I’m a bit late, but here’s my response for what it’s worth.
Wireless Preference:
I don’t use Mikrotik Wireless because competitors offer better controllers. I’d prefer focusing on network control features like VLANs, Interfaces, Bridges, and VPNs first. After that, work on improving the wireless interface for easier use.
Hosting Options:
Cloud solution (hosted by Mikrotik): Only as a last resort or free solution.
Self-hosted server on X86 (Linux): Definitely the preferred option.
Self-hosted server on a powerful Mikrotik router: An interesting idea, but second to using my own hardware.
Desired Features:
Mass automatic updates with outage notifications.
App interface for controller with push notifications.
SSL certificate support for the web interface (Let’s Encrypt preferred).
Mass provisioning for users and settings (e.g., a single screen to create users/passwords and apply them to all routers, including SSH key propagation).
Simple VLAN management: Level 1 technicians should easily change VLAN assignments with a click-and-apply interface.
Basic configuration templates: Allow auto-configuration of new devices connected to the controller, including DHCP, VPN, VLAN, bridges, DNS, etc.
Router discovery: Mikrotik devices should automatically find the controller via DNS/DHCP options or a push/pull method. I have no issue with deploying VPNs for discovery using username/password and IP.
Controller dashboard: Ability to monitor site status (e.g., offline alerts) and push notifications via app.
Preferred Service Interface:
A modern web-based UI with SSL support, ideally leveraging Let’s Encrypt for certificates.
Should be accessible through a Web UI (Linux packages are fine) rather than relying on VPN + Mikrotik app.
Coming back to this discussion with an update for Mikrotik guys: you can play with it now - https://docs.eda.dev/getting-started/try-eda/
One key requirement for RouterOS to work with EDA in a not so distant future is to have gNMI support.
I don’t use Mikrotik Wireless because competitors offer better controllers
I’m not going to wade in with specifics right now (haven’t got time today) but I will echo this sentiment. As I’ve said several times in other posts, other controllers (specifically Unifi Cloud) are “better” because they’re simpler and less hassle. To many professionals here that might sound like heresy but
it really does depend which market Mikrotik wants to go after. If it’s the SOHO market, then simpler and zero-hassle (e.g. cloud based) is the clear path. If it’s the large/professional installations then the goal posts move considerably.
Most of my clients are small and without me, would probably roll their own. Even once CAPsMAN is set-up, it still can’t compete with clicking “Upgrade device” in a cloud based interface.
So focus on simplicity first and then consider adding more complexity in phase 2, 3 etc. This is just IMO is an ideal scenario where you can agile (not necessarily totally in favour these days) develop the product.
The new WinBox will have taken longer than if they’d focussed on the main features used by everyone. Then again, I get the impression the main drive for the new WinBox was to rebuild for cross-platform compatibility. Which is totally fine.
Are you interested in a central controller for MikroTik devices? If yes:
a) do you need it for wireless settings only (like a centralised capsman)
b) or you are interested to manage all configuration of these MikroTik devices
‘b’. I don’t use capsman much and I don’t have super repeatable configs. rather have individual configs per device.
How would you like to run it?
a) “Cloud solution” hosted by MikroTik?
b) Self hosted server on X86 (*NIX)
b) Self hosted server as package on a powerful MikroTik router
all of these would be interesting. ‘a’ depends on price. ‘b’ is more likely what I’d do but again, depends on price of ‘a’
What features would you like to see mostly? (mass auto-upgrade, configuration, provisioning, monitoring)? Please provide as much detail as possible.
mass updates and monitoring. Keeping firmwares up to date is a real chore without building my own kit on the APIs. Need to have per-device firmware settings though, we run certain firmwares on certain devices.
I’d like a heartbeat time monitoring of stats. from the device out to the service and outage notifications based on lack of data in a configurable amount of time.
How do you imagine this service would look? Similar to current CAPsMAN, based in RouterOS configuration, or something completely new, moden web based UI etc.
Modern web ui or bust. I dislike capsman.
It would be nice to have the new winbox ‘embedded’ and be able to use the controller basically like romon but over a tunnel.
Are you interested in a central controller for MikroTik devices? If yes:
b**) manage all configuration of these MikroTik devices**
How would you like to run it?
*Router package would be ideal, but self hosted nix would work too.
What features would you like to see mostly? (mass auto-upgrade, configuration, provisioning, monitoring)? Please provide as much detail as possible. Mass upgrade (OS and Routerboard) is most important. Mass config changes would be a very close second. I already have a monitoring solution in place for all network objects.
How do you imagine this service would look? Appearance is less important than functionality, but would prefer an executable app similar to Dude. I’m not a fan of web apps.
Routerboard upgrade thru capsman would be great! or Cap remote reboot, this along with routerboard auto-upgrade would upgrade both OS and firmware in just two steps.
My environment has more than 1500 RB952Ui-5ac2nD and RBD52G-5HacD2HnD distributed throughout South America, on Buses. They only connect to a CHR through Wireguard from Omnitik distributed across various bus terminals.
