🔧

Mikrotik Basic Configuration Lecture

Jul 12, 2024

Mikrotik Basic Configuration - Lecture Notes

Introduction

  • Tips and Tricks about Mikrotik
  • Guest: Mr. Valens Riyadi
  • Discussing the initial configuration before advanced settings (firewall, queues, etc.)
  • Importance of understanding the basic setup

Key Steps in Basic Configuration

1. Determining IP Address Allocation

  • Need for IP Address Allocation:
    • Different devices on the network (wireless, cable, hotspot) need IPs
    • Uses Private IP ranges (usually subnet /24 for small networks)
  • **Designing Network Topology: **
    • Public vs. Local Networks
    • Internet source determination (fiber optic, ethernet, wireless, cellular networks)

2. Connecting to Winbox

  • Downloading Winbox:
    • Available on mikrotik.com
    • Alternatively, use webfig (web browser)
  • Initial Connection:
    • Avoid port 1 for initial connection due to default protection
    • Use ports 2-10

3. Removing Default Configurations

  • Default Configurations:
    • Often conflict with customized settings
    • Removing them for a fresh start
    • Removing prevents conflicts during customization

4. Setting User Credentials

  • Importance of Changing Default Credentials:
    • Default credentials are well-known (admin, no password)
  • Steps:
    • Create a new user with full rights
    • Disable default 'admin' user

5. Configuring Network Interfaces

  • WAN and LAN Interfaces:
    • Set WAN interface for ISP connection
    • Set LAN interface for local devices
  • Using Bridges:
    • Create bridges for WAN and LAN for flexibility
    • Allows easy physical port changes without reconfiguring rules

6. IP Address and Gateway Configuration

  • DHCP Client Configuration:
    • Automatically obtain IP from ISP
  • Static IP Configuration:
    • Manually set IP if ISP provides static IP
    • Adding gateway and IP address correctly

7. Testing Internet Connectivity

  • Ping Tests:
    • Ping gateway to ensure connectivity (e.g., ping 10.10.10.1)
    • Ping public IPs to test internet connectivity (e.g., ping 8.8.8.8)

8. DNS Configuration

  • Setting DNS Server:
    • Enter DNS server provided by ISP or use public DNS like 8.8.8.8
    • Enable 'Allow Remote Requests' for local network service

9. Configuring LAN and Wireless Access

  • IP Address for LAN:
    • Set private IP for LAN (e.g., 192.168.1.1)
  • Setting Up DHCP Server:
    • Configuration wizard simplifies setup
    • Assign IP ranges and DNS settings for LAN clients

10. NAT (Network Address Translation)

  • Source NAT Configuration:
    • Use masquerade action to allow internet access
    • Set correct outbound interface (e.g., bridge-WAN)

11. Optional Configurations

  • Enabling QoS and Bandwidth Limitation:
    • Use simple queue for basic bandwidth control
  • Security Settings:
    • Disable unused IP services (e.g., API, FTP, Telnet)
    • Protect SSH and other services with specific IP ranges

12. Wireless Configuration

  • Setting Up Wireless Interfaces:
    • Enable and configure 2.4GHz and 5GHz settings
    • Set security profiles and SSID

13. PPPoE Setup

  • Configuring PPPoE Client:
    • For ISPs using PPPoE protocol
    • Requires username and password from ISP
  • Adjust NAT for PPPoE Interface:
    • Add NAT rule with new PPPoE interface

14. Advanced Tips and Protection

  • Handling Hotspot Services:
    • Setup separate bridge for hotspot users
  • Updating RouterOS:
    • Regular updates for bug fixes and security patches

Conclusion

  • Recap of basic configuration steps
  • Security configurations
  • Encouragement to explore advanced settings
  • Subscription reminder for latest updates

Full transcript