SlideShare a Scribd company logo

MikroTik Fundamental Class Training

Q
QuynTrnVn4

This document provides information about a MikroTik RouterOS fundamentals training course. The training schedule outlines 6 days of classes covering topics such as introduction, routing, bridging, wireless networking, firewalls, QoS, tunnels and case studies. The objectives of the course are for students to become familiar with RouterOS software and RouterBoard hardware, and to learn how to configure, manage and troubleshoot a MikroTik router. Brief biographical information and contact details are provided for the trainer. An introduction section gives an overview of MikroTik as a company and outlines the various MikroTik certification courses. The document also provides information on RouterOS, RouterBoard hardware, integrated router solutions, custom router

Design
1 of 126
Download to read offline
Fundamental Class Rahmat D. Djatmiko – erdeje85@gmail.com
Training Schedule 08.00 – 10.00 10.15 – 12.15 13.15 – 15.30 Day 1 Introduction MikroTik Basic Routing Day 2 Bridging Wireless Network Management Day 3 Firewall QoS Tunnels Day 4 Linux Basic DNS Server Web Server Day 5 DHCP Server Mail Server Proxy Server Day 6 Case Study Rahmat D. Djatmiko erdeje85@gmail.com 2
Course objectives At the end of this course, the student will: • Be familiar with RouterOS software and RouterBoard products • Be able to configure, manage, do basic troubleshooting of a MikroTik router • Be able to provide basic services to clients Rahmat D. Djatmiko erdeje85@gmail.com 3
About Me • SMK Telkom Malang as Networking Teacher • SMK Telkom MikroTik Academy as Trainer • Freelance Trainer • Contact : • Email : erdeje85@gmail.com • Mobile/WA : 0811353595 • BBM : 527C266F Rahmat D. Djatmiko erdeje85@gmail.com 4
INTRODUCTION MODULE 1 Rahmat D. Djatmiko erdeje85@gmail.com 5
MikroTikls SIA • Software and Hardwate Vendor • Motto : Routing the World • Location : Riga, Latvia (North Europe) Rahmat D. Djatmiko erdeje85@gmail.com 6
MikroTik Certified Rahmat D. Djatmiko erdeje85@gmail.com 7 MikroTik 101 TCP/IP and Basic MTCNA Fundamental Class MTCRE Advanced Routing MTCTCE Advanced Traffic Control MTCWE Advanced Wireless MTCUME Advanced User Management MTCINE Advanced InterNetworking
MTCNA Outline • Introduction • Routing • Bridging • Wireless • Network Management • Firewall • QoS • Tunnels Rahmat D. Djatmiko erdeje85@gmail.com 8
MTCWE Outline • Wireless Installation • Wireless Standard • Wireless Tools • Wireless Troubleshooting • Wireless Advanced Settings • 802.11n • Wireless Security • WDS and MESH • Wireless Bridging • Nstreme Protocol • Nv2 Protocol Rahmat D. Djatmiko erdeje85@gmail.com 9
MTCRE Outline • Static Routing • Point to Point Addressing • VPN • OSPF Rahmat D. Djatmiko erdeje85@gmail.com 10
MTCTCE Outline • Packet Flow Diagram • Firewall filter/nat/mangle • Quality of Service • DNS Client/Cache • DHCP Client/Relay/Server • Web Proxy Rahmat D. Djatmiko erdeje85@gmail.com 11
MTCUME Outline • PPP • PPTP/L2TP • PPPoE • PPP Bridging • IPSec • Hotspot • RADIUS Rahmat D. Djatmiko erdeje85@gmail.com 12
MTCINE Outline • BGP • MPLS • Traffic Engineering Rahmat D. Djatmiko erdeje85@gmail.com 13
MIKROTIK ROUTEROS AND ROUTERBOARD CHAPTER 1 Rahmat D. Djatmiko erdeje85@gmail.com 14
What is RouterOS? • MikroTik RouterOS is the operating system of MikroTik RouterBOARD hardware. • It has all the necessary features for an ISP or network administrator such as routing, firewall, bandwidth management, wireless access point, backhaul link, hotspot gateway, VPN server and more. • RouterOS also compatible with PC • Based on Linux Kernel Rahmat D. Djatmiko erdeje85@gmail.com 15
What is RouterBOARD? • A family of hardware solutions created by MikroTik to answer the needs of customers around the world. • All operate with RouterOS. • Available from low-end spec up until Cloud-Core high-end type Rahmat D. Djatmiko erdeje85@gmail.com 16
Integrated Solutions • These products are provided complete with cases and power adapters. • Ready to use and preconfigured with the most basic functionality. • All you need to do is to plug it in and connect to the Internet or a corporate network. Rahmat D. Djatmiko erdeje85@gmail.com 17
RouterBOARD (boards only) • Small motherboard devices that are sold “as is”. You must choose the case, power adapter and interfaces separately. Perfect for assembling your own systems as they offer the biggest customization options. Rahmat D. Djatmiko erdeje85@gmail.com 18
Enclosures • Indoor and outdoor casings to house your RouterBOARD devices. Select based on: • intended location of use • the RouterBOARD model • the type of connections needed (USB, antennas, etc.). Rahmat D. Djatmiko erdeje85@gmail.com 19
Interfaces • Ethernet modules, fiber SFPs or wireless radio cards to expand the functionality of RouterBOARD devices and PCs running RouterOS. • Once again, selection is based on your needs. Rahmat D. Djatmiko erdeje85@gmail.com 20
Accessories • These devices are made for MikroTik products - power adapters, mounts, antennas and PoE injectors. Rahmat D. Djatmiko erdeje85@gmail.com 21
Why get an integrated router? • Can address many needs • Some add-on options • Little to no expansion • Fixed configuration • Simple, yet solid solution for many needs Rahmat D. Djatmiko erdeje85@gmail.com 22
Integrated router, examples • RB951G-2HnD • Good for home or small office • 5 Gig ports • Built-in Wi-Fi (2,4GHz) • License level 4 Rahmat D. Djatmiko erdeje85@gmail.com 23
Integrated router, examples • SXT Sixpack • (1 OmniTIK U-5HnD with 5 SXT-5HPnD) • Good for WISP or company with branch offices • 5 100Mbps ports (OmniTik) • 5GHz 802.11a/n radios • Can cover 5Km between central and satellite sites Rahmat D. Djatmiko erdeje85@gmail.com 24
Integrated router, examples • CCR1036-12G-4S • Cloud Router • Flagship model • Good for ISPs or company networks • 1U rack mount • 12 Gig ports • Serial console, USB and color touch screen • Default 4G RAM, but can use any size of SO-DIMM RAM Rahmat D. Djatmiko erdeje85@gmail.com 25
Why build your own router? • Can address a greater variety of needs • Many add-on options / Lots of expansion • Customizable configuration • Can be integrated into client equipment or cabinet • More complete solution for particular needs Rahmat D. Djatmiko erdeje85@gmail.com 26
Custom router, examples • Flexible CPE • RB411UAHR • 1 100Mbps port • 1 2,4GHz radio (b/g) • Level 4 license • Add power supply or PoE module • Add 3rd party enclosure • Add 3rd party 3G mini PCI-E modem Rahmat D. Djatmiko erdeje85@gmail.com 27
Custom router, examples • Powerful Hotspot • RB493G • 9 gig ports • Level 5 license • Add power supply or PoE module • Add R2SHPn (2,4GHz radio card) • Add R5SHPn (5GHz radio card) • Add 3rd party enclosure • Add microSD card Rahmat D. Djatmiko erdeje85@gmail.com 28
RouterBOARD Architecture • RouterBOARD build with different architecture • Different architectre means different characteristic in processing and addressing memory Rahmat D. Djatmiko erdeje85@gmail.com 29
RouterBOARD Extended Code • Additional features that come with some type • U – equipped with USB port • A – Advanced, usually comes with higher license llevel • H – High Performance / High Power • R – equipped with embedded wireless card • G – equipped with Gigabit Ethernet interface • P – equipped with PoE port • n – MIMO card • D – Dual Chain • S – equipped with SFP port • L – lite (can be lower license level or lower spec) Rahmat D. Djatmiko erdeje85@gmail.com 30
RouterBOARD Name Code • Three Digits Code Rahmat D. Djatmiko erdeje85@gmail.com 31 RBABCX RouterBOARD Series Number of Ethernet port Number of miniPCI slot Additional Features RB751U-2HnD RouterBOARD Series 5 Ethernet port 1Wireless Interface With USB and 2GHz card, High Power, MIMO and Dual Chain
RouterBOARD Name Code • Four Digits Code Rahmat D. Djatmiko erdeje85@gmail.com 32 RBAACCX-X RouterBOARD Series Interface Information Additional Features RB2011UAS-2HnD RouterBOARD 2000 Series 11 Interfaces (one of them is SFP) With USB, Advanced license level, and SFP port Additional 2GHz card, High power, MIMO and Dual Chain
RouterBOARD Name Code • Some new routers, use abother formats Rahmat D. Djatmiko erdeje85@gmail.com 33 NAME-X RouterBOARD Series Interface Information SXT-5HnD SEXTANT Groove-2 OmniTik
ROUTEROS & ROUTERBOARD LABORATORY 1 Rahmat D. Djatmiko erdeje85@gmail.com 34
[LAB 1] Basic Installation of RouterOS • First download new RouterOS from http://www.mikrotik.com/download • Then write ISO image file to CD or USB and put in CD-ROM Drive and turn on Rahmat D. Djatmiko erdeje85@gmail.com 35
[LAB 1] Basic Installation of RouterOS • After select paclage and then press “i” for start installation • Answer "n" to first question and "y" to second • After installation remove cd and press Enter • After rebooting type “admin” as login and no password Rahmat D. Djatmiko erdeje85@gmail.com 36
[LAB 1] Check Your RouterBOARD • Check RouterBOARD Name Code at the bottom of your router and tell the code! Rahmat D. Djatmiko erdeje85@gmail.com 37
[LAB 1] RouterBOARD Catalog • At least twice a year, MikroTik will release Product Catalog • Open the catalog Q3/Q4 Rahmat D. Djatmiko erdeje85@gmail.com 38
FIRST TIME ACCESSING THE ROUTER CHAPTER 2 Rahmat D. Djatmiko erdeje85@gmail.com 39
Router Access Method Access Via Condition Text Based GUI Need IP Custom Additional Device Keyboard/Monitor If installed in a PC O Serial Console With serial console cable O O Telnet and SSH O O WinBox Used program called winbox.exe O O O FTP O API Socket programming O O Web(HTTP) O O MAC-WinBox Layer 2 connection O O MAC-Telnet Layer 2 connection O Rahmat D. Djatmiko erdeje85@gmail.com 40
Router Access Method • Accessing Command Line Interface (CLI) via Telnet, ssh, serial cable or even keyboard and monitor if router has VGA card. • Accessing Web based GUI (Webfig) • Using WinBox configuration utility • Every router is factory pre-configured with IP address 192.168.88.1/24 on ether1 port. • Default username is admin with empty password. Rahmat D. Djatmiko erdeje85@gmail.com 41
Accessing CLI • Command Line Interface (CLI) allows configuration of the router's settings using text commands. • Since there is a lot of available commands, they are split into groups organized in a way of hierarchical menu levels. • There are several ways how to access CLI: • winbox terminal • telnet • ssh • serial cable etc. Rahmat D. Djatmiko erdeje85@gmail.com 42
Serial Cable • If your device has a Serial port, you can use a console cable. • Plug one end of the serial cable into the console port of the RouterBOARD and the other end in your PC. • You can also use a USB-Serial adapter. Rahmat D. Djatmiko erdeje85@gmail.com 43
Serial Cable • Run a terminal program (HyperTerminal, or Putty on Windows) with the following parameters for All RouterBOARD models except 230: • 115200bit/s, 8 data bits, 1 stop bit, no parity, flow control=none by default. • If parameters are set correctly you should be able to see login prompt. Now you can access router by entering username and password: Rahmat D. Djatmiko erdeje85@gmail.com 44
SSH and Telnet • Standard IP tools to access router • Telnet communications are in clear text • Available on most Operating Systems • Unsecured!! • SSH communications are encrypted • Secured!! • Many Open Source (free) tools available such as PuTTY (http://www.putty.org/) Rahmat D. Djatmiko erdeje85@gmail.com 45
Webfig • If you have router with default configuration, then IP address of the router can be used to connect to the Web interface. • Connect to router with Ethernet cable • Launch browser • Type in the IP address • If asked for, log in. Username is “admin” and password is blank Rahmat D. Djatmiko erdeje85@gmail.com 46
Webfig • You will see : Rahmat D. Djatmiko erdeje85@gmail.com 47 http://wiki.mikrotik.com/wiki/Manual:Webfig
WinBox and MAC-Winbox • WinBox is MikroTik’s proprietary interface to access RouterOS routers. • It can be downloaded from MikroTik’s website or from the router. • It is used to access the router through IP (OSI layer 3) or MAC (OSI layer 2). Rahmat D. Djatmiko erdeje85@gmail.com 48
WinBox and MAC-Winbox • If still in the browser, scroll down and click “logout” • You will see: • Click on “Winbox” • Save “winbox.exe” Rahmat D. Djatmiko erdeje85@gmail.com 49
Winbox - Login Rahmat D. Djatmiko erdeje85@gmail.com 50 Saved router informaation Network Discovery, will show any router that connected with your PC/laptop through layer 2 connection
Winbox - Interface • If parameters are set correctly you should be able to see : Rahmat D. Djatmiko erdeje85@gmail.com 51
ACCESS METHOD LABOLATORY 2 Rahmat D. Djatmiko erdeje85@gmail.com 52
[LAB2] CLI-Direct Access • Access your RouterOS (PC Router) via keyboard and monitor • Login with “admin” user and blank password • Configure your TCP/IP using CLI Rahmat D. Djatmiko erdeje85@gmail.com 53
[LAB2] CLI-Telnet/SSH • Telnet and SSH method use TCP/IP connectivity • Application telnet/ssh in client is needed (ex : putty) Rahmat D. Djatmiko erdeje85@gmail.com 54
[LAB2] Webfig • Access your RouterOS (PC Router) via Internet Browser • Write your router’s IP at URL Rahmat D. Djatmiko erdeje85@gmail.com 55
