can't connect to mikrotik via Winbox or Http

Question

We have a Mikrotik RB 750GL and I can't connect to it via Winbox or Http.

There is a PPTP connection (Running) between us (On Internet), That RB is PPTP Client.

Winbox stops on retrieving preferences and then disconnect. and Http webpage doesn't load. But I can connect to it via SSH or Telnet remotely and ping it!

and a local client can connect via Winbox or Http.

also I can't conncet to DVR (which connected to that RB).

None of these solutions work for me:

-Frameware Upgrade
-RouterOS Update
-Try L2TP Conncection
-Change MTU
-Change MRRU
-Another Winbox Version
-disable all Firewall Rules
-RB Client Reset Configuration(!)
-secure mode Winbox
-IP>Services: port and address

I need your help

Arash · Accepted Answer · 2017-01-25T09:50:45.497

It may be mss problem; as in Tunnels this is most common problem. Please make sure your packages are Clamped like this:

Put these rules on top on the mangle table.

 ip firewall mangle add chain=forward action=change-mss new-mss=1440 tcp-flags=syn protocol=tcp out-interface=all-ppp tcp-mss=1441-65535 

 ip firewall mangle add chain=forward action=change-mss new-mss=1390 tcp-flags=syn protocol=tcp in-interface=all-ppp tcp-mss=1391-65535

Here is the same rules for Input and Output (which affects mikrotik itself)

 ip firewall mangle add chain=input action=change-mss new-mss=1440 tcp-flags=syn protocol=tcp out-interface=all-ppp tcp-mss=1441-65535 

 ip firewall mangle add chain=input action=change-mss new-mss=1390 tcp-flags=syn protocol=tcp in-interface=all-ppp tcp-mss=1391-65535

 ip firewall mangle add chain=output action=change-mss new-mss=1440 tcp-flags=syn protocol=tcp out-interface=all-ppp tcp-mss=1441-65535 

 ip firewall mangle add chain=output action=change-mss new-mss=1390 tcp-flags=syn protocol=tcp in-interface=all-ppp tcp-mss=1391-65535

score 0 · Answer 2 · answered Jan 20 '17 at 16:47

Have you checked IP -> Services ; Winbox service may be configured on another port or be set to authorize limited addresses.

If this is the case, here is how you can reset it to default.

ip service set address=0.0.0.0/0 port=8291 [find name ~"winbox"] disabled=no

score 0 · Answer 3 · answered Nov 09 '18 at 20:30

A bit late joining the party here, but I had a similar problem.

Logged on to WinBox via MAC address, opened a terminal and then typed in:

export file="name-your-file-here"

Open that with text editor and then searched for WinBox.

Turns out the WinBox port had been changed.

can't connect to mikrotik via Winbox or Http

3 Answers3