I’m a complete newbie at RouterOS running a RB4011IGS_RM and as a simply hobbyist I like to learn by breaking things, so apologies for lacking some fundamentals… (Although I have broken something and am hoping to learn!)
I was attempting to follow the thread here to try out wireguard as a VPN: http://forum.mikrotik.com/t/mikrotik-wireguard-server-with-road-warrior-clients/148392/1 and I believe I have made a mistake in the below line;
/ip address add address=192.168.66.1/24 interface=wireguard1 network=192.168.66.0
As when I made the changes to my version of this line and set it up as below, I think I’ve managed to assign two addresses (or interfaces?) over the top of each other. immediately after doing this, I am no longer able to hit my Webfig or Winbox through 192.168.88.1. (I guess I’ve double allocated 192.168.88.1 to the another device?)
ip address add address=192.168.88.232/24 interface=wireguard1 network=192.168.88.0
Honestly, not sure why I didn’t set up a subnet for wireguard clients - I guess because I didn’t understand that wireguard was a purely 1:1 relation client:peer and wasn’t strictly smart enough to allocate to unused IPs (and honestly, I’m just trying stuff to see what does and doesn’t work).
Right now, I’m trying to rollback what I’ve done to gain access back to WinBox and Webfig - but without being able to get into WinBox or WebFig in the first place, I’m a bit stuck.
- CMD → ipconfig /all still lists 192.168.88.1 as my gateway and using arp -a I’ve pulled its physical address.
- I don’t think I can use the WinBox MAC Telnet (https://wiki.mikrotik.com/wiki/Manual:Winbox) as I don’t have a neighboring device (and I am pretty sure I closed Telnet (https://wiki.mikrotik.com/wiki/Manual:Securing_Your_Router, although I can’t strictly remember).
- I think I have the correct router MAC address and I’ve tried just straight WinBox connecting with that in the “Connect To:” field (no real luck with : or - delimiters) - just times out, anyone have any pointers?
- I have an externally facing DDNS’d Webfig page that I can connect to from my main machine (its exclusively whitelisted - I figure the whole thing is bad practice, but I wasn’t sure how else to remotely access webfig - other than a VPN, which is what I’m trying to set up now) that brings me to my login page - but after putting in details, it just times out.
I’m looking for ideas as to how else I might be able to get back into the router to undo what I did (without physically going and hard resetting the device) as I’m away sat in a hotel this week (conected to my home network through Teamviewer) - hence the burning desire to try to set up a VPN properly!
I’m currently spinning up a VM to try run this https://github.com/haakonnessjoen/MAC-Telnet to close out my MAC Telnet question, but once I’ve tried that (and I think its likely to fail) I’m fresh out of ideas.
For the future, I’m doing some reading on RoMON as I think that might help me if I ever do this again… (Per this thread; http://forum.mikrotik.com/t/winbox-connect-to-mac/107863/1 and this article; https://wiki.mikrotik.com/wiki/Manual:Tools/RoMON and this one https://rickfreyconsulting.com/romon-possibly-the-most-valuable-tool-in-your-network/).
Anyone have any ideas of things I can try? Or is the prognosis that I need to cancel tinkering until I get home to factory reset?