[LAB2] Winbox • Download Winbox from your webfig’s homepage • Write your router’s IP address or click “...” button for discovery connection • Click Connect button Rahmat D. Djatmiko erdeje85@gmail.com 56
INITIAL CONFIGURATION CHAPTER 3 Rahmat D. Djatmiko erdeje85@gmail.com 57
Basic or blank configuration? • You may or may not have a basic configuration when freshly installed • You may choose not to take the default basic configuration • Check the following web page to find out how your device will behave: http://wiki.mikrotik.com/wiki/Manual:Default_Configurations Rahmat D. Djatmiko erdeje85@gmail.com 58
Default Basic Configuration • When connecting for the first time with WinBox, click on “OK” • The router now has the default basic configuration. Rahmat D. Djatmiko erdeje85@gmail.com 59
Blank Configuration • Can be used in situations when the default basic configuration is not required. • No need for firewall rules • No need for NATing • The minimal steps to setup a basic access to the Internet (if your router does not have a default basic configuration) • LAN IP addresses, Default gateway and DNS server • WAN IP address • NAT rule (masquerade) • SNTP client and time zone Rahmat D. Djatmiko erdeje85@gmail.com 60
Configuration Reset • For some reason, we need to reset the configuration • When we totally forgot the username and password • When the confguration is too complex so it’s much easier to reset to repair them • Configuration reset can be done using several method • Hard-reset, reset the configuration physically • Soft-reset, reset the configuration through winbox/terminal/web Rahmat D. Djatmiko erdeje85@gmail.com 61
BASIC CONFIGURATION LABORATORY 3 Rahmat D. Djatmiko erdeje85@gmail.com 62
[LAB3] Hard-reset - Button • Most RouterBOARD devices are fitted with a reset button. • unplug the device power, hold the button, apply power and wait until the USER LED starts flashing. Now release the button to clear configuration. Rahmat D. Djatmiko erdeje85@gmail.com 63 Reset Button
[LAB3] Hard-reset - Jumper • All RouterBOARD current models are also fitted with a reset jumper hole. • Some devices might need opening of the enclosure. Rahmat D. Djatmiko erdeje85@gmail.com 64 Close the jumper with a metal screwdriver, and boot the board until the configuration is cleared.
[LAB3] Soft-reset • If you still can access the RouterOS, you can execute a soft-reset command using Rahmat D. Djatmiko erdeje85@gmail.com 65
[LAB3] Topology Rahmat D. Djatmiko erdeje85@gmail.com 66
[LAB3] Laptop’s Settings Rahmat D. Djatmiko erdeje85@gmail.com 67 Your laptop’s IP Your router’s IP
[LAB3] LAN Configuration Rahmat D. Djatmiko erdeje85@gmail.com 68
[LAB3] WAN Configuration • Activate wlan interface through interface menu – select wlan interface and click check button • Open wlan configuration through double click wlan interface • Open tab wireless and select station mode Rahmat D. Djatmiko erdeje85@gmail.com 69 1 2 3 4 5 6
[LAB3] Default Route • Open Route List through menu IP – Routes • Click “+” button to create new default route Rahmat D. Djatmiko erdeje85@gmail.com 70 1 2 3 4 5
[LAB3] DNS Resolver • Set DNS server through DNS Settings (menu IP – DNS) • Check “Allow Remote Requests” Rahmat D. Djatmiko erdeje85@gmail.com 71 1 2 3 4
[LAB3] NAT Configuration Rahmat D. Djatmiko erdeje85@gmail.com 72 1 2 3 4 5 6
VERSION AND UPGRADE/DOWNGRADE CHAPTER 4 Rahmat D. Djatmiko erdeje85@gmail.com 73
MikroTik Version • MikroTik features depend on the current version installed on the device. • Current version can be viewed both in the status bar of Winbox or in the package installed in the Router OS. • Installed packages also show what kind of features available in the Router • Package can be a combined package or individual package Rahmat D. Djatmiko erdeje85@gmail.com 74
MikroTik Version Rahmat D. Djatmiko erdeje85@gmail.com 75 Mikrotik Version
RouterOS Package • More information: http://wiki.mikrotik.com/wiki/Manual:System/Packages Rahmat D. Djatmiko erdeje85@gmail.com 76
Working with packages • Individual package installed can be : • Enabled • Disabled • Uninstall • A package should be removed if it’s totally unused and we need to free-up some disk space • All above process is not executed directly, but will be scheduled to be executed when the router reboot Rahmat D. Djatmiko erdeje85@gmail.com 77
Upgrade and Downgrade • Upgrade is needed when we want to get the latest features or bug repair • Downgrade is needed when we figured out that current version has some bug in a specific feature • For upgrading, you need to aware about the license-limitation (upgradable to) Rahmat D. Djatmiko erdeje85@gmail.com 78
Before you upgrade • Know what architecture (mipsbe, ppc, x86, mipsle, tile) you are upgrading. • If in doubt, Winbox indicates the architecture in top left corner! • Know what files you require: • NPK : Base RouterOS image with standard packages (Always) • ZIP : Additional packages (based on needs) • Changelog : Indicates what has changed and special indications (Always) Rahmat D. Djatmiko erdeje85@gmail.com 79
How to upgrade • Get the package files from MikroTik’s website • Downloads page Rahmat D. Djatmiko erdeje85@gmail.com 80
How to upgrade • Three ways • Download file(s) and copy over to router. • “Check for updates” (System -> Packages) • Auto Upgrade (System -> Auto Upgrade) Rahmat D. Djatmiko erdeje85@gmail.com 81
Downloading the files • Copy file(s) to the router via “Files” window. Examples are: • routeros-mipsbe-5.25.npk • ntp-5.25-mipsbe.npk • Reboot • Validate state of router Rahmat D. Djatmiko erdeje85@gmail.com 82
Sending new-package to the Router • Package to-be-installed must upload to the router in File section • There are saveral way to upload the package • Drag and drop • FTP • Since this process using FTP connection, IP validity is very important (winbox has to be able to open the Router through IP, not only mac-address) Rahmat D. Djatmiko erdeje85@gmail.com 83
Checking for updates (with /system packages) • Through the menu “System -> Packages” • Click on “Check for Updates” then “Download & Upgrade” • Reboots automatically • Validate packages and state of router Rahmat D. Djatmiko erdeje85@gmail.com 84
Auto upgrading • Copy required files by all routers to an internal router (source). • Configure all routers to point to source router • Display available packages • Select and download packages • Reboot and validate router Rahmat D. Djatmiko erdeje85@gmail.com 85
UPGRADE OR DOWNGRADE LABORATORY 4 Rahmat D. Djatmiko erdeje85@gmail.com 86
[LAB4] Enable/Disable Package • Open Package List through menu System – Package • Enabling/disabling package – Reboot Router Rahmat D. Djatmiko erdeje85@gmail.com 87
[LAB4] Uninstall Package • Open Package List through menu System – Package • Select package and clik Uninstall button Rahmat D. Djatmiko erdeje85@gmail.com 88
[LAB4] After Uninstall • Look at your “free HDD Space” through System - Resource Rahmat D. Djatmiko erdeje85@gmail.com 89
[LAB4] Upgrade Version • Drad and drop file “new-package” into router via Winbox and then reboot the router Rahmat D. Djatmiko erdeje85@gmail.com 90
[LAB4] Check For Update Rahmat D. Djatmiko erdeje85@gmail.com 91
LICENSE CHAPTER 5 Rahmat D. Djatmiko erdeje85@gmail.com 92
License • RouterOS features also depend on licensing level that attach to the hardware • License of RouterOS is attached to the storage device • E.g. : harddisk, NAND, USB, Compact Flash • If the storage media is formatted with non-mikrotik partition, then the license will be invalid Rahmat D. Djatmiko erdeje85@gmail.com 93
License Level and The Features Rahmat D. Djatmiko erdeje85@gmail.com 94
UPGRADE LICENSE LABORATORY 5 Rahmat D. Djatmiko erdeje85@gmail.com 95
[LAB5] Check Your License • Open License through menu System – License • Software ID used for upgrade license Rahmat D. Djatmiko erdeje85@gmail.com 96
[LAB5] Upgrade PC Router’s License • Open License through menu System – License • Software ID used for upgrade license Rahmat D. Djatmiko erdeje85@gmail.com 97
MANAGING ROUTEROS CHAPTER 6 Rahmat D. Djatmiko erdeje85@gmail.com 98
Login Management • Access to the Router is configured in USER menu • User management is configured by • GROUP – profile of a user, consist of what kind of priveledge is given to a user • USER – login, consist of username and password of a user • User session (current connected users) is showed at “Active Users” tab Rahmat D. Djatmiko erdeje85@gmail.com 99
Login Mgm – active user • Current connected users can be viewed in “Active User”, incuding the method they are using Rahmat D. Djatmiko erdeje85@gmail.com 100
Login Mgm - Group • Group is bunch of restriction that applied to a user Rahmat D. Djatmiko erdeje85@gmail.com 101 Assign some priveledge to a group
Login Mgm - User Rahmat D. Djatmiko erdeje85@gmail.com 102
Service Management • By default, RouterOS provide some services to access it’s configuration Rahmat D. Djatmiko erdeje85@gmail.com 103
Network Time • RouterBOARD doesn’t have any CMOS Batery to save the time, so we must using NTP • Use NTP (Network Time Protocol) to allow the RouterBOARD to synchronize the time with a valid server Rahmat D. Djatmiko erdeje85@gmail.com 104
Backup and Restore • Router configration can be backed-up and saved to be used in the future • There are two types of backups : • Binary backup • Configuration export Rahmat D. Djatmiko erdeje85@gmail.com 105
Binary Backup • Unreadable • Complete system backup • Includes passwords • Assumes that restores will be on same router Rahmat D. Djatmiko erdeje85@gmail.com 106
Configuration Export • Mikrotik allow us to create a configuration script • Can be used to backup only part of configuration • Has to be done through terminal console Rahmat D. Djatmiko erdeje85@gmail.com 107
Archiving backup files • Once generated, copy them to a server • With SFTP (secured approach) • With FTP, if enabled in IP Services • Using drag and drop from “Files” window • Leaving backup files on the router IS NOT a good archival strategy • No tape or CD backups are made of routers Rahmat D. Djatmiko erdeje85@gmail.com 108
CONFIGURATION MANAGEMENT LABORATORY 6 Rahmat D. Djatmiko erdeje85@gmail.com 109
[LAB6] User Management • Add a group named “minimal” • Give it the “telnet”, “read”, and “winbox” rights • Explain these rights • Add a user and give it your name • Assign it to “minimal” group • Give it a password • Assign a password to “admin” • Give it “podX”, where “X” is your pod number • Open a new terminal. What happened? Rahmat D. Djatmiko erdeje85@gmail.com 110
[LAB6] Service Management • Disable these IP Services : • Telnet • WWW • Change port of SSH from 22 to 222 • Try to access your router through Telnet, WWW and SSH • Explain the result Rahmat D. Djatmiko erdeje85@gmail.com 111
[LAB6] Time Management Rahmat D. Djatmiko erdeje85@gmail.com 112
[LAB6] Backup/Restore • Do binary backup • Do configuration backup (export) • Download both of binary anda configuration backup file to local computer • Open all of file with notepad / wordpad • Explain the different • Restore the bnary backup file • Restore the configuration backup (import) Rahmat D. Djatmiko erdeje85@gmail.com 113
NETINSTALL CHAPTER 7 Rahmat D. Djatmiko erdeje85@gmail.com 114
Reinstall • Reinstall RouterOS if the original one became damaged • Reinstall RouterOS if the “admin” password was lost • Can be found on MikroTik’s web site under the download tab • Installation can be using • CD Instalation • Netinstall • Every RouterBOARD, can only be installed using netinstall Rahmat D. Djatmiko erdeje85@gmail.com 115
Step-by-step Netinstall For RBs without a COM port. • Connect computer to Ethernet port 1 • Give computer a static IP address and mask • Launch Netinstall • Click on “Net booting” and write a random IP address in the same subnet as computer • In “Packages” section, click “Browse” and select directory containing valid NPK files Rahmat D. Djatmiko erdeje85@gmail.com 116
Launch Netinstall • Allow this program to passed through any firewall Rahmat D. Djatmiko erdeje85@gmail.com 117
Configure Netinstall • Click Net booting – Check Boot Server enabled – write a random IP address in the same subnet as computer Rahmat D. Djatmiko erdeje85@gmail.com 118
Change the boot-sequence • To be able to install a Router, first the router has to be instructed to boot using Ethernet • There are saveral method to do this • Serial Console • Terminal Console • Winbox • Reset-button Rahmat D. Djatmiko erdeje85@gmail.com 119
Changing the boot Sequence via Winbox Rahmat D. Djatmiko erdeje85@gmail.com 120 1 2 3 4
Changing the boot Sequence via Reset Button • unplug the device power, hold the reset button, apply power and wait until the ACT LED stop flashing. Now release the button to clear reboot from ethernet. Rahmat D. Djatmiko erdeje85@gmail.com 121
Netinstall Ready Status Rahmat D. Djatmiko erdeje85@gmail.com 122
Package Selection Rahmat D. Djatmiko erdeje85@gmail.com 123 1 2 3 4
Installation Process Rahmat D. Djatmiko erdeje85@gmail.com 124
Post Installation • After doing Neinstall, then the configuration and files will be totally empty • Get in to the Router through MAC-Winbox, then do a soft-reset and restore your previous backup Rahmat D. Djatmiko erdeje85@gmail.com 125
NEXT : ROUTING END OF INTRODUCTION MODULE Rahmat D. Djatmiko erdeje85@gmail.com 126

