Winbox logging in problems

Jeffers21 · November 28, 2010, 3:57pm

I have just reset a rb450g which we are using in our test environment. I have given ether1 an Ip and can log on fine using winbox. I have also set up separate ip’s on ether 4 and 5 but i cant log on using winbox via these ports. i can however get access via mac address on these ports.

This is a fresh start so the ip’s are the only thing i have added.

For reference

ether1 = 10.8.23.252/25
ether4 = 172.16.1.25/30
ether5 = 172.16.1.25/30

To get the obvious question out of the way, I have been changing my pc’s ip (and subnet etc) when trying to log on.

Im sure its a simple answer and im being stupid

fewi · November 28, 2010, 4:21pm

You cannot assign the same IP address to two interfaces on a router.

Jeffers21 · November 29, 2010, 4:53pm

sorry made typo it is 172.16.1.37/30 on ether5

fewi · November 29, 2010, 5:02pm

Post the output of “/ip address print detail”, “/ip route print detail”, “/ip service print detail” and “/ip firewall export”.

Jeffers21 · November 29, 2010, 5:34pm

0 address=10.8.23.252/25 network=10.8.23.128 broadcast=10.8.23.255
interface=ether1 actual-interface=ether1

1 address=172.16.1.25/30 network=172.16.1.24 broadcast=172.16.1.27
interface=ether4 actual-interface=ether4

2 address=172.16.1.37/30 network=172.16.1.36 broadcast=172.16.1.39
interface=ether5 actual-interface=ether5

0 ADC dst-address=10.8.23.128/25 pref-src=10.8.23.252 gateway=ether1
gateway-status=ether1 reachable distance=0 scope=10

1 ADC dst-address=172.16.1.24/30 pref-src=172.16.1.25 gateway=ether4
gateway-status=ether4 unreachable distance=0 scope=200

2 ADC dst-address=172.16.1.36/30 pref-src=172.16.1.37 gateway=ether5
gateway-status=ether5 unreachable distance=0 scope=200

0 name=“telnet” port=23 address=0.0.0.0/0
1 name=“ftp” port=21 address=0.0.0.0/0
2 name=“www” port=80 address=0.0.0.0/0
3 name=“ssh” port=22 address=0.0.0.0/0
4 X name=“www-ssl” port=443 address=0.0.0.0/0 certificate=none
5 X name=“api” port=8728 address=0.0.0.0/0
6 name=“winbox” port=8291 address=0.0.0.0/0

/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s
tcp-close-wait-timeout=10s tcp-established-timeout=1d
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no
tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s

/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061
set pptp disabled=no

fewi · November 29, 2010, 5:42pm

There is nothing in that configuration that would prevent a client on ether 4 with an IP address of 172.16.1.26 and a netmask of 255.255.255.252 to access 172.16.1.25 via Winbox, or a client on ether 5 with an IP address of 172.16.1.38 and a netmask of 255.255.255.252 to access 172.16.1.37 via Winbox.

When you plug a client in, do the dynamic routes for the /30s change to a status of reachable?

I don’t know what to tell you - from what you’re posting you should be up and running.

Jeffers21 · November 29, 2010, 6:55pm

The interface’s were indeed coming up and sayig they were rechable and i could ping them fine, but trying to winbox via ip to the device just woouldnt work

However i have just blanked it again and started over. And it seems to be working fine.