this post was submitted on 14 Aug 2025
8 points (100.0% liked)

Mikrotik

403 readers
3 users here now

A community-contributed sublemmy for all things Mikrotik. General ISP and network discussion also permitted. Please ensure if you're asking a question you have checked the Wiki First: https://help.mikrotik.com/

Mikrotik Rules: Don't post content that is incorrect or potentially harmful to a router/network.

This in itself is not a bannable offence but answers that are verifiably incorrect or will cause issues for other users will be edited or removed.

Examples: Factual errors - "EOIP is always unsecure" Configuration problems - Config that would disable all physical interfaces on a router Trolling - "Downgrade it to 5.26"

founded 2 years ago
MODERATORS
rayman30@lemmy.world
8
Back to home connectivity issue (lemmy.dbzer0.com)
submitted 4 months ago by WeAreAllOne@lemmy.dbzer0.com to c/mikrotik@lemmy.world
5 comments fedilink hide all child comments
 

Hey all, so I am trying to figure out, why I can't connect remotely to my router using Back to Home in some cases. I can connect from my mobile, but I can't connect using my laptop via Ethernet cable not via some wifi connections. I've found a wifi connection that works but not on others. What might be the issue here ?

top 5 comments
sorted by: hot top controversial new old
[–] sylver_dragon@lemmy.world 2 points 4 months ago* (last edited 4 months ago)

At a guess, it’s could be the network you are connected to blocking ports. I don’t have Back to Home setup, and a quick search doesn’t turn up what ports it requires. But, it looks like it’s a special use case of WireGuard. And the MikroTik documentation states that the default for WirGuard on MikroTik products is 13231 (source). Some networks may be configured to block all outbound ports which aren't the basic ones (80, 443). Some may also allow things like 500 and 4500 for L2TP, but that list could still be quite limited and not include 13231 or whatever port Back to Home is using.

Another possibility would be DNS issues (it's always DNS). Back to Home seems to rely on some sort of Dynamic DNS (DDNS) system to associate your home IP with a dynamic domain (source). If the network provider you are connecting to is engaging in some sort of DNS fuckery, they may be blocking queries to known DDNS domains. This can often be done as a security measure, since DDNS services used to be in really common use by malware.

[–] sylver_dragon@lemmy.world 2 points 4 months ago (1 children)

I'd guess it's one of two possible issues:

  1. Ports blocked by the network provider. Some networks will block outbound connections on all ports and then explicitly allow some of the common ports (e.g. 80, 443). Some will also allow slightly less common ports for corporate VPN connections (e.g. 500 and 4500 for L2TP). Based on the documentation for Back to Home, it looks like it uses WireGuard underneath. For MikroTik, that uses a default port of 13231 (source). If that port is blocked, outbound by a network provider, the tunnel would fail.
  2. Its always DNS. Based on the documentation Back to Home relies on a Dymanic DNS (DDNS) service. Some networks may specifically block DNS queries for well known DDNS services as a security measure. DDNS services were really popular with malware creators for a while and so DDNS services became a casualty of security configurations.
[–] WeAreAllOne@lemmy.dbzer0.com 1 points 4 months ago

Hmm can't be neither. My mobile works in networks where my laptop via Ethernet does not. But so far my laptop via WiFi only works on a specific network and not on others. I need some more tests and I also might try what the other user below said that I might try adding different shares for laptop and mobile phone.

[–] walden@sub.wetshaving.social 1 points 4 months ago (1 children)

A while ago I decided that BTH only works well for 1 device (using wireguard at least) at a time.

I messed around and made different profiles (not sure of the actual name) for each device and that solved my problems.

Worth a shot.

[–] WeAreAllOne@lemmy.dbzer0.com 2 points 4 months ago

Yeah I might try this too. But in any case I don't use the same share simultaneously. Will look into it.