Recommended

Presentatie Alcom - Meetup
Presentatie Alcom - Meetup Presentatie Alcom - Meetup
Presentatie Alcom - Meetup Jesse van Doren
 
MikroTik MTCNA
MikroTik MTCNAMikroTik MTCNA
MikroTik MTCNAAli Layth
 
Kordik fundamental guidtoindustrialnetworking -v_imp
Kordik fundamental guidtoindustrialnetworking -v_impKordik fundamental guidtoindustrialnetworking -v_imp
Kordik fundamental guidtoindustrialnetworking -v_impamsubramanyam
 
MTCNA - MikroTik Certified Network Associate - v2
MTCNA - MikroTik Certified Network Associate - v2MTCNA - MikroTik Certified Network Associate - v2
MTCNA - MikroTik Certified Network Associate - v2Yaser Rahmati
 
ch5-Fog Networks and Cloud Computing
ch5-Fog Networks and Cloud Computingch5-Fog Networks and Cloud Computing
ch5-Fog Networks and Cloud Computingssuser06ea42
 
Bell4GLTE
Bell4GLTEBell4GLTE
Bell4GLTEIshuranga Wijesinghe
 
MTCNA
MTCNAMTCNA
MTCNAgurubelajarmandiri
 
wangwei-resume -for-Netowrk SE
wangwei-resume -for-Netowrk SEwangwei-resume -for-Netowrk SE
wangwei-resume -for-Netowrk SEWei Wang
 

