-
-
bigdaddycool
just joined
- Posts: 4
- Joined:
Need Remote Administration RB2011
I am new to mikrotik and still learning new stuff. I got router Rb2011 and on latest 6.27 RouterOS. I am trying to find a way to log into router remotely and configure it. I cannot find any tutorial on it, please advice or provide a link. Thanks!
-
-
duranto2009
just joined
- Posts: 6
- Joined:
Re: Need Remote Administration RB2011
Access your router from outside your network?
Then you need to have a real IP configured in your WAN side.
If you don't have a real IP, then you should buy one from your ISP.
After configuring a real IP in your WAN side, you will have access from anywhere in the world.
Please refer to this video, you will like it
https://www.youtube.com/watch?v=QO9mRs4z_bY
Thanks...
Then you need to have a real IP configured in your WAN side.
If you don't have a real IP, then you should buy one from your ISP.
After configuring a real IP in your WAN side, you will have access from anywhere in the world.
Please refer to this video, you will like it
https://www.youtube.com/watch?v=QO9mRs4z_bY
Thanks...
-
-
bigdaddycool
just joined
- Posts: 4
- Joined:
Re: Need Remote Administration RB2011
The video is not in english, however it was still easy enough for me to get the jist of it and now I am able to access my router from outside
Thanks!
Thanks!
Re: Need Remote Administration RB2011
1. Do you have static or dinamic IP adress?
2. You need to have SSH/HTTP/Telnet service active into Services submenu.
3. You need to add firewall rules, instead of your network configuration.
Port 80 is HTTP or WebGUI access. Port 22 is SSH, 23 is Telnet etc..
Now you probably will can access to your MT.
Detally is illustrated here: http://mikrotikmacedonia.com/index.php/topic,37.0.html
2. You need to have SSH/HTTP/Telnet service active into Services submenu.
3. You need to add firewall rules, instead of your network configuration.
Code: Select all
/ip firewall filter
add action=accept chain=input disabled=no dst-port=80 protocol=tcp place-before=3Now you probably will can access to your MT.
Detally is illustrated here: http://mikrotikmacedonia.com/index.php/topic,37.0.html
-
-
hossain2004a
Member Candidate
- Posts: 247
- Joined:
- Location: Iran
Re: Need Remote Administration RB2011
You need none of them. Just enable the Cloud and watch the magic.
There is dns name on that, easily copy and paste it into remote winbox and you will access that. if you deny input connection so you should write rule to access your incoming winbox.
Code: Select all
/ip cloud set ddns-enabled=yesRe: Need Remote Administration RB2011
Nope. Try yourself and you will see that must add Firewall Rule as i write before. Default Configuration on every RB is to drop any connections who come from ether1-gateway. So must add firewall rule, to working outside network access.You need none of them. Just enable the Cloud and watch the magic.
There is dns name on that, easily copy and paste it into remote winbox and you will access that. if you deny input connection so you should write rule to access your incoming winbox.Code: Select all/ip cloud set ddns-enabled=yes
-
-
hossain2004a
Member Candidate
- Posts: 247
- Joined:
- Location: Iran
Re: Need Remote Administration RB2011
Nope. Try yourself and you will see that must add Firewall Rule as i write before. Default Configuration on every RB is to drop any connections who come from ether1-gateway. So must add firewall rule, to working outside network access.You need none of them. Just enable the Cloud and watch the magic.
There is dns name on that, easily copy and paste it into remote winbox and you will access that. if you deny input connection so you should write rule to access your incoming winbox.Code: Select all/ip cloud set ddns-enabled=yes
I know, but it's recommended to delete default setting
(e.g what you said about Ether1)
Re: Need Remote Administration RB2011
I would go for this set of rules.
Code: Select all
/ip firewall filter
add action=drop chain=input comment="Drop invalid connections" connection-state=invalid
add chain=input comment="Allow ping from outside" disabled=yes in-interface=ether1 protocol=icmp
add chain=input comment="Accept established connections" connection-state=established
add chain=input comment="Accept related connections" connection-state=related
add chain=input comment="Allow access from local network" in-interface=<local lan interface> src-address=<local lan IP>
add action=log chain=input comment="Log everything else, only enabled when debugging" disabled=yes log-prefix="IPv4 Drop input RR:"
add action=drop chain=input comment="Drop everything else"
add action=drop chain=forward comment="Drop invalid connections" connection-state=invalid
add chain=forward comment="Accept established connections" connection-state=established
add chain=forward comment="Accept related connections" connection-state=related
add chain=forward comment="Allow traffic from Local network" in-interface=<local lan interface> src-address=<local lan IP>
add action=log chain=forward comment="Log everything else, only enabled when debugging" disabled=yes log-prefix="IPv4 Drop forward RR:"
add action=drop chain=forward comment="Drop everything else"
Who is online
Users browsing this forum: No registered users and 46 guests