enabling ssh on alternate port with port 22 inactive on wlan

amrphus · Fri Mar 06, 2015 7:33 am

I would like to allow ssh connection from the outside to my Mikrotik, running RouterOS 6.27. The only way that it seems to work is if I set up filter rules for both 22 and my alternate port (10022).

In the configuration below, if I disable filter rule #1 I cannot log into ssh from either port. As expected, if I enable filter rule #1, I can log in from both ports.

[admin@MikroTik] /ip firewall filter> print

 0    chain=input action=accept protocol=tcp dst-port=10022 log=no log-prefix=""

 1    chain=input action=accept protocol=tcp dst-port=22 log=no log-prefix=""
 
 ....

admin@MikroTik] /ip firewall> nat print

 0    chain=dstnat action=dst-nat to-ports=22 protocol=tcp in-interface=ether1-gateway dst-port=10022 log=yes log-prefix=""

I want to be able to enable logins from 10022 without enabling port 22. Am I missing something obvious?

Thanks

samsung172 · Sun Mar 08, 2015 3:22 am

set the port in /ip services

enabling ssh on alternate port with port 22 inactive on wlan

enabling ssh on alternate port with port 22 inactive on wlan

Re: enabling ssh on alternate port with port 22 inactive on wlan

Who is online