Services, Protocols, and Ports

Document revision:1.0.0 (Fri Mar 05 08:38:56 GMT 2004)
Applies to: V2.8

General Information

Summary

This document lists protocols and ports used by various MikroTik RouterOS services. It helps you to determine why your MikroTik router listens to certain ports, and what you need to block/allow in case you want to prevent or grant access to the certain services. Please see the relevant sections of the Manual for more explanations.

Submenu level: /ip service

Related Documents

Modifying Service Settings

Submenu level: /ip service

Property Description

name - service name

port (integer: 1..65535) - the port particular service listens on

address (IP address mask; default: 0.0.0.0/0) - IP address(-es) from which the service is accessible

certificate (namenone; default: none) - the name of the certificate used by particular service (absent for the services that do not need certificates)

Example

To set www service to use 8081 port accesible from the 10.10.10.0/24 network:

[admin@MikroTik] ip service> print
Flags: X - disabled, I - invalid
 #   NAME                                  PORT  ADDRESS            CERTIFICATE
 0   telnet                                23    0.0.0.0/0
 1   ftp                                   21    0.0.0.0/0
 2   www                                   80    0.0.0.0/0
 3   hotspot                               8088  0.0.0.0/0
 4   ssh                                   22    0.0.0.0/0
 5   hotspot-ssl                           443   0.0.0.0/0          hotspot
[admin@MikroTik] ip service> set www port=8081 address=10.10.10.0/24
[admin@MikroTik] ip service> print
Flags: X - disabled, I - invalid
  #   NAME                                 PORT  ADDRESS            CERTIFICATE
  0   telnet                               23    0.0.0.0/0
  1   ftp                                  21    0.0.0.0/0
  2   www                                  8081  10.10.10.0/24
  3   hotspot                              8088  0.0.0.0/0
  4   ssh                                  22    0.0.0.0/0
  5   hotspot-ssl                          443   0.0.0.0/0          hotspot
[admin@MikroTik] ip service>

List of Services

Description

Below is the list of protocols and ports used by MikoTik RouterOS services. Some services require additional package to be installed, as well as to be enabled by administrator, exempli gratia bandwidth server.

Port/ProtocolDescription
20/tcpFile Transfer [Default Data]
21/tcpFile Transfer [Control]
22/tcpSSH Remote Login Protocol (Only with security package)
23/tcpDomain Name Server
53/tcpDomain Name Server
67/udpBootstrap Protocol Server, DHCP Client (only with dhcp package)
68/udpBootstrap Protocol Client, DHCP Client (only with dhcp package)
80/tcpWorld Wide Web HTTP
123/tcpNetwork Time Protocol (Only with ntp package)
161/tcpSNMP (Only with snmp package)
443/tcpSecure Socket Layer Encrypted HTTP(Only with hotspot package)
500/udpIKE protocol (Only with ipsec package)
179/tcpBorder Gateway Protocol (Only with routing package)
1719/udph323gatestat (Only with telephony package)
1720/tcph323hostcall (Only with telephony package)
1723/tcp pptp (Only with ppp package)
2000/tcpbandwidth-test server
3986/tcpproxy for winbox
3987/tcpsslproxy for secure winbox (Only with security package)
5678/udpMikroTik Neighbor Discovery Protocol
8080/tcpHTTP Alternate (Only with web-proxy package)
/1ICMP - Internet Control Message
/4IP - IP in IP (encapsulation)
/47GRE - General Routing Encapsulation (Only for PPTP and EoIP)
/50ESP - Encapsulating Security Payload for IPv4 (Only with security package)
/51AH - Authentication Header for IPv4 (Only with security package)
/89OSPFIGP - OSPF Interior Gateway Protocol

© Copyright 1999-2006, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA. Other trademarks and registered trademarks mentioned herein are properties of their respective owners.