Community discussions

MikroTik App
 
5009Owner
newbie
Topic Author
Posts: 33
Joined: Sun Jan 09, 2022 9:09 am

USB port as a management port.

Sat Jan 22, 2022 2:32 pm

I wonder, is it possible to use RB5009 USB port as a management port? Without any USB-Ethernet-adapters?
 
User avatar
JohnTRIVOLTA
Member
Member
Posts: 345
Joined: Sun Dec 25, 2016 2:05 pm
Location: BG/Sofia

Re: USB port as a management port.

Sat Jan 22, 2022 6:24 pm

I wonder, is it possible to use RB5009 USB port as a management port? Without any USB-Ethernet-adapters?
Without or wiith some ethernet usb adapter ?
 
Zacharias
Forum Guru
Forum Guru
Posts: 3459
Joined: Tue Dec 12, 2017 12:58 am
Location: Greece

Re: USB port as a management port.

Sat Jan 22, 2022 6:25 pm

Maybe this is what you're looking for https://mikrotik.com/product/woobm
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19100
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: USB port as a management port.

Sat Jan 22, 2022 7:10 pm

Sweet but no winbox ??? egads. what to do
 
Zacharias
Forum Guru
Forum Guru
Posts: 3459
Joined: Tue Dec 12, 2017 12:58 am
Location: Greece

Re: USB port as a management port.

Sat Jan 22, 2022 7:19 pm

Sweet but no winbox ??? egads. what to do
Yes...
Its nice working in terminal too...
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19100
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: USB port as a management port.

Sat Jan 22, 2022 7:37 pm

Well It does sound like a useful tool to have ..............
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: USB port as a management port.

Sun Jan 23, 2022 4:33 am

There's also the good old serial cable (with usb to serial adapter).
 
5009Owner
newbie
Topic Author
Posts: 33
Joined: Sun Jan 09, 2022 9:09 am

Re: USB port as a management port.

Sun Jan 23, 2022 10:00 am

That USB-stick looks nice. But being wireless, security aspects should be carefully checked. Does this mean that you can not lock yourself out of the router when making stupid configurations?
Is it possible that someone put this USB-stick into your router and get access?
What about this solution?
https://alloraconsulting.com/it-solutio ... r-firewire
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11433
Joined: Thu Mar 03, 2016 10:23 pm

Re: USB port as a management port.

Sun Jan 23, 2022 11:54 am

If one can gain physical access to your device, then device is much closer to being compromised, hence physical security is important. But even with USB access (either serial port or woobm) one still needs to know username and password, hence need for a highly complicated password and non-standard admin user name.
I'm not aware of possibility to disable console port (used by various USB variants) so it seems this is a pretty robust backup access method. But there might be a way to disable it which would mean it's not guaranteed in all cases.

Woobm is wireless indeed, but includes own AP. Since it's normally not plugged to ROS device all the time, chances of getting compromised are small but not nil.

USB-to-USB sollution likely won't work on ROS because special network drivers are needed and I'm 100% sure they're not available on ROS (and it's not possible to install custom software on ROS).
 
r00t
Long time Member
Long time Member
Posts: 672
Joined: Tue Nov 28, 2017 2:14 am

Re: USB port as a management port.

Sun Jan 23, 2022 6:23 pm

USB to LAN adapters do work with ROS and I have tried several of them with success, mostly Realtek chipsets.
Some USB2USB cables may work as well if they are visible as network interface in windows (so they support RNDIS or other standard USB classes).
Only issue with some of these adapters might be ROS thinking it's a LTE modem and not just regular network...
 
Zacharias
Forum Guru
Forum Guru
Posts: 3459
Joined: Tue Dec 12, 2017 12:58 am
Location: Greece

Re: USB port as a management port.

Sun Jan 23, 2022 8:15 pm

@mkx if you mean the actual serial port, as far as i know it can be disabled. By default it is enabled...
https://wiki.mikrotik.com/wiki/Manual:S ... ng_Console
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11433
Joined: Thu Mar 03, 2016 10:23 pm

Re: USB port as a management port.

Sun Jan 23, 2022 9:57 pm

No, I'm talking about "virtual" console ports, created by usb2serial or woobm...
 
Zacharias
Forum Guru
Forum Guru
Posts: 3459
Joined: Tue Dec 12, 2017 12:58 am
Location: Greece

Re: USB port as a management port.

Sun Jan 23, 2022 10:19 pm

Well, i can't be sure...
But on a RB4011 that i took a look now, under system console, there are 2 ports listed, serial0 and serial1...
I can only guess that one is referred to the actual ethernet console port and the other to the USB port...
So theoretically both can be disabled... Have not tested though yet ...
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 3253
Joined: Sun May 01, 2016 7:12 pm
Location: California

Re: USB port as a management port.

Mon Jan 24, 2022 6:37 pm

Sweet but no winbox ??? egads. what to do
I suppose you could run winbox-over-serial-over-usb if you wanted the winbox GUI, instead of the CLI. Haven't tried this – I primarily use Mikrotik because of the CLI/scripting ;).

But Mikrotik "serial redirection" (System>Ports>Remote Access in winbox) wouldn't care if winbox port 8291 was sent to IP/port assigned to serial port (likely want to set "raw" mode Ports>Remote Access). Then, on the PC you need convert serial interface to a local TCP port on PC, which you'd then use in winbox to connect. PuTTy on PC should have the options to take serial and make it a TCP port (although there may be easier tools to convert serial to TCP port on PC/Mac/Linux).
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 3253
Joined: Sun May 01, 2016 7:12 pm
Location: California

Re: USB port as a management port.

Mon Jan 24, 2022 6:43 pm

I wonder, is it possible to use RB5009 USB port as a management port? Without any USB-Ethernet-adapters?
Assuming a serial-to-USB dongle, I guess another approach would be using PPP server on the serial interface created by the USB-to-serial dongle. PPP allows listening on serial interface. Then on a PC make PPP connection to the Mikrotik PPP Server interface. You'd have to get the PPP in the right bridge or deal with assigning IP etc, but that also seemingly work.
 
r00t
Long time Member
Long time Member
Posts: 672
Joined: Tue Nov 28, 2017 2:14 am

Re: USB port as a management port.

Tue Jan 25, 2022 4:08 am

I have done that (PPP over serial) long time ago and it worked, speed is fine for winbox work... and you can run short serial cable almost at 1MBit/s speeds.
On windows you can configure it as dial-up, it will "call" the ROS, establish PPP link, get IP and then you can access router using winbox or any other way.
But really it's kind of stupid solution when USB to LAN adapters exist and everything is just plug and play...
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 3253
Joined: Sun May 01, 2016 7:12 pm
Location: California

Re: USB port as a management port.

Tue Jan 25, 2022 4:56 am

But really it's kind of stupid solution when USB to LAN adapters exist and everything is just plug and play...
Totally agree, more in "I guess you could do that category".

But I'm surprised Windows doesn't just show the serial port with USB-to-USB hookup to a RB5009, there are certainly some UART that support that (FTDI, PROLIFIC).
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11433
Joined: Thu Mar 03, 2016 10:23 pm

Re: USB port as a management port.

Tue Jan 25, 2022 8:50 am

What USB connection can do is entirely to active elements, built into such cable.

If one uses passive USB-A to USB-a cable (with data wires crossed), then this is not something supported by USB and standard drivers because it creates USB host to USB host connection while USB tree is supposed to have single USB host as "root" of that tree. If one uses custom drivers which can communicate and decide to make one of hosts act as plain USB device and expose RNDIS interface to the rest of USB stack, then it changes the game. But I guess this isn't solution to the question asked by OP (using USB port as a management port), ifplugging USB cable means that in ROS appears yet another network interface, it takes quite some configuration before management is possible (configuring IP address on it, possibly altering firewall and/or mac-server configuration) which is not possible to do via that connection before connection is done. USB to serial and WOOBM allow management out of the box unless one made some effort to disable it beforehand.

Sure there are USB to serial converters, exposing serial interface to USB stack. Because they contain USB to RS232 converter chip. If one wanted cable with two USB A connectors on both ends which would show as serial connection, then that cable would have to contain a (hypothetical) chip exposing serial interface over two separate USB interfaces having serial interfaces back-to-back connected ... which is exactly what is provided by a cludge with two USB-to-serial adapters connected with a serial cable. Since use case for serial over USB between two USB hosts is marginal (and already served by a cludge I mentioned), such a cable wouldn't be commercial success I guess ... but one can create one in DIY fashion.
 
GordonB
just joined
Posts: 1
Joined: Sun Jun 12, 2022 4:36 pm

Re: USB port as a management port.

Sun Jun 12, 2022 5:03 pm

Not to resurrect a necrothread but this does show up in Google seraches so this may be helpful to others:

Serial port access via the USB port on the hEX (RB750Gr3) and presumably other RB models works as a management port but actually works better as a fall back access port if you screw up the firewall setting or lock yourself out. You do need to set it up beforehand.

1. Set console to be on usb port:
/system console add port=usb2

2. Check the settings of the usb port:
/port pr de
Should yield: name="usb2" used-by="Serial Console" device="1-1" channels=1 baud-rate=115200 data-bits=8 parity=none
stop-bits=1 flow-control=none

Now, connect a usb-serial adapter (FTDI seems a bit more stable but Prolific PL2303 works) to the hEX <--> null modem serial cable <--> usb-serial adapter to PC/Mac.

For Mac, then: sudo cu -l /dev/cu.usbserial-XXXXXX -s 115200 and login.
For putty on Windows, use the above serial settings and select the correct COM port as shown in Device Manager.

This has saved my bacon several times as I was configuring the hEX.

Who is online

Users browsing this forum: No registered users and 48 guests