Skip to main content

MikroTik Firewall Rules.

01. How to change default MikroTik ip services.
IP> Services> IP Service List
  • Default ip services
  • SSH: 22 --> 62222
  • ftp: 21 --> 62121
  • telnet: 23 --> 62223
  • www: 80 --> 62880
  • winbox: 8291 --> 68291
02. Firewall Rules Allow.
IP> Firewall> Filter Rules (+)
General
  • Chain: input
  • Protocol: 6(tcp)
  • Dst. Port: 8291
Action
  • Action: accept
  • Click Apply and OK button.
03. Test Verification.
  • cmd
  • telnet 192.168.1.1 62223
  • Login: admin
  • Password: *****

Comments

Post a Comment

Popular posts from this blog

MikroTik L2TP/IPsec VPN Configuration.

01. L2TP Server Bonding. PPP> Interface> L2TP Server Bonding. Name: L2TP-VPN Click Apply and OK button. 02. Enable L2TP Server. PPP> Interface> L2TP Server> Enable: Yes Authentication: Yes (pap, chap, mschap1, mschap2) Use IPSec: Yes IPsec Secret: 12345 Caller IP Type: IP address Click Apply and OK button. 03. Create IP Pool. IP> Pool> (+) Name: L2TP-Poll Address: 30.30.30.30.10-30.30.30.40 Next Pool: None Click Apply and OK button. 04. Create PPP Profile. PPP> Profile> (+) Name: L2TP-VPN Local Address: 30.30.30.1 Remote Address: L2TP-Pool Click Apply and OK button. 05. Create PPP account for each users. PPP> Secret> (+) Name: abc Password: 123 Service: L2TP Profile: L2TP-VPN Click Apply and OK button. Client Portion 01. Network and Sharing Center Set up a new connection or network Connect to a workplace (Set up a dial-up or VPN) Next Use my Internet connection (VPN) Internet address: 103.X.XX.224 Destination name: L2TP-VPN
Post a Comment
Read more

Securing of MikroTik Router.

Why? Prevent un-authorized people to access to the system. Intruder can steal information from you, or even deny you access to your resources. Intruder can use your resources to access to the other system. How? Keeping router up-to-date. Securing user & password. Securing physical access. Configuring packages. Hardening services. 01. Keeping router up-to-date firmware. Use current version Check Changelog before upgrade to newer version Download from trusted source Check file (MD5) when download from third party site https://mikrotik.com/download 02. Securing user & password. System> Users Change admin account name. Set complex password. Create separate account for each user. Set allowed address. Put read-only user in “read” group 03. Securing physical access. Interfaces> Interface List Disable Console (optional). Always logout console session. Disable Unused interface. Don’t configunused interface (optional). 04. Configurin
Post a Comment
Read more