You are on page 1of 39

IndirectManager:

DirectManager:
Supervisor:
TeamMember:

Trainer:

4/12/2012

Mr.GlennMiller
Mr.ChhannSokob
Mr.ImSomara
Mr.HengVichet
Mr.SousVichea
Mrs.YunSophearum
Mr.VaVandy

Content

1. MikroTikRouterOSBasics
2. MikroTikRouterOSBasicConfiguration
3. MikroTikRouterOSFirewallandWebProxy
4. MikroTikRouterOSBandwidthLimit
5. MikroTikRouterOSLocalNetworkManagement
6. MikroTikRouterOSRoutingforVPN
7. MikroTikRouterOSTroubleshooting

4/12/2012
2

Requirements&Objective
Requirements

1.

Networkbasics
TCP/IPBasics
Internet&VPNtechnologies

2. Objectiveoftraining

4/12/2012

Fundamentals/Basics
Firewalling
QualityofService
VirtualPrivateNetworks

MikroTikrouterOSBasic
AdvanceofRouter
Networkingdevicethatforwardsthedatapackets.
RoutingoccursatNetworklayer.
Actsasajunctionbetweentwoormorenetworks.
DifferentfromaSwitchandaHub.
2. RouterOSanditsFeatures
ItisarouteroperatingsystemandsoftwarewhichturnsaregularPC
intoadedicatedrouter
Router
BandwidthControl
Firewall
HotSpotGateway
VPNServer/Client
WirelessAP/Router
Allinonebox

1.

4/12/2012

MikroTikrouterOSBasic
3. Routermaybemanagedthroughthefollowing

interfaces:
Localterminalconsole
Serialconsole
Telnet
SSHSSH(secureshell)
MACTelnet
Winbox(Popular)

4/12/2012

MikroTikrouterOSBasic
WinBoxremotetoMKT

4/12/2012

MikroTikrouterOSBasic
WinBoxInterface

4/12/2012

MikroTikrouterOSBasicStructure
InternetStructurewithP3oEClient/IPBase

Connection

4/12/2012

MikroTikRouterOSBasicConfiguration
1.
2.
3.
4.
5.
6.
7.
8.

InterfaceDescription(Name)
CreateVirtualInterface(Bridge&Switchport)
RouterconfigurationsetipaddressesWAN(P3oEor
IPBase)andLAN
DNS&DHCPserverconfiguration
SetupofIPMasquerading
NetworkTimeProtocol(NTP)tosynchronizeclock
Configurationbackupandexportofselectedsettings
MikroTiklicenses

4/12/2012

MikroTikRouterOSBasicConfiguration
InterfaceDescription(Name)

1.

ClickInterfacesGeneralTabNameApplyOK

4/12/2012

10

MikroTikRouterOSBasicConfiguration
2. CreateVirtualInterface(Bridge&Switchport)
CreateBridge

a)

4/12/2012

ClickBridgeBridgeTabAddGeneralTabName(Input
BridgeName)ApplyOK

11

MikroTikRouterOSBasicConfiguration
2. CreateVirtualInterface(Bridge&Switchport)

4/12/2012

ClickBridgeBridgeTabAddGeneralTabName
(InputBridgeName)ApplyOK

12

MikroTikRouterOSBasicConfiguration
2. CreateVirtualInterface(Bridge&Switchport)
Addinterfacetobridge

b)

ClickBridgePortTabAddGeneralTabInterface(Num)
SelectBridgeNameApplyOK

4/12/2012

13

MikroTikRouterOSBasicConfiguration
3. RouterconfigurationsetipaddressesWAN(P3oEor

IPBase)andLAN
SetupWAN(IPBaseIPAddress)

ClickIPSelectAddressAddAddress
(110.74.204.40/27)SelectInterfaceApplyOK

4/12/2012

14

MikroTikRouterOSBasicConfiguration
3. RouterconfigurationsetipaddressesWAN(P3oEor

IPBase)andLAN
SetupWAN(IPBaseGateways)

ClickIPSelectRoutesAddDst.Address
(0.0.0.0/0)Gateways(110.74.204.62)ApplyOK

4/12/2012

15

MikroTikRouterOSBasicConfiguration
3. RouterconfigurationsetipaddressesWAN(P3oEor

IPBase)andLAN
SetupWAN(PPPoEClient)

ClickPPPInterfaceTabAddPPPoEClient
GeneralTabSelectInterfaceName(EzecomConn)
MaxMTU(1454)SelectInterfaceDialOutTabUser
andpassword(SIPAccount)OtherOption
(Default)ApplyOK

4/12/2012

16

MikroTikRouterOSBasicConfiguration
3. RouterconfigurationsetipaddressesWAN(P3oEor

IPBase)andLAN
SetupWAN(PPPoEClient)

4/12/2012

17

MikroTikRouterOSBasicConfiguration
4. DNS&DHCPserverconfiguration
a) DSNServer

ClickIPSelectDNSSettingtypeserveripTick
AllowRemoteRequestApplyOK

4/12/2012

18

MikroTikRouterOSBasicConfiguration
4. DNS&DHCPserverconfiguration
a) DHCPProcess

4/12/2012

19

MikroTikRouterOSBasicConfiguration
4. DNS&DHCPserverconfiguration
a) DHCPServer

ClickIPSelectDHCPDHCPSetupSelectDHCP
Serverinterface(LAN)NextDHCPAddressSpace
(192.168.1.0/24)NextGatewayforDHCP(LANip)
NextAddresstoGiveOutNextDNSServerNext
Leasetime(3d:00:00:00)NextOK

4/12/2012

20

MikroTikRouterOSBasicConfiguration
5. SetupofIPMasquerading

4/12/2012

ClickIPFirewallTabNATAddGeneralTab
Chain(Scrnat)InterfaceOut(EtherWANorP3oE
ClientName)ActionTabApplyOK

21

MikroTikRouterOSBasicConfiguration
6. NetworkTimeProtocol(NTP)tosynchronizeclock
NTPClient

ClickSystemSelectSNTPClientTickEnableMode
(Unicast)PrimaryNTP&SecondaryofISPApplyOK

4/12/2012

22

MikroTikRouterOSBasicConfiguration
6. NetworkTimeProtocol(NTP)tosynchronizeclock
Clock/Timezone

ClickSystemClockTimeTabTimezonename
(Asia/PhnomPenh)ManualTimeZoneTime
Zone(+07:00)ApplyOK

4/12/2012

23

MikroTikRouterOSBasicConfiguration
7. Configurationbackupandexportofselectedsettings
a) BackupConfiguration

ClickFilesClickBackup

b) RestoreConfiguration

ClickFilesSelectonBackupfileClickonRestore

4/12/2012

24

MikroTikRouterOSBasicConfiguration
9. MikroTiklicenses

ClickSystemLicenses:SoftwareID,UpgradealbeTo,Level

4/12/2012

25

MikroTikRouterOSFirewallandWebProxy
1.

Enableproxyserver
GotoNewTerminal

4/12/2012

26

MikroTikRouterOSFirewallandWebProxy
1.

CreateFilterRuleandNATforproxyserver
FirewallRULEDrop

4/12/2012

ClickIPFirewallFilterRulesTabAdd
Chain(input)Protocol(tcp)Dst.Port(8080)
In.Interface(WAN)ActionTabAction(Drop)Apply
Ok

27

MikroTikRouterOSFirewallandWebProxy
1.

CreateFilterRuleandNATforproxyserver
NATRULE

ClickIPFirewallNATTabAddChain(dsnat)
Protocol(tcp)Dst.Port(80)ActionTabAction(dst
nat)ToAddress(192.168.20.1)Toport(8080)Apply
Ok

4/12/2012

28

MikroTikRouterOSFirewallandWebProxy
1.

CreateFilterRuleandNATforproxyserver
BlockWebSite

ClickIPGeneralTabClickAccessAddDst.
Host(websitewww.facebook.com)Action(Deny)Apply
OK

4/12/2012

29

MikroTikRouterOSBandwidthLimit
1. SimpleQueues

ClickQueuesSimpleQueuesTabAddName(IP
19)TargetAddress(192.168.20.19)Max.
Limit(Up/Down)ApplyOK

4/12/2012

30

MikroTikRouterOSLocalNetworkManagement
1.

AddressResolutionProtocol(ARP)
a) TheARPprotocolprovidestwobasicfunctions:

ResolvingIPv4addressestoMACaddresses
Maintainingacacheofmappings

ARPProcess

b)

ARPrequest(Broadcast)
ARPreply(unicast)

4/12/2012

31

MikroTikRouterOSLocalNetworkManagement
2. DHCPserverwithdynamicandstaticIPaddress

allocation
LeaseTime(DHCPclient)

4/12/2012

32

MikroTikRouterOSRoutingforVPN
1. VPNSample

4/12/2012

33

MikroTikRouterOSRoutingforVPN
2. Routing(StaticRoute):Weconfigureroutedepend

oncustomersrequirementoractualsituation.
3. Verifystaticinroutingtable

4/12/2012

34

MikroTikRouterOSRoutingforVPN
3. AddStaticrouteinMKT

ClickIPRoutesAddDst.Address
(192.168.2.0/24)&Gateways(10.82.253.194)ApplyOK

4. AddDefaultrouteinMKT

ClickIPRoutesAddDst.Address(0.0.0.0/0)&
Gateways(10.82.253.200)ApplyOK

4/12/2012

35

MikroTikRouterOSTroubleshooting
1. CheckPhysicalNetwork
a) Cable,Connector,RouterandModem
2. Logical(Configuration)
a) RouterResource

CPU
Member
Disk

RouterInterface&Queue

b)

P3oEinterface
Queuelimitation

3. MorePractice

4/12/2012

36

MikroTikRouterOSTroubleshooting
1. Suggestion(exceptcustomerhaveITguy)
a) Usernameandpasswordrouter

PowerUser(Full)

Username:admin
Password:net@admin

PrivilegeUser(Write)

Username:ezecom
Password:ezecomit

4/12/2012

37

MikroTikRouterOSReferences
1.
2.
3.
4.
5.

http://www.mikrotik.com/
http://wiki.mikrotik.com/wiki/Manual:TOC
http://www.ispsupplies.com/mikrotiklicense
levels.html
http://gregsowell.com/?p=680
https://powercode.fogbugz.com/default.asp?W37

4/12/2012

38

Thankforyourattention

4/12/2012

39