Depends............. what if he was trying to do it via mac address.. :-PPPPPActually, it doesn't seem obvious, the rule allowing WinBox port is there and should work (connection-state="" and in-interface-list=!LAN are useless, but it doesn't change anything).
I changed the entry to:For Sob........
/tool mac-server mac-winbox
set allowed-interface-list=LAN
This is my static public IP address (I'm paying for it). I turned off ICMP and the ping is no longer working.@Sob... is NATted from ISP...?
@dertyh
If you are not NATted from your ISP, your IP Cloud bAaOObSSIEbZ.sn.mynetname.net is resolveable to 9E.IS9.I9I.5A and is the same IP from you connect to the forum, and respond perfectly to ping.
But if your ISP NAT you, you can not open any WAN service... ask ISP first...
[...] some ISP (like me) for default are blocking incoming Winbox connections (and also http, ftp, telnet, dns, ntp, sql, rdp, netbios, smb, etc.) [...]
I am trying to understand why no service is available from WAN. I tried FTP, telnet, ssh. It is probably not the fault of the ISP - everything works on the Rmerlin router.
/ip address print
My scan: Error: I could not see your service on 93.XXX.XXX.XXX on port (8291)@OP
Rmelin router is an router you test instead of Mikrotik?
Do you have an public IP on your router?
See output of:Yes:Code: Select all/ip address print
Flags: I, D - DYNAMIC
Columns: ADDRESS, NETWORK, INTERFACE
# ADDRESS NETWORK INTERFACE
;;; defconf
0 192.168.0.1/24 192.168.0.0 bridge
1 I 192.168.200.1/24 192.168.200.0 *A
2 D 93.XXX.XXX.XXX/32 172.XXX.XXX.XXX pppoe-out1
I can ping this address 93.XXX.XXX.XXX from WAN (but now ICMP is disabled)
To test if a port is open the easy way, you can go to:
https://canyouseeme.org/
and type in the port you are testing. Should respond with a green Success
/ip firewall mangle
add chain=prerouting in-interface=pppoe-out1 connection-state=new action=log log-prefix=from_inet