I have an intermittent problem where some routers stop allowing Winbox or Dude connections. At the moment I have a CCR1009 at a client site that's working perfectly and I can ssh into it, but I can't use Winbox or the Dude. If I reboot it, it'll come good (but I'll have to do that late at night). I've had some x86 routers do the same thing. I can't see anything obvious in the logs or active connections. The problem occurs with multiple different ROS versions. Does anyone have any suggestions for troubleshooting this? Thanks Russell
Hi Russell, I can't say I've ever seen a similar problem, except for when the router itself is sitting at 100% CPU usage. Can you access the device via the web? Could there potentially be a firewall rule that's adding you to a block list? I know dynamic firewall entries are cleared out on reboot. Regards, Ben -----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Russell Hurren Sent: Thursday, 28 September 2017 19:42 To: MikroTik Australia Public List <public@talk.mikrotik.com.au> Subject: [MT-AU Public] Can't connect through Winbox/Dude I have an intermittent problem where some routers stop allowing Winbox or Dude connections. At the moment I have a CCR1009 at a client site that's working perfectly and I can ssh into it, but I can't use Winbox or the Dude. If I reboot it, it'll come good (but I'll have to do that late at night). I've had some x86 routers do the same thing. I can't see anything obvious in the logs or active connections. The problem occurs with multiple different ROS versions. Does anyone have any suggestions for troubleshooting this? Thanks Russell _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
Thanks Ben In this case, the router is sitting between 0% and 1% load. It's accessible via webfig (although I normally have a port forward to the OpenVPN server behind it) and the only address lists are the whitelists for my network. Regards Russell -----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Ben Farmer Sent: Friday, 29 September 2017 5:42 To: MikroTik Australia Public List <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] Can't connect through Winbox/Dude Hi Russell, I can't say I've ever seen a similar problem, except for when the router itself is sitting at 100% CPU usage. Can you access the device via the web? Could there potentially be a firewall rule that's adding you to a block list? I know dynamic firewall entries are cleared out on reboot. Regards, Ben -----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Russell Hurren Sent: Thursday, 28 September 2017 19:42 To: MikroTik Australia Public List <public@talk.mikrotik.com.au> Subject: [MT-AU Public] Can't connect through Winbox/Dude I have an intermittent problem where some routers stop allowing Winbox or Dude connections. At the moment I have a CCR1009 at a client site that's working perfectly and I can ssh into it, but I can't use Winbox or the Dude. If I reboot it, it'll come good (but I'll have to do that late at night). I've had some x86 routers do the same thing. I can't see anything obvious in the logs or active connections. The problem occurs with multiple different ROS versions. Does anyone have any suggestions for troubleshooting this? Thanks Russell _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Russell Hurren Sent: Friday, 29 September 2017 11:37 AM To: MikroTik Australia Public List <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] Can't connect through Winbox/Dude
Thanks Ben
In this case, the router is sitting between 0% and 1% load. It's accessible via webfig (although I normally have a port forward to the OpenVPN server behind it) and the only address lists are the whitelists for my network.
Regards
Russell
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Ben Farmer Sent: Friday, 29 September 2017 5:42 To: MikroTik Australia Public List <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] Can't connect through Winbox/Dude
Hi Russell,
I can't say I've ever seen a similar problem, except for when the router itself is sitting at 100% CPU usage.
Can you access the device via the web? Could there potentially be a firewall rule that's adding you to a block list? I know dynamic firewall entries are cleared out on reboot.
Regards, Ben
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Russell Hurren Sent: Thursday, 28 September 2017 19:42 To: MikroTik Australia Public List <public@talk.mikrotik.com.au> Subject: [MT-AU Public] Can't connect through Winbox/Dude
I have an intermittent problem where some routers stop allowing Winbox or Dude connections. At the moment I have a CCR1009 at a client site that's working perfectly and I can ssh into it, but I can't use Winbox or the Dude. If I reboot it, it'll come good (but I'll have to do that late at night). I've had some x86 routers do the same thing.
