Winbox give access to a specific IP address.
To prevent abuse, you can determine the IP address may be used to log into the router Mikrotik board. This may include other services such as ssh, ftp, etc.
Caution: Do not add an IP address that is not assigned to your PC or laptop, otherwise you can not log on the router board.
Click "ip" then on "Services"
Double-click "winbox" I'm going to take this as an example.
Click the down arrow to enter an IP address.
Enter the IP address of your PC or laptop is explained knows.
Klik vervolgens op "apply" en "ok"
Result
So, now you can just only log in to the router board with the entered IP address.
To secure even more you can determine in the firewall settings login attempts and block. You can see that below.
Unauthorized logging occur on the Mikrotik router board.
You can create a firewall rule for unauthorized people to repel to log in. The firewall will report if there is a log-in attempt performed. When login attempts, the firewall will create a list of IP addresses that were used to log in and try to block temporarily.
Klik op "IP" "Firewall" "Filter rules".
- In "chain" select "input".
- At "protocol" you select 6 (tcp)
- Bij "DST.Port" (destination port) vul je 20-23 in.
Click through for more "action".
- Bij "action" selecteer "add scr to address list".
Bij "address list" selecteer "trying_to_login".
At "timeout" enter the number of days that this IP_address to be blocked.
This is the result, if you are in "firewall" "address lists look you see the IP addresses used to log in and these are blocked on your setting. In this example, SSH firewall blocks and telnet You can also winbox and add FTP port.
Comments