WinBox Download
RouterOS general discussion

14 posts   •   Page 1 of 1
GotNet
Member
Member
 
Posts: 436
Joined: Fri May 28, 2004 7:52 pm
Location: Florida

WinBox Download

by GotNet » Wed Feb 01, 2006 8:29 pm

We block port 80 from our MikroTik box to prevent access to the default web page. Has anyone found a way to grab a WinBox download or update without HTTP? I see some workarounds like placing winbox.exe in the files area or using a different port but maybe there is a more practical method.

On a related note, we ran with a two year old version of winbox until several months ago. Guess I thought "downloading plugins" after a router upgrade also updated winbox.

Mike

User avatar
cmit
Forum Guru
Forum Guru
 
Posts: 1551
Joined: Fri May 28, 2004 12:49 pm
Location: Germany

by cmit » Thu Feb 02, 2006 12:22 pm

I suppose you mean that you block port 80 access TO your MikroTik, right?

Why not create some way for ONLY YOU to use it? So if you come from a fixed ip address, create some firewall rule to allow access from there. Or create an administrative VPN tunnel to your MikroTik (IPsec, PPTP)...

I don't think there's another (automatic) way to get the DLL files for the WinBox from your router. Apart perhaps from connecting to some system with the same software version once, and then copy over the DLLs from this system to the other one you use.
But that's a rather ugly hack, as with every update you will manually have to re-do this... :(

Best regards,
Christian Meis

User avatar
savage
Forum Veteran
Forum Veteran
 
Posts: 872
Joined: Mon Oct 18, 2004 12:07 am
Location: Cape Town, South Africa

by savage » Thu Feb 02, 2006 3:00 pm

Cmit is right on the spot here. If multiple hosts should be allowed to access the MT via WebBox, use a access list. Winbox requires both port 80 and some other arb port, both are *required*.

The easiest way here, would be to block 80/tcp, but allow it for only certain hosts that are required to make the connection. We normally just block 80 on our external interfaces, and allow it on our internal ones (not 100% secure, but it gets the job done).
Regards,
Chris

User avatar
normis
MikroTik Support
MikroTik Support
 
Posts: 19347
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

by normis » Thu Feb 02, 2006 5:17 pm

winbox doesn't need port 80 in 2.9

User avatar
cibernet
Long time Member
Long time Member
 
Posts: 609
Joined: Fri Jan 28, 2005 8:22 pm
Location: Salta, Republica Argentina

by cibernet » Thu Feb 02, 2006 6:19 pm

normis wrote:winbox doesn't need port 80 in 2.9


That´s right winbox use port 8291 for secure access...

What version of MT do you have installed?
José Ignacio Acosta
MikroTik Consultant IDAR0001
Mikronet

Movile: +54 9 03877-451218
Email/Msn: info[at]mikronet.com.ar
Website: http://www.mikronet.com.ar

User avatar
savage
Forum Veteran
Forum Veteran
 
Posts: 872
Joined: Mon Oct 18, 2004 12:07 am
Location: Cape Town, South Africa

by savage » Thu Feb 02, 2006 8:43 pm

2.9 for me. Sorry yes, I was mistaken, must have thought of the 2.8 days :D

Tested, and 80/tcp is definately not required. My appologies :)
Regards,
Chris

GotNet
Member
Member
 
Posts: 436
Joined: Fri May 28, 2004 7:52 pm
Location: Florida

by GotNet » Thu Feb 02, 2006 9:00 pm

cibernet wrote:
normis wrote:winbox doesn't need port 80 in 2.9


That´s right winbox use port 8291 for secure access...

What version of MT do you have installed?


We are on 2.9.x. While we are aware that port 80 is not required (and thanks MT for that feature!) to run, it is to download the exe.

And yes, Cmit, "to" MT.

User avatar
gustkiller
Member
Member
 
Posts: 413
Joined: Sat Jan 07, 2006 6:15 am
Location: Brazil

by gustkiller » Mon Feb 06, 2006 4:16 am

just use another port for the http server
like 6980 or somehing..

User avatar
cibernet
Long time Member
Long time Member
 
Posts: 609
Joined: Fri Jan 28, 2005 8:22 pm
Location: Salta, Republica Argentina

by cibernet » Mon Feb 06, 2006 5:19 am

gustkiller wrote:just use another port for the http server
like 6980 or somehing..


Winbox doesn´t need to use the http server to log in on MT 2.9.X.

Regards
José Ignacio Acosta
MikroTik Consultant IDAR0001
Mikronet

Movile: +54 9 03877-451218
Email/Msn: info[at]mikronet.com.ar
Website: http://www.mikronet.com.ar

GotNet
Member
Member
 
Posts: 436
Joined: Fri May 28, 2004 7:52 pm
Location: Florida

by GotNet » Mon Feb 06, 2006 7:55 pm

cibernet wrote:
gustkiller wrote:just use another port for the http server
like 6980 or somehing..


Winbox doesn´t need to use the http server to log in on MT 2.9.X.

Regards


HTTP is required to download winbox.
I think the alternate port is the best clean solution. As far as upgrading winbox, a tool that would grab the latest from the router during execution would be cool...

Mike

User avatar
cibernet
Long time Member
Long time Member
 
Posts: 609
Joined: Fri Jan 28, 2005 8:22 pm
Location: Salta, Republica Argentina

by cibernet » Wed Feb 08, 2006 4:29 pm

GotNet wrote:
cibernet wrote:
gustkiller wrote:just use another port for the http server
like 6980 or somehing..


Winbox doesn´t need to use the http server to log in on MT 2.9.X.

Regards


HTTP is required to download winbox.
I think the alternate port is the best clean solution. As far as upgrading winbox, a tool that would grab the latest from the router during execution would be cool...

Mike


What's new in v2.9beta1:
*) winbox now uses only "one" TCP port to get plug-ins and send data....

You can always download winbox from http://demo.mt.lv

Regards
José Ignacio Acosta
MikroTik Consultant IDAR0001
Mikronet

Movile: +54 9 03877-451218
Email/Msn: info[at]mikronet.com.ar
Website: http://www.mikronet.com.ar

GotNet
Member
Member
 
Posts: 436
Joined: Fri May 28, 2004 7:52 pm
Location: Florida

by GotNet » Mon Mar 13, 2006 9:24 pm

cibernet wrote:
GotNet wrote:
cibernet wrote:
gustkiller wrote:just use another port for the http server
like 6980 or somehing..


Winbox doesn´t need to use the http server to log in on MT 2.9.X.

Regards


HTTP is required to download winbox.
I think the alternate port is the best clean solution. As far as upgrading winbox, a tool that would grab the latest from the router during execution would be cool...

Mike


What's new in v2.9beta1:
*) winbox now uses only "one" TCP port to get plug-ins and send data....

You can always download winbox from http://demo.mt.lv

Regards


Well poo. That link stopped working.
How do we know when we need a new version of winbox anyway? There is no changelog and the mt versions don't match.

User avatar
normis
MikroTik Support
MikroTik Support
 
Posts: 19347
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

by normis » Tue Mar 14, 2006 9:34 am

well there is always http://demo2.mt.lv :)

GotNet
Member
Member
 
Posts: 436
Joined: Fri May 28, 2004 7:52 pm
Location: Florida

by GotNet » Thu Mar 16, 2006 3:52 am

Thanks, I found it with Google. Tried the MT search and got references to versions 2.7, 2.6. and 2.3.

Grrr.

14 posts   •   Page 1 of 1

Who is online

Users browsing this forum: evince, Google [Bot], Google Feedfetcher, krisjanis, Yahoo [Bot] and 42 guests

It is currently Mon Dec 22, 2014 6:35 pm