RouterOS(Ros)开启HTTPS管理后台访问笔记
网关是10.10.10.253
- 自签证书
/certificate
add name=root-cert common-name=Router days-valid=3650 key-usage=key-cert-sign,crl-sign
sign root-cert
add name=https-cert common-name=Router days-valid=3650
sign ca=root-cert https-cert
- 开启https访问,关闭80端口访问
/ip service
set www-ssl certificate=https-cert disabled=no
set www disabled=yes
- Web管理后台80端口重定向至443端口
/ip firewall nat
add chain=dstnat dst-address=10.10.10.253 protocol=tcp dst-port=80 action=redirect to-ports=443