Trying to use Mikrotik equipment.
I created an IPSEC tunnel on a Hex device.
The tunnel was created and working, but I was unable to create a second tunnel on the same device.
The tunnels are site to site, static to static. I have created these tunnels on other devices, but I want to see
if Mikrotik can replace my other devices.
Question:
Is WinBox preferred over WebFig?
Asking because using webfig gave red error advising “peer did not exist”. But peer does exist.
WinBox is generally preferred over WebFig for configuration tasks on MikroTik devices, especially for complex setups like IPsec tunnels. WinBox provides a more responsive interface and better visibility for diagnosing issues. It is widely used by MikroTik administrators for its reliability, detailed error feedback, and usability compared to WebFig, which is web-based and may have limitations or quirks in displaying certain details.
You can learn more about Winbox at https://help.mikrotik.com/docs/spaces/ROS/pages/328129/WinBox
I like to think that since RouterOS is under the hood a derivative from Linux, GUI parts, both Winbox and Webfig, are “overlays” over textual commands.
You can normally connect to a Mikrotik device via SSH (or telnet) and do all the configuration on the command line.
What happens - particularly with new features - is that the feature/setting/command is added to the OS and can be accessed via command line, and - at least initially - these new parts cannot be accessed from Winbox or Webfig.
Then, a new version of Winbox is created with the added items.
And some time later Webfig is also updated.
So there is some form of “translation” between the “base” and these more user friendly “overlays”, and something can be lost in this process.
From what I have seen Winbox is somehow “better translated” than Webfig and, besides being more responsive, its interface is “multiwindows” so that you can have open/viewable at the same time different areas of the settings and in most cases observe in real time or so what happens when you set something in other parts of the configuration.
Webfig is “single page”, instead.
Still, for advanced settings/configurations command line is often needed, and both Winbox and Webfig offer a “terminal” feature.
An added feature of Winbox is that it can use a special protocol that normally allows accessing a Mikrotik device on the network via its MAC address even if no IP has been configured correctly on the connected port and it can detect Mikrotik devices on the network.
In a nutshell:
Did you write this, or was it generated by ChatGPT ?
Its sounds very GPT like…
To be honest … I’ve seen other posts where I had the exact same feeling.
In 7.17, the difference becomes even less since webfig looks nearly identical to winbox4. So main difference IMO is winbox can do Layer2 / MAC address, while webfig is Layer3/4 / IP only. With the native winbox adding a few extras like sessions/workspaces, and associated multiple windows.
Perhaps, but there AI grammar tools coming up (see Apple) so I suspect we’ll start seeing more “neutral” language over time. e.g. We’d likely think the same if a few regular contributors start running a post through a LLM to re-write them in “friendly tone”
In fairness, IPSec does have a lot of params spread across sub-sections, so using it from CLI with isn’t so easy since you don’t know what is default… Now it’s not unique in that regard either…