How to add a remote IP Address to the Mikrotik Router step by step

🌐 In MikroTik RouterOS, adding a remote IP address typically means setting up a static route, remote network, or peer IP to communicate with external devices or networks. This is commonly used for:

• Remote access via VPN
• Static routing to another network
• Whitelisting trusted IPs for services like SSH, Winbox, or HTTPS

This guide walks you through different ways to add a remote IP address on your MikroTik router using Winbox and CLI.

🔧 Step-by-Step: Add a Remote IP Address to MikroTik Router

📌 Scenario 1: Add a Static Route to a Remote IP/Subnet

✅ Using Winbox (GUI)

1. Open Winbox and log in to your router.
2. Go to IP → Routes.
3. Click the “+” to add a new route.
4. In the Dst. Address, enter the remote network or IP (e.g., 192.168.100.0/24 or 203.0.113.10/32 for a single IP).
5. In the Gateway field, enter the next hop IP (e.g., the IP of the ISP gateway or VPN tunnel).
6. (Optional) Set distance if you have multiple routes.
7. Click OK.

✅ Using CLI

/ip route add dst-address=192.168.100.0/24 gateway=192.168.88.1

Replace dst-address with the remote network or IP, and gateway with your actual next hop.

📌 Scenario 2: Add a Remote IP to an Address List (for Access Control)

This is useful when you want to allow or block access from a specific IP using firewall rules.

✅ Using Winbox

1. Go to IP → Firewall → Address Lists.
2. Click “+” to add a new entry.
3. Enter a name (e.g., allowed-remote).
4. In the Address field, type the remote IP (e.g., 203.0.113.5).
5. (Optional) Add a comment.
6. Click OK.

✅ Using CLI

/ip firewall address-list add list=allowed-remote address=203.0.113.5 comment="Remote admin"

You can use this list in firewall filter rules to allow/deny access to services.

📌 Scenario 3: Allow a Remote IP to Access Services (SSH, Winbox, etc.)

To allow only certain remote IPs to access specific services:

✅ Using Winbox

1. Go to IP → Services.
2. Click on the service (e.g., ssh, www-ssl, winbox).
3. In the Available From field, enter the trusted remote IP or subnet (e.g., 203.0.113.5 or 203.0.113.0/24).
4. Click OK.

✅ Using CLI

/ip service set ssh address=203.0.113.5/32

Repeat for other services as needed.

✅ Final Thoughts

Adding a remote IP address to your MikroTik router is essential for managing secure and efficient network operations. It is important for routing, access control, and firewall whitelisting. Using either Winbox or the CLI, you can define exactly how your router communicates with external devices or networks.

🔗 Need hardware for more advanced MikroTik setups?
Visit our Amazon affiliate store for recommended MikroTik routers and accessories. Supporting us through your purchases helps keep these tutorials coming, at no additional cost to you!