Recommended

Presentatie Alcom - Meetup
Presentatie Alcom - Meetup Presentatie Alcom - Meetup
Presentatie Alcom - Meetup Jesse van Doren
 
MikroTik MTCNA
MikroTik MTCNAMikroTik MTCNA
MikroTik MTCNAAli Layth
 
Kordik fundamental guidtoindustrialnetworking -v_imp
Kordik fundamental guidtoindustrialnetworking -v_impKordik fundamental guidtoindustrialnetworking -v_imp
Kordik fundamental guidtoindustrialnetworking -v_impamsubramanyam
 
MTCNA - MikroTik Certified Network Associate - v2
MTCNA - MikroTik Certified Network Associate - v2MTCNA - MikroTik Certified Network Associate - v2
MTCNA - MikroTik Certified Network Associate - v2Yaser Rahmati
 
ch5-Fog Networks and Cloud Computing
ch5-Fog Networks and Cloud Computingch5-Fog Networks and Cloud Computing
ch5-Fog Networks and Cloud Computingssuser06ea42
 
Bell4GLTE
Bell4GLTEBell4GLTE
Bell4GLTEIshuranga Wijesinghe
 
MTCNA
MTCNAMTCNA
MTCNAgurubelajarmandiri
 
wangwei-resume -for-Netowrk SE
wangwei-resume -for-Netowrk SEwangwei-resume -for-Netowrk SE
wangwei-resume -for-Netowrk SEWei Wang
 
Vsat day-2008-idirect
Vsat day-2008-idirectVsat day-2008-idirect
Vsat day-2008-idirectSSPI Brasil
 
Scalable Service-Oriented Middleware over IP
Scalable Service-Oriented Middleware over IPScalable Service-Oriented Middleware over IP
Scalable Service-Oriented Middleware over IPDai Yang
 
FieldServer for Integrators Overview
FieldServer for Integrators OverviewFieldServer for Integrators Overview
FieldServer for Integrators OverviewSierra Monitor Corporation
 
ICG-2510WG-LTE Industrial 4G LTE Cellular Wireless Gateway with 5-Port 10/10...
ICG-2510WG-LTE Industrial 4G LTE Cellular Wireless Gateway with 5-Port 10/10...ICG-2510WG-LTE Industrial 4G LTE Cellular Wireless Gateway with 5-Port 10/10...
ICG-2510WG-LTE Industrial 4G LTE Cellular Wireless Gateway with 5-Port 10/10...BluBoxx Communication Pvt. ltd
 
Viola Modems
Viola ModemsViola Modems
Viola ModemsEvaldas Paliliūnas
 
Sundance Profile 2014
Sundance Profile 2014Sundance Profile 2014
Sundance Profile 2014Sundance Multiprocessor Technology Ltd.
 
Pushing Data from S7-1200 to Cloud
Pushing Data from S7-1200 to CloudPushing Data from S7-1200 to Cloud
Pushing Data from S7-1200 to CloudDMC, Inc.
 
Galil Ethernet or EtherCAT Motion Control Webinar January 26, 2016
Galil Ethernet or EtherCAT Motion Control Webinar January 26, 2016Galil Ethernet or EtherCAT Motion Control Webinar January 26, 2016
Galil Ethernet or EtherCAT Motion Control Webinar January 26, 2016Electromate
 
MUM Laos 2017 - Choosing Mikrotik for Your Network
MUM Laos 2017 - Choosing Mikrotik for Your NetworkMUM Laos 2017 - Choosing Mikrotik for Your Network
MUM Laos 2017 - Choosing Mikrotik for Your NetworkFaisal Reza
 
Lecture1
Lecture1Lecture1
Lecture1Majid Taghiloo
 
FieldServer for OEM Overview
FieldServer for OEM OverviewFieldServer for OEM Overview
FieldServer for OEM OverviewSierra Monitor Corporation
 
Enterprise Networks for Connected Buildings
Enterprise Networks for Connected BuildingsEnterprise Networks for Connected Buildings
Enterprise Networks for Connected BuildingsPanduit
 
Learn the cutting edge technologies in Data Acquistion, Industrial Control an...
Learn the cutting edge technologies in Data Acquistion, Industrial Control an...Learn the cutting edge technologies in Data Acquistion, Industrial Control an...
Learn the cutting edge technologies in Data Acquistion, Industrial Control an...ICP DAS USA, Inc.
 
Iport ntx pro-embedded_video_interface_data_sheet
Iport ntx pro-embedded_video_interface_data_sheetIport ntx pro-embedded_video_interface_data_sheet
Iport ntx pro-embedded_video_interface_data_sheetWorkswell s.r.o.
 
RUGGEDCOM RSG920P compact switch
RUGGEDCOM RSG920P compact switchRUGGEDCOM RSG920P compact switch
RUGGEDCOM RSG920P compact switchashwini reliserv
 
Integrated Architecture Overview Customer Presentation.PPTX
Integrated Architecture Overview Customer Presentation.PPTXIntegrated Architecture Overview Customer Presentation.PPTX
Integrated Architecture Overview Customer Presentation.PPTXFrank74579
 
Integrated Architecture Overview Customer Presentation.PPTX
Integrated Architecture Overview Customer Presentation.PPTXIntegrated Architecture Overview Customer Presentation.PPTX
Integrated Architecture Overview Customer Presentation.PPTXFrank74579
 
Advanced tower monitoring solutions
Advanced tower monitoring solutions Advanced tower monitoring solutions
Advanced tower monitoring solutions CASCADEMIC Solutions Pvt Ltd
 
Internet Protocol Deep-Dive
Internet Protocol Deep-DiveInternet Protocol Deep-Dive
Internet Protocol Deep-DiveGLC Networks
 
Case Study At91RM9200 Data Hub Controller
Case Study At91RM9200 Data Hub ControllerCase Study At91RM9200 Data Hub Controller
Case Study At91RM9200 Data Hub ControllerPromwad
 
Escorts Service Nagavara ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Escorts Service Nagavara ☎ 7737669865☎ Book Your One night Stand (Bangalore)Escorts Service Nagavara ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Escorts Service Nagavara ☎ 7737669865☎ Book Your One night Stand (Bangalore)amitlee9823
 
young call girls in Vivek Vihar🔝 9953056974 🔝 Delhi escort Service
young call girls in Vivek Vihar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Vivek Vihar🔝 9953056974 🔝 Delhi escort Service
young call girls in Vivek Vihar🔝 9953056974 🔝 Delhi escort Service9953056974 Low Rate Call Girls In Saket, Delhi NCR
 

More Related Content

Similar to MikroTik Fundamental Class Training

Vsat day-2008-idirect
Vsat day-2008-idirectVsat day-2008-idirect
Vsat day-2008-idirectSSPI Brasil
 
Scalable Service-Oriented Middleware over IP
Scalable Service-Oriented Middleware over IPScalable Service-Oriented Middleware over IP
Scalable Service-Oriented Middleware over IPDai Yang
 
ICG-2510WG-LTE Industrial 4G LTE Cellular Wireless Gateway with 5-Port 10/10...
ICG-2510WG-LTE Industrial 4G LTE Cellular Wireless Gateway with 5-Port 10/10...ICG-2510WG-LTE Industrial 4G LTE Cellular Wireless Gateway with 5-Port 10/10...
ICG-2510WG-LTE Industrial 4G LTE Cellular Wireless Gateway with 5-Port 10/10...BluBoxx Communication Pvt. ltd
 
Pushing Data from S7-1200 to Cloud
Pushing Data from S7-1200 to CloudPushing Data from S7-1200 to Cloud
Pushing Data from S7-1200 to CloudDMC, Inc.
 
Galil Ethernet or EtherCAT Motion Control Webinar January 26, 2016
Galil Ethernet or EtherCAT Motion Control Webinar January 26, 2016Galil Ethernet or EtherCAT Motion Control Webinar January 26, 2016
Galil Ethernet or EtherCAT Motion Control Webinar January 26, 2016Electromate
 
MUM Laos 2017 - Choosing Mikrotik for Your Network
MUM Laos 2017 - Choosing Mikrotik for Your NetworkMUM Laos 2017 - Choosing Mikrotik for Your Network
MUM Laos 2017 - Choosing Mikrotik for Your NetworkFaisal Reza
 
Enterprise Networks for Connected Buildings
Enterprise Networks for Connected BuildingsEnterprise Networks for Connected Buildings
Enterprise Networks for Connected BuildingsPanduit
 
Learn the cutting edge technologies in Data Acquistion, Industrial Control an...
Learn the cutting edge technologies in Data Acquistion, Industrial Control an...Learn the cutting edge technologies in Data Acquistion, Industrial Control an...
Learn the cutting edge technologies in Data Acquistion, Industrial Control an...ICP DAS USA, Inc.
 
Iport ntx pro-embedded_video_interface_data_sheet
Iport ntx pro-embedded_video_interface_data_sheetIport ntx pro-embedded_video_interface_data_sheet
Iport ntx pro-embedded_video_interface_data_sheetWorkswell s.r.o.
 
