Community discussions

MUM Europe 2020
 
robert83
just joined
Topic Author
Posts: 4
Joined: Sat Sep 08, 2012 6:52 pm

Winbox not seeing Microtic devices after Router

Wed Sep 12, 2012 4:07 pm

Hi all,

I have a computer behind RB750, when I click on [...] in Winbox , it should list all my detected Microtic devices in my network, but I only sees the router which is in front of me. (See attached picture)

Please people! Answer me, how can I make this work again if possible .

RB750 Router , routing table :

[admin@Prometheus] /ip route> print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 A S 0.0.0.0/0 192.168.201.250 1
1 S 0.0.0.0/0 Wireless Port 1
2 ADr 192.168.4.0/24 192.168.201.250 120
3 ADr 192.168.56.0/24 192.168.201.250 120
4 ADr 192.168.59.0/24 192.168.201.247 120
5 ADr 192.168.200.0/24 192.168.201.250 120
6 ADC 192.168.201.0/24 192.168.201.249 Wireless Port 0
7 ADr 192.168.202.0/24 192.168.201.248 120
8 ADC 192.168.203.0/24 192.168.203.250 Switch Port 1 0
9 ADr 192.168.205.0/24 192.168.201.247 120
10 ADr 192.168.210.0/24 192.168.201.250 120
11 ADr 192.168.211.0/24 192.168.201.250 120
12 ADr 192.168.220.0/24 192.168.201.250 120


Filter table :

[admin@Prometheus] /ip firewall filter> print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=forward action=accept dst-address=192.168.203.14

1 chain=forward action=accept src-address=0.0.0.0 dst-address=192.168.201.249 in-interface=Wireless Port
out-interface=Switch Port 1

2 chain=forward action=accept src-address=0.0.0.0 dst-address=192.168.203.250 in-interface=Wireless Port
out-interface=Switch Port 1

3 chain=forward action=accept protocol=tcp src-port="" dst-port=5900,4662,8432 port=""

4 chain=forward action=accept protocol=udp dst-port=4672

5 chain=forward action=accept connection-state=established

6 chain=forward action=accept connection-state=related

7 chain=forward action=reject reject-with=icmp-network-unreachable in-interface=Wireless Port
out-interface=Switch Port 1

Greetings
Robert
You do not have the required permissions to view the files attached to this post.
 
User avatar
Caci99
Forum Guru
Forum Guru
Posts: 1069
Joined: Wed Feb 21, 2007 2:26 pm
Location: Tirane
Contact:

Re: Winbox not seeing Microtic devices after Router

Wed Sep 12, 2012 4:35 pm

This is exactly what a router is supposed to do. The discover protocol of RouterOS devices works when
the devices are on the same broadcast domain, and in your case they are not, since a router is sitting in between.
-Toni-
Don't crash the ambulance, whatever you do
 
robert83
just joined
Topic Author
Posts: 4
Joined: Sat Sep 08, 2012 6:52 pm

Re: Winbox not seeing Microtic devices after Router

Wed Sep 12, 2012 4:53 pm

Thank you very much for your quick answer.

My next question would be is it possible to somehow make it work? Maybe a firewall rule?

Greetings
Robert
 
jadu
Frequent Visitor
Frequent Visitor
Posts: 82
Joined: Sat Feb 05, 2011 9:22 am
Location: Bucharest - Constanta

Re: Winbox not seeing Microtic devices after Router

Wed Sep 12, 2012 4:59 pm

Yes you can add in forward chain src address the others Mikrotik dev's, in interface(the interface wich comunicate with the other Mikrotik's), UDP port 5678 and ACCEPT.
------------------------
Don't give thanks, give karma instead!
 
robert83
just joined
Topic Author
Posts: 4
Joined: Sat Sep 08, 2012 6:52 pm

Re: Winbox not seeing Microtic devices after Router

Wed Sep 12, 2012 5:19 pm

Hi,

id does work if I connect manually, by specifing ip address, it is not populating , because as I was told it's not in the same broadcast domain as the other Microtic Devices.

I was asking if it's possible to make it autopopulate again by somehow retransmiting some packet on this router I'm behind ...?

Mikrotik devices 192.168.201.1-100 192.168.201.248--RB750---192.168.203.250---Client/Winbox 192.168.203.10 , Winbox is not autopopulating devices 1-100 from subnet 192.168.201.0/24 , that is my problem.

i dunno if this is somehow doable with current setup, was told that the router is supposed to work like this.

