A bit more detailed explanation:
- In the default configuration ether1 is part of the WAN interface list and probably it has not taken out from it, just sfp-sfpplus1 was added to it, therefore it was removed from that list.
- Fast Path was enabled on the bridge as it was not enabled.
- Internal path costs were added to the ether interfaces in the bridge.
- sfp-sfpplus1 was removed from the bridge as it is your Internet uplink.
- 32400 port was removed from the input and output chain as you need it only in /ip/firewall/nat section.
- /ip/firewall/nat section’s by changing in-interface=all-ethernet to in-interface-list=WAN .
- IPv4 and IPv6 firewall address lists were fixed.
- Stateless firewall rules (/ip/firewall/raw and /ipv6/firewall/raw ) were added.
- NTP client and server were added.
Statistics: Posted by un9edsda — Tue Jan 09, 2024 1:43 am