Community discussions

MUM Europe 2020
 
quochuy7610
just joined
Topic Author
Posts: 2
Joined: Sun Nov 15, 2015 6:49 pm

Remote access by winbox anywhere

Wed Nov 18, 2015 7:18 pm

Dear All,

How to remote access by winbox anywhere (out site internet)!

Thanks,
 
jarda
Forum Guru
Forum Guru
Posts: 7604
Joined: Mon Oct 22, 2012 4:46 pm

Thu Nov 19, 2015 11:43 am

Accept inbound traffic to winbox port from outside. Of course you have public fixed ip as I expect.
 
User avatar
docmarius
Forum Guru
Forum Guru
Posts: 1220
Joined: Sat Nov 06, 2010 12:04 pm
Location: Timisoara, Romania
Contact:

Re: Remote access by winbox anywhere

Thu Nov 19, 2015 5:13 pm

For added security I would recommend setting up a tunnel (pptp/l2tp/maybe even sstp) with proper firewall rules and then use local ip to access it.
Torturing CCR1009-7G-1C-1S+, RB450G, RB750GL, RB951G-2HnD, RB960PGS, RB260GSP, OmniTIK 5HnD and NetMetal 922UAGS-5HPacD + R11e-5HnD in my home network.
 
jarda
Forum Guru
Forum Guru
Posts: 7604
Joined: Mon Oct 22, 2012 4:46 pm

Thu Nov 19, 2015 5:59 pm

I can recommend the same but I am afraid that it is over the possibilities of the requestor.
 
quochuy7610
just joined
Topic Author
Posts: 2
Joined: Sun Nov 15, 2015 6:49 pm

Re: Remote access by winbox anywhere

Fri Nov 20, 2015 7:37 pm

How to proper firewall rules and then use local ip to access it ? Now, i see neighbor list but I ping not OK (timeout)
You do not have the required permissions to view the files attached to this post.
 
freemannnn
Long time Member
Long time Member
Posts: 669
Joined: Sun Oct 13, 2013 7:29 pm

Re: Remote access by winbox anywhere

Fri Nov 20, 2015 9:22 pm

also enable ip cloud so you have a free dynamic dns service from mikrotik. (if u dont have static ip of course )
 
User avatar
docmarius
Forum Guru
Forum Guru
Posts: 1220
Joined: Sat Nov 06, 2010 12:04 pm
Location: Timisoara, Romania
Contact:

Re: Remote access by winbox anywhere

Sat Nov 21, 2015 12:55 am

Add following firewall filter rules (this should be the order):
1. allow access (input chain) from interface l2tp-out1 for icmp (to get ping if you like)
2. allow access (input chain) from interface l2tp-out1 for tcp port 8291 (to get winbox)
3. drop all input (input chain) from interface l2tp-out1 (for added security - optional - you can skip it for the moment)
Torturing CCR1009-7G-1C-1S+, RB450G, RB750GL, RB951G-2HnD, RB960PGS, RB260GSP, OmniTIK 5HnD and NetMetal 922UAGS-5HPacD + R11e-5HnD in my home network.
 
User avatar
cross
just joined
Posts: 18
Joined: Tue Jul 28, 2015 3:41 pm

Re: Remote access by winbox anywhere

Sat Nov 21, 2015 10:59 am

also enable ip cloud so you have a free dynamic dns service from mikrotik. (if u dont have static ip of course )
Wow, I didn't know that mikrotik has such a service avalaible :)

So there's a lot of possibility. But the best is VPN or you can use Knock Port Rule in firewall. And then you will be able to "knock" yourself into mikrotik with any IP you want.
 
freemannnn
Long time Member
Long time Member
Posts: 669
Joined: Sun Oct 13, 2013 7:29 pm

Re: Remote access by winbox anywhere

Sat Nov 21, 2015 3:22 pm

i like ip cloud and for me is working flawless. the only improvement i want is to be able to force-choose from which input wan connection will be updated, when u have multiple wan.
for example "force ip cloud" to always updates from wan1 connection (ether1) and routed by that connection always
 
Teno
just joined
Posts: 5
Joined: Mon Oct 26, 2015 11:07 pm

Re:

Thu Dec 31, 2015 6:06 pm

Accept inbound traffic to winbox port from outside. Of course you have public fixed ip as I expect.
Can I do this via ssh?

Thanks and Happy new year!

Who is online

Users browsing this forum: No registered users and 94 guests