mikrotik for routing, with Ubiquiti's WiFi APs, as I do really like the look of Mikrotik's product suite, the level of control that you have as well as the longevity of their products what with them all running RouterOS/SwitchOS. With that said, it comes with a steep learning curve and I've forgotten the majority of my networking education from a decade ago since I chose software engineering as my occupation. It's always great to have content creators like yourself that give a succinct view over the ways of working with this hardware.

Thanks, Great video.I was expecting blocking using bridge decisions in "vlan tab" admit only ingress vlan - i dont know if this way work too - ... This way showed is more easy to understand.

Great tutorial, you helped me set up a secure home network :)

I learn a lot from your tutorials keep on uploading :) Thank you

Thankyou for i get knowledge about types of vpn.❤

Couldn't make it work, only with RAW rules could work..i even enabled firewall on bridge settings but still...but great job man, i learned a lot from you Thank you!!

You rock! thanks a lot for sharing your knowledge! Regards

Thanks so much for this. I've seen some questions here that echo my first thought - how does this relate to bridge filtering? I'm just imagining that (VLAN filtering) is a *first* option and the method you show here is for some higher-order concern or secondary option if VLAN filtering is not implemented for some reason. This video is a great "how" but it would be nice to see some companion that details the "why" questions - choosing one method or the other (and of course how both may be used together) ;)

maybe useful examples for MACVLAN next, maybe? 🤔🤔

How about setting firewall rules using In Interface / Out Interface and specifying VLAN interfaces for that?

Nice video, but could you please make one explaining using HW VLAN switching using ACL rules?

Thank you

Thanks for the video! It was infomative at least for me. I am wondering though if it would be possible to do the same on a Bridge level with Bridge Filters!!!

oh another thought ... split firewall rulesets into chains according to your vlan setup. so a chain for each VLAN. what do you think about that approach? i have remodeled it that way at home and it even gave me a little performance bump up

Hello ! For the same purposes ( to deny access between vlans) I use routing rules. Very interesting, which method is more difficult for the processor?

Can you repeat this as a followup to see the effects under high loads?

thank you

Newbie Question: I would think that with your new rule to block traffic between local-networks you would also block traffic within the same local-network or sub-net, so you couldn't reach a printer or file-server within the same subnet? Or is there a reason or rule why this wouldn't happen?

make a paid connection to mikrotik, it would be interesting

Quick question ❓ on how to not show ISP company that you are using when doing speed test from any speed test website

Hi! I have a question. I made a bridge interface (Eth2, Eth3) wich contains 'x' number of VLANS and add a VRRP to that Bridge also. The bridge Interface have the same IP that the VRRP. My question is if it is the right way to do it, because it works but i never saw anyone do it in that way

How do i add isp billing to mikrotik for hotspot

Can you please explain fast track concept?

Is it possible to take e-waste from recycling places for free? (South Africa)

Do you have a second channel or social media? Wanted to know how your relocation is going.

Is the discord server still available? if so, can you please provide the invite URL

Could you mention your email i want to send a network architecture i designed using mikrotik for your review and input.