RUGGEDCOM RSG920P compact switch
RUGGEDCOM RSG920P compact switchRUGGEDCOM RSG920P compact switch
RUGGEDCOM RSG920P compact switchashwini reliserv
 
Integrated Architecture Overview Customer Presentation.PPTX
Integrated Architecture Overview Customer Presentation.PPTXIntegrated Architecture Overview Customer Presentation.PPTX
Integrated Architecture Overview Customer Presentation.PPTXFrank74579
 
Integrated Architecture Overview Customer Presentation.PPTX
Integrated Architecture Overview Customer Presentation.PPTXIntegrated Architecture Overview Customer Presentation.PPTX
Integrated Architecture Overview Customer Presentation.PPTXFrank74579
 
Internet Protocol Deep-Dive
Internet Protocol Deep-DiveInternet Protocol Deep-Dive
Internet Protocol Deep-DiveGLC Networks
 
Case Study At91RM9200 Data Hub Controller
Case Study At91RM9200 Data Hub ControllerCase Study At91RM9200 Data Hub Controller
Case Study At91RM9200 Data Hub ControllerPromwad
 

Similar to MikroTik Fundamental Class Training (20)

Vsat day-2008-idirect
Vsat day-2008-idirectVsat day-2008-idirect
Vsat day-2008-idirect
 
Scalable Service-Oriented Middleware over IP
Scalable Service-Oriented Middleware over IPScalable Service-Oriented Middleware over IP
Scalable Service-Oriented Middleware over IP
 
FieldServer for Integrators Overview
FieldServer for Integrators OverviewFieldServer for Integrators Overview
FieldServer for Integrators Overview
 
ICG-2510WG-LTE Industrial 4G LTE Cellular Wireless Gateway with 5-Port 10/10...
ICG-2510WG-LTE Industrial 4G LTE Cellular Wireless Gateway with 5-Port 10/10...ICG-2510WG-LTE Industrial 4G LTE Cellular Wireless Gateway with 5-Port 10/10...
ICG-2510WG-LTE Industrial 4G LTE Cellular Wireless Gateway with 5-Port 10/10...
 
Viola Modems
Viola ModemsViola Modems
Viola Modems
 
Sundance Profile 2014
Sundance Profile 2014Sundance Profile 2014
Sundance Profile 2014
 
Pushing Data from S7-1200 to Cloud
Pushing Data from S7-1200 to CloudPushing Data from S7-1200 to Cloud
Pushing Data from S7-1200 to Cloud
 
Galil Ethernet or EtherCAT Motion Control Webinar January 26, 2016
Galil Ethernet or EtherCAT Motion Control Webinar January 26, 2016Galil Ethernet or EtherCAT Motion Control Webinar January 26, 2016
Galil Ethernet or EtherCAT Motion Control Webinar January 26, 2016
 
MUM Laos 2017 - Choosing Mikrotik for Your Network
MUM Laos 2017 - Choosing Mikrotik for Your NetworkMUM Laos 2017 - Choosing Mikrotik for Your Network
MUM Laos 2017 - Choosing Mikrotik for Your Network
 
Lecture1
Lecture1Lecture1
Lecture1
 
FieldServer for OEM Overview
FieldServer for OEM OverviewFieldServer for OEM Overview
FieldServer for OEM Overview
 
Enterprise Networks for Connected Buildings
Enterprise Networks for Connected BuildingsEnterprise Networks for Connected Buildings
Enterprise Networks for Connected Buildings
 
Learn the cutting edge technologies in Data Acquistion, Industrial Control an...
Learn the cutting edge technologies in Data Acquistion, Industrial Control an...Learn the cutting edge technologies in Data Acquistion, Industrial Control an...
Learn the cutting edge technologies in Data Acquistion, Industrial Control an...
 
Iport ntx pro-embedded_video_interface_data_sheet
Iport ntx pro-embedded_video_interface_data_sheetIport ntx pro-embedded_video_interface_data_sheet
Iport ntx pro-embedded_video_interface_data_sheet
 
RUGGEDCOM RSG920P compact switch
RUGGEDCOM RSG920P compact switchRUGGEDCOM RSG920P compact switch
RUGGEDCOM RSG920P compact switch
 
Integrated Architecture Overview Customer Presentation.PPTX
Integrated Architecture Overview Customer Presentation.PPTXIntegrated Architecture Overview Customer Presentation.PPTX
Integrated Architecture Overview Customer Presentation.PPTX
 
Integrated Architecture Overview Customer Presentation.PPTX
Integrated Architecture Overview Customer Presentation.PPTXIntegrated Architecture Overview Customer Presentation.PPTX
Integrated Architecture Overview Customer Presentation.PPTX
 
Advanced tower monitoring solutions
Advanced tower monitoring solutions Advanced tower monitoring solutions
Advanced tower monitoring solutions
 
Internet Protocol Deep-Dive
Internet Protocol Deep-DiveInternet Protocol Deep-Dive
Internet Protocol Deep-Dive
 
Case Study At91RM9200 Data Hub Controller
Case Study At91RM9200 Data Hub ControllerCase Study At91RM9200 Data Hub Controller
Case Study At91RM9200 Data Hub Controller
 

Recently uploaded

Escorts Service Nagavara ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Escorts Service Nagavara ☎ 7737669865☎ Book Your One night Stand (Bangalore)Escorts Service Nagavara ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Escorts Service Nagavara ☎ 7737669865☎ Book Your One night Stand (Bangalore)amitlee9823
 
Chapter 19_DDA_TOD Policy_First Draft 2012.pdf
Chapter 19_DDA_TOD Policy_First Draft 2012.pdfChapter 19_DDA_TOD Policy_First Draft 2012.pdf
Chapter 19_DDA_TOD Policy_First Draft 2012.pdfParomita Roy
 
Top Rated Pune Call Girls Saswad ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...
Top Rated Pune Call Girls Saswad ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...Top Rated Pune Call Girls Saswad ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...
Top Rated Pune Call Girls Saswad ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...Call Girls in Nagpur High Profile
 
Call Girls in Kalkaji Delhi 8264348440 call girls ❤️
Call Girls in Kalkaji Delhi 8264348440 call girls ❤️Call Girls in Kalkaji Delhi 8264348440 call girls ❤️
Call Girls in Kalkaji Delhi 8264348440 call girls ❤️soniya singh
 
CBD Belapur Individual Call Girls In 08976425520 Panvel Only Genuine Call Girls
CBD Belapur Individual Call Girls In 08976425520 Panvel Only Genuine Call GirlsCBD Belapur Individual Call Girls In 08976425520 Panvel Only Genuine Call Girls
CBD Belapur Individual Call Girls In 08976425520 Panvel Only Genuine Call Girlsmodelanjalisharma4
 
Best VIP Call Girls Noida Sector 44 Call Me: 8448380779
Best VIP Call Girls Noida Sector 44 Call Me: 8448380779Best VIP Call Girls Noida Sector 44 Call Me: 8448380779
Best VIP Call Girls Noida Sector 44 Call Me: 8448380779Delhi Call girls
 
Case Study of Hotel Taj Vivanta, Pune
Case Study of Hotel Taj Vivanta, PuneCase Study of Hotel Taj Vivanta, Pune
Case Study of Hotel Taj Vivanta, PuneLukeKholes
 
Peaches App development presentation deck
Peaches App development presentation deckPeaches App development presentation deck
Peaches App development presentation decktbatkhuu1
 
Tapestry Clothing Brands: Collapsing the Funnel
Tapestry Clothing Brands: Collapsing the FunnelTapestry Clothing Brands: Collapsing the Funnel
Tapestry Clothing Brands: Collapsing the Funneljen_giacalone
 
VIP Call Girls Service Kukatpally Hyderabad Call +91-8250192130
VIP Call Girls Service Kukatpally Hyderabad Call +91-8250192130VIP Call Girls Service Kukatpally Hyderabad Call +91-8250192130
VIP Call Girls Service Kukatpally Hyderabad Call +91-8250192130Suhani Kapoor
 
Escorts Service Basapura ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Escorts Service Basapura ☎ 7737669865☎ Book Your One night Stand (Bangalore)Escorts Service Basapura ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Escorts Service Basapura ☎ 7737669865☎ Book Your One night Stand (Bangalore)amitlee9823
 
Recommendable # 971589162217 # philippine Young Call Girls in Dubai By Marina...
Recommendable # 971589162217 # philippine Young Call Girls in Dubai By Marina...Recommendable # 971589162217 # philippine Young Call Girls in Dubai By Marina...
Recommendable # 971589162217 # philippine Young Call Girls in Dubai By Marina...home
 
Delhi Call Girls Paharganj 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Paharganj 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Paharganj 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Paharganj 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
CALL ON ➥8923113531 🔝Call Girls Kalyanpur Lucknow best Female service 🧵
CALL ON ➥8923113531 🔝Call Girls Kalyanpur Lucknow best Female service 🧵CALL ON ➥8923113531 🔝Call Girls Kalyanpur Lucknow best Female service 🧵
CALL ON ➥8923113531 🔝Call Girls Kalyanpur Lucknow best Female service 🧵anilsa9823
 
VVIP Pune Call Girls Hadapsar (7001035870) Pune Escorts Nearby with Complete ...
VVIP Pune Call Girls Hadapsar (7001035870) Pune Escorts Nearby with Complete ...VVIP Pune Call Girls Hadapsar (7001035870) Pune Escorts Nearby with Complete ...
VVIP Pune Call Girls Hadapsar (7001035870) Pune Escorts Nearby with Complete ...Call Girls in Nagpur High Profile
 
Booking open Available Pune Call Girls Nanded City 6297143586 Call Hot India...
Booking open Available Pune Call Girls Nanded City 6297143586 Call Hot India...Booking open Available Pune Call Girls Nanded City 6297143586 Call Hot India...
Booking open Available Pune Call Girls Nanded City 6297143586 Call Hot India...Call Girls in Nagpur High Profile
 

Recently uploaded (20)

Escorts Service Nagavara ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Escorts Service Nagavara ☎ 7737669865☎ Book Your One night Stand (Bangalore)Escorts Service Nagavara ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Escorts Service Nagavara ☎ 7737669865☎ Book Your One night Stand (Bangalore)
 
young call girls in Vivek Vihar🔝 9953056974 🔝 Delhi escort Service
young call girls in Vivek Vihar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Vivek Vihar🔝 9953056974 🔝 Delhi escort Service
young call girls in Vivek Vihar🔝 9953056974 🔝 Delhi escort Service
 
Chapter 19_DDA_TOD Policy_First Draft 2012.pdf
Chapter 19_DDA_TOD Policy_First Draft 2012.pdfChapter 19_DDA_TOD Policy_First Draft 2012.pdf
Chapter 19_DDA_TOD Policy_First Draft 2012.pdf
 
Top Rated Pune Call Girls Saswad ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...
Top Rated Pune Call Girls Saswad ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...Top Rated Pune Call Girls Saswad ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...
Top Rated Pune Call Girls Saswad ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...
 