I can't see anything obvious in the logs or active connections. The
If you can access it by ssh or webfig, try running torch tool on the internet side interface while trying to hit it by winbox - maybe packets are not even arriving there? Cheers, Mike. problem
occurs with multiple different ROS versions.
Does anyone have any suggestions for troubleshooting this?
Thanks
Russell
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Russell Hurren Sent: Friday, 29 September 2017 11:37 AM To: MikroTik Australia Public List <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] Can't connect through Winbox/Dude
Thanks Ben
In this case, the router is sitting between 0% and 1% load. It's accessible via webfig (although I normally have a port forward to the OpenVPN server behind it) and the only address lists are the whitelists for my network.
Regards
Russell
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Ben Farmer Sent: Friday, 29 September 2017 5:42 To: MikroTik Australia Public List <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] Can't connect through Winbox/Dude
Hi Russell,
I can't say I've ever seen a similar problem, except for when the router itself is sitting at 100% CPU usage.
Can you access the device via the web? Could there potentially be a firewall rule that's adding you to a block list? I know dynamic firewall entries are cleared out on reboot.
Regards, Ben
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Russell Hurren Sent: Thursday, 28 September 2017 19:42 To: MikroTik Australia Public List <public@talk.mikrotik.com.au> Subject: [MT-AU Public] Can't connect through Winbox/Dude
I have an intermittent problem where some routers stop allowing Winbox or Dude connections. At the moment I have a CCR1009 at a client site that's working perfectly and I can ssh into it, but I can't use Winbox or the Dude. If I reboot it, it'll come good (but I'll have to do that late at night). I've had some x86 routers do the same thing.
I can't see anything obvious in the logs or active connections. The
Thanks Mike When I run torch on the pppoe interface with my router as the src-address, port 8291, I see the following briefly when I try to connect from Winbox, but then it doesn't show anything else after half a second. MAC-PROTOCOL SRC-ADDRESS SRC-PORT DST-PORT TX RX TX-PACKETS RX-PACKETS ip 10.180.32.34 63506 8291 (winbox) 1696bps 2.1kbps 5 5 Regards Russell -----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Mike Everest Sent: Friday, 29 September 2017 18:43 To: 'MikroTik Australia Public List' <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] Can't connect through Winbox/Dude If you can access it by ssh or webfig, try running torch tool on the internet side interface while trying to hit it by winbox - maybe packets are not even arriving there? Cheers, Mike. problem
occurs with multiple different ROS versions.
Does anyone have any suggestions for troubleshooting this?
Thanks
Russell
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com. au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com. au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com. au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
That looks normal to me (try it also when working to compare) Check your local connected router too are the packets returning all the way? And are they coming back with the same IP address as expected? Cheers,..
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Russell Hurren Sent: Friday, 29 September 2017 8:53 PM To: MikroTik Australia Public List <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] Can't connect through Winbox/Dude
Thanks Mike
When I run torch on the pppoe interface with my router as the src-address, port 8291, I see the following briefly when I try to connect from Winbox, but then it doesn't show anything else after half a second.
MAC-PROTOCOL SRC-ADDRESS SRC-PORT DST-PORT TX RX TX-PACKETS RX-PACKETS ip 10.180.32.34 63506 8291 (winbox) 1696bps 2.1kbps 5 5
Regards
Russell
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Mike Everest Sent: Friday, 29 September 2017 18:43 To: 'MikroTik Australia Public List' <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] Can't connect through Winbox/Dude
If you can access it by ssh or webfig, try running torch tool on the internet side interface while trying to hit it by winbox - maybe packets are not even arriving there?
Cheers, Mike.
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Russell Hurren Sent: Friday, 29 September 2017 11:37 AM To: MikroTik Australia Public List <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] Can't connect through Winbox/Dude
Thanks Ben
In this case, the router is sitting between 0% and 1% load. It's accessible via webfig (although I normally have a port forward to the OpenVPN server behind it) and the only address lists are the whitelists for my network.
Regards
Russell
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Ben Farmer Sent: Friday, 29 September 2017 5:42 To: MikroTik Australia Public List <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] Can't connect through Winbox/Dude
Hi Russell,
I can't say I've ever seen a similar problem, except for when the router itself is sitting at 100% CPU usage.
