Hello everyone,
I am completely new to RouterOS and I have a NO-IP hostname that I would like to use to connect remotely to my MikroTIk router using winbox.
How can I do that?
Any help would be greatly appreciated.
Thank you!
Hello,
Did you try using the DDNS option IP/Cloud It will do the same job.
Two things.
1a. your router already has a free dyndns name under IP cloud.
1b. you could probably point your current dyndns name to that IP cloud via CNAME protocol if NO-IP provides it??
- IN ANY CASE, external access to the router (input chain), via WINBOX is an unsafe, HORRIBLE idea, unless you use VPN.
In other words, if you dont want to get hacked, and want to follow recommended and good security practices, then use VPN to access winbox externally.
There are a number of options from worst to best (opinion)
a. port knocking
b. RemoteWinbox Service (I use as a backup) this is free for a single user (non commercial) and is good for home but not quite the standard required for business.
c. ssh (with keys via putty for ex.) - https://www.youtube.com/watch?v=9rMvRe3KoZA
d. Wireguard VPN, (my primary method via another PC or my smartphone) easy for the home owner and secure and now available on ROS7.
e. IKE2 VPN, more complex but if your on ROS6, this will do it.
Another option if managing multiple devices and they are all ARM devices is the included zerotier (also need ROS7)
All you need is Quickset
There is a VPN checkbox. It enables DNS name via MikroTIk cloud + enables IPsec/L2TP server for secure access.
Good point Normis! Prosit, Kippis and of course my fav SKOL!!
But to the OP!
Caution, use of quickset should be minimal (once), dont try and set any settings from quickset its best for “what the mode I am going to use this device in” and then never go back. 
Caution, the setup of the VPN means the router may be setup but you still have to program the remote device to connect to your setup,if you follow my drift (aka 1/2 the equation).
Caution, Normis thinks like a pro, I think like an IT half-wit …
Also, since you dont understand IPSEC VPN at the moment, the router is doing it for you via quickset… not ideal in the long term!!
I strongly suggest moving to Wireguard VPN which is easy to configure and you will be able to understand the programming (if I can any idiota can - but dont tell sob), and thus you will be able to make changes when and if necessary (normally once you figure out how to do something one wants to expand on such capabilities). Hint its real simple to setup on the iphone …
Until you are comfortable with Wireguard and VPN, you can always use RemoteWinbox as an SSTP stupid simple vpn access until wireguard is solved. As I said I use and can certainly help you through setting up both if necessary. What is really nice about Remotewinbox is that its a good stepping stone to start to learn some basic steps with the router!!
Do you mean SSH + SOCKS (e.g. ssh -D) or SSH + port forwarding (e.g. ssh -L)? If so, then I agree: those are good options for solving the OP’s problem.
SSH has nothing to do with PPTP. You could run SSH over PPTP, but why would anyone still be using PPTP in 2021? It’s horribly broken, by design.
You would be surprised how often it is still being used even in critical environments…
Partly because it is way too easy to setup and the they forget to change to something more secure.
About ddns
All in favor for the included Tik Cloud but once it goes down, it’s a single point of failure.
How to get around that ?
Which part goes down?
I don’t think the servers like DDNS go down, it is a critical infrastructure so it must be run in the Cloud with several nodes.
let’s say it’s a single point of failure. Then again if the environment is critical, shouldn’t they use the Static IP with load balance in the first place?
They just did yesterday. 
Some MikroTik’s servers were down, and while I didn’t check DDNS myself, some others say that it was dead too: http://forum.mikrotik.com/t/meta-forums-mikrotik-com-outage/154250/1
That was the reason of the point I was making.
Didn’t have any consequences as a result of it (slow Sunday, noticed wireguard did not work when testing because I use Cloud DDNS for that but I didn’t make the connection to the servers being down until this morning when all was up again) but I can imagine for some it might have been a bit stressful.
And it was the 2nd time this year ddns was down, if I am not mistaking ?
How to get around that one apart from having a second DDNS in parallel and then a bunch of scripts to change everything where needed ?
Interesting I use DDNS myself, But not at the same time as the Mikrotik power outage.
If they were in the same Datacenter sure I can see why. Maybe they are using the stand-alone server.
This thread is giving suggested solutions for a new setup, over the Internet. We shouldn’t be recommending PPTP, L2TP without an encrypted tunnel, or other insecure protocols. RouterOS has too many solid alternative choices to even consider these other options.
As a wise Sindy always tells me one should always have a backup plan.
Hence why I use Wireguard primary, Remotewinbox secondary, but now I have to check to ensure both dont use the same dydns name as such would be a rather
ineffective setup.
Edit duplicate… and by the way, since when did hooved animals have feathers ??
Aha !
Some feathers are being ruffled ?
Fully agree. 200% even !
And yet … it was a mere response to the remark why anyone would still use it, yes, in 2021.
Ideally it is plainly REMOVED from ROS. But I can guarantee you all hell will break loose when that happens … you don’t have to believe me.
Pegasus.
Way too easy …
But we’re getting waaaay off topic here.
VPN - DDNS - access.
JAJAJAJAJA you fell into my trap of revealing you believe in fairy tales and thus why should we trust any of your posts!!
Two points,
I did say in order worst to best and I clarified the second entry.
I agree it is not secure. However, sometime you don’t have a choice and it is better than nothing. Did we remove telnet? No. Did we remove Port 80 webfig and Port 8728 API? No…
In case of PPTP removal, I will personally sponsor Putin to invade Latvia to reinstate PPTP back.
I know, even Windows 11 still has support for PPTP. It must be it’s being used far too much still, pretty sure of it.
Since our F16’s are now protecting Latvia, nothing can happen ! (yeah right 
)
(Oh and BTW our DOD got hacked last Thursday, how about that !)