I recently made some changes to my home network so my miktrotix hex-s (used basically as a switch) is on a different subnet from the PC i normally use to manage it. I can still access the web UI of webfig but can’t get past the login screen - I’m assuming the router doesn’t allow management from computers on a different network. How can I change this, to allow logon from other subnets? I’m not locked out of the router, I’m just looking for a convenient way to manage it.
Hey,
If you have specified “Available From” for Winbox under IP-Services, could have another look there to make sure the subnet is allowed.
Same for your user under System-Users. If these don’t allow you to do that either, it has got to be a firewall rule preventing input from another subnet. Could you paste your firewall rules?
Ensure all smart devices get their IP from the trusted or management subnet.
Ensure the admin has access to the subnet.
Ensure all are on the interface list in
a. neighbours discovery
b. tools mac–server win-mac server
RouterOS allows several ways to allow or disallow access to it. Those include (and not limited to) allowed IPs (for specific users), allowed IPs for all users, and firewalls. Because you are able to get a log on prompt, my guess is that you are limiting the IP of the user ID that you are attempting to log in with. Without seeing your configuration, that’s about as much of a guess as we can make.
Common recommendation if using WinBox to change access restrictions to the router is to use safe mode. That way, if you lock yourself out, it’s easy to restore access.
Thanks all for the helpful suggestions. In the end, I reset the configuration and now I can access everything properly. I’ve set up user access from the subnets I intend to allow acces from, and verified that works and will now rebuild the configuration from scratch. Cheers.