Can you access the device via the web? Could there potentially be a firewall rule that's adding you to a block list? I know dynamic firewall entries are cleared out on reboot.
Regards, Ben
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Russell Hurren Sent: Thursday, 28 September 2017 19:42 To: MikroTik Australia Public List <public@talk.mikrotik.com.au> Subject: [MT-AU Public] Can't connect through Winbox/Dude
I have an intermittent problem where some routers stop allowing Winbox or Dude connections. At the moment I have a CCR1009 at a client site that's working perfectly and I can ssh into it, but I can't use Winbox or the Dude. If I reboot it, it'll come good (but I'll have to do that late at night). I've had some x86 routers do the same thing.
I can't see anything obvious in the logs or active connections. The problem occurs with multiple different ROS versions.
Does anyone have any suggestions for troubleshooting this?
Thanks
Russell
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com. au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com. au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com. au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
Hi Mike I didn't get a chance to check those things, and this morning there was an NBN outage (affected multiple customers) and now that it's come back online it's working again. The router was never rebooted (78 day uptime). Wonder if the carrier or ISP might be doing something weird... Regards Russell -----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Mike Everest Sent: Saturday, 30 September 2017 5:58 To: 'MikroTik Australia Public List' <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] Can't connect through Winbox/Dude That looks normal to me (try it also when working to compare) Check your local connected router too are the packets returning all the way? And are they coming back with the same IP address as expected? Cheers,..
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Russell Hurren Sent: Friday, 29 September 2017 8:53 PM To: MikroTik Australia Public List <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] Can't connect through Winbox/Dude
Thanks Mike
When I run torch on the pppoe interface with my router as the src-address, port 8291, I see the following briefly when I try to connect from Winbox, but then it doesn't show anything else after half a second.
MAC-PROTOCOL SRC-ADDRESS SRC-PORT DST-PORT TX RX TX-PACKETS RX-PACKETS ip 10.180.32.34 63506 8291 (winbox) 1696bps 2.1kbps 5 5
Regards
Russell
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Mike Everest Sent: Friday, 29 September 2017 18:43 To: 'MikroTik Australia Public List' <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] Can't connect through Winbox/Dude
If you can access it by ssh or webfig, try running torch tool on the internet side interface while trying to hit it by winbox - maybe packets are not even arriving there?
Cheers, Mike.
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Russell Hurren Sent: Friday, 29 September 2017 11:37 AM To: MikroTik Australia Public List <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] Can't connect through Winbox/Dude
Thanks Ben
In this case, the router is sitting between 0% and 1% load. It's accessible via webfig (although I normally have a port forward to the OpenVPN server behind it) and the only address lists are the whitelists for my network.
Regards
Russell
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Ben Farmer Sent: Friday, 29 September 2017 5:42 To: MikroTik Australia Public List <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] Can't connect through Winbox/Dude
Hi Russell,
I can't say I've ever seen a similar problem, except for when the router itself is sitting at 100% CPU usage.
Can you access the device via the web? Could there potentially be a firewall rule that's adding you to a block list? I know dynamic firewall entries are cleared out on reboot.
Regards, Ben
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Russell Hurren Sent: Thursday, 28 September 2017 19:42 To: MikroTik Australia Public List <public@talk.mikrotik.com.au> Subject: [MT-AU Public] Can't connect through Winbox/Dude
I have an intermittent problem where some routers stop allowing Winbox or Dude connections. At the moment I have a CCR1009 at a client site that's working perfectly and I can ssh into it, but I can't use Winbox or the Dude. If I reboot it, it'll come good (but I'll have to do that late at night). I've had some x86 routers do the same thing.
I can't see anything obvious in the logs or active connections. The problem occurs with multiple different ROS versions.
Does anyone have any suggestions for troubleshooting this?
Thanks
Russell
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com. au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com. au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com. au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com. au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com. au
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
participants (3)
-
Ben Farmer
-
Mike Everest
-
Russell Hurren