Virtual Architects Support Wiki

User Tools

Site Tools

You are here: start » networking » router » mikrotik
Trace:
networking:router:mikrotik

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
networking:router:mikrotik [2014/07/30 18:06]
gcooper 		networking:router:mikrotik [2022/02/24 14:23] (current)
gcooper
Line 3: Line 3:
 See also **[[https://www.sonoracomm.com/wiki/doku.php?do=search&id=mikrotik|other Mikrotik pages in this wiki]]** See also **[[https://www.sonoracomm.com/wiki/doku.php?do=search&id=mikrotik|other Mikrotik pages in this wiki]]**
  
-See also **[[sonora:mikrotik_sonora|[[sonora:sonora_mikrotik|Sonora Comm Default MikroTik Configuration Script]]]]**+See also **[[sonora:sc_mikrotik_script|Sonora Comm Default MikroTik Configuration Script]]**
  
 See also **[[networking:router:mikrotik_failover|Mikrotik Failover to a Second Internet Connection]]** See also **[[networking:router:mikrotik_failover|Mikrotik Failover to a Second Internet Connection]]**
Line 13: Line 13:
 http://routerboard.com/ http://routerboard.com/
  
-Mikrotik offers:+**Mikrotik offers a lot of value**:
  
   * Inexpensive router hardware   * Inexpensive router hardware
Line 24: Line 24:
     * Winbox for Windows (don't need to know IP address)     * Winbox for Windows (don't need to know IP address)
     * Webfig web interface     * Webfig web interface
 +
 +===== Configurators =====
 +
 +**Firewall Configurator**: QoS Configurator: http://mikrotikconfig.com/firewall/
 +
 +**QoS Configurator**: http://mikrotikconfig.com/qos/
 +
 +**Load Balance Configurator**: http://mikrotikconfig.com/loadBalance2WANs/
 +
 +**Load Balance Configurator**: http://mikrotikconfig.com/loadBalance3WANs/
 +
  
 ===== Third Party Products ===== ===== Third Party Products =====
Line 54: Line 65:
  
 **Exit Without Saving:** ''[CTRL]+[D]'' **Exit Without Saving:** ''[CTRL]+[D]''
 +
 +Safe mode can be used to minimize the risk of losing contact with the router while performing configuration changes.
 +
 +  * Safe mode is entered by pressing [CTRL]+[X]
 +  * To save changes and quit safe mode, press [CTRL]+[X] again
 +  * To exit without saving the made changes, hit [CTRL]+[D]
 +  * All configuration changes that are made in safe mode are automatically undone if safe mode session terminates abnormally
  
 ===== Backup and Restore ===== ===== Backup and Restore =====
Line 93: Line 111:
 http://wiki.mikrotik.com/wiki/Manual:Default_Configurations http://wiki.mikrotik.com/wiki/Manual:Default_Configurations
  
-==== Safe Mode ====+==== Reset to Defaults ====
  
-Safe mode can be used to minimize the risk of losing contact with the router while performing configuration changes.+=== CLI ===
  
-  * Safe mode is entered by pressing [CTRL]+[X] +<file> 
-  * To save changes and quit safe mode, press [CTRL]+[X] again +/system reset-configuration 
-  * To exit without saving the made changes, hit [CTRL]+[D] +</file>
-  * All configuration changes that are made in safe mode are automatically undone if safe mode session terminates abnormally+
  
-==== Reset to Defaults ====+or
  
 <file> <file>
-/system reset+/system reset-configuration no-defaults=yes 
 </file> </file>
 +
 +=== Reset Button ===
 +
 +The reset button has three functions.
 +
 +Hold the button, then apply power.
 +
 +Depending on when you release the button, it will do these things:
 +
 +  * release immediately (0-5 seconds) after starting the device to load backup bootloader
 +  * release when user LED starts to flash to reset RouterOS (5-10 seconds)
 +  * release after user LED stops flashing to start Etherboot (Netinstall) mode (10+ seconds)
 +
 +Link how to use Netinstall: http://wiki.mikrotik.com/wiki/Netinstall
  
 ==== First Login ==== ==== First Login ====
Line 119: Line 150:
 ==== Set Password ==== ==== Set Password ====
  
-//System -> Users -> Double-Click 'admin' -> Password//+**System -> Users -> Double-Click 'admin' -> Password**
  
 ==== WAN Interface ==== ==== WAN Interface ====
Line 125: Line 156:
 === Dynamic Address === === Dynamic Address ===
  
-//IP -> DHCP Client -> Add New -> ether1//+**IP -> DHCP Client -> Add New -> ether1**
  
 === Static Address === === Static Address ===
  
-//IP -> DHCP Client -> Delete if exists +**IP -> DHCP Client -> Delete if exists 
-IP -> Addresses -> Add New//+IP -> Addresses -> Add New**
  
 ==== NAT ==== ==== NAT ====
  
-//IP -> Firewall -> NAT -> Add New//+**IP -> Firewall -> NAT -> Add New**
  
   * Enabled   * Enabled
Line 151: Line 182:
 ==== Default Gateway ==== ==== Default Gateway ====
  
-//IP -> Routes -> Add New//+**IP -> Routes -> Add New**
  
   * Enabled   * Enabled
Line 160: Line 191:
 ==== Name Resolution ==== ==== Name Resolution ====
  
