Escolar Documentos
Profissional Documentos
Cultura Documentos
Installation Process:
Boot Sequence: 1st Boot = CDROM
Step 1: Select all = Press a
Step 2: Locally = Press i
Step 3: Initial Configuration ( Y/N )? = Press N Remove the OLD configuration
Step 4: Continue ( Y/N ) ? = Press Y It will continue the Process
Step 5: Reboot = Press ENTER for Reboot
MikroTik Login: admin
Password: Press ENTER
[admin@MikroTik] >
/* Installation Done ! */
IP Setting in MikroTik:
[pavel@MikroTik] > ip
[pavel@MikroTik] ip> add
/* Press ENTER */
/* Press ENTER */
/* Press ENTER */
/* Press ENTER */
/* Press ENTER */
/* Press ENTER */
Advanced
Step: 2
We have to create individual Queues also and assign Bandwidth against
that Queues as Child. We can do this by following Command or Manually
which is shown in figure below:
Child
name="Nafcable_1" target-addresses=10.3.12.11/32 dst-address=0.0.0.0/0
interface=all parent=Naf_Cable_Network direction=both priority=8
queue=default-small/default-small limit-at=6000/6000
max-limit=32000/56000 total-queue=default-small
time=0s-1d,sun,mon,tue,wed,thu,fri,sat
Procedure: Queues Simple Queues --|-- General
Advanced
Step: 3
After following Step:1 and Step:2, a Parent will create and every Child
will consume Bandwidth from that Parent. Each child has assigned its
own Bandwidth but it couldnt be exceed its Group Bandwidth. The
following Figure shows the details.
Step: 4
We have to allowed Gateway 10.3.12.250 for the IP series 10.3.12.0/24.
For that, Every IP behind that Network will get Access in Server.
Procedure: Gateway is 10.3.12.250 : IP Address --|--
Step: 5
ARP entry is Most necessary for accessing Server. If missing it for any
IP then IP will not allow for that Server.
Procedure: ARP entry: IP ARP --|--
Step: 6
In order to get Bandwidth from Server, We have to Masquerade that IP
Series. Except that no IP will get Bandwidth.
Masquerade: IP Firewall NAT
Step:1
We have to create user ID by following Figure below:
Procedure: ppp Secret --|--
Step:2
We have to create Profile for each Package by fulfilling two options
shown in Figure below:
Procedure: ppp Profile General
Step:3
We must select Interface from where PPPoE will be connected. Following
Figure shows the details.
Procedure: ppp Interface PPPoE Server
Step:4
IP Pool must be declared for obtaining IP from Server automatically.
Procedure: IP Pool
Step:2
We have to create DHCP Server by selecting its own Interface. Here
Lease Time most important and 365d 00:00:00 means DHCP Server will
served 365 days for 24 Hours. We must disable Always Broadcast option.
Procedure: IP DHCP Server DHCP
Step:3
We have fulfill Address as Network Address with Masking and DNS Server
with Domain Name. Figure shows the details.
Procedure: IP DHCP Networks
Step:4
Here we have to create Leases for each IP behind Clients Network by
putting the following Info shows the Figure below. The most important
thing is Entry on Client ID. In this field we must put 1: before MAC.
We also remove tick mark from the Check Box mentioning Always
Broadcast.
Procedure:
IP Firewall Mangle
Figure: 2 Procedure:
Figure: 3 Procedure:
In above Figure, New TTL is 1 means it cant cross any HOP except our
MikroTik. In this situation, any client under this Network cant use
Broadband Router or Modems or any other Devices. If we want to allow to
access Broadband router or other Devices then we must increase New TTL
field as 2, 3 or more if needed.
1 =
2 =
3 =
And
No HOP
1 HOP
2 HOP
so on.
Figure shows that 2 Services are enabled and other 5 are disabled.
Protocol gre is needed for VPN and pptp is used for login any Server as
a client of that Server.
Protocol h323 is used for VOIP. Thats why is disable.
Figure: Firewall
eth0
eth1
lo
00:13:D4:61:09:AA
00:0F:FE:43:2B:A2
00:02:44:95:B9:0D
00:02:44:B3:B3:FE
00:0F:EA:06:C1:A8
-F
-A
-A
-A
-A
-A
FORWARD
FORWARD
FORWARD
FORWARD
FORWARD
-s
-s
-s
-s
-s
192.168.31.11/32
192.168.31.12/32
192.168.31.13/32
192.168.31.14/32
192.168.31.15/32
-d
-d
-d
-d
-d
0/0
0/0
0/0
0/0
0/0
-j
-j
-j
-j
-j
ACCEPT
ACCEPT
ACCEPT
ACCEPT
ACCEPT
Startup Control:
[root@MSTech ~]# ntsysv
[*]acpid, [*]autofs, [*]crond, [*]iptables, [*]kudzu, [*]network,
[*]portmap, [*]sshd, [*]xinetd
Network
192.168.190.64
Broadcast
192.168.190.71
Interface
LAN
MAC Address
00:E0:4C:60:11:F2
Interface
LAN
Chain
srcnat
Src. Address
192.168.31.0/24
Out Interface
WAN
Target Address
192.168.31.0/24
192.168.31.11
Max Upload
1M
64k
Max Download
1M
64k
Routing in Mikrotik:
Terminal vt102 detected, using multiline input mode
[pavel@NORTH1] > ip route
[pavel@NORTH1] ip route> add dst-address=192.168.31.0/24 gateway=192.168.190.66