Create a dedicated management interface on MikroTik.

It would be nice to see a mikrotik tutorial with a dedicated port placed in a separate vrf limiting it from data traffic ;)

Good advice including the onscreen bit for some additional info was nice.

I always set up an 'emergency' port on all my mikrotiks. Saves so much time. This includes routers and switches. This acts like a dedicated management port we see on enterprise gear like Juniper or Extreme.

I use a different approach but similar. I just edit the FW rule that blocks all what is LAN and I change it to WAN, so any bridge or VLAN interfaces will allow to connect to the router for Management.!!! Very nice video by the way!

Thumbs up just for the Berserk wallpaper!

Good advice! Mistakes taught me to create such management interfaces already 😅

Networkberg . Been a while ,u look more brit now 😅 . Nice one for dropping this . Well appreciated.

Thank you

safe mode is a good mode to be in, just dont forget to leave. ive made that mistake, usually 100 lines into a vrf and it only happened once. honest.

I think you could create a DHCP server on ether2 so you don't need to hard set it on the laptop

yeeeeah gothic FTW in the background!
also looking forward to the remake?
oh and also a side note ... naming interfaces with something like "[ ]" could cause trouble once one starts to work with scripts. just a precaution ;)

How can i configure mikrotik for automatic hitspot billing

Normally you would remove a port from bridge and therefore Lan list with a good purpose like singing it as a Wan port ore just because you would like to route to an other router. You could then make a special list entry like Management and configger a FW rule for just Management and Mac allowing on Management also. Then make sure connectionfor wan is alliwed also for the Management list,that way when adding it to the port, you are sure to cut off everything and can still have a meaningful dual purpose why you deleted it from Bridge 😀

This video seems relevant to my interests, however I'm new to Mikrotik and to 'advanced' networking in general, so I though I'd ask before I start going down the rabbit hole. I have a custom 5G router / modem with a RBM33G board. ETH1 is currently being used to power the device via POE and for management. ETH2 is not part of the default bridge (disabled) and is set up as pass-through for the LTE interface (and it's wired into one of the WAN ports of my multi-WAN router, providing internet access). Forgive my ignorance, but is there a way to use ETH1 for POE and LTE pass-through *and* have it be accessible via Winbox for management? Or is setting up VLANs the only option to have all three things work with only one ethernet cable and interface? Thanks.

do u know what bridge-->port-cost-mod does?

Hi mr.Berg, can you explain me, why after install virbox or vmware player on PC, i can't see mikrotik packets for winbox, i think that somethg with mutilple interfaces, but not understand how fix it, that problem seeing in vrtual environment like GNS or eve-ng.

hello
in this way cant access to all network
we must use romon
is it better to use mangment vlan?

Thank you for the video, quick question when you showed the IP firewall and port 2 wasn't on it does that mean it can not pass any traffic ingress and engress out of the switch or just that port can not connect to the winbox ? The reason I ask is wonder if I only have a direct connect computer to have access would it be better to disable port or just use firewall rule on PFsense 6100 router ? I have the CRS 328-24P-4S+RM. The MK is just used as a switch.

What happened to your pfsense ? Have you stopped using it