MikroTik

Hello,

I am using Mikrotik on the vessels behind satellite modem with very limited data usage such as 50Mbyte per month. So each MBbye cost the customers extra US$s. We just allow e-mail IPs on the firewall. I have seen on satellite POP, we have a lot of request from our satellite modem to 81.198.87.240 and 159.148.147.229. I saw that these are Mikrotik Cloud IPs. I have disabled Cloud and DNS service on the unit. But it still send request to those IPs. I have added rules to IP firewall rules but it is still happening.
How can I stop these requests or block these Cloud IPs on the Routerboard?

Open the door HAL.....
Resistance is futile, join the MT Borg....
Obviously this one has not been cloned yet and is still fighting back..
We are pwned by the Cloud..
Wake up you have simply been dreaming, there is no traffic to the cloud, trust MT!

Suggest sending a supout file to MT support and any other supporting evidence.

To be honest, before annoying support staff, I would prefer to inspect full config. I have few devices around, where I specifically focused on any unexpected outgoing packets - and it's just not happening. There must be some setting causing this.

Support staff are not so easily annoyed. In fact they expect and like questions which have a quick and easy answer.
Operator error!

That should block devices inside the network for reaching IPCloud
It will also force the router to dump connection attempts to IPCloud

I have disabled Cloud and DNS service on the unit. But it still send request to those IPs. I have added rules to IP firewall rules but it is still happening.
How can I stop these requests or block these Cloud IPs on the Routerboard?

Did You disable "Cloud" AND "Update Time"? AFAIK they run independently - and this "Update Time" talks to the cloud server.

Hi!
Could somebody explain what is this?
How I can disable this traffic?


DDNS disabled.


Router (RB3011) updated.

And I don't understand where from this traffic!

I can drop it with firewall rules... but.
Is it bug?

Thank you.

It's documented and known behavior.

https://wiki.mikrotik.com/wiki/Manual:S ... figuration

Note: Time-zone-autodetect by default is enabled on new RouterOS installation and after configuration reset. The time zone is detected depending on routers public IP address and our Cloud servers database. Since RouterOS v6.43 your device will use cloud2.mikrotik.com to communicate with the MikroTik's Cloud server. Older versions will use cloud.mikrotik.com to communicate with the MikroTik's Cloud server.

And:
https://wiki.mikrotik.com/wiki/Manual:I ... pdate_time

• Approximate time (accuracy of several seconds, depends on UDP packet latency)
• Updates time after a reboot and during every DDNS update (when router's WAN IP address changes or after the force-update command is used)
• Sends encrypted packets to cloud.mikrotik.com or cloud2.mikrotik.com using UDP/15252 port
• Detects time-zone depending on the router's public IP address and our commercial database

Disable everything cloud and use NTP Client for clock updating instead.

Disable everything cloud and use NTP Client for clock updating instead.

I did it


And this

(Thanks to nescafe2002)

Now I am waiting for results...
...
After reboot during half an hour no connection to cloud2.microtik.com !
What I did (thanks to everybody for help!)
1. Disable everything in Cloud.
2. Disable Time Zone AutoDetect
3. Install NTP instead SNTP
4. Reboot.
Seems to me that it works. Will see...

Thanks to everybody!

select gROOTs answer as solved so people know its solved.

Hi,

We still have mikrotik devices (6.44.3) trying to connect to 159.148.172.251:15252 UDP
we disabled everything in IP/Cloud,
disabled clock time zone autodetect and installed ntp package.

are we missing some option that needs to be disabled?

problem solved after another reboot. only 2 units had this problem the rest worked fine.

You could also add static DNS entries for cloud.mikrotik.com pointing to 127.0.0.1
Ugly but effective.....