Have a question about remote winbox access. We provide Internet services through a Fiber and Wireless Network, the owners are part of a collective of local Country Governments so they don't resell services, just manage the network.
We have a RB2011LS that handles traffic for all of our customers, most of the Wireless CPE's are MikroTik, some are Ubiquiti. I can SSH into a customers MikroTik CPE from our MikroTik core router, but I'm curious, is there any way to get Winbox GUI access?
Change the Winbox access port in the customer's router to 8292:
/ip service set winbox address=0.0.0.0/0 port=8292
Forward port 8292 on your RB2011LS:
/ip firewall filter
add chain=input dst-port=8292 in-interface=ether1 protocol=tcp
You will have to change "ether1" to whatever you call your in-interface.
Next, make a NAT rule:
add action=dst-nat chain=dstnat dst-port=8292 in-interface=ether1 protocol=tcp to-addresses=192.168.1.2 to-ports=8292
You will have to change "ether1" to whatever you call your in-interface. Change the to-address to the address of your customer's router.
Please let me know if this works.