Call Girls in Kalkaji Delhi 8264348440 call girls ❤️
Call Girls in Kalkaji Delhi 8264348440 call girls ❤️Call Girls in Kalkaji Delhi 8264348440 call girls ❤️
Call Girls in Kalkaji Delhi 8264348440 call girls ❤️
 
CBD Belapur Individual Call Girls In 08976425520 Panvel Only Genuine Call Girls
CBD Belapur Individual Call Girls In 08976425520 Panvel Only Genuine Call GirlsCBD Belapur Individual Call Girls In 08976425520 Panvel Only Genuine Call Girls
CBD Belapur Individual Call Girls In 08976425520 Panvel Only Genuine Call Girls
 
Best VIP Call Girls Noida Sector 44 Call Me: 8448380779
Best VIP Call Girls Noida Sector 44 Call Me: 8448380779Best VIP Call Girls Noida Sector 44 Call Me: 8448380779
Best VIP Call Girls Noida Sector 44 Call Me: 8448380779
 
Case Study of Hotel Taj Vivanta, Pune
Case Study of Hotel Taj Vivanta, PuneCase Study of Hotel Taj Vivanta, Pune
Case Study of Hotel Taj Vivanta, Pune
 
Peaches App development presentation deck
Peaches App development presentation deckPeaches App development presentation deck
Peaches App development presentation deck
 
Tapestry Clothing Brands: Collapsing the Funnel
Tapestry Clothing Brands: Collapsing the FunnelTapestry Clothing Brands: Collapsing the Funnel
Tapestry Clothing Brands: Collapsing the Funnel
 
VIP Call Girls Service Kukatpally Hyderabad Call +91-8250192130
VIP Call Girls Service Kukatpally Hyderabad Call +91-8250192130VIP Call Girls Service Kukatpally Hyderabad Call +91-8250192130
VIP Call Girls Service Kukatpally Hyderabad Call +91-8250192130
 
Escorts Service Basapura ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Escorts Service Basapura ☎ 7737669865☎ Book Your One night Stand (Bangalore)Escorts Service Basapura ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Escorts Service Basapura ☎ 7737669865☎ Book Your One night Stand (Bangalore)
 
꧁❤ Hauz Khas Call Girls Service Hauz Khas Delhi ❤꧂ 9999965857 ☎️ Hard And Sex...
꧁❤ Hauz Khas Call Girls Service Hauz Khas Delhi ❤꧂ 9999965857 ☎️ Hard And Sex...꧁❤ Hauz Khas Call Girls Service Hauz Khas Delhi ❤꧂ 9999965857 ☎️ Hard And Sex...
꧁❤ Hauz Khas Call Girls Service Hauz Khas Delhi ❤꧂ 9999965857 ☎️ Hard And Sex...
 
Recommendable # 971589162217 # philippine Young Call Girls in Dubai By Marina...
Recommendable # 971589162217 # philippine Young Call Girls in Dubai By Marina...Recommendable # 971589162217 # philippine Young Call Girls in Dubai By Marina...
Recommendable # 971589162217 # philippine Young Call Girls in Dubai By Marina...
 
Delhi Call Girls Paharganj 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Paharganj 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Paharganj 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Paharganj 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
young call girls in Pandav nagar 🔝 9953056974 🔝 Delhi escort Service
young call girls in Pandav nagar 🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Pandav nagar 🔝 9953056974 🔝 Delhi escort Service
young call girls in Pandav nagar 🔝 9953056974 🔝 Delhi escort Service
 
CALL ON ➥8923113531 🔝Call Girls Kalyanpur Lucknow best Female service 🧵
CALL ON ➥8923113531 🔝Call Girls Kalyanpur Lucknow best Female service 🧵CALL ON ➥8923113531 🔝Call Girls Kalyanpur Lucknow best Female service 🧵
CALL ON ➥8923113531 🔝Call Girls Kalyanpur Lucknow best Female service 🧵
 
Call Girls Service Mukherjee Nagar @9999965857 Delhi 🫦 No Advance VVIP 🍎 SER...
Call Girls Service Mukherjee Nagar @9999965857 Delhi 🫦 No Advance VVIP 🍎 SER...Call Girls Service Mukherjee Nagar @9999965857 Delhi 🫦 No Advance VVIP 🍎 SER...
Call Girls Service Mukherjee Nagar @9999965857 Delhi 🫦 No Advance VVIP 🍎 SER...
 
VVIP Pune Call Girls Hadapsar (7001035870) Pune Escorts Nearby with Complete ...
VVIP Pune Call Girls Hadapsar (7001035870) Pune Escorts Nearby with Complete ...VVIP Pune Call Girls Hadapsar (7001035870) Pune Escorts Nearby with Complete ...
VVIP Pune Call Girls Hadapsar (7001035870) Pune Escorts Nearby with Complete ...
 
Booking open Available Pune Call Girls Nanded City 6297143586 Call Hot India...
Booking open Available Pune Call Girls Nanded City 6297143586 Call Hot India...Booking open Available Pune Call Girls Nanded City 6297143586 Call Hot India...
Booking open Available Pune Call Girls Nanded City 6297143586 Call Hot India...
 

MikroTik Fundamental Class Training

  • 1. Fundamental Class Rahmat D. Djatmiko – erdeje85@gmail.com
  • 2. Training Schedule 08.00 – 10.00 10.15 – 12.15 13.15 – 15.30 Day 1 Introduction MikroTik Basic Routing Day 2 Bridging Wireless Network Management Day 3 Firewall QoS Tunnels Day 4 Linux Basic DNS Server Web Server Day 5 DHCP Server Mail Server Proxy Server Day 6 Case Study Rahmat D. Djatmiko erdeje85@gmail.com 2
  • 3. Course objectives At the end of this course, the student will: • Be familiar with RouterOS software and RouterBoard products • Be able to configure, manage, do basic troubleshooting of a MikroTik router • Be able to provide basic services to clients Rahmat D. Djatmiko erdeje85@gmail.com 3
  • 4. About Me • SMK Telkom Malang as Networking Teacher • SMK Telkom MikroTik Academy as Trainer • Freelance Trainer • Contact : • Email : erdeje85@gmail.com • Mobile/WA : 0811353595 • BBM : 527C266F Rahmat D. Djatmiko erdeje85@gmail.com 4
  • 6. MikroTikls SIA • Software and Hardwate Vendor • Motto : Routing the World • Location : Riga, Latvia (North Europe) Rahmat D. Djatmiko erdeje85@gmail.com 6
  • 7. MikroTik Certified Rahmat D. Djatmiko erdeje85@gmail.com 7 MikroTik 101 TCP/IP and Basic MTCNA Fundamental Class MTCRE Advanced Routing MTCTCE Advanced Traffic Control MTCWE Advanced Wireless MTCUME Advanced User Management MTCINE Advanced InterNetworking
  • 8. MTCNA Outline • Introduction • Routing • Bridging • Wireless • Network Management • Firewall • QoS • Tunnels Rahmat D. Djatmiko erdeje85@gmail.com 8
  • 9. MTCWE Outline • Wireless Installation • Wireless Standard • Wireless Tools • Wireless Troubleshooting • Wireless Advanced Settings • 802.11n • Wireless Security • WDS and MESH • Wireless Bridging • Nstreme Protocol • Nv2 Protocol Rahmat D. Djatmiko erdeje85@gmail.com 9
  • 10. MTCRE Outline • Static Routing • Point to Point Addressing • VPN • OSPF Rahmat D. Djatmiko erdeje85@gmail.com 10
  • 11. MTCTCE Outline • Packet Flow Diagram • Firewall filter/nat/mangle • Quality of Service • DNS Client/Cache • DHCP Client/Relay/Server • Web Proxy Rahmat D. Djatmiko erdeje85@gmail.com 11
  • 12. MTCUME Outline • PPP • PPTP/L2TP • PPPoE • PPP Bridging • IPSec • Hotspot • RADIUS Rahmat D. Djatmiko erdeje85@gmail.com 12
  • 13. MTCINE Outline • BGP • MPLS • Traffic Engineering Rahmat D. Djatmiko erdeje85@gmail.com 13
  • 14. MIKROTIK ROUTEROS AND ROUTERBOARD CHAPTER 1 Rahmat D. Djatmiko erdeje85@gmail.com 14
  • 15. What is RouterOS? • MikroTik RouterOS is the operating system of MikroTik RouterBOARD hardware. • It has all the necessary features for an ISP or network administrator such as routing, firewall, bandwidth management, wireless access point, backhaul link, hotspot gateway, VPN server and more. • RouterOS also compatible with PC • Based on Linux Kernel Rahmat D. Djatmiko erdeje85@gmail.com 15
  • 16. What is RouterBOARD? • A family of hardware solutions created by MikroTik to answer the needs of customers around the world. • All operate with RouterOS. • Available from low-end spec up until Cloud-Core high-end type Rahmat D. Djatmiko erdeje85@gmail.com 16
  • 17. Integrated Solutions • These products are provided complete with cases and power adapters. • Ready to use and preconfigured with the most basic functionality. • All you need to do is to plug it in and connect to the Internet or a corporate network. Rahmat D. Djatmiko erdeje85@gmail.com 17
  • 18. RouterBOARD (boards only) • Small motherboard devices that are sold “as is”. You must choose the case, power adapter and interfaces separately. Perfect for assembling your own systems as they offer the biggest customization options. Rahmat D. Djatmiko erdeje85@gmail.com 18
  • 19. Enclosures • Indoor and outdoor casings to house your RouterBOARD devices. Select based on: • intended location of use • the RouterBOARD model • the type of connections needed (USB, antennas, etc.). Rahmat D. Djatmiko erdeje85@gmail.com 19
  • 20. Interfaces • Ethernet modules, fiber SFPs or wireless radio cards to expand the functionality of RouterBOARD devices and PCs running RouterOS. • Once again, selection is based on your needs. Rahmat D. Djatmiko erdeje85@gmail.com 20
  • 21. Accessories • These devices are made for MikroTik products - power adapters, mounts, antennas and PoE injectors. Rahmat D. Djatmiko erdeje85@gmail.com 21
  • 22. Why get an integrated router? • Can address many needs • Some add-on options • Little to no expansion • Fixed configuration • Simple, yet solid solution for many needs Rahmat D. Djatmiko erdeje85@gmail.com 22
  • 23. Integrated router, examples • RB951G-2HnD • Good for home or small office • 5 Gig ports • Built-in Wi-Fi (2,4GHz) • License level 4 Rahmat D. Djatmiko erdeje85@gmail.com 23
  • 24. Integrated router, examples • SXT Sixpack • (1 OmniTIK U-5HnD with 5 SXT-5HPnD) • Good for WISP or company with branch offices • 5 100Mbps ports (OmniTik) • 5GHz 802.11a/n radios • Can cover 5Km between central and satellite sites Rahmat D. Djatmiko erdeje85@gmail.com 24
  • 25. Integrated router, examples • CCR1036-12G-4S • Cloud Router • Flagship model • Good for ISPs or company networks • 1U rack mount • 12 Gig ports • Serial console, USB and color touch screen • Default 4G RAM, but can use any size of SO-DIMM RAM Rahmat D. Djatmiko erdeje85@gmail.com 25
  • 26. Why build your own router? • Can address a greater variety of needs • Many add-on options / Lots of expansion • Customizable configuration • Can be integrated into client equipment or cabinet • More complete solution for particular needs Rahmat D. Djatmiko erdeje85@gmail.com 26
  • 27. Custom router, examples • Flexible CPE • RB411UAHR • 1 100Mbps port • 1 2,4GHz radio (b/g) • Level 4 license • Add power supply or PoE module • Add 3rd party enclosure • Add 3rd party 3G mini PCI-E modem Rahmat D. Djatmiko erdeje85@gmail.com 27
  • 28. Custom router, examples • Powerful Hotspot • RB493G • 9 gig ports • Level 5 license • Add power supply or PoE module • Add R2SHPn (2,4GHz radio card) • Add R5SHPn (5GHz radio card) • Add 3rd party enclosure • Add microSD card Rahmat D. Djatmiko erdeje85@gmail.com 28
  • 29. RouterBOARD Architecture • RouterBOARD build with different architecture • Different architectre means different characteristic in processing and addressing memory Rahmat D. Djatmiko erdeje85@gmail.com 29
  • 30. RouterBOARD Extended Code • Additional features that come with some type • U – equipped with USB port • A – Advanced, usually comes with higher license llevel • H – High Performance / High Power • R – equipped with embedded wireless card • G – equipped with Gigabit Ethernet interface • P – equipped with PoE port • n – MIMO card • D – Dual Chain • S – equipped with SFP port • L – lite (can be lower license level or lower spec) Rahmat D. Djatmiko erdeje85@gmail.com 30
  • 31. RouterBOARD Name Code • Three Digits Code Rahmat D. Djatmiko erdeje85@gmail.com 31 RBABCX RouterBOARD Series Number of Ethernet port Number of miniPCI slot Additional Features RB751U-2HnD RouterBOARD Series 5 Ethernet port 1Wireless Interface With USB and 2GHz card, High Power, MIMO and Dual Chain
  • 32. RouterBOARD Name Code • Four Digits Code Rahmat D. Djatmiko erdeje85@gmail.com 32 RBAACCX-X RouterBOARD Series Interface Information Additional Features RB2011UAS-2HnD RouterBOARD 2000 Series 11 Interfaces (one of them is SFP) With USB, Advanced license level, and SFP port Additional 2GHz card, High power, MIMO and Dual Chain
  • 33. RouterBOARD Name Code • Some new routers, use abother formats Rahmat D. Djatmiko erdeje85@gmail.com 33 NAME-X RouterBOARD Series Interface Information SXT-5HnD SEXTANT Groove-2 OmniTik
  • 34. ROUTEROS & ROUTERBOARD LABORATORY 1 Rahmat D. Djatmiko erdeje85@gmail.com 34
  • 35. [LAB 1] Basic Installation of RouterOS • First download new RouterOS from http://www.mikrotik.com/download • Then write ISO image file to CD or USB and put in CD-ROM Drive and turn on Rahmat D. Djatmiko erdeje85@gmail.com 35
  • 36. [LAB 1] Basic Installation of RouterOS • After select paclage and then press “i” for start installation • Answer "n" to first question and "y" to second • After installation remove cd and press Enter • After rebooting type “admin” as login and no password Rahmat D. Djatmiko erdeje85@gmail.com 36
  • 37. [LAB 1] Check Your RouterBOARD • Check RouterBOARD Name Code at the bottom of your router and tell the code! Rahmat D. Djatmiko erdeje85@gmail.com 37
  • 38. [LAB 1] RouterBOARD Catalog • At least twice a year, MikroTik will release Product Catalog • Open the catalog Q3/Q4 Rahmat D. Djatmiko erdeje85@gmail.com 38
  • 39. FIRST TIME ACCESSING THE ROUTER CHAPTER 2 Rahmat D. Djatmiko erdeje85@gmail.com 39
  • 40. Router Access Method Access Via Condition Text Based GUI Need IP Custom Additional Device Keyboard/Monitor If installed in a PC O Serial Console With serial console cable O O Telnet and SSH O O WinBox Used program called winbox.exe O O O FTP O API Socket programming O O Web(HTTP) O O MAC-WinBox Layer 2 connection O O MAC-Telnet Layer 2 connection O Rahmat D. Djatmiko erdeje85@gmail.com 40
  • 41. Router Access Method • Accessing Command Line Interface (CLI) via Telnet, ssh, serial cable or even keyboard and monitor if router has VGA card. • Accessing Web based GUI (Webfig) • Using WinBox configuration utility • Every router is factory pre-configured with IP address 192.168.88.1/24 on ether1 port. • Default username is admin with empty password. Rahmat D. Djatmiko erdeje85@gmail.com 41
  • 42. Accessing CLI • Command Line Interface (CLI) allows configuration of the router's settings using text commands. • Since there is a lot of available commands, they are split into groups organized in a way of hierarchical menu levels. • There are several ways how to access CLI: • winbox terminal • telnet • ssh • serial cable etc. Rahmat D. Djatmiko erdeje85@gmail.com 42
  • 43. Serial Cable • If your device has a Serial port, you can use a console cable. • Plug one end of the serial cable into the console port of the RouterBOARD and the other end in your PC. • You can also use a USB-Serial adapter. Rahmat D. Djatmiko erdeje85@gmail.com 43
  • 44. Serial Cable • Run a terminal program (HyperTerminal, or Putty on Windows) with the following parameters for All RouterBOARD models except 230: • 115200bit/s, 8 data bits, 1 stop bit, no parity, flow control=none by default. • If parameters are set correctly you should be able to see login prompt. Now you can access router by entering username and password: Rahmat D. Djatmiko erdeje85@gmail.com 44
  • 45. SSH and Telnet • Standard IP tools to access router • Telnet communications are in clear text • Available on most Operating Systems • Unsecured!! • SSH communications are encrypted • Secured!! • Many Open Source (free) tools available such as PuTTY (http://www.putty.org/) Rahmat D. Djatmiko erdeje85@gmail.com 45
  • 46. Webfig • If you have router with default configuration, then IP address of the router can be used to connect to the Web interface. • Connect to router with Ethernet cable • Launch browser • Type in the IP address • If asked for, log in. Username is “admin” and password is blank Rahmat D. Djatmiko erdeje85@gmail.com 46
  • 47. Webfig • You will see : Rahmat D. Djatmiko erdeje85@gmail.com 47 http://wiki.mikrotik.com/wiki/Manual:Webfig
