i foolishly added a filter rule to my bridge and that is preventing access to RouterOS.
What i did. Quick Config PtP CPE. After running for a while, i added two forward rules for pppoe-session, pppoe-discovery to
the bridge filter. Everything fine so far… Then i follishly added a drop everything input rule to the filter.
So now i am able to do a PPPoE Session via the Link but have no further access to the device.
Because the ethernet and wlan are bridged and the device has only these interfaces,
everything will be dropped (except PPPoE). No matter which way i am trying to access the device.
Is there a way to reset the Routerboard without climbing to the Antenna? Some way (tftp, …, …) to stop the booting process
and pushing a clean firmware or config to the device.
Use mac telnet as stated above. You’ll need to be in the same layer2 domain and it’s probably not activated on the WAN interface.
ALWAYS use safe mode when doing anything remotely. You can turn it on, do a few commands and ensure they work, then turn it off. Or leave it on the whole time but you risk a large rollback if your last of many commands is bad.
Locking yourself out of a device is something all network people do at least once. Learn from it.
This also teaches you to set the routerboard boot mode to “try ethernet once then nand” instead of the default “nand if fail then ethernet”
when your tower-mounted device is on a reasonably safe local network. At least you can powercycle it and netinstall without pushing the button.
(of course there is the risk that someone else sets up a system with netinstall and hijacks your device when it reboots, but you
can judge yourself what is the chance of that happening on your local network)
