I am unable to connect to my hAP ac3 with WinBox by MAC address. When I press the refresh button in the neighbor tab, I don't see any devices. I could swear that my device was there when I first pulled it out of the box but I honestly don't remember. I am running WinBox 3.31 in Wine on Pop_OS 21.10 currently. I'm also running 7.1.1 on the router. Could Wine have something to do with this? I've been using safe mode so that I don't lock myself out but I would feel much better if I knew that I could connect to the device by MAC address.

I am unable to connect to my hAP ac3 with WinBox by MAC address.

In Wine on Linux, if that adapter does not have an IP address (any IP address will do, on any subnet), MAC winbox will not work.

My Ethernet adapter does have an IP address that it got from the ac3 by DHCP. Is there some other interface that you are referring to?

My Ethernet adapter does have an IP address that it got from the ac3 by DHCP. Is there some other interface that you are referring to?

No, but usually if you are trying to use mac winbox it is because you can't connect to it with the IP.

I should have known better but GUFW was blocking this traffic. You'd think for someone who does this for a living would have turned off my personal firewall. I just started using GUFW on Linux recently so this hasn't ever been an issue for me in the past.

After digging into Wireshark, I see that the ac3 is broadcasting MNDP (UDP-5678) so that makes sense how WinBox wouldn't be able to discover neighbors with GUFW running. Easy enough to allow UDP-5678 through the GUFW firewall. Hopefully this thread helps someone in the future.

Allowing MNDP through GUFW is the easy part, but allowing MAC-Telnet...not so much. GUFW doesn't see this statefully as this communication is using L3 broadcasts and the source port on the Start Session packet is ephemeral. So the Acknowledgement, also a L3 broadcast, is now using that original ephemeral port as the destination port which is not allowed by GUFW. Each new MAC-Telnet session is going to have a new source port so it looks like your best bet is to just turn off GUFW for the duration of the MAC-Telnet session.

This is interesting stuff. I recommend anyone to fire up Wireshark and take a look at this packet flow. I've learned a ton about these two protocols tonight. Sometimes forgetting to turn a personal firewall off leads to a real deep learning opportunity.

My Ethernet adapter does have an IP address that it got from the ac3 by DHCP. Is there some other interface that you are referring to?

No, but usually if you are trying to use mac winbox it is because you can't connect to it with the IP.

Say what? I never use the IP address unless its a remote device I am configuring. MAC all the way everyday.......

Say what? I never use the IP address unless its a remote device I am configuring. MAC all the way everyday.......

As I started to write this comment, I was going to say that it seems like connecting by IP is more efficient because it's all unicast where connecting by MAC is broadcast. This is only true at L3. L2 is still unicast as it's not using the all F's broadcast MAC address. By that logic it seems like it doesn't really matter which way you connect as long as you are on the same L2 segment.

Hi there!
just open port 5678/udp:
sudo firewall-cmd --permanent --add-port=5678/udp
It helped me...