Mikrotik

198 readers

6 users here now

A community-contributed sublemmy for all things Mikrotik. General ISP and network discussion also permitted. Please ensure if you're asking a question you have checked the Wiki First: https://help.mikrotik.com

Mikrotik Rules: Don't post content that is incorrect or potentially harmful to a router/network.

This in itself is not a bannable offence but answers that are verifiably incorrect or will cause issues for other users will be edited or removed.

Examples: Factual errors - "EOIP is always unsecure" Configuration problems - Config that would disable all physical interfaces on a router Trolling - "Downgrade it to 5.26"

founded 1 year ago

MODERATORS

rayman30@lemmy.world

Securing my network even more (lemmy.world)

submitted 9 months ago by Nogami@lemmy.world to c/mikrotik@lemmy.world

4 comments fedilink hide all child comments

My home network is firewalled and reasonably secure (all permanent devices and IOT devices have MAC addresses tracked and registered) but I’d like to improve it even more:

Home devices (servers, printers, laptops, etc) with registered MAC addresses which can’t be accessed from my registered IOT devices or from unregistered guest devices.
QOS rules for all guest devices.

Using a HEX to run the network with unifi AP hardware.

you are viewing a single comment's thread
view the rest of the comments

[–] Nogami@lemmy.world 1 points 8 months ago

It’s just my home network so only people who have the wifi password are getting on. This is more a learning project than rock-solid production security.

Ideally I’d like to keep IOT things on a separate VLAN so if one has an exploit it doesn’t have access to my regular home lan with servers and printers and such.

And I’d like to QOS the devices from family who visit over the holidays so they don’t crush my network with downloading and such.