Community discussions

MikroTik App
 
aarmstrong
just joined
Topic Author
Posts: 7
Joined: Mon Sep 26, 2011 10:43 pm

Enable SSH & Winbox & Telnet with 5.x OS

Wed Feb 08, 2012 2:21 am

Hi
I had a script written for 3.x OS that somehow automatically allowed for SSH/Winbox & Telnet from 10.0.0.0\24. However, when I load the script in 5.x OS, it doesn't allow for any of that access except from on the same subnet. This makes it so I have to remote to a mahcine on that subnet, and then run terminal from there.

I set it up like this on one of the firewalls, but its still not allowing me from 10.0.0.13 IP address:

/ip service> set ssh address=10.0.0.0/8
/ip service> set telnet address=10.0.0.0/8
/ip service> set winbox address=10.0.0.0/8

All 3 are enabled.
Please help!
Thanks.
 
scampbell
Trainer
Trainer
Posts: 487
Joined: Thu Jun 22, 2006 5:20 am
Location: Wellington, NZ
Contact:

Re: Enable SSH & Winbox & Telnet with 5.x OS

Wed Feb 08, 2012 2:29 am

Are there any INPUT Firewall rules in place on the router ?
 
aarmstrong
just joined
Topic Author
Posts: 7
Joined: Mon Sep 26, 2011 10:43 pm

Re: Enable SSH & Winbox & Telnet with 5.x OS

Wed Feb 08, 2012 2:44 am

no. There aren't. You need firewall rules for this? Is this new for 5.x? I don't think I have them on my old ones.
 
scampbell
Trainer
Trainer
Posts: 487
Joined: Thu Jun 22, 2006 5:20 am
Location: Wellington, NZ
Contact:

Re: Enable SSH & Winbox & Telnet with 5.x OS

Wed Feb 08, 2012 4:17 am

It is common to have firewall rules on the Input Chain to drop access to the router. If you do not have any Input rules then your packets should be fine.

It might be useful to create a firewall entry on the Input chain with a source ip of 10.0.0.0/8 and action of log to log your access attempts. If they are reaching the router they should show in the log.

/ip firewall filter
add action=log chain=input disabled=no log-prefix="" src-address=10.0.0.0/8

Who is online

Users browsing this forum: araqiel, Josephny and 86 guests