-//IP -> DNS -> Add New//+**IP -> DNS -> Add New**
  
 ==== Time ==== ==== Time ====
  
-//SNTP Client -> Primary -> 199.102.46.73 +**SNTP Client -> Primary -> 199.102.46.73 
-SNTP Client -> Secondary -> 64.16.214.60//+SNTP Client -> Secondary -> 64.16.214.60**
  
-//Clock -> Time Zone Name -> America/Phoenix//+**Clock -> Time Zone Name -> America/Phoenix**
  
 ==== Interfaces ==== ==== Interfaces ====
Line 179: Line 210:
 === WAN Interfaces === === WAN Interfaces ===
  
-//IP -> Addresses -> Add New -> Use Ether1 as WAN +**IP -> Addresses -> Add New -> Use Ether1 as WAN 
-IP -> Addresses -> Add New -> Use Ether2 if WAN2 is needed//+IP -> Addresses -> Add New -> Use Ether2 if WAN2 is needed**
  
 === LAN Interfaces === === LAN Interfaces ===
Line 189: Line 220:
   * Only single or master (switch) ports can be added to a bridge; slaved ports cannot   * Only single or master (switch) ports can be added to a bridge; slaved ports cannot
  
-//IP -> Addresses -> Add New -> Use others as LAN//+**IP -> Addresses -> Add New -> Use others as LAN**
  
 ==== Wireless ==== ==== Wireless ====
Line 218: Line 249:
 === Wireless Security === === Wireless Security ===
  
-//Wireless -> Security Profiles -> Add New//+**Wireless -> Security Profiles -> Add New**
  
   * Mode   * Mode
Line 233: Line 264:
 :!: If you have any problems with the DHCP server (maybe it didn't hand out a gateway address?), try deleting all existing pools and all existing DHCP servers, then run the **DHCP Setup Wizard**.  In fact, this is probably the fastest, easiest way to configure the DHCP server in most all cases. :!: If you have any problems with the DHCP server (maybe it didn't hand out a gateway address?), try deleting all existing pools and all existing DHCP servers, then run the **DHCP Setup Wizard**.  In fact, this is probably the fastest, easiest way to configure the DHCP server in most all cases.
  
-//IP -> DHCP Server -> DHCP -> DHCP Setup//+**IP -> DHCP Server -> DHCP -> DHCP Setup**
  
 <file> <file>
Line 245: Line 276:
 Create the address pool first: Create the address pool first:
  
-//IP -> Pool -> Add New//+**IP -> Pool -> Add New**
  
   * Addresses: ''192.168.1.65-192.168.1.199''   * Addresses: ''192.168.1.65-192.168.1.199''
Line 251: Line 282:
 Add the DHCP server: Add the DHCP server:
  
-//IP -> DHCP Server -> Add New//+**IP -> DHCP Server -> Add New**
  
   * Use mostly defaults   * Use mostly defaults
Line 260: Line 291:
 This will also create a caching DNS server for use by DHCP clients: This will also create a caching DNS server for use by DHCP clients:
  
-//IP -> DNS -> Settings -> Click (+) twice then enter two DNS servers +**IP -> DNS -> Settings -> Click (+) twice then enter two DNS server 
-IP -> DNS -> Settings -> Allow Remote Requests//+IPs -> DNS -> Settings -> Allow Remote Requests**
  
 ==== Port Forwarding (Destination NAT) ==== ==== Port Forwarding (Destination NAT) ====
Line 270: Line 301:
   * UPnP is available if dynamic port forwarding is desired   * UPnP is available if dynamic port forwarding is desired
  
-//IP -> Firewall -> NAT -> Add New//+**IP -> Firewall -> NAT -> Add New**
  
 <file> <file>
Line 281: Line 312:
 http://aacable.wordpress.com/2011/08/15/mikrotik-howto-prevent-mt-host-from-invalid-login-attempts-from-lanwan-users/ http://aacable.wordpress.com/2011/08/15/mikrotik-howto-prevent-mt-host-from-invalid-login-attempts-from-lanwan-users/
  
-//IP -> Services -> www//+**IP -> Services -> www**
  
   * Port: 81   * Port: 81
Line 300: Line 331:
 add chain=input connection-state=invalid action=drop comment="Drop invalid connections"  add chain=input connection-state=invalid action=drop comment="Drop invalid connections" 
 add chain=input protocol=udp action=accept comment="Allow all UDP" disabled=no  add chain=input protocol=udp action=accept comment="Allow all UDP" disabled=no 
-add chain=input protocol=icmp limit=50/5s,2 comment="Allow limited pings"  +add chain=input protocol=icmp limit=50/5s,2 comment="Allow limited ICMP"  
-add chain=input protocol=icmp action=drop comment="Drop excess pings+add chain=input protocol=icmp action=drop comment="Drop excess ICMP
 add chain=input in-interface=ether2 src-address=192.168.1.0/24 comment="From our LAN" action=accept add chain=input in-interface=ether2 src-address=192.168.1.0/24 comment="From our LAN" action=accept
 add chain=input action=log log-prefix="DROP INPUT" comment="Log everything else" add chain=input action=log log-prefix="DROP INPUT" comment="Log everything else"
Line 340: Line 371:
 http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
  
-//System -> Console +**System -> Console 
-System -> Ports//+System -> Ports**
  
 <file> <file>
networking/router/mikrotik.1406765185.txt.gz · Last modified: 2014/07/30 18:06 by gcooper

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki