CPF (Control Plane Filtering)

CPF policies allow you to configure access to trusted networks and ports. The Control Plane Filter Policies page allows you to create, edit, and delete these policies and then assign the policies to your MikroTik devices.

Create Policy

To create a new policy by clicking on the "+" (plus sign) icon and then enter a name for the Policy.

See the next section, Edit Policy for details on how to edit the new policy.

Click Create Blackhole Policy to save the new Policy.

Edit Policy

To edit an existing policy, Click on its name in the list and you will be taken to the edit page.

Trusted Networks

These networks will be considered safe sources of traffic and will be allowed to access the router for management purposes. Trusted networks will automatically be added to IP services, users, and the CPF address list. Note that standard, standard, private networks will already be set up here by default, such as 192.168.0.0

Custom Input Rules

Enable this option if you want your own input rules to take precedence over the MikroCloud drop rules.

IP Services

This section is used for management access to the router and the preferred port for each service. For MikroCloud's automation to function properly, Winbox, API and SSH must be enabled.

Selected Sites

Use this section to assign this policy to your devices by ticking the corresponding boxes.

Click Update Policy to save your changes.

Was this page helpful?