The best solution I have found so far is a Node.js platform that we built, which queries the CHR and the Omnitik through APIs. On the front end we have all the necessary tools for our purposes, including programming that is only activated by the API sensors.
I don’t think Mikrotik provides such a tool. Dude is already there, and in any case they will add more functions.
Are you interested in a central controller for MikroTik devices?
YES, B all devices
How would you like to run it?
a) “Cloud solution” hosted by MikroTik?
NO, Cloud Solutions create unwanted dependencies
b) Self hosted server on X86 (*NIX)
YES, maybe as VM
b) Self hosted server as package on a powerful MikroTik router
YES, but only if it can be clustered.
What features would you like to see mostly?
mass auto-upgrade - Nice
(Bulk) configuration - Yes,
provisioning - Yes,
monitoring - Yes,
Please provide as much detail as possible.
How do you imagine this service would look?
Web based solution, not based on Java, with permanent service running in the background.
And MFA implementation and role based management.
If MikroTik is looking to sell more hardware… Look to sell a controller hardware appliance – do as what some other vendors are.
Winbox4 is a mess
RouterOS 7.17 is a mess.
Focus should be on either:
unified Web management interface for majority of the MikroTik hardware. This could be rolled out via a container that runs on hardware. Then for smaller, or underpowered devices [IE access points with less CPU/RAM] they be managed by the controller.
Network controller device, think of GPER or GESP looking device [Or cloud key]
I dont know why everyone is so caught up on not having a cloud solution. All other vendors, including big name enterprise vendors are doing it. Or they give you the option to “self manage” or via cloud.
Air-gapped systems are a thing.
No Internet access? Well that’s unthinkable in 2025? Think about Manufacturing with their Windows 3.11/95/XP
Big Names like one starting with C still offers their “old” non cloud managed devices.
Others like Z offer “flex” devices.
While others (U) lost the focus on what theyre actually trying to do and now do a bit of everything. (My opinion ig)
In the end: if it’s the same thing as the competition they won’t stand out. What’s the reason to pick MT over Cisco Meraki in a situation like that for example?
Or MT vs any other company that’s doing the same?
Or what’s the difference between competitor A vs competitor B?
If they’re all doing the same it will just come down to price and it’s the ones closest to manufacturing that are usually the ones that can lower the prices the most.
But for now I’ll just be quiet and watch what MT is doing
Yes, I am familiar with working on air-gapped systems. I use to work for the gov and university years ago. You can have self-hosted controller hardware [IE: MikroTik cloud key type hardware -GPER design]. and then at firewall level you deny it from calling home. Or create your firewall ACL rules to restirct said traffic, Or simply dont give the controller DNS.
What you all do who run ARUBA controller or Ruckus on prem?
Note – even Cisco is pushing Catalyst devices to Meraki managed, as FYI. All meraki “MS” switches are now EOS – and push is Catalyst C9XXX hardware to be Meraki managed.
Exactly… Thank you for noticing. I just feel if MikroTik pushes to a controller based design – yes some heads will roll, But it is the direction of the market. If cant beat them, join them - or be left behind. They need to continue to push forward and develop. Winbox4 is hot garbage for example.
WebUI based management would of been better instead of Winbox4 Qt based design. Or if they stuck with Winbox3 and made it operating system agnostic; walk before run.
If MikroTik created a controller, it can be created as a container [MikroTik - eat your own dog food approach] - ran as a container on the more capable hardware and be a recommended solution. This will also allow MikroTik to increase sales [more hardware sell]. They could also then distribute the container as a docker image that ANYONE can deploy on their own environment and manage themselves… lastly – I envision a GESP type device dongle as a hardware controller sold at an affordable price.
Easy to depoy and configure. However – we’re still waiting on CAPsMAN config SYNC…
Majority of MikroTik’s enterprise features are half baked and never followed through to stable completion.
There needs to be better leadership and laser focus at Team MIkroTik.
There should of never been a “Winbox4”. They should instead take the efforts to design a proper WebUI for management – a container for the overall management or controller.
I posted in another thread for MikroTik to look at what Palo Alto Does [Panorama]. Yes, it is slow to comit changes. That is because Palo dedicates CPU and storage to run ONLY the management plan. Data plan and control plane run on the ASICS and rest of available CPU.
Given the likely enormous effort they put into new WinBox, and the largely unnoticed new redesigned WebFig in 7.17 that looks just like winbox4 … I’d imagine the answer will be BOTH web and app… So the controller app will likely just have different choices on side (“Routers”, “APs”, “Switches”, “Profiles” etc) but same style “list views” and dialogs (or even same dialog in some cases like a controller ap/router’s ip).
Also, they been offering file-share and BTH (and had cloud backup) for a while. I cannot image there would not be some way to store the “controller” config in the cloud. And the “file-share” feature in 7.18 is a stop along that road.
Now I’m just reading teal leaves – but I see no need to worry about UI or cloud/on-prem choices yet. That is unless you didn’t like the look-and-feel of EITHER the 7.17 webfig or WinBox beta…
It’s actually how they handle config management in some theoretical controller IDK, that seem like a much harder problem than have controller config store EITHER cloud or on-prem, or having app and web…
