Hello guys
I know that most of you are not a fan of opening access to the MT devices over WAN, I use the Mikrotik app very often on Wifi and I would like to have the ability to do so remotely as well
How can I open access from WAN for several IPs?
thanks in advance
Hi Shy,
I do what you are looking to do over IKEv2 VPN connection.
One established the vpn tunnel from the smart phone to the router, then one opens the app and its like using winbox at home using ones PC.
Works great and IS SECURE.
I refuse to give any advice on opening up WINBOX on the internet without proper security. 
Other than to say look up port knocking as an alternative…
found the info for port knocking > https://wiki.mikrotik.com/wiki/Port_Knocking
how do I add secured addresses to the list?
And how do i make the ipsec setup?
how do I add secured addresses to the list?
Firewall rules to allow access or allowed addresses to log on - or both.
port knock is the thing, works flawlessly
How do i allow access to the box from lan without needs to port knock?
tnx
Hint winbox is a service on the router, where do you access services and where do you firewall them
Hint your the admin
Hint check out users
Hint check out IP services
Hint check MAC services
Grant access to the service for the allowed clients. There are many methods possible: firewall settings, services settings, user settings, depending on the port/service. You haven’t stated what port or service it is.