From WinBox:
- Click on IP, then Firewall, then Filter Rules.
- Click the + to add a new rule.
- Change Chain to input.
- Change Protocol to tcp.
- Change Dst. Port to 8291.
- Click on the Action tab and make sure Action is set to accept.
- Click Comment and name it something like “winbox”.
- Click OK.
- MOST IMPORTANT RULE
- Your new Filter Rule will be at the bottom of the list. Drag it up above the last “drop” rule from the default configuration.
- Filter Rules are matched in order. They start at the top and work through each one. If your new rule is AFTER the “drop” rule, it will not work.
---- via cli
create an Input rule to allow Port 8291 from the internet.
/ip firewall filter add action=accept chain=input disabled=no dst-port=8291 protocol=tcp
be sure to place it above any rules dropping Input.
I would also consider specifying which hosts can connect rather than leaving it wide open.
fonte: http://networkingforintegrators.com/2012/08/accessing-a-mikrotik-router-through-winbox-over-the-internet/
0 comentários:
Postar um comentário