Tried to add the port you've mentined by simple adding a forward chain with src port 5678 and dst port 5678, like this :

0 chain=forward action=accept dst-address=192.168.203.14

1 chain=forward action=accept protocol=udp src-port=5678

2 chain=forward action=accept protocol=udp dst-port=5678

3 chain=forward action=accept src-address=0.0.0.0 dst-address=192.168.201.249 in-interface=Wireless Port
out-interface=Switch Port 1

4 chain=forward action=accept src-address=0.0.0.0 dst-address=192.168.203.250 in-interface=Wireless Port
out-interface=Switch Port 1

5 chain=forward action=accept protocol=tcp src-port="" dst-port=5900,4662,8432 port=""

6 chain=forward action=accept protocol=udp dst-port=4672

7 chain=forward action=accept connection-state=established

8 chain=forward action=accept connection-state=related

9 chain=forward action=reject reject-with=icmp-network-unreachable in-interface=Wireless Port
out-interface=Switch Port 1

Still does not autopopulate mikrotik devices from subnet 192.168.201.0/24 , I'm on subnet 192.168.203.0/24 behind a router (RB750)

Greetings
Robert
 
jadu
Frequent Visitor
Frequent Visitor
Posts: 82
Joined: Sat Feb 05, 2011 9:22 am
Location: Bucharest - Constanta

Re: Winbox not seeing Microtic devices after Router

Wed Sep 12, 2012 5:33 pm

try this rules:
0 ;;; allow discovery mikrotik
chain=forward in-interface=ether1 mac-protocol=ip dst-port=5678
ip-protocol=udp action=accept
1 ;;; allow discovery mikrotik
chain=input in-interface=ether1 mac-protocol=ip dst-port=5678
ip-protocol=udp action=accept
2 ;;; allow discovery mikrotik
chain=output mac-protocol=ip dst-port=5678 ip-protocol=udp action=accept
3 ;;; allow discovery mikrotik
chain=input in-interface=ether1 mac-protocol=ip dst-port=8291
ip-protocol=tcp action=accept
------------------------
Don't give thanks, give karma instead!
 
User avatar
sjwrick
Frequent Visitor
Frequent Visitor
Posts: 77
Joined: Tue Jul 25, 2006 10:12 pm

Winbox not seeing Microtic devices after Router

Wed Sep 12, 2012 6:33 pm

Jadu: are you assuming that ether1 is hw WAN port and all other ports are "behind" the router?

Thx. Rick
 
User avatar
Caci99
Forum Guru
Forum Guru
Posts: 1069
Joined: Wed Feb 21, 2007 2:26 pm
Location: Tirane
Contact:

Re: Winbox not seeing Microtic devices after Router

Wed Sep 12, 2012 6:59 pm

The discover protocol is a Layer 2 protocol, as such it is not routed (discarded by router).
So, I don't think you can forward that kind of packet through the router. Actually, I never bothered
to do such thing, so if any one has managed that, than okay.
The only way that I know to make this work is only if router is configured as transparent bridge.
-Toni-
Don't crash the ambulance, whatever you do
 
jadu
Frequent Visitor
Frequent Visitor
Posts: 82
Joined: Sat Feb 05, 2011 9:22 am
Location: Bucharest - Constanta

Re: Winbox not seeing Microtic devices after Router

Wed Sep 12, 2012 7:41 pm

Jadu: are you assuming that ether1 is hw WAN port and all other ports are "behind" the router?
Yes i assume this, from my configuration ether1 is the WAN port.
------------------------
Don't give thanks, give karma instead!
 
jadu
Frequent Visitor
Frequent Visitor
Posts: 82
Joined: Sat Feb 05, 2011 9:22 am
Location: Bucharest - Constanta

Re: Winbox not seeing Microtic devices after Router

Wed Sep 12, 2012 7:52 pm

I haven't tried this but i assume it will help by enabling discovery on ether1 port (wan) so that your router receives discovery packets from other mikrotiks.
------------------------
Don't give thanks, give karma instead!
 
User avatar
Caci99
Forum Guru
Forum Guru
Posts: 1069
Joined: Wed Feb 21, 2007 2:26 pm
Location: Tirane
Contact:

Re: Winbox not seeing Microtic devices after Router

Wed Sep 12, 2012 8:40 pm

I haven't tried this but i assume it will help by enabling discovery on ether1 port (wan) so that your router receives discovery packets from other mikrotiks.
Winbox uses discovery protocol, which in turn is a Layer 2 protocol. It just sends a broadcast packet on port 5678 on udp protocol.
The broadcast packets are never meant to pass through the router, they are only confined within that particular broadcast domain
from which the packet is generated.
Enabling the discovery protocol on the router (which by default is enabled on all interfaces except on WAN and wireless interfaces)
will discover devices on that port but will not forward that information on the other network. So, by the stand point of a router, you
can see all devices on all the networks that the router connects. But a device behind that router will only see those on the local
area network.
http://wiki.mikrotik.com/wiki/Manual:IP ... _discovery
-Toni-
Don't crash the ambulance, whatever you do

Who is online

Users browsing this forum: Bing [Bot], che, EdPa, jaimemarcos, Kickoleg, nest, PeterLiu, skylark, smartnetworks and 130 guests