Hello all,
my company blocks hosts/ports so I cannot automatically update mikrotik from Winbox.
IT department says they can open access, but I have to tell them what exactly resources ( host(s) : port(s) ) do I need to have opened.
What is requirements to be able to run mikrotik firmware update from Winbox? What hosts:ports should be accessible?
So the person responsible for managing the network is not in the IT department??
This seems out of whack?
The fact that you dont know the winbox port of the router your responsible for is also out of whack!
The fact that you dont know the defaut winbox port of the MT router means your MT training is also out of whack or none existant!
May be my explanation is not good enough…
Mikrotik routers (few of them) are in my possession, I am not from IT department.
I am test engineer and I am using Mikrotik routers locally, I need to test some electronic devices with ethernet, so I have test PC and such device behind the mikrotik.
I am using Mikrotik API functionality so my software can connect to Mikrotik, for example, to query device IP and MAC, and for some other purpose.
Our company network backbone is not using Mikrotiks at all, so our IT does not want to be responsible for it 
.
That is why I am asking what should I tell them to give me ability to update mikrotiks in my possession.
I don’t know if it’s officially documented, but if I check for updates in WinBox, two hostnames appear in dns cache:
upgrade.mikrotik.com
download.mikrotik.com
Edit: And tcp/80 as port.
Thank you.
If you have outgoing traffic denied policy, then no need to open ports for MT upgrades, better download firmwares according to your device architectures, upload to Files and reboot. You’ll get the same result.
In any case a complete clustergarbage fuck process.
Any OS software to be loaded on any device on the company should be a controlled affair.
Those are not your MT routers they are company property or should not have entered the building.
Good thing Im not in IT there, would be using my taser for emphasis 
First off, neither of your comments were relevant to the question. Please limit your comments to the subject of the original post. If you want to validate your sense existence, please do it elsewhere. Secondly, most would skip over your comments after realizing it’s just BS. I usually ignore comments like these, however fatuousness is becoming the new precedent. It is neither your business or responsibility, to correct how the company he is working at does things.
Good think you are not in IT here, it doesn’t seem like you would fit in here with your questionable ethics.
If you don’t want to help, just quietly stay in your corner.
While I (somehow) agree with the gist of your message (we know anav around here, he’s a special case 
but his intentions are mostly good !!), you are now responding to something almost a year old because … ??
Woah, digging up a topic from last year just to pick on @anav, that’s something.
Congrats Mr. Ethics (Ecnival), the forum is safe now.
@Ecnival
If you don’t post something useful,
Don’t do necroposting in that useless way,
and don’t reply to posts that can generate even more useless posts, like this one.