admin password

uninet · August 31, 2005, 3:19pm

Have a routerboard 512 configured and working fine.
The problem is that some one has changed the admin password by mystake and cannot remember which is the new one.

How can I get inside the router or somehow reset the password ???
(preferably without having to reconfigure every thing)

It is operating perfect but as soon as I need to change something there (and I was planning to change soon some IP addresses and routes) I am lost.

uldis · August 31, 2005, 3:21pm

no, the only way is to reinstall the router - the configuration will be lost.

gamma_mishra · February 3, 2006, 8:25am

sir if some one give the password and next time forget it , what is the procedure to recovery it
if we refresh it by the refresh buttom solve our problem.

normis · February 3, 2006, 8:25am

reinstall is the only way to recover the password

djape · February 5, 2006, 12:33am

how about secret keyboard keys to reset password?

We had problems with hacking are boxes and intruder changed passwords. We were forced to install boxes again

Can you implement this so upon installation I should be asked for my secret button (something like ctrl+alt and any key I want) to reset password.

This way it will save us from trouble installing boxes again.

I can bet there are more people out there that were hacked, but they wont tell anybody…

changeip · February 5, 2006, 4:24am

Create yourself a backdoor user account. Use passwords that are hard to guess but you will remember. Even microsoft doesn’t let you (easily) recover your lost password. There is no reason everyone accessing the router needs to use ‘admin’ user.

cibernet · February 5, 2006, 4:29am

But if the hacker can acces the router i will for sure delete or change your backdoor account…

Regards

changeip · February 5, 2006, 6:07pm

Correct… so you should change the allowed access to the router in the first place. You do not need ssh, telnet, www open to the internet - change the ports, require vpn tunnel in, setup port knocking (i like this one), lock down the source ip ranges, etc. There are no vulnerabilities in routeros that we know of, therefore its up to the admin to make sure you take the human vulnerabilities out of the equation.

Port knocking is a good method to locking out intruders. Set a rule that adds your source IP to an address-list if you send a ICMP ping thats a specific size. Then only allow ssh or other if you exist in that address-list. You can even get really tricky by forcing double port knock so that you must open one port and then the other within a short time frame and then you have opened access. For example:

open tcp to port 1234 - add to address-list for 1 min ttl.
open tcp to port 4321 - add to address-list for 4 hours ttl if exists in first list.
allow tcp to port 22 based on source ip from second address-list entries.

Just an example - there are many ways to lock things down. Forcing a vpn tunnel to manage router is always a good option as well.

Sam

surfnet · September 28, 2006, 11:58pm

how do you re-install on a RB112

Eugene · September 29, 2006, 11:24am

By using Netinstall

surfnet · September 29, 2006, 11:34pm

I am having touble with netinstall
I have a RB112 and I have it plugged into the serial cable and I set the boot options to bootp

now when it boots it looks for the boot server

I then plug an ethernet cable from the computer to the RB112

I open the netinstall utility and click on the net booting button. There I check the Boot Server enable checkbox and add and IP of

192.168.250.20

The IP on my computer is 192.168.250.21/24

I then watch the RB112 reboot from the terminal window, and it sits on

RouterBoot Booter 1.13
trying Bootp protocol…

and then after a while the RB112 reboots and starts over.. what am I doing wrong?

surfnet · October 4, 2006, 11:48pm

So I have now tried 3 different computers.. can anyone help me figure this out?

GotNet · October 5, 2006, 2:25am

Try with a direct cable, if you already haven’t. I had to wipe my test beta 3 112 today and go back to 2.9.31. Disable other interfaces on the netinstall PC and set a static IP. This method doesn’t favor switches.

I’ve still yet to figure out what the netinstall version means. Does it need to match the package? Maybe like WinBox versions. Keeps us guessing.

It does work.. I use it after the “format nand” to clean up the bad blocks.

Mike

surfnet · October 5, 2006, 3:15am

The 3 computer I tried were all connected directly togther, using different cables for each computer. 2 were laptops with only 1 ethernet port and the desktop also only has 1 ethernet interface.

Is there some other thing that I have to do besides enable boot loader and give it an IP in netinstall?

dunga · May 28, 2009, 8:41am

I am having the same problem. I forgot the password to log into my routerboard, which i used for point to point connection. I can access the client side but cannot log into the base.

what is the possible solution cus i dont want to bring down the radio as it is hanged on the mast.

Your help is appreciated.

MahyarFF · June 6, 2009, 2:24pm

Same here,
I also formatted the NAND, but the problem existed before formatting.
Here is the procedure:
I connected my RB450 with direct cable in 3 states:

to a 16 port Switch, which my computer connected too
to ADSL router with 4 LAN ports, which my computer connected too
straight to my computer
Then I tried to connect with both “bootp” and “dhcp” protocols.
in all states,and I got:

RouterBOOT booter 2.15

RouterBoard 450

Authorization: Passed
CPU frequency: 300 MHz
  Memory size:  32 MB

Press any key within 3 seconds to enter setup...
trying bootp protocol...........................................................
.................

or

RouterBOOT booter 2.15

RouterBoard 450

Authorization: Passed
CPU frequency: 300 MHz
  Memory size:  32 MB

Press any key within 3 seconds to enter setup...
trying dhcp protocol............................................................
.......................

BUT, in first case that I had connected the router to the 16-port switch, which my computer and other devices connected too,
when I tried to connect to routerboard through hyperterminal with dhcp protocol I got :

RouterBOOT booter 2.15

RouterBoard 450

Authorization: Passed
CPU frequency: 300 MHz
  Memory size:  32 MB

Press any key within 3 seconds to enter setup...
trying dhcp protocol............ OK
resolved mac address 00:1B:11:**:**:**
Gateway: 192.168.1.1
********************************************************************************
****************************************************************

which is different state!

What’s the solution???!

roc-noc.com · June 6, 2009, 9:48pm

Forget about dhcp, you need to boot from ethernet i.e. use bootp. Use a direct ethernet connection from your laptop. Make sure you have hardcoded a static IP on your laptop in the same network block as the IP you are choosing for the RouterBoard. Run netinstall and select the “net booting” button.

If your routerboard is not seeing the bootp server then download and try a different version of netinstall. It is possible you have a bad version.

It does work.

Tom

MahyarFF · June 8, 2009, 3:54pm

Thanks,

How can I download other versions of netinstall?

Eskimo · June 9, 2009, 4:34pm

Versions other than than 3.24?
http://www.mikrotik.com/download.html

MahyarFF · June 10, 2009, 8:02am

Certainly!
As roc-noc.com told, it may be the version of netinstall used
for now, I used both v3.24 and v4.0beta3 with no luck.
So I need to check other version like v2.9 and …

Regards