While configuring Multiple Networks VPNs (Multiple policy and destination SubNets reached via the same remote IPSec VPN Peer) between Mikrotik and other Firewalls, traffic would randomly stop for certain destinations.
Packet forwarding and encryption only works for one destination (the first matched IPSec Policy) and any other destination (and only the first matched one) will be reachable by performing a ‘SA Flush’.
It is sometimes possible to change router configuration in a way that will make the router inaccessible from a remote connection and an access from the local console is needed to repair the mistake.
Usually this is done by accident, but there is no way to undo last change when connection to router is already cut.
In RouterOS, Safe Mode can be used to minimize this risk.
Configuration Backup can be used to save MikroTik RouterOS configuration to a binary file, which can be stored on the router or downloaded from it using FTP for future use.
The configuration restore can be used for restoring the router’s configuration, exactly as it was at the backup creation moment, from a backup file.
The restoration procedure assumes the configuration is restored on the same router, where the backup file was originally created, so it will create partially broken configuration if the hardware has been changed.
Configuration Export can be used for dumping out complete or partial MikroTik RouterOS configuration to the console screen or to a text file, which can be downloaded from the router using FTP protocol.
The configuration dumped is actually a batch of commands that add (without removing the existing configuration) the selected configuration to a router.
Network administrators often use Protocol Sniffers to debug remote network problems.
Here is a brief explanation on how to configure WireShark to receive MikroTik RouterOS Sniffer Stream (in TZSP format).
Port knocking is a method of establishing a connection to a networked device that has no open ports.
Before a connection is established, ports are opened using a port knock sequence, which is a series of connection attempts to closed ports.