Community discussions

MikroTik App

Search found 15 matches

by Sans
Sun Apr 22, 2018 4:04 pm
Forum: General
Topic: winbox vulnerable! Unusual login to routers [SOLVED]
Replies: 44
Views: 14566

Re: winbox vulnerable! Unusual login to routers [SOLVED]

If I had time till tomorrow, I'd myself put together the RJ-45 to DB-9 cable. Apparently the light blue Cisco cable is directly compatible if you have one. I think we have Cisco compatible rollover cable hidden away in a cupboard somewhere in the store room; will have to look for it tomorrow. I don...
by Sans
Sun Apr 22, 2018 2:57 pm
Forum: General
Topic: winbox vulnerable! Unusual login to routers [SOLVED]
Replies: 44
Views: 14566

Re: winbox vulnerable! Unusual login to routers [SOLVED]

Thanks sindy; just one more question. Can I access the serial console while the router is in its normal running state? This is a production router and it is not possible for me to turn it off or disconnect it easily. I am sure I have a null modem cable lying around somewhere; haven't had to use one ...
by Sans
Sun Apr 22, 2018 2:24 pm
Forum: General
Topic: winbox vulnerable! Unusual login to routers [SOLVED]
Replies: 44
Views: 14566

Re: winbox vulnerable! Unusual login to routers [SOLVED]

If even MAC access doesn't work, game over unless you have a serial port on board or a USB port to which you could connect an usb to serial converter.
[/quote]

It's a 3011, there is an RJ45 serial console and a USB port. Is it possible to delete one line from firewall through any of these? Thanks
by Sans
Sun Apr 22, 2018 1:26 pm
Forum: General
Topic: winbox vulnerable! Unusual login to routers [SOLVED]
Replies: 44
Views: 14566

Re: winbox vulnerable! Unusual login to routers [SOLVED]

I managed to royally screw up my access to the router while applying new security firewall rules. Now I have no access - IP or MAC. Any recommendation to get my access back and delete the RAW firewall rule I just put in? I can't afford to reset it because of unfinished documentation (my fault). Than...
by Sans
Sun Apr 22, 2018 10:31 am
Forum: General
Topic: winbox vulnerable! Unusual login to routers [SOLVED]
Replies: 44
Views: 14566

Re: winbox vulnerable! Unusual login to routers [SOLVED]

Can someone please advice how to check if the router has save.sh and dnstest files? Where are these files saved? I have been making too many config changes, so unsure something slipped through the cracks. My winbox, ssh, telnet etc are only accessible from LAN IP ranges but I have PPTP server runnin...
by Sans
Wed Mar 14, 2018 1:21 pm
Forum: General
Topic: extremely ugly network bridging
Replies: 14
Views: 1783

Re: extremely ugly network bridging

Just thinking loud here: https://wiki.mikrotik.com/wiki/Manual:M ... ed_example is an option?

Is the stream to internet resulting from a request coming in through gateway A? Can src-address be used for routing?
by Sans
Mon Mar 12, 2018 1:41 pm
Forum: General
Topic: VRRP Help
Replies: 4
Views: 678

Re: VRRP Help


Have I missed something?
Hi Keith,
I don't have much knowledge in these areas but it looks like you want to VRRP internet connectivity but you are doing just the opposite? I think what you need is a public IP x.y.z.4 on the VRRP interface.
by Sans
Sun Mar 11, 2018 2:35 pm
Forum: General
Topic: Routing to another subnet on CCR [SOLVED]
Replies: 13
Views: 2954

Re: Routing to another subnet on CCR [SOLVED]

You are right, I need to add our IP range to the routing network so it gets published across the whole corp network. We are allocated a /16 subnet from a Class A range and all those allocations come from a central source, so there is no conflict. The Class C range I've used here are only applicable ...
by Sans
Sun Mar 11, 2018 1:05 pm
Forum: General
Topic: Routing to another subnet on CCR [SOLVED]
Replies: 13
Views: 2954

Re: Routing to another subnet on CCR [SOLVED]

Thank you sindy; your replies are much appreciated. At the moment I am testing at home with an hAP ac but the real test is when I have to set up the CCR on Tuesday. I don't have control over the WAN side of the network unfortunately and it is making it difficult to integrate the CCR, not to mention ...
by Sans
Sun Mar 11, 2018 12:45 pm
Forum: General
Topic: Routing to another subnet on CCR [SOLVED]
Replies: 13
Views: 2954

Re: Routing to another subnet on CCR [SOLVED]

So you have three options: to switch the modem/router into bridge mode and set up a PPPoE or DHCP client on ether1 in Mikrotik (which may not be possible if the modem/router doesn't support that mode or if your ISP doesn't use PPPoE or DHCP mode and uses e.g. PPPoA). In this case, the IP address fr...
by Sans
Sun Mar 11, 2018 12:32 pm
Forum: General
Topic: Routing to another subnet on CCR [SOLVED]
Replies: 13
Views: 2954

Re: Routing to another subnet on CCR [SOLVED]

Think about how routing is configured at the modem/router. The packets from both your networks (192.168.10.0/24 and 192.168.0.0/24) do reach the modem. But out of the box, a home modem/router only recognizes "LAN" and "the rest" as it has a single default route via its WAN interface. So the respons...
by Sans
Sun Mar 11, 2018 12:15 pm
Forum: General
Topic: Routing to another subnet on CCR [SOLVED]
Replies: 13
Views: 2954

Re: Routing to another subnet on CCR [SOLVED]

Thank you for the guidance: Here is the firewall config output with the srcnat rule. As mentioned I don't want to do srcnat in Mikrotik: [admin@MikroTik] > /ip firewall export hide-sensitive # mar/11/2018 21:11:51 by RouterOS 6.41.2 # software id = QCDR-7KA5 # # model = RouterBOARD 962UiGS-5HacT2HnT...
by Sans
Sun Mar 11, 2018 12:05 pm
Forum: General
Topic: Routing to another subnet on CCR [SOLVED]
Replies: 13
Views: 2954

Re: Routing to another subnet on CCR [SOLVED]

Can you show us the complete ip firewall configuration?
There is nothing under firewall config at the moment. Also a noob question, how do I show you the firewall config? Thanks.
by Sans
Sun Mar 11, 2018 8:52 am
Forum: General
Topic: Routing to another subnet on CCR [SOLVED]
Replies: 13
Views: 2954

Re: Routing to another subnet on CCR [SOLVED]

I just setup a test environment on my spare hAP ac: ether1: IP 192.168.10.250/24 -> goes to gateway modem/router at 192.168.10.11. I want NAT to happen only at the gateway. ether2: IP 192.168.0.1/24 -> connected to my PC which has IP from the 192.168.0.0 range. Routes: 2 dynamically created routes f...
by Sans
Sun Mar 11, 2018 1:59 am
Forum: General
Topic: Routing to another subnet on CCR [SOLVED]
Replies: 13
Views: 2954

Routing to another subnet on CCR [SOLVED]

Hello, I am really stuck with this and need some quick help. I need to route one subnet to another without NAT. Here are the details CCR 1016 ether1 IP 192.168.0.1/24 ether2 IP 192.168.10.1/24 Route 0.0.0.0/0 gw 192.168.0.254 reachable via ether1 Now, I am able to ping 192.168.0.254 as it is but pin...