How to Securing your MikroTik Router / Firewall

The first step in securing your network is to secure any appliance (managed switch router / firewall / VPN Concentrator) that is directly attached to your network)There are many approaches to securing devices, some are better than others. The Basic concepts of securing your MikroTik Router, or any router for that matter can be summarised as follows; Stop all Unnecessary Services on the MikroTik Router. Create Firewall Lists to Deny all un wanted inbound Traffic and only allow wanted /needed inbound trafic. If you need services on the router to be remotely accessible you should limit the addresses that can connect to the router. If there are services on the router that cannot be pratically limited to a small number of addresses, then you should try to protect...

Read more »

Posted in: Mikrotik

Setting up a MikroTik Router as a HotSpot

This document outlines how to configure a MikroTik RouterBoard to be used as a HIB with SIMPLer. General information on the RouterBoard may be found in the MikroTik Wiki: http://wiki.mikrotik.com/wiki/Category:Manual Basic Setup Do basic setup on the routerboard as per http://wiki.mikrotik.com/wiki/Manual:First_time_startup - basic requirement is to configure ether1 with the following: IP address and gateway Once an IP address is assigned, use Winbox (download from the first time setup page) to do the remainder of the setup. Setup the hotspot as follows (this info is based on http://www.hotspotsystem.com/en/hotspot/install_guide_mikrotik.html Verify that the routerboard DNS settings are correct - click on IP -> DNS and then Settings...

Read more »

Posted in: Mikrotik

How to Setup Your Own Hotspot with MIKROTIK routers

Before starting, reset your router. If you see a message about "Default configuration" press Remove configuration. You need to setup your Mikrotik router by using Winbox. Winbox is the graphical user interface for configuring the Mikrotik Router OS. You can get Winbox from Mikrotik's website. 1. First we need to define the first port for WAN connection so the router will connect to the internet via another router with DHCP. In winbox click IP > DHCP Client and Add DHCP Client to port ether1  2. Let's add the hotspot service to wlan Click IP > HotSpot and the hotspot Setup box, choose wlan1 as hotspot interface. You can accept default values but choose none for certificate. Leave the IP as it is (10.5.50.x). If you...

Read more »

Posted in: Mikrotik

How to Change DNS to google public DNS

In this tutorial , i will show you how to change DNS from Mikrotik router OS to google public DNS. If you have a special configuration DNS from your ISP, make sure the internet stil can running up if you change it to another DNS service. In another case, Sometimes we need to change the DNS server from our ISP to another DNS service provider. If DNS service from ISP is down , we should to do something to resolve this problems to make the internet service still running well. I wrote this tutorials because some friends ask to me how to change their DNS service to google public DNS and another DNS service provider. Ok follow this instruction. Make sure you have been backed up the Mikrotik Router OS configuration. To doing this, see...

Read more »

Posted in: Mikrotik

How to Setup Mikrotik Router OS

After i wrote article about how to install Router OS on a Pc's, Now i will show you how to configure the Mikrotik Router OS as a Internet Gateways. For your information, to setup the Mikrotik Router OS you can use some metode. First, We can configure directly from the pc's . Just turn on the pc and you will show the login screen after the boot process finished. Second : We can use the small tools from mikrotik with Grapic user Interface,The tools is a magic tools, Mikrotik give the name as Winbox . But on this article i will guide you to setting up the router Os with the first methode. Unfortunetly with this methode you will setup the router with command line interface. But don't worry, you can copy paste my configuration for the first time before you understand the command line...

Read more »

Posted in: Mikrotik

How to install Mikrotik Router OS

In this article i will show you how to install MikroTik Router OS on a PCs. Just relax..because this step is very simple and easy to practice at your home. I will Guide you how to install the Router OS step by step. Prepare your pc with minimum requirement: Intel Pentium 3 or pentium 4 with minimal 512 MB storage ( HDD ) and 64 MB Physical Memory. You should buy minimal 1 NIC or Network address Card because the NIC will be used to connetcing the client trhough the internet( On Board and New NIC ). For the first steps, Download the Router OS from official Mikrotik website at this link www.mikrotik.com/download.html and Select system type with PC / x86, Select software type with all version. Download the iso's file. When i wrote...

Read more »

Posted in: Mikrotik

Download Mikrotik

When i  write this article , the last Mikrotik router os version is 5.7 stable version. You can download this OS for free and still can use the OS untill 24 hours. Remember, To be able to use it full time, you must purchase a license key with the record of a license for only one hard drive. Whre i can download this os ?? yeah..you can download the mikrotik router OS from official website Mikrotik.com. Or you can download directly from the link bellow :  USA Link Australia link Australia link Iran Link Italy Link Poland Link South Africa link Sweden Link Indonesia Link Remember, that link is for PC Router (X86) and still ISO format. you Should to burn it to the CD...

Read more »

Posted in: Mikrotik

How to Setting Up Mikrotik Hotspot

For your information , Mikrotik is a router os with all in one solution for small business and solution for your small  or Big Network. Mikrotik Router OS or Mikrotik Router Board can be used and setting as a Hotspot gateway with a login page. In this tutorials i will saw you how to configure Mikrotik as a Hotspot network with Login page and user manager . This is just a basic configuration, in the next article i will guide you to setting up the mikrotik as a hotspot with fully fiutured intergrated system.  Ok, this is it : For the first , make sure your router is have been installed this package : System DHCP Wireless Hotspot Proxy User Manager Security Advanced tools Step to setting up Mikrotik hotspot : system...

