Scribd Logo
Fazer o upload

Bem-vindo(a) ao Scribd!

  • Configuring A MikroTik Router For Home or Business

    Enviado por

    fargerm
    208 visualizações3 páginas
    Configure a MikroTik router to function as a basic home or small business router. Set up the WAN port using DHCP or PPPoE depending on the Internet connection. Create a bridge and add all Ethernet and wireless interfaces. Configure DHCP, NAT, and wireless security. Additional firewall configuration is recommended for security.

    Descrição original:

    Título original

    Configuring a MikroTik Router for Home or Business

    Direitos autorais

    © © All Rights Reserved

    Formatos disponíveis

    PDF, TXT ou leia online no Scribd

    Você considera este documento útil?

    Este conteúdo é inapropriado?

    Denunciar este documento
    Configure a MikroTik router to function as a basic home or small business router. Set up the WAN port using DHCP or PPPoE depending on the Internet connection. Create a bridge and add all Ethernet and wireless interfaces. Configure DHCP, NAT, and wireless security. Additional firewall configuration is recommended for security.

    Direitos autorais:

    © All Rights Reserved
    Baixe no formato PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    208 visualizações3 páginas

    Configuring A MikroTik Router For Home or Business

    Enviado por

    fargerm
    Configure a MikroTik router to function as a basic home or small business router. Set up the WAN port using DHCP or PPPoE depending on the Internet connection. Create a bridge and add all Ethernet and wireless interfaces. Configure DHCP, NAT, and wireless security. Additional firewall configuration is recommended for security.

    Direitos autorais:

    © All Rights Reserved
    Baixe no formato PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    de 3

    blog.gowifi.co.

    nz

    http://blog.gowifi.co.nz/2012/08/configuring-mikrotik-router-for-home-or.html

    Configuring a MikroTik Router for Home or Business

    Scenario:
    Configure a MikroTik RouterBoard as a basic Router. The following guide is based on using a MikroTik RB/751U2HnD. This guide however can be used for any MikroTik Router with minor adjustments (i.e. You may have more
    or less ethernet and or wireless interfaces on other Routers and therefore your configuration will be slightly
    different when adding interfaces to the bridge).

    Ensure you are connected to an ethernet port other than ether1 as this is in most cases configured as a WAN port
    with the default RouterOS configuration and prevents Winbox access until the configuration is removed.
    Login to the Router via Winbox and remove the RouterOS Default Configuration.

    Setting up the WAN port:


    Option 1:
    Configure a WAN port that will receive a DHCP address from an uplink Router or ADSL Modem.

    [admin@MikroTik] > /ip dhcp-client add interface=ether1 add-default-route=yes use-peer-dns=yes use-peerntp=yes comment=wan-ip-address disabled=no
    Option 2:
    Configure a WAN port with a PPPoE client (great for connecting to an uplink Draytek ADSL modem that is in
    bridge mode).
    Note: You will need your ISP Username and Password to continue.
    Create a PPP Profile for the PPPoE Client Interface:
    [admin@MikroTik] > /ppp profile add name=ppp-wan change-tcp-mss=yes
    Create the PPPoE Client Interface:

    [admin@MikroTik] > /interface pppoe-client add name=pppoe-wan interface=ether1 user=user.xadsl@xtra.co.nz


    password=my_password add-default-route=yes use-peer-dns=yes profile=ppp-wan allow=pap disabled=no

    Setup DNS:
    [admin@MikroTik] > /ip dns set allow-remote-requests=yes

    Create a bridge and add all the remaining ports / interfaces into it:

    [admin@MikroTik] > /interface bridge add name=bridge-local comment="Internal Network" disabled=no


    [admin@MikroTik] > /interface bridge port add bridge=bridge-local interface=ether2
    [admin@MikroTik] > /interface bridge port add bridge=bridge-local interface=ether3
    [admin@MikroTik] > /interface bridge port add bridge=bridge-local interface=ether4
    [admin@MikroTik] > /interface bridge port add bridge=bridge-local interface=ether5
    [admin@MikroTik] > /interface bridge port add bridge=bridge-local interface=wlan1

    Assign an IP Address to the bridge we created in the previous step:


    [admin@MikroTik] > /ip address add address=192.168.2.1/24 interface=bridge-local

    Configure a DHCP Server for your network:

    [admin@MikroTik] > /ip dhcp-server setup


    Select interface to run DHCP server on
    dhcp server interface: bridge-local
    Select network for DHCP addresses
    dhcp address space: 192.168.2.0/24
    Select gateway for given network
    gateway for dhcp network: 192.168.2.1
    Select pool of ip addresses given out by DHCP server
    addresses to give out: 192.168.2.2-192.168.2.254
    Select DNS servers
    dns servers: 192.168.2.1
    Select lease time
    lease time: 3d

    Configuring NAT for Internet Access:


    Option 1:
    NAT rule for masquerading traffic out ether1 (Use this rule if you have configured your router using WAN Port
    Configuration Option 1).

    [admin@MikroTik] > /ip firewall nat add chain=srcnat out-interface=ether1 action=masquerade comment=natinternet-access disabled=no
    Option 2:
    NAT rule for masquerading traffic out the ppp-wan Interface (Use this rule if you have configured your WAN port
    as a PPPoE Client interface Option 2).

    [admin@MikroTik] > /ip firewall nat add chain=srcnat out-interface=pppoe-wan action=masquerade


    comment=nat-internet-access disabled=no

    Configure the Wireless Interface (if any):


    Note: This wireless configuration is based on 2.4GHz b/g/n.
    Create a Wireless Security Profile:

    [admin@MikroTik] > /interface wireless security-profiles add name=wifi_security mode=dynamic-keys


    authentication-types=wpa2-psk unicast-ciphers=aes-ccm group-ciphers=aes-ccm wpa2-pre-sharedkey=wifipassword123 management-protection=allowed

    Configure Wireless Interface:

    [admin@MikroTik] > /interface wireless set wlan1 mode=ap-bridge band=2ghz-b/g/n channel-width=20/40mhz-htabove frequency=2412 ssid="My MikroTik" wireless-protocol=802.11 security-profile=wifi_security defaultauthentication=yes ht-txchains=0,1 ht-rxchains=0,1 disabled=no

    Basic MikroTik Firewall Configuration:


    At this point your MikroTik router does not have the Firewall configured. This means you will be open to threats
    and attacks from the Internet. For more information on configuring your Routers firewall please visit "Secure your
    MikroTik Firewall"

    Você também pode gostar