Sign in
Migration Mapping Assistant Your Saved List Partners Sell in AWS Marketplace Amazon Web Services Home Help

Cloud Hosted Router

Use the CHR for protecting your cloud servers using RouterOS firewall which supports Layer7 filtering, dynamic address lists and more; for running your own VPN service or monitoring network infrastructure using The Dude! It can be used as simple to deploy HTTP proxy with domain name filtering, centralized... See more

Customer Reviews

Create Your Own Review

Mikrotik CHR as a secure router to connect remote sites and to get around Mobile B/band Telco CGNAT

  • By Mikrotik Groupie
  • on 07/29/2019

I have been running a Mikrotik CHR for 6 weeks as a theory of concept so that I can locate and access a remote site (farm) for monitoring of security cameras and remote Amateur Radio site. The AWS VPC and the CHR instance works exactly as they intend to.

In Australia the telcos providing mobile phone services primarily use CGNAT (Carrier Grade Network Address Translation). This is good for normal users as it helps to keep them safe from port scanning etc. However the downside is that there is no way of finding the end node as it doesn't have a real external IP Address. Unfortunately DDNS isn't a solution either.

The only way in Australia to obtain a 'real' IP Address is to be a registered company and that also comes at an additional cost to have one applied to your 3g/4g SIM. For me this wasn't an option.

My solution works exceptionally well and that the end nodes will always automatically established a L2TP secure tunnel to the CHR and then routing (in this case RIP) does the rest. So in effect the remote site/s make an automatic connection to the Mikrotik CHR and you establish a connection from your own location. Then you have full remote access functionality.

Can't recommend it enough.

Works great as a VPN server

  • By VPN Guy
  • on 07/16/2019

I've been using 2 of these VMs (each in a different AWS region), as redundant VPN routers (configured exactly the same, except for IP addresses) for SSTP and OVPN clients for the past 2 years or so. Never any one of them has failed, though I use AWS Route53 to monitor (HealthCheck) and failover the DNS record if the active router goes down - a cheap and reliable way to fail over. RouterOS upgrades could be done as on a physical router. I do it one at a time with Route53 DNS failover during upgrades.

Advantage of running these VMs on AWS is that you do not have to depend on the Mikrotik firewall. I use AWS security groups for that purpose.

I've setup daily AWS auto snapshotting of the root volume of the VMs as a reliable backup.

Mikrotik support is not that great, but recently their response times have improved.

doesnt work l2tp

  • By Zim
  • on 12/13/2017

NAT does not skip l2tp packets. And nowhere is there any instruction how to fix it.
Support mikroik doesnt help me.

Amazing !!! the cloud network dream .

  • By Shlomi Gutman
  • on 03/10/2017

Cloud Hosted Router (CHR) is a RouterOS version intended for running as a virtual machine. It supports the x86 64-bit architecture and can be used on most of the popular hypervisors such as VMWare, Hyper-V, VirtualBox, KVM and others. CHR has full RouterOS features enabled by default but has a different licensing model than other RouterOS versions.

showing 1 - 4