Read more »

Posted in: Mikrotik

How To Upgrade Mikrotik

How to upgrade Mikrotik router OS with a new version ? ok..on this article i will show you how to upgrade Mikrotik.  To upgrading mikrotik os with a new version is very simple, Download the last package of mikrotik router os. Extrac the rar or zip file to another folders. Login to mikrotik os with winbox, and open File Menu's , just drag and drop all package to the file. After that, Open new terminal and type this command : system reboot Your router will restart, and when the router boot up your os version has been changed !! ...

Read more »

Posted in: Mikrotik

Remote Mikrotik from Blackberry

Do you have a BlackBerry ? hehehe . if you using this smart phone and you need to remote your servers, you can do it with simple tricks and simple mobile application. This application is free to download and very usefull, when we need to stay connected to our servers, this application can do much :D this application called BBSSH. Download this application over the air and install this tools. read the manuals or you don't need to read if you have experience using ssh tools downloads BBSSH Download BBSSH OTA ...

Read more »

Posted in: Mikrotik

How to backup Mikrotik

In this tutorials, i will show you how to backup your mikrotik. Backup is a must, you need to do this before and after you make a change the router os. Becaouse when you mad a change and you don't have a backup, you can undo your change hehehe Follow this step to make a backup your router : 1. Login with winbox 2. Goto "menu" file on your mikrotik 3. Click Backup on tab menu Thats it :D See the pic bellow ...

Read more »

Posted in: Mikrotik

How to View Log Mikrotik

Some time we need to know what happens with our routers, if someone make a change the router or someone attack our routers, we need to know and analyze the log. How to view log file on mikrotik ? to view log file on mikrotik is very simple. just click on Log menu , see the picture bellow :  Now, you can analyze the log fi...

Read more »

Posted in: Mikrotik

Internet access from VRF with NAT--Mikrotik

MPLS Per-VRF NAT for internet access to L3VPNs Abstract This article will describe the basic configuration of how to provide internet access to L3VPN customers in an MPLS infrastructure. It has been tested with RouterOS version 3.28 with mpls-test and routing-test. This article assumes basic knowledge of MPLS operation as well as knowledge of NAT and routing. Requirements The concepts in this article requires at least one routable public ip address per VRF that needs to have internet access. It also requires you to have a dedicated PE-router to be placed between your internet-connected router and the MPLS network in order to do the actuall NAT translation before the data is transmitted to the internet-facing router. This...

Read more »

Posted in: Mikrotik

Internet access from VRF--Mikrotik

Packages required: routing-test, mpls-test, RouterOS version 3.23+ There are multiple ways how Internet access could be provided to VRF clients. They are outlined in RFC 4364 section 11, for example. Here we show the way how to configure access using global routing table. Example  Default routes Add default routes to VRF routing tables on PE: /ip route add routing-mark=cust-one gateway=10.0.0.1@main /ip route add routing-mark=cust-two gateway=10.0.0.1@main Note that we must explicitly specify that the gateway should be resolved in the @main routing table, otherwise the routes will not become active. Routes to client's networks Routes to client's networks should be added in the main routing table, while their...

Read more »

Posted in: Mikrotik

802.1q Trunk extension over Wireless P2P Link

Introduction It is very common practice to isolate group of users in a network using VLANs. In wired Networks we use lot of Trunk links to carry and extend VLANs from one switch to the other. Sometimes it becomes necessary to plan redundant parallel network links for these trunk links. Now building a trunk link using wi-fi network is little tricky. Let us assume the Scenario as following. A network is having three VLANs with IDs -10,20,30 A Mikrotik P2P link is being configured as trunk for carrying these three VLANs. Eth1 of the wireless routers are connected to the switches. A. Create VLAN interfaces for your vlans You need to create as many VLAN interfaces as the total no. of VLANs being forwarded through...

Read more »

Posted in: Mikrotik

Simple TE on Mikrotik

Network Layout We will create a network consisting of four routers connected in diamond shape as illustrated in diagram below. Each router is connected to neighboring router using /30 network and each of them have unique loopback address form 10.255.0.x network. Loopback addresses will be used as tunnel source and destination. The goal is to interconnect two LAN segments (Lan1, Lan2) using TE tunnels in the way that: traffic in direction from LAN1 to LAN2 goes over path through R2 traffic in direction from LAN2 to LAN1 goes over path through R4 Router Configurations Connectivity between routers and Loopback addresses R1 /system identity set name=R1 /interface bridge add name=Loopback /ip address add address=192.168.33.1/30...

Read more »

Posted in: Mikrotik

Manual:Customizing Hotspot

Summary You can create a completely different set of servlet pages for each HotSpot server you have, specifying the directory it will be stored in html-directory property of a HotSpot server profile /ip hotspot profile. The default servlet pages are copied in the directory of your choice right after you create the profile. This directory can be accessed by connecting to the router with an FTP client. You can modify the pages as you like using the information from this section of the manual. Note that it is suggested to edit the files manually, as automated HTML editing tools may corrupt the pages by removing variables or other vital parts. Available Pages Main HTML servlet pages, which are shown to user: redirect.html -...

Read more »

Posted in: Mikrotik