I kinda think long-term be better to get the routing/VLANs setup between the two routers. But RoMON is handy & description is kinda the main use case.
So enabling RoMON still help if one did try to setup VLANs, since you can use RoMON to get back in even if you FUBAR the config.
RoMON setup is simple:
- on BOTH/more routers enable RoMON in Tools > RoMON
- optional: you can set a secret, but if you do it should be the same on both note: since RoMON itself only transport things, the secret only “hides” the existence/cabilities of a device — authentication always use same winbox protocol
- optional: in same RoMON dialog you can configure what interface to use, by default it’s all interfaces if RoMON is enable - note: RoMON is not IP so it cannot go over the internet, so being “all” is not as bad as seems… still you likely what to “forbid” your WAN interface. RoMon is done backwards, so you “forbid” an interface, not allow
To use it, you use winbox to select your 1st router but instead of “Login” use “Connect to RoMON”. If you don’t see the “Connect to RoMON” button, you may have to enable “Advanced” in the winbox menubar. At this point, you’ll still be in the winbox login but the “neighbors” are from RoMON, and should include your 2nd router in that list. You can then provide the 2nd router’s user/passwd after selecting from “RoMON Neighbors” and you’ll be connect to winbox on the 2nd routers.
Essentially the 1st router just “proxies” winbox protocol to the RoMON connected router & even across multiple hops since it builds its own spanning tree. Internally it uses a different L2 ether-type, so it does not care about IP address or firewalls.