Community discussions

MikroTik App
 
tiran
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 50
Joined: Fri Aug 07, 2015 2:53 pm

anydesk allow

Mon Jul 04, 2022 9:44 am

Hi,
We have some branches connected through Mikrotik PPTP. we have disabled their Internet usage by disabling masquerade nat. but we need to allow anydesk connection for remote support. anyone have idea?
I found this from anydesk website add exception for *.net.anydesk.com how can i do that?
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: anydesk allow

Mon Jul 04, 2022 2:09 pm

PPTP seriously???
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19103
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: anydesk allow

Mon Jul 04, 2022 9:39 pm

Use wg otherwise please dont bother us with non MT issues. Use team viewer LOL
 
User avatar
jbl42
Member Candidate
Member Candidate
Posts: 214
Joined: Sun Jun 21, 2020 12:58 pm

Re: anydesk allow

Mon Jul 04, 2022 10:08 pm

We have some branches connected through Mikrotik PPTP
As others have suggested, you might read about PPTP and consider switching to wireguard:
https://en.wikipedia.org/wiki/Point-to- ... l#Security

we have disabled their Internet usage by disabling masquerade nat.
Disabling masquerade towards WAN is all-or-nothing and not really ideal to achive blocking direct internet access.

but we need to allow anydesk connection for remote support. anyone have idea?
I found this from anydesk website add exception for *.net.anydesk.com how can i do that?
Keep masquerade towards WAN enabled, but allow forwarding from LAN to WAN only for *.net.anydesk.com in the forward chain.
Add similar rules for everything else that should be possible.

If your branch site has access to the HQ only using PPTP tunneling, why using an external service like anydesk and nothing working inside your own network and not involving 3rd parties?
 
tiran
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 50
Joined: Fri Aug 07, 2015 2:53 pm

Re: anydesk allow

Thu Jul 21, 2022 9:02 am

Finally we have found solution better it is good or not it is solved my issue.
my solution is schedule run and find dns cache that have any record with anydesk and add them to address list. already created masquerade that allow all traffic to gateway for defined address list
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1347
Joined: Mon Sep 23, 2019 1:04 pm

Re: anydesk allow

Thu Jul 21, 2022 9:05 am

What happens with the rest of the traffic? you're sending all you private IPs to the WAN side?
What a lousy "solution".

Who is online

Users browsing this forum: Ahrefs [Bot], Amazon [Bot], DanMos79, Google [Bot], Greyhard, jamesperks and 84 guests