WinBox Download

GotNet · February 1, 2006, 5:29pm

We block port 80 from our MikroTik box to prevent access to the default web page. Has anyone found a way to grab a WinBox download or update without HTTP? I see some workarounds like placing winbox.exe in the files area or using a different port but maybe there is a more practical method.

On a related note, we ran with a two year old version of winbox until several months ago. Guess I thought “downloading plugins” after a router upgrade also updated winbox.

Mike

cmit · February 2, 2006, 9:22am

I suppose you mean that you block port 80 access TO your MikroTik, right?

Why not create some way for ONLY YOU to use it? So if you come from a fixed ip address, create some firewall rule to allow access from there. Or create an administrative VPN tunnel to your MikroTik (IPsec, PPTP)…

I don’t think there’s another (automatic) way to get the DLL files for the WinBox from your router. Apart perhaps from connecting to some system with the same software version once, and then copy over the DLLs from this system to the other one you use.
But that’s a rather ugly hack, as with every update you will manually have to re-do this…

Best regards,
Christian Meis

savage · February 2, 2006, 12:00pm

Cmit is right on the spot here. If multiple hosts should be allowed to access the MT via WebBox, use a access list. Winbox requires both port 80 and some other arb port, both are required.

The easiest way here, would be to block 80/tcp, but allow it for only certain hosts that are required to make the connection. We normally just block 80 on our external interfaces, and allow it on our internal ones (not 100% secure, but it gets the job done).

normis · February 2, 2006, 2:17pm

winbox doesn’t need port 80 in 2.9

cibernet · February 2, 2006, 3:19pm

That´s right winbox use port 8291 for secure access…

What version of MT do you have installed?

savage · February 2, 2006, 5:43pm

2.9 for me. Sorry yes, I was mistaken, must have thought of the 2.8 days

Tested, and 80/tcp is definately not required. My appologies

GotNet · February 2, 2006, 6:00pm

We are on 2.9.x. While we are aware that port 80 is not required (and thanks MT for that feature!) to run, it is to download the exe.

And yes, Cmit, “to” MT.

gustkiller · February 6, 2006, 1:16am

just use another port for the http server
like 6980 or somehing..

cibernet · February 6, 2006, 2:19am

Winbox doesn´t need to use the http server to log in on MT 2.9.X.

Regards

GotNet · February 6, 2006, 4:55pm

HTTP is required to download winbox.
I think the alternate port is the best clean solution. As far as upgrading winbox, a tool that would grab the latest from the router during execution would be cool…

Mike

cibernet · February 8, 2006, 1:29pm

What’s new in v2.9beta1:
*) winbox now uses only “one” TCP port to get plug-ins and send data…

You can always download winbox from http://demo.mt.lv

Regards

GotNet · March 13, 2006, 6:24pm

Well poo. That link stopped working.
How do we know when we need a new version of winbox anyway? There is no changelog and the mt versions don’t match.

normis · March 14, 2006, 6:34am

well there is always http://demo2.mt.lv

GotNet · March 16, 2006, 12:52am

Thanks, I found it with Google. Tried the MT search and got references to versions 2.7, 2.6. and 2.3.

Grrr.