Router – can’t connect to mikrotik via Winbox or Http

connection-refusedmikrotikpptp-clientrouter

We have a Mikrotik RB 750GL and I can't connect to it via Winbox or Http.

There is a PPTP connection (Running) between us (On Internet), That RB is PPTP Client.

Winbox stops on retrieving preferences and then disconnect. and Http webpage doesn't load. But I can connect to it via SSH or Telnet remotely and ping it!

and a local client can connect via Winbox or Http.

also I can't conncet to DVR (which connected to that RB).

None of these solutions work for me:

-Frameware Upgrade
-RouterOS Update
-Try L2TP Conncection
-Change MTU
-Change MRRU
-Another Winbox Version
-disable all Firewall Rules
-RB Client Reset Configuration(!)
-secure mode Winbox
-IP>Services: port and address

I need your help

Best Answer

It may be mss problem; as in Tunnels this is most common problem. Please make sure your packages are Clamped like this:

Put these rules on top on the mangle table.

 ip firewall mangle add chain=forward action=change-mss new-mss=1440 tcp-flags=syn protocol=tcp out-interface=all-ppp tcp-mss=1441-65535 

 ip firewall mangle add chain=forward action=change-mss new-mss=1390 tcp-flags=syn protocol=tcp in-interface=all-ppp tcp-mss=1391-65535

Here is the same rules for Input and Output (which affects mikrotik itself)

 ip firewall mangle add chain=input action=change-mss new-mss=1440 tcp-flags=syn protocol=tcp out-interface=all-ppp tcp-mss=1441-65535 

 ip firewall mangle add chain=input action=change-mss new-mss=1390 tcp-flags=syn protocol=tcp in-interface=all-ppp tcp-mss=1391-65535

 ip firewall mangle add chain=output action=change-mss new-mss=1440 tcp-flags=syn protocol=tcp out-interface=all-ppp tcp-mss=1441-65535 

 ip firewall mangle add chain=output action=change-mss new-mss=1390 tcp-flags=syn protocol=tcp in-interface=all-ppp tcp-mss=1391-65535
Related Topic