  • 48. WinBox and MAC-Winbox • WinBox is MikroTik’s proprietary interface to access RouterOS routers. • It can be downloaded from MikroTik’s website or from the router. • It is used to access the router through IP (OSI layer 3) or MAC (OSI layer 2). Rahmat D. Djatmiko erdeje85@gmail.com 48
  • 49. WinBox and MAC-Winbox • If still in the browser, scroll down and click “logout” • You will see: • Click on “Winbox” • Save “winbox.exe” Rahmat D. Djatmiko erdeje85@gmail.com 49
  • 50. Winbox - Login Rahmat D. Djatmiko erdeje85@gmail.com 50 Saved router informaation Network Discovery, will show any router that connected with your PC/laptop through layer 2 connection
  • 51. Winbox - Interface • If parameters are set correctly you should be able to see : Rahmat D. Djatmiko erdeje85@gmail.com 51
  • 53. [LAB2] CLI-Direct Access • Access your RouterOS (PC Router) via keyboard and monitor • Login with “admin” user and blank password • Configure your TCP/IP using CLI Rahmat D. Djatmiko erdeje85@gmail.com 53
  • 54. [LAB2] CLI-Telnet/SSH • Telnet and SSH method use TCP/IP connectivity • Application telnet/ssh in client is needed (ex : putty) Rahmat D. Djatmiko erdeje85@gmail.com 54
  • 55. [LAB2] Webfig • Access your RouterOS (PC Router) via Internet Browser • Write your router’s IP at URL Rahmat D. Djatmiko erdeje85@gmail.com 55
  • 56. [LAB2] Winbox • Download Winbox from your webfig’s homepage • Write your router’s IP address or click “...” button for discovery connection • Click Connect button Rahmat D. Djatmiko erdeje85@gmail.com 56
  • 58. Basic or blank configuration? • You may or may not have a basic configuration when freshly installed • You may choose not to take the default basic configuration • Check the following web page to find out how your device will behave: http://wiki.mikrotik.com/wiki/Manual:Default_Configurations Rahmat D. Djatmiko erdeje85@gmail.com 58
  • 59. Default Basic Configuration • When connecting for the first time with WinBox, click on “OK” • The router now has the default basic configuration. Rahmat D. Djatmiko erdeje85@gmail.com 59
  • 60. Blank Configuration • Can be used in situations when the default basic configuration is not required. • No need for firewall rules • No need for NATing • The minimal steps to setup a basic access to the Internet (if your router does not have a default basic configuration) • LAN IP addresses, Default gateway and DNS server • WAN IP address • NAT rule (masquerade) • SNTP client and time zone Rahmat D. Djatmiko erdeje85@gmail.com 60
  • 61. Configuration Reset • For some reason, we need to reset the configuration • When we totally forgot the username and password • When the confguration is too complex so it’s much easier to reset to repair them • Configuration reset can be done using several method • Hard-reset, reset the configuration physically • Soft-reset, reset the configuration through winbox/terminal/web Rahmat D. Djatmiko erdeje85@gmail.com 61
  • 63. [LAB3] Hard-reset - Button • Most RouterBOARD devices are fitted with a reset button. • unplug the device power, hold the button, apply power and wait until the USER LED starts flashing. Now release the button to clear configuration. Rahmat D. Djatmiko erdeje85@gmail.com 63 Reset Button
  • 64. [LAB3] Hard-reset - Jumper • All RouterBOARD current models are also fitted with a reset jumper hole. • Some devices might need opening of the enclosure. Rahmat D. Djatmiko erdeje85@gmail.com 64 Close the jumper with a metal screwdriver, and boot the board until the configuration is cleared.
  • 65. [LAB3] Soft-reset • If you still can access the RouterOS, you can execute a soft-reset command using Rahmat D. Djatmiko erdeje85@gmail.com 65
  • 69. [LAB3] WAN Configuration • Activate wlan interface through interface menu – select wlan interface and click check button • Open wlan configuration through double click wlan interface • Open tab wireless and select station mode Rahmat D. Djatmiko erdeje85@gmail.com 69 1 2 3 4 5 6
  • 70. [LAB3] Default Route • Open Route List through menu IP – Routes • Click “+” button to create new default route Rahmat D. Djatmiko erdeje85@gmail.com 70 1 2 3 4 5
  • 71. [LAB3] DNS Resolver • Set DNS server through DNS Settings (menu IP – DNS) • Check “Allow Remote Requests” Rahmat D. Djatmiko erdeje85@gmail.com 71 1 2 3 4
  • 74. MikroTik Version • MikroTik features depend on the current version installed on the device. • Current version can be viewed both in the status bar of Winbox or in the package installed in the Router OS. • Installed packages also show what kind of features available in the Router • Package can be a combined package or individual package Rahmat D. Djatmiko erdeje85@gmail.com 74
  • 76. RouterOS Package • More information: http://wiki.mikrotik.com/wiki/Manual:System/Packages Rahmat D. Djatmiko erdeje85@gmail.com 76
  • 77. Working with packages • Individual package installed can be : • Enabled • Disabled • Uninstall • A package should be removed if it’s totally unused and we need to free-up some disk space • All above process is not executed directly, but will be scheduled to be executed when the router reboot Rahmat D. Djatmiko erdeje85@gmail.com 77
  • 78. Upgrade and Downgrade • Upgrade is needed when we want to get the latest features or bug repair • Downgrade is needed when we figured out that current version has some bug in a specific feature • For upgrading, you need to aware about the license-limitation (upgradable to) Rahmat D. Djatmiko erdeje85@gmail.com 78
  • 79. Before you upgrade • Know what architecture (mipsbe, ppc, x86, mipsle, tile) you are upgrading. • If in doubt, Winbox indicates the architecture in top left corner! • Know what files you require: • NPK : Base RouterOS image with standard packages (Always) • ZIP : Additional packages (based on needs) • Changelog : Indicates what has changed and special indications (Always) Rahmat D. Djatmiko erdeje85@gmail.com 79
  • 80. How to upgrade • Get the package files from MikroTik’s website • Downloads page Rahmat D. Djatmiko erdeje85@gmail.com 80
  • 81. How to upgrade • Three ways • Download file(s) and copy over to router. • “Check for updates” (System -> Packages) • Auto Upgrade (System -> Auto Upgrade) Rahmat D. Djatmiko erdeje85@gmail.com 81
  • 82. Downloading the files • Copy file(s) to the router via “Files” window. Examples are: • routeros-mipsbe-5.25.npk • ntp-5.25-mipsbe.npk • Reboot • Validate state of router Rahmat D. Djatmiko erdeje85@gmail.com 82
  • 83. Sending new-package to the Router • Package to-be-installed must upload to the router in File section • There are saveral way to upload the package • Drag and drop • FTP • Since this process using FTP connection, IP validity is very important (winbox has to be able to open the Router through IP, not only mac-address) Rahmat D. Djatmiko erdeje85@gmail.com 83
  • 84. Checking for updates (with /system packages) • Through the menu “System -> Packages” • Click on “Check for Updates” then “Download & Upgrade” • Reboots automatically • Validate packages and state of router Rahmat D. Djatmiko erdeje85@gmail.com 84
  • 85. Auto upgrading • Copy required files by all routers to an internal router (source). • Configure all routers to point to source router • Display available packages • Select and download packages • Reboot and validate router Rahmat D. Djatmiko erdeje85@gmail.com 85
  • 86. UPGRADE OR DOWNGRADE LABORATORY 4 Rahmat D. Djatmiko erdeje85@gmail.com 86
  • 87. [LAB4] Enable/Disable Package • Open Package List through menu System – Package • Enabling/disabling package – Reboot Router Rahmat D. Djatmiko erdeje85@gmail.com 87
  • 88. [LAB4] Uninstall Package • Open Package List through menu System – Package • Select package and clik Uninstall button Rahmat D. Djatmiko erdeje85@gmail.com 88
  • 89. [LAB4] After Uninstall • Look at your “free HDD Space” through System - Resource Rahmat D. Djatmiko erdeje85@gmail.com 89
  • 90. [LAB4] Upgrade Version • Drad and drop file “new-package” into router via Winbox and then reboot the router Rahmat D. Djatmiko erdeje85@gmail.com 90
  • 91. [LAB4] Check For Update Rahmat D. Djatmiko erdeje85@gmail.com 91
  • 93. License • RouterOS features also depend on licensing level that attach to the hardware • License of RouterOS is attached to the storage device • E.g. : harddisk, NAND, USB, Compact Flash • If the storage media is formatted with non-mikrotik partition, then the license will be invalid Rahmat D. Djatmiko erdeje85@gmail.com 93
  • 94. License Level and The Features Rahmat D. Djatmiko erdeje85@gmail.com 94
  • 96. [LAB5] Check Your License • Open License through menu System – License • Software ID used for upgrade license Rahmat D. Djatmiko erdeje85@gmail.com 96
  • 97. [LAB5] Upgrade PC Router’s License • Open License through menu System – License • Software ID used for upgrade license Rahmat D. Djatmiko erdeje85@gmail.com 97
  • 99. Login Management • Access to the Router is configured in USER menu • User management is configured by • GROUP – profile of a user, consist of what kind of priveledge is given to a user • USER – login, consist of username and password of a user • User session (current connected users) is showed at “Active Users” tab Rahmat D. Djatmiko erdeje85@gmail.com 99
  • 100. Login Mgm – active user • Current connected users can be viewed in “Active User”, incuding the method they are using Rahmat D. Djatmiko erdeje85@gmail.com 100
  • 101. Login Mgm - Group • Group is bunch of restriction that applied to a user Rahmat D. Djatmiko erdeje85@gmail.com 101 Assign some priveledge to a group
  • 102. Login Mgm - User Rahmat D. Djatmiko erdeje85@gmail.com 102
  • 103. Service Management • By default, RouterOS provide some services to access it’s configuration Rahmat D. Djatmiko erdeje85@gmail.com 103
  • 104. Network Time • RouterBOARD doesn’t have any CMOS Batery to save the time, so we must using NTP • Use NTP (Network Time Protocol) to allow the RouterBOARD to synchronize the time with a valid server Rahmat D. Djatmiko erdeje85@gmail.com 104
  • 105. Backup and Restore • Router configration can be backed-up and saved to be used in the future • There are two types of backups : • Binary backup • Configuration export Rahmat D. Djatmiko erdeje85@gmail.com 105
  • 106. Binary Backup • Unreadable • Complete system backup • Includes passwords • Assumes that restores will be on same router Rahmat D. Djatmiko erdeje85@gmail.com 106
  • 107. Configuration Export • Mikrotik allow us to create a configuration script • Can be used to backup only part of configuration • Has to be done through terminal console Rahmat D. Djatmiko erdeje85@gmail.com 107
  • 108. Archiving backup files • Once generated, copy them to a server • With SFTP (secured approach) • With FTP, if enabled in IP Services • Using drag and drop from “Files” window • Leaving backup files on the router IS NOT a good archival strategy • No tape or CD backups are made of routers Rahmat D. Djatmiko erdeje85@gmail.com 108
  • 110. [LAB6] User Management • Add a group named “minimal” • Give it the “telnet”, “read”, and “winbox” rights • Explain these rights • Add a user and give it your name • Assign it to “minimal” group • Give it a password • Assign a password to “admin” • Give it “podX”, where “X” is your pod number • Open a new terminal. What happened? Rahmat D. Djatmiko erