I am not sure what information to include in my original post. I have an RB951 that is running OS 6.45.7. I am using Winbox v3.20
I have searched the forum and searched on Google and have not found a solution yet.
I am on the same network as the 951 (my laptop is using the WiFi on the 951). When I try to connect to the 951 using Winbox via the IP address, I get the error message:
ERROR: could not connect to 192.168.15.1
If I try to connect to the 951 using Winbox via the wireless MAC address, I can get in no problem.
I can also connect to the 951 via the https interface (using Chrome and going to address 192.168.15.1). This works.
So I know my IP address is correct (proven by using Chrome and logging in that way), and I know Winbox can connect (using the MAC address and logging in that way). I just do not know why I cannot connect using Winbox and the IP address.
Additional information, I have performed these same tests using the Mikrotik App for Android. Same results.
I apologize for the delay. I was able to locate the issue.
In trying to work on some firewall rules for my son, I had done an export of the configuration of the router, When I was going through the txt file, I came across this section:
/ip service
set telnet disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set winbox address=x.x.x.x/y port=8291
set api-ssl disabled=yes
However I found the line “set winbox” read as “set winbox disabled=yes”. The more I dug, the more I found, and I think my setting may have been hacked. I re-enabled winbox and went in and undid what I found (socks had been turned on, and I had found a new user added, among other things). Luckily, I keep periodical backups of my router settings, so I was able to quickly fix the openings the hacker has done and worked to attempt to seal the router back. I also went and made sure my OS and firmware were up to date (OS was, but my firmware was a little behind).
There have been reports when ROS devices hacked have had installed some malware not exposed in any configuration (GUI, export, …). So when it’s prooven that device was hacked, the most safe course of action would be:
find last known good configuration (mind: not backup). If there isn’t one, create export, but sanitize it
netinstall router. In the process everything gets deleted and this is the only way to clean all known (and most of unknown ) malware from ROS device
import exported configuration
While doing the last step it might be good to actually re-do the config from scratch (and only use exported config as a reminder). People tend to learn some lessons, hence a completely new config might actually be better than the old one. In addition to that, default settings evolve with time and could be that wanted config is only slightly changed contemporary default while it used to be a complete different story a few ROS versions back.
mkx is bang on. Reinstalling settings is pointless.
Clean install of downloaded software from MT using netinstall is the only safe way to proceed.
By all means then manually copy your known rules into the settings.
While you are at it, suggest changing default winbox port to something else
) malware from ROS device