How to block IP Address in MikroTik to Restrict the internet?
Mikrotik provides world-class RouterOS firmware loaded with all the best features. There are many popular MikroTik network devices used by telecom operators worldwide. If you are MikroTik router user and you must use Mikrotik CCR series routers to deploy a large and medium-sized network. In an earlier post, we published an article about login Mikrotik routers using winbox and IP address.
If you are an administrator or network operators you must require to block the user and IP addresses in the network for security reasons. If you looking to block IP address in Mikrotik router to block internet access for specific LAN users without blocking local network sharing. This post gives you user manual to block user in MikroTik router using IP address block option.
If you have any of the MikroTik models from CCR, Mikrotik Base box, Mikrotik RB750 Series and Mikrotik Fiber switch or wireless device belong to Mikrotik will support this user guide. You need to login to MikroTik RouterOS using winbox or web interface to setup a User internet block using IP Address.
Steps to Block User in MikroTik using IP Address
The first steps to access RouterOs settings from Winbox configuration utility.
- Connect the MikroTik router or wireless device to the computer or laptop LAN ports.
- Download Winbox latest version from Downloads
- Default Login IP Address http://192.168.88.1
- Default username: admin and password is blank for default mode.
- Login your MikroTik cloud core router, RB450, MikroTik Sxt lite or any models you are using for the internet.
Check User IP address provided by DHCP server
To prevent internet access for specific LAN or wifi user you must know the IP address assign to the user from the DHCP server.
You can check all the connected computer and mobile device list with Mac address and allotted IP address list.
Go to IP- DHCP Server
Check the Active host option for the computer or mobile name. see mac address and IP address details for a specific user you want to block.
Note the IP address of mobile or computer you want to restrict internet access.
Create Address List for Block IP Address
The next step to create an address list under firewall options to make blacklist to block internet access for those IP addresses.
Go to IP-Firewall option
Go to the Address List tab.
Press Plus (+) button to create a new firewall address list
New- Block Users
Address: 192.168.88.254 (or any IP address you got from lease assign to user you want to block)
Press Apply and OK button to create a list.
You can create multiple IP addresses under the same block user list to restrict multiple users at the same time to access the internet.
Create Firewall Rules to Block Internet Access
Create new Filter rules to Block client internet access, but allow local access for users added to the block list.
Go to the IP-Firewall option from the left side menu.
Filter Rules tab
1: Press Plus (+) button to make new filter rules.
2: New Firewall Rules – Go to Advanced Tab first
Select Src. Address list- Block user (or whatever name you have given to Firewall address list)
3: Go to Action tab
Press Apply and OK button to confirm filter rules.
After creating firewall block rules internet access will block for specific users added to blacklists.
To disable user blacklist just select the rules and press cross (Cross) button to disable temporarily.
This is a simple way to block internet users with IP address blocking for specific LAN and WIFI users in the network.
Making this rules list will not block internal local network sharing and all computers can share data from the network without any problems. This MikroTik router configuration will help you to block unwanted traffic from specific users in the network and prevent any network glitch without disturbing whole networks.
- How to Login Asus router Settings 192.168.1.1
- How to Check Who is connected to My WiFi
- 192.168.1.1 | How to login router
- UBTN Lite Beam M5 Login 192.168.1.20