Community discussions

MikroTik App
 
User avatar
atn22
just joined
Topic Author
Posts: 2
Joined: Tue Jul 26, 2022 10:21 pm

CAPsMAN unknown mikrotik devices

Sun Oct 30, 2022 10:46 am

In the past several days I have noticed the following in my mikrotik log:
router.png
Obviously, two unknown mikrotik devices outside my local network are trying to connect to my CAPsMAN.
I found one of them on arp list:
arp.png
How to prevent this?
You do not have the required permissions to view the files attached to this post.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11433
Joined: Thu Mar 03, 2016 10:23 pm

Re: CAPsMAN unknown mikrotik devices

Sun Oct 30, 2022 12:36 pm

It seems firewall rules on your router are a bit too permissive from WAN side. The old CAPsMAN manual mentions
Note: CAPsMAN uses UDP port 5246 for manager traffic and UDP port 5247 for data traffic

So if your CAPsMAN receives connection attempts via WAN interface, it seems like firewall is leaky (default firewall rules block these connection attempts). The other possibility (less likely but impossible to rule out without seeing full config of your router) is that CAPsMAN is set to be L2 discoverable via WAN interface as well.
 
User avatar
BrateloSlava
Member Candidate
Member Candidate
Posts: 168
Joined: Mon Aug 09, 2021 10:33 am
Location: Ukraine, Kharkiv

Re: CAPsMAN unknown mikrotik devices

Sun Oct 30, 2022 7:29 pm

Manual:Simple CAPsMAN setup

For security reasons specify on which interfaces to listen to CAPs
/caps-man manager interface
set [ find default=yes ] forbid=yes
add disabled=no interface=bridge

Who is online

Users browsing this forum: alotofbacardi, kovacspro, ondrejstepanek and 28 guests