Whether you have “Elastic Compute Service (ECS)” or “Simple Application Server” instance, you can migrate/replace MikroTik CHR on your instance.

1) To do this, you first need to reinstall your OS to Ubuntu 16.04

2) Go to your Alibaba Cloud account panel, then navigate to the instance’s Security settings. And edit the Firewall settings.

Delete all Firewall ports and add only three ports. The TCP port 22, 443 & 8291

3) Then login to your Ubuntu by SSH as root, and enter the below commands:

wget https://download2.mikrotik.com/routeros/6.40.5/chr-6.40.5.img.zip -O chr.img.zip && \
gunzip -c chr.img.zip > chr.img && \
mount -o loop,offset=33554944 chr.img /mnt && \
ADDRESS=`ip addr show eth0 | grep global | cut -d' ' -f 6 | head -n 1` && \
GATEWAY=`ip route list | grep default | cut -d' ' -f 3` && \
echo "/ip address add address=$ADDRESS interface=[/interface ethernet find where name=ether1]
/ip route add gateway=$GATEWAY
" > /mnt/rw/autorun.scr && \
umount /mnt && \
echo u > /proc/sysrq-trigger && \
dd if=chr.img bs=1024 of=/dev/vda && \
reboot

After copy/paste the commands listed above, press Enter

Wait a minute and your instance will be rebooted automatically in a minute.

4) Download the latest CHR package from https://www.mikrotik.com/download#chr

5) Login to your RouterOS via Winbox, address is your instance’s public IP address, username is admin and password is blank.

6) Upload the CHR main package (.npk) to the Files directory (Login to Winbox > Files )

Select the uploaded NPK file and click “Restore”, if reboot prompt appeared click yes, and reboot the router.

7) Login to Winbox again and reset the router configuration to default configuration and reboot again.

8) Do the password change hurry by logging in to your RouterOS via Winbox, address is your instance’s public IP address, username is admin and password is blank.

9) Also It’s a good idea to create a new user account (Login to Winbox > System > Users) with full permission, then login by the new user and delete the admin account.

10) After securing the password login method, also delete the instance’s Firewall port 22

Reboot and enjoy !