Community discussions

MikroTik App
 
JoeFerreira
just joined
Topic Author
Posts: 5
Joined: Sun Jun 05, 2022 12:20 am

Dude adding RouterOS Device Issue

Sun Jun 05, 2022 12:34 am

I just bought a brand new HEX S / RB760iGS / Revision r2. (Factory Firmware was 6.47.10) for my home.
I upgraded the Firmware, RouterOS, and Dude all to version 7.2.3.
I can connect to RouterOS via Winbox and Dude via the Dude Client from my windows machine.
Winbox and Dude are running and accessible.

I run Discovery against the LAN, using the default network range of 192.168.88.0/24
It detects my router using the default IP of 192.168.88.1 but it does not have the RouterOS integration.
I have entered the user admin and my new password and it will not connect. it just retries every few seconds.
If I add a routeros management service for a service monitor other than ping, that fails also.
Do I have to setup a firewall rule or something for dude on my hex s to talk to winbox/routeros on the same hex s?
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Dude adding RouterOS Device Issue

Wed Jun 08, 2022 10:27 am

Without seeing the configuration of the device, can be all.
Do an /export of the configutration and put it on forum.
 
JoeFerreira
just joined
Topic Author
Posts: 5
Joined: Sun Jun 05, 2022 12:20 am

Re: Dude adding RouterOS Device Issue

Wed Jun 08, 2022 6:41 pm

I only removed my lan dhcp static addresses.
I figured out last night that I could add 127.0.0.1 to connect via loopback but that doesn't seem very clean.
Do I need to add a bridge as a loopback interface with a address assigned to it that would be inside my address space of 192.168.88.0/24 and then add a firewall filter to allow the traffic to the winbox port?

# jun/08/2022 08:28:09 by RouterOS 7.3
# software id = XM8X-JNU6
#
# model = RB760iGS
# serial number = HCF08A3293V
/interface bridge
add admin-mac=18:FD:74:0A:1D:0D auto-mac=no comment=defconf name=lanbridge
/interface ethernet
set [ find default-name=ether1 ] name=ether1-ISP1
set [ find default-name=ether2 ] disabled=yes name=ether2-ISP2
/interface bonding
add mode=active-backup name=wanbonding primary=ether1-ISP1 slaves=ether1-ISP1,ether2-ISP2
/disk
set sd1 disabled=no
set sd1-part1 disabled=no name=disk1
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface lte apn
set [ find default=yes ] ip-type=ipv4 use-network-apn=no
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=default-dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=default-dhcp interface=lanbridge name=defconf
/lora servers
add address=eu.mikrotik.thethings.industries down-port=1700 name=TTN-EU up-port=1700
add address=us.mikrotik.thethings.industries down-port=1700 name=TTN-US up-port=1700
add address=eu1.cloud.thethings.industries down-port=1700 name="TTS Cloud (eu1)" up-port=1700
add address=nam1.cloud.thethings.industries down-port=1700 name="TTS Cloud (nam1)" up-port=1700
add address=au1.cloud.thethings.industries down-port=1700 name="TTS Cloud (au1)" up-port=1700
add address=eu1.cloud.thethings.network down-port=1700 name="TTN V3 (eu1)" up-port=1700
add address=nam1.cloud.thethings.network down-port=1700 name="TTN V3 (nam1)" up-port=1700
add address=au1.cloud.thethings.network down-port=1700 name="TTN V3 (au1)" up-port=1700
/port
set 0 name=serial0
/routing bgp template
set default disabled=no output.network=bgp-networks
/routing ospf instance
add disabled=no name=default-v2
/routing ospf area
add disabled=yes instance=default-v2 name=backbone-v2
/user group
set full policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web,sniff,sensitive,api,romon,dude,rest-api
/interface bridge port
add bridge=lanbridge comment=defconf ingress-filtering=no interface=ether3
add bridge=lanbridge comment=defconf ingress-filtering=no interface=ether4
add bridge=lanbridge comment=defconf ingress-filtering=no interface=ether5
add bridge=lanbridge comment=defconf ingress-filtering=no interface=sfp1
/ip neighbor discovery-settings
set discover-interface-list=LAN
/ipv6 settings
set disable-ipv6=yes max-neighbor-entries=8192
/interface detect-internet
set detect-interface-list=all
/interface list member
add comment=defconf interface=lanbridge list=LAN
add comment=defconf interface=wanbonding list=WAN
/interface ovpn-server server
set auth=sha1,md5
/ip address
add address=192.168.88.1/24 interface=lanbridge network=192.168.88.0
/ip dhcp-client
add interface=wanbonding
/ip dhcp-server lease
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf dns-server=192.168.88.1 gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip dns static
add address=192.168.88.1 comment=defconf name=router.lan
/ip firewall address-list
add address=192.168.88.0 list=LAN
/ip firewall filter
add action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment="defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
add action=drop chain=input comment="defconf: drop all not coming from LAN" in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related hw-offload=yes
add action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=out,none out-interface-list=WAN
/system clock
set time-zone-name=America/Los_Angeles
/system gps
set set-system-time=yes
/system ntp client
set mode=broadcast
/system routerboard settings
set auto-upgrade=yes
/system scheduler
add disabled=yes interval=1m name="renew wan dhcp lease" on-event="/ip dhcp-client renew [find interface=wanbonding]" policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-date=jun/05/2022 start-time=11:34:29
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN
[admin@MikroTik] >
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Dude adding RouterOS Device Issue

Wed Jun 08, 2022 7:03 pm

/ip firewall address-list
add address=192.168.88.0 list=LAN
????

must be
/ip firewall address-list
add address=192.168.88.0/24 list=LAN
but the address-list is never used

I do not see any line of config about dude... like
/dude
set data-directory=/disk1/dude enabled=yes
You sure you have installed and enabled it?
 
JoeFerreira
just joined
Topic Author
Posts: 5
Joined: Sun Jun 05, 2022 12:20 am

Re: Dude adding RouterOS Device Issue

Wed Jun 08, 2022 11:22 pm

/ip firewall address-list
add address=192.168.88.0 list=LAN
????

must be
/ip firewall address-list
add address=192.168.88.0/24 list=LAN
but the address-list is never used

I do not see any line of config about dude... like
/dude
set data-directory=/disk1/dude enabled=yes
You sure you have installed and enabled it?
The firewall rules are stock. I didn't modify those.

Here is the bits for dude I did have it turned off. my bad.

I do have it relocated to a sdcard.
/dude
set data-directory=/disk1/dude enabled=yes
 
JoeFerreira
just joined
Topic Author
Posts: 5
Joined: Sun Jun 05, 2022 12:20 am

Re: Dude adding RouterOS Device Issue

Wed Jun 29, 2022 8:18 am

Any ideas?
 
User avatar
Ca6ko
Member
Member
Posts: 498
Joined: Wed May 04, 2022 10:59 pm
Location: Kharkiv, Ukraine

Re: Dude adding RouterOS Device Issue

Wed Jun 29, 2022 9:45 pm

The Dude server is not good at monitoring itself. You need to use another device as an agent.

Who is online

Users browsing this forum: No registered users and 12 guests