Community discussions

MikroTik App
 
hiphap91
just joined
Topic Author
Posts: 1
Joined: Sun Jan 03, 2021 10:00 pm

Opening firewall ports

Fri Feb 05, 2021 12:49 pm

Hi there.

Pretty new to MikroTik, though I am very happy with my teeny tiny HAP2 router. I have a couple of questions, a specific one and a more general one.

First, how do I open (in a... *good* way) my ssh port, so I can ssh from a different network into my home network?

Second: How good are the default firewall settings, and should I do something to make it better?

Thank you for your time.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 6171
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Opening firewall ports

Tue Feb 16, 2021 4:09 pm

What do you mean SSH from a different network into my home network.

Do you mean from an external location (not behind the same router)?

If so recommend using VPN not SSH.
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
MTUNA Certified, by the Ascerbic Llama!
 
own3r1138
just joined
Posts: 7
Joined: Sun Feb 14, 2021 12:33 am

Re: Opening firewall ports

Wed Feb 17, 2021 4:14 pm

use custom port for SSH set a private key for access and use some Bruteforce rule in firewall you can also restrict the remote IPs.

https://wiki.mikrotik.com/wiki/Brutefor ... prevention
 
atifivacy
just joined
Posts: 9
Joined: Wed Feb 17, 2021 7:23 pm

Re: Opening firewall ports

Thu Feb 18, 2021 6:28 am

What you're asking isn't quite clear. What are you referring to by 'open'? Do you mean that that port is listening to some server? Or do you mean the system firewall allows it? Or what?
 
User avatar
k6ccc
Long time Member
Long time Member
Posts: 643
Joined: Fri May 13, 2016 12:01 am
Location: Glendora, CA, USA (near Los Angeles)

Re: Opening firewall ports

Thu Feb 18, 2021 5:47 pm

And to answer part two of your original question, yes the default firewall rules are fairly good for most purposes. If you are replacing a consumer grade router with a Mikrotik, the default configuration will work just fine. When you want to allow other stuff (such as your SSH question) is where the Mikrotik will shine.
RB750Gr3, RB750r2, CRS326-24G-2S (in SwitchOS), CSS326-24G-2S, CSS106-5G-1S, RB260GS
Not sure if I beat them in submission, or they beat me into submission

Warning: I know enough to be dangerous...

Jim

Who is online

Users browsing this forum: Bing [Bot], Google [Bot], yegorovp and 65 guests