Categories: MikroTik

Mikrotik security: How to block icmp requests to the WAN IP on your Mikrotik router

One of the security measures recommended for network engineers trying to secure a network is the denial of icmp requests sent to the live IP address on the router. This makes sure that attackers will have no way of determining whether your router is up or not let alone launching a denial of service attack. While many would think this is easy especially on Mikrotik routers, only a few who have done it have succeeded without denying all kinds access to the router via the WAN interface. In this demonstration, I will be sharing with us on how to effectively deny icmp requests sent to the WAN interface of your Mikrotik router while still granting access to authorized IPs via other protocols for remote management of the router.

 

 

 

 

 

 

 

You may also like: How to permit icmp request from the internet to the IP on the WAN interface of your security router

 

Before typing in the needed codes, one needs to know the various factors that are involved in icmp requests to the router. These factors which will be used in the configuration are listed below:

>> Protocol: icmp
>> In interface: interface connecting to the WAN (with live IP)
>> Chain: input
>> Action: drop
Now, to the configuration. Log on to the router via Winbox, click on new terminal, and type in the below code:
chain=input action=drop protocol=icmp in-interface=ether1 icmp-option=8:0-255 log=no log-prefix=””
That is all you need to do to successfully drop all icmp traffics to your Mikrotik router.
Spread the love
Timigate

View Comments

Recent Posts

Optimize your Metro ethernet with Jumbo MTU

Optimizing Metro Ethernet segments with jumbo MTU (Maximum Transmission Unit) can significantly enhance network performance…

10 months ago

Mikrotik switchOS configuration: a step-by-step guide

MikroTik's SwitchOS is an operating system specifically designed for their line of network switches. It…

10 months ago

Improve your network uptime with VRRP right now

A properly configured VRRP setup does not only track device uptime but also tracks connection…

10 months ago

Have you been configuring NAT the right way on Mikrotik?

Network Address Translation (NAT) is a technique used in networking to map private IP addresses…

11 months ago

Implementing VXLAN over MPLS with Mikrotik

In the ever-evolving landscape of networking technologies, the demand for efficient and scalable solutions has…

11 months ago

Multi-Area OSPF implementation on Mikrotik routers

Setting up Multi-Area OSPF (Open Shortest Path First) on Mikrotik routers involves a few steps.…

11 months ago