Mikrotik

Page 1 of 212

Course Description & Syllabi

This three day course will cover MikroTik official certification material plus much more! Real world examples will be shown and demonstrated as part of the class. Each student will obtain a base understanding of MikroTik RouterOS and learn skills that can be applied to there current networks and projects. Course includes labs where you will configure RouterOS and build networks. At the end of the class you will have the chance to take the Official MTCNA & MTCRE test provided by MikroTik.

Click here for the course outline

 

What You Need to Bring

Laptop with at least 1 ethernet port

Power Strip approximately 10′ in length

Two ethernet cables 6′-14′ in length

 

Location

Continue reading

MTCRE-MTCTCE Training before the MUM!

 

Course Description & Syllabi

This three day course before the MUM will cover MikroTik official certification material plus much more! Real world examples will be shown and demonstrated as part of the class. Each student will obtain a base understanding of MikroTik RouterOS and learn skills that can be applied to there current networks and projects. Course includes labs where you will configure RouterOS and build networks. At the end of the class you will have the chance to take the Official MTCRE and MTCTCE test provided by MikroTik.

Click here for the MTCTCE course outline

Click here for the MTCRE course outline

Information about the MUM

 

Location

Ramada Plaza Hotel St. Louis Downtown/At Convention Center
811 N. 9th Street, Washington Ave and N. 9th St, St. Louis, MO 63101 US

The class will be held in the Lafayette metting room.

Continue reading

Course Description & Syllabi

This three day course will cover MikroTik official certification material plus much more! Real world examples will be shown and demonstrated as part of the class. Each student will obtain a base understanding of MikroTik RouterOS and learn skills that can be applied to there current networks and projects. Course includes labs where you will configure RouterOS and build networks. At the end of the class you will have the chance to take the Official MTCNA test provided by MikroTik.

Click here for the course outline

 

What You Need to Bring

Laptop with at least 1 ethernet port

Power Strip approximately 10′ in length

Two ethernet cables 6′-14′ in length

 

Location

Country Inn & Suites

Country Inn & Suites

105 Alex Lane – Charleston, West Virginia 25304

1-800-830-5222

Room rate : $95 (per night)

Website: http://www.countryinns.com/charleston-hotel-wv-25304/wvcharle/

To get the group rate, call the hotel and tell them you are with the MikroTik group.

 

Continue reading

I came across a handy little application called DiffMerge that allows you to compare multiple files and make changes while open.  This is extremely useful when comparing multiple MikroTik configuration files.  Previously I used sdiff, but I think this is much easier to use.

DiffMerge

 

 

DiffMerge is a free application and can be used on OSX, Windows, and Linux.  The download can be found here.

http://www.sourcegear.com/diffmerge/

 

This is my first setup with 3G on a Routerboard.  It took a little longer than I wanted to figure everything out, but I eventually got it working.

 

The steps that made it work.

  1. Place the UMTS drivers in the /firmware directory on the Routerboard (You should be able to get them from whom you purchased the card.)
  2. Install the Gobi 2000 and power on the router.
  3. Shutdown the router and install the SIM card
  4. Add the ppp-client with the settings below. Continue reading

Sometimes you will need to connect to a router that either has a dynamic IP or a domain name instead of directly to the IP address.  This is easily achieved using RouterOS  with a simple script.  Using the script below you will need to change PPP-INTERFACE to the name of your PPP interface and VPN.YOURDOMAIN.COM to the domain name of what you are trying to connect to.

/system script
    add name="CBrown-VPN DNS" policy=\
    ftp,reboot,read,write,policy,test,winbox,password source=":global pptpinte\
    rfacename \"PPP-INTERFACE\"\r\
    \n:global pptpdnsname \"VPN.YOURDOMAIN.COM\"\r\
    \n:global pptpdnsip [:resolve \$pptpdnsname]\r\
    \n:global currentip [/interface pptp-client get \$pptpinterfacename connec\
    t-to]\r\
    \n:if (\$currentip != \$pptpdnsip) do={ /interface pptp-client set [find n\
    ame=\$pptpinterfacename] connect-to=\$pptpdnsip}\r\
    \n}"

Continue reading

Here are the rules I use to open my NAT on Xbox Live.  Xbox.com says to “open” ports 88udp, 3074udp/tcp, 53udp/tcp, and 80tcp.  Assuming you can browse the internet you don’t need to NAT 80 and 53 to your Xbox.  These are just HTTP and DNS traffic which you should already have working.  The ports used for actual gaming are 3074 and 88.  One is probably used for the actual game play and the other is more than likely used for voice.  I am not sure and could be completely wrong, either way you need to NAT them both. Continue reading

Here is the configuration for a Point-to-Point link that can be used with a number of MikroTik devices.  With this example I used two StationTik 5G’s but could be used with SXT’s or any other Point-to-Point devices.  You might need to change your frequency depending on usage in your area.

AP Side

/interface bridge
add l2mtu=1600 name=bridge1
/interface wireless
set 0 band=5ghz-onlyn channel-width=20/40mhz-ht-above disabled=no frequency=5745 \
    ht-rxchains=0,1 ht-txchains=0,1 l2mtu=2290 \
    mode=bridge nv2-preshared-key=yourpass nv2-security=enabled ssid=PtP wireless-protocol=nv2
/interface wireless security-profiles
set [ find default=yes ] group-ciphers="" supplicant-identity=MikroTik unicast-ciphers=""
/interface bridge port
add bridge=bridge1 interface=wlan1
add bridge=bridge1 interface=ether1
/ip address
add address=10.36.84.4/24 interface=bridge1
/ip dhcp-client
add interface=bridge1
/system clock
set time-zone-name=America/New_York
/system identity
set name=AP
/system ntp client
set enabled=yes mode=unicast primary-ntp=64.90.182.55

Continue reading

Recently I have needed to restrict access to the internet during certain hours.  This is very easy to achieve with MikroTIk using a few mangle and filter rules.  I currently have this configuration on a RB751 so I am using a bridge for the LAN.  I have ports 2-5 switched together and then bridged the wlan1 and ether2 (the master port) together.  Instead of just restricting everything on the bridge I wanted to be able to allow access to myself and certain others during “restricted times”, and this is why I used mangle to mark connections and filter via the connection marks.

Here you can see the two rules mark the connections from my allowed devices.  The last two rules mark everything else in and out of the DHCP bridge.

/ip firewall mangle
add action=mark-connection chain=forward comment="Mark CBrown Computer" disabled=no in-interface=DHCP \
    new-connection-mark=Allowed passthrough=no src-mac-address=XX:XX:XX:XX:XX:XX
add action=mark-connection chain=forward comment="Mark CBrown iPhone" disabled=no in-interface=DHCP \
    new-connection-mark=Allowed passthrough=no src-mac-address=XX:XX:XX:XX:XX:XX
add action=mark-connection chain=prerouting comment="DHCP Upload" disabled=no in-interface=DHCP \
    new-connection-mark=DHCP passthrough=no
add action=mark-connection chain=postrouting comment="DHCP Download" disabled=no new-connection-mark=DHCP \
    out-interface=DHCP passthrough=no

Continue reading

This article goes with Marking Traffic for Queueing.

I did use the new queue type (mq-pfifo {multi-queue packets-first-in-first-out) in this setup and it worked fine.  I also had it setup with the default and it worked fine as well.

You will setup your trees per WAN connection. One for each global-in (download) and global-out (upload) for each WAN.

Make sure to send the correct packet marks from each WAN to each queue tree.

Continue reading

Page 1 of 212

Categories

Archives