@BrianHiggins
I agree totally. it's really gotten difficult and overly complicated to deploy mikrotiks as of past few years.
3x issues (in order):
1- default passwords (and no way to wipe that PW) - we can't be expected to retain these passwords for each device (or have to reach out to XYZ to get it, at 3am when equipment may be hard to reach - unless that is an automated 24/7 type of system, or better yet see solition to #3)
2- The default configuration overly locked-down (ie no way for legitimate admins to get into RB in a remote/remote-hands situation) (i know some will disagree with me on this one and their concerns may be valid) -My suggestion is that there be a compromise and for example holding the reset button for 30 or even 60 seconds fully wipes default config (ie same as /sys reset no-defaults=yes , if you include that the long press also wipes the factory password, then you have a solution to ALL 3x OF THESE!! :) )
3- remove / exclusion of serial ports - (and lack of clear documentation on this) - ie Last week was working on an RB5009, rumors (not docs) state that you can attach a USB serial adapter and thus get OOB access like before (could not get this to work and i use serial frequently) - thus am forced to wipe/default wipe, and deal with issues #1 and #2 above ( loop)
I feel several of these are an overreaction to bad press mikrotik has received over the past few years (In my opinion unfair PR against mikrotik re; security). I know in some cases legislation is involved, but only applies to default/fresh out of box experience for *consumers*.
I hope mikrotik changes one or more of these going forward.
thanks
I agree totally. it's really gotten difficult and overly complicated to deploy mikrotiks as of past few years.
3x issues (in order):
1- default passwords (and no way to wipe that PW) - we can't be expected to retain these passwords for each device (or have to reach out to XYZ to get it, at 3am when equipment may be hard to reach - unless that is an automated 24/7 type of system, or better yet see solition to #3)
2- The default configuration overly locked-down (ie no way for legitimate admins to get into RB in a remote/remote-hands situation) (i know some will disagree with me on this one and their concerns may be valid) -My suggestion is that there be a compromise and for example holding the reset button for 30 or even 60 seconds fully wipes default config (ie same as /sys reset no-defaults=yes , if you include that the long press also wipes the factory password, then you have a solution to ALL 3x OF THESE!! :) )
3- remove / exclusion of serial ports - (and lack of clear documentation on this) - ie Last week was working on an RB5009, rumors (not docs) state that you can attach a USB serial adapter and thus get OOB access like before (could not get this to work and i use serial frequently) - thus am forced to wipe/default wipe, and deal with issues #1 and #2 above ( loop)
I feel several of these are an overreaction to bad press mikrotik has received over the past few years (In my opinion unfair PR against mikrotik re; security). I know in some cases legislation is involved, but only applies to default/fresh out of box experience for *consumers*.
I hope mikrotik changes one or more of these going forward.
thanks
Statistics: Posted by jo2jo — Mon Mar 04, 2024 11:36 pm