View Categories

Admiral Platform Connection Ports & IP’s

1 min read

Use this guide to understand how Admiral connects to your routers and how to allow access while keeping your router secured.

Admiral MikroTik

MikroTik #

Admiral can connect to your MikroTik either over an SSTP Tunnel using randomly generated credentials, or via Management IP with no tunnel. This guide is for SSTP tunnel-connected devices. These devices connect to a central VPN Concentrator on your deployment that can be identified by a domain such as “vpn6.remotewinbox.com”, or by the IP associated with the domain if your device does not have DNS configured.

MikroTik IP’s #

Admiral connects to MikroTiks over an SSTP tunnel, so the VPN Concentrator’s tunnel IP must be trusted by your device. To find this IP, either look in IP > Addresses and copy at the “Network” address on the RemoteWinBoxVPN line, or run the following command:

/ip address print

And identify the IP in the “Network” column of the VPN Connection row. This IP is used until the subnet is exhausted, so on dedicated instances most of your routers will have the same Concentrator IP, but cloud instances will regularly get new subnets and IP’s.

Most commonly you will need to add this IP to the ACLs in IP > Services. Admiral Platform uses the API and SSH Services to connect to devices, so first make sure they are both enabled for full functionality. Double click on a service and make sure the Network IP from above is in the “Available From” box. These lists can also be left empty if control is handled elsewhere on the firewall. Take caution when updating the “Available From” with commands, as it is easy to accidentally override other IP’s that you have in the list. Note: please use care – if you accidentally remove an IP that’s needed for your remote access, you may find yourself locked out of your device! You can also use the following generic ranges:

10.0.0.0/8
172.16.0.0/12
192.168.0.0/16

Another common place to control access is IP > Firewall > Address Lists. This method can vary greatly depending on your Firewall configuration, but you can use the same IP as found above for full functionality.

EZ-Config IP #

Admiral’s EZ-Config service IP requirements:

172.27.0.1

MikroTik Ports & Services #

Admiral Platform uses the API and SSH Services to connect to devices, and automatically detects the ports use by these services. API-SSL can be enabled on dedicated deployments. If the API or SSL service are disabled, then you will not have full feature functionality in the dashboard.

The WINBOX service is also used for remote access. If you are using a custom port here, this must be changed when adding the device to your dashboard. Contact support if you need the WINBOX port changed after adding the device to your dashboard. If the API or SSL service are disabled, then you will not have full feature functionality in the dashboard.

Visit admiralplatform.com for more information on Admiral Platform!
#

Admiral, Guide, MikroTik, MikroTik Cloud Management, Network Management, RemoteWinBox, RemoteWinBox Admiral
What are your Feelings

Powered by BetterDocs

Back To Top