Table of Contents
MikroWizard — Network & Firewall Requirements #
Copy of required inbound/outbound ports and external hosts for MikroWizard operation.
1. Server — Inbound Ports (open on MikroWizard server) #
| Port | Protocol | Purpose |
|---|---|---|
| 80 | TCP | HTTP dashboard access; firmware & package downloads by MikroTik devices. |
| 443 | TCP | HTTPS dashboard access. |
| 5014 | UDP | Syslog listener (default Port). |
| 1812 | UDP | RADIUS authentication. |
| 1813 | UDP | RADIUS accounting. |
2. Outbound Connections Required by MikroWizard #
- SSH to MikroTik devices — default
22/TCP. If a device uses a custom SSH port, allow that port. - MikroTik API — default
8728/TCP(allow custom API ports if used). - Internet access for updates & license — allow HTTP/HTTPS to
mikrowizard.com. - Firmware & package downloads — allow HTTP/HTTPS to MikroTik hosts:
download.mikrotik.com,cdn.mikrotik.com, andmikrotik.com.
3. MikroTik Device Requirements #
- Send syslog to the MikroWizard server on
5014/UDP(default) — configurable. - Allow devices to download firmware/packages from the MikroWizard server via
80/TCP(HTTP). Firmware fetching from mikrowizard uses port 80. - If device API or SSH ports are changed, ensure those custom ports are reachable from the MikroWizard server.
4. Firewall Rules — Summary #
Inbound to MikroWizard server: Allow TCP 80, TCP 443 (dashboard & firmware), UDP 5014 (syslog), and UDP 1812/1813 (RADIUS).
Outbound from MikroWizard server: Allow TCP 22 (SSH) and TCP 8728 (API) to MikroTik devices; allow HTTP/HTTPS to mikrowizard.com, download.mikrotik.com, cdn.mikrotik.com, and mikrotik.com.
