Page 1 of 1

WinBox Download

Posted: Wed Feb 01, 2006 7:29 pm
by GotNet
We block port 80 from our MikroTik box to prevent access to the default web page. Has anyone found a way to grab a WinBox download or update without HTTP? I see some workarounds like placing winbox.exe in the files area or using a different port but maybe there is a more practical method.

On a related note, we ran with a two year old version of winbox until several months ago. Guess I thought "downloading plugins" after a router upgrade also updated winbox.

Mike

Posted: Thu Feb 02, 2006 11:22 am
by cmit
I suppose you mean that you block port 80 access TO your MikroTik, right?

Why not create some way for ONLY YOU to use it? So if you come from a fixed ip address, create some firewall rule to allow access from there. Or create an administrative VPN tunnel to your MikroTik (IPsec, PPTP)...

I don't think there's another (automatic) way to get the DLL files for the WinBox from your router. Apart perhaps from connecting to some system with the same software version once, and then copy over the DLLs from this system to the other one you use.
But that's a rather ugly hack, as with every update you will manually have to re-do this... :(

Best regards,
Christian Meis

Posted: Thu Feb 02, 2006 2:00 pm
by savage
Cmit is right on the spot here. If multiple hosts should be allowed to access the MT via WebBox, use a access list. Winbox requires both port 80 and some other arb port, both are *required*.

The easiest way here, would be to block 80/tcp, but allow it for only certain hosts that are required to make the connection. We normally just block 80 on our external interfaces, and allow it on our internal ones (not 100% secure, but it gets the job done).

Posted: Thu Feb 02, 2006 4:17 pm
by normis
winbox doesn't need port 80 in 2.9

Posted: Thu Feb 02, 2006 5:19 pm
by cibernet
winbox doesn't need port 80 in 2.9
That´s right winbox use port 8291 for secure access...

What version of MT do you have installed?

Posted: Thu Feb 02, 2006 7:43 pm
by savage
2.9 for me. Sorry yes, I was mistaken, must have thought of the 2.8 days :D

Tested, and 80/tcp is definately not required. My appologies :)

Posted: Thu Feb 02, 2006 8:00 pm
by GotNet
winbox doesn't need port 80 in 2.9
That´s right winbox use port 8291 for secure access...

What version of MT do you have installed?
We are on 2.9.x. While we are aware that port 80 is not required (and thanks MT for that feature!) to run, it is to download the exe.

And yes, Cmit, "to" MT.

Posted: Mon Feb 06, 2006 3:16 am
by gustkiller
just use another port for the http server
like 6980 or somehing..

Posted: Mon Feb 06, 2006 4:19 am
by cibernet
just use another port for the http server
like 6980 or somehing..
Winbox doesn´t need to use the http server to log in on MT 2.9.X.

Regards

Posted: Mon Feb 06, 2006 6:55 pm
by GotNet
just use another port for the http server
like 6980 or somehing..
Winbox doesn´t need to use the http server to log in on MT 2.9.X.

Regards
HTTP is required to download winbox.
I think the alternate port is the best clean solution. As far as upgrading winbox, a tool that would grab the latest from the router during execution would be cool...

Mike

Posted: Wed Feb 08, 2006 3:29 pm
by cibernet
just use another port for the http server
like 6980 or somehing..
Winbox doesn´t need to use the http server to log in on MT 2.9.X.

Regards
HTTP is required to download winbox.
I think the alternate port is the best clean solution. As far as upgrading winbox, a tool that would grab the latest from the router during execution would be cool...

Mike
What's new in v2.9beta1:
*) winbox now uses only "one" TCP port to get plug-ins and send data....

You can always download winbox from http://demo.mt.lv

Regards

Posted: Mon Mar 13, 2006 8:24 pm
by GotNet
just use another port for the http server
like 6980 or somehing..
Winbox doesn´t need to use the http server to log in on MT 2.9.X.

Regards
HTTP is required to download winbox.
I think the alternate port is the best clean solution. As far as upgrading winbox, a tool that would grab the latest from the router during execution would be cool...

Mike
What's new in v2.9beta1:
*) winbox now uses only "one" TCP port to get plug-ins and send data....

You can always download winbox from http://demo.mt.lv

Regards
Well poo. That link stopped working.
How do we know when we need a new version of winbox anyway? There is no changelog and the mt versions don't match.

Posted: Tue Mar 14, 2006 8:34 am
by normis
well there is always http://demo2.mt.lv :)

Posted: Thu Mar 16, 2006 2:52 am
by GotNet
Thanks, I found it with Google. Tried the MT search and got references to versions 2.7, 2.6. and 2.3.

Grrr.