That’s insane.
I also wonder, if the architecture is switched, funneling VLANs from
every AP back to a central mother-of-all-routers, why did they use
CCRs rather than switches? All the switching and VLAN stuff can be
done in hardware, and the CPU would just be doing control plane stuff.
*From:*Af [mailto:[email protected]] *On Behalf Of *Josh Luthman
*Sent:* Tuesday, November 15, 2016 1:05 PM
*To:* [email protected] <mailto:[email protected]>
*Subject:* Re: [AFMUG] Mikrotik Password reset for inherited network
More than 1000 VLANs =P
Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
On Tue, Nov 15, 2016 at 2:02 PM, Ken Hohhof <[email protected]
<mailto:[email protected]>> wrote:
I forget, did you say there was a complex configuration with
VLANs? Or was that a different thread?
Might be a VLAN issue. Is there a management VLAN?
*From:*Af [mailto:[email protected]
<mailto:[email protected]>] *On Behalf Of *Josh Luthman
*Sent:* Tuesday, November 15, 2016 12:48 PM
*To:* [email protected] <mailto:[email protected]>
*Subject:* Re: [AFMUG] Mikrotik Password reset for inherited network
By default you can.
You're probably limited by IP, in which case that would be /ip
firewall filter
Josh Luthman
Office: 937-552-2340 <tel:937-552-2340>
Direct: 937-552-2343 <tel:937-552-2343>
1100 Wayne St
Suite 1337
Troy, OH 45373
On Tue, Nov 15, 2016 at 1:40 PM, Brett A Mansfield
<[email protected]
<mailto:[email protected]>> wrote:
Okay, so I'm finally into one of these routers without
resetting it. The problem is that only a single interface
allows me to log into them. I'm not super familiar with these
CCRs, and I've been pulling teeth trying to figure out how to
open it up so I can manage it from any interface. Can anyone
point me to a tutorial or give me instruction on how to
accomplish that?
Thank you,
Brett A Mansfield
On Nov 9, 2016, at 12:05 PM, Adam Moffett
<[email protected] <mailto:[email protected]>> wrote:
Tried serial console?
------ Original Message ------
From: "Josh Reynolds" <[email protected]
<mailto:[email protected]>>
To: [email protected] <mailto:[email protected]>
Sent: 11/9/2016 2:05:09 PM
Subject: Re: [AFMUG] Mikrotik Password reset for
inherited network
Wonder if its only listening on certain IPs or IP
ranges...
On Nov 9, 2016 1:01 PM, "Brett A Mansfield"
<[email protected]
<mailto:[email protected]>> wrote:
Port scan only gave me a single open port, 5678.
Thank you,
Brett A Mansfield
On Nov 9, 2016, at 11:20 AM, Josh Reynolds
<[email protected]
<mailto:[email protected]>> wrote:
Run a port scan on them. Try the web too.
On Nov 9, 2016 11:39 AM, "Brett A Mansfield"
<[email protected]
<mailto:[email protected]>> wrote:
All the romon ports and all other normal
ports used for management aside from the
discovery are either closed or blocked by
an internal firewall.
Thank you,
Brett A Mansfield
On Nov 9, 2016, at 10:18 AM, That One Guy
/sarcasm <[email protected]
<mailto:[email protected]>> wrote:
wrong username/password
you should be able to romon or mac
connect regardless, hopefully he had
romon on and once youre into one you
can get into the rest
On Wed, Nov 9, 2016 at 11:16 AM,
Brett A Mansfield
<[email protected]
<mailto:[email protected]>>
wrote:
So I think I have the correct
password, but no matter what I
get an error when connecting. I
think he may have changed the
management ports. I should be
able to log in via console and
change all of that there, correct?
If so I'll google the guide. My
biggest question is if I try to
log in and the password is wrong
will it tell my username and or
password is wrong or will it just
say "error, cannot connect"?
Thank you,
Brett A Mansfield
On Nov 9, 2016, at 10:07 AM, That
One Guy /sarcasm
<[email protected]
<mailto:[email protected]>>
wrote:
man, ive been hiding that
shame for some time, im glad
to know someone else out
there is equally as guilty
On Wed, Nov 9, 2016 at 9:52
AM, Ken Hohhof
<[email protected]
<mailto:[email protected]>> wrote:
OK, I am lazy, which
means I use Winbox, and
it has the password
stored for every Mikrotik
I manage. Plus I use
Winbox on several
computers - laptops,
desktops, and computers I
remote into. I take it
this guy was not
similarly lazy? If I was
the fired ex-admin, all
you would need is to find
one of the computers I
used Winbox on. Even if
it's not possible to
decrypt the stored
passwords, you could
Winbox into every
Mikrotik and change the
password.
I guess real men use SSH
and the CLI. Oh, and
don't store the
credentials in their SSH
client.
Note, it appears Winbox 3
stores the passwords as
cleartext in
settings.cfg.viw.
-----Original Message-----
From: Af
[mailto:[email protected]
<mailto:[email protected]>]
On Behalf Of Butch Evans
Sent: Wednesday, November
9, 2016 9:10 AM
To: [email protected]
<mailto:[email protected]>
Subject: Re: [AFMUG]
Mikrotik Password reset
for inherited network
On Wed, 2016-11-09 at
00:24 +0000, Brett A
Mansfield wrote:
> I was able to find the
backups. Sadly they are
running v6.36.
>
> If I default it can I
restore its config and
change the password or
> will it apply the old one?
>
>
Google for "mtpass". That
will find the passwords
in the backup file.
If these backups contain
the "old" OR the "new"
password, when you
default/restore the
backup, the password will
be whatever is in that file.
--
Butch Evans
Training and Support for
WISPs
702-537-0979
<tel:702-537-0979>
http://store.wispgear.net/
http://www.butchevans.com/
--
If you only see yourself as
part of the team but
you don't see your team as
part of yourself you
have already failed as part
of the team.
--
If you only see yourself as part of
the team but you don't see your team
as part of yourself you have already
failed as part of the team.
