🔌 Guía del router
Mikrotik OS

Cómo configurar multiperfil en Mikrotik

0min

Through the creation of firewall rules, multiple browsing profiles (multiprofiles) can be used on the same network. In this way, two or more machines connected to the same network will be able to use different filtering rules and we could more easily split data traffic. For additional information on multiprofile click here. IMPORTANT: This guide is only usable in workgroup environments, that is, without Active Directory servers. PLEASE NOTE: The following commands allow you to create rules to manage five browsing profiles. However, it is not mandatory to use all profiles; depending on your needs, it will be sufficient to delete superfluous parts of code.

»Then edit the following fields, before running the commands on the mikrotik terminal: <List_IP1>: list of IP addresses that will be assigned to profile "Profile1". <List_IP2>: list of IP addresses that will be assigned to profile "Profile2" (if any). <List_IP3>: list of IP addresses that will be assigned to profile "Profile3" (if any). <List_IP4>: list of IP addresses that will be assigned to the "Profile4" profile (if any). PLEASE NOTE: You can enter a single IP or a range of IPs using the "-" symbol, between the first and last IP in the range (e.g. 192.168.1.2-192.168.1.100). <Profile1>: name assigned to the first profile. <Profile2>: name assigned to the second profile (if any). <Profile3>: name assigned to the third profile (if any). <Profile4>: name assigned to the fourth profile (if any). <Perfil1>: nombre asignado al primer perfil. <Perfil2>: nombre asignado al segundo perfil (si existe) <Perfil3>: nombre asignado al tercer perfil (si existe) <Perfil4>: nombre asignado al cuarto perfil (si existe) /ip firewall address-list add address= <List_IP1> list=<Profile1> add address= <List_IP2> list=<Profile2> add address= <List_IP3> list=<Profile3> add address= <List_IP4> list=<Profile4> /ip firewall nat

<Profile1> add action=dst-nat chain=dstnat comment=<Profile1dst-port=53 protocol=udp     src-address-list=<Profile1to-addresses=185.236.104.114 to-ports=53 add action=dst-nat chain=dstnat comment=<Profile1dst-port=53 protocol=tcp     src-address-list=<Profile1to-addresses=185.236.104.114 to-ports=53 # <Profile2> add action=dst-nat chain=dstnat comment=<Profile2dst-port=53 protocol=udp     src-address-list=<Profile2to-addresses=185.236.104.124 to-ports=53 add action=dst-nat chain=dstnat comment=<Profile2dst-port=53 protocol=tcp     src-address-list=<Profile2to-addresses=185.236.104.124 to-ports=53 # <Profile3> add action=dst-nat chain=dstnat comment=<Profile3dst-port=53 protocol=udp     src-address-list=<Profile3to-addresses=185.236.104.134 to-ports=53 add action=dst-nat chain=dstnat comment=<Profile3dst-port=53 protocol=tcp     src-address-list=<Profile3to-addresses=185.236.104.134 to-ports=53 # <Profile4> add action=dst-nat chain=dstnat comment=<Profile4dst-port=53 protocol=udp     src-address-list=<Profile4to-addresses=185.236.104.144 to-ports=53 add action=dst-nat chain=dstnat comment=<Profile4dst-port=53 protocol=tcp     src-address-list=<Profile4to-addresses=185.236.104.144 to-ports=53      # Profilo Default add action=dst-nat chain=dstnat comment=Default dst-port=53 protocol=udp     to-addresses=185.236.104.104 to-ports=53 add action=dst-nat chain=dstnat comment=Default dst-port=53 protocol=tcp     to-addresses=185.236.104.104 to-ports=53

IMPORTANT: The default profile should always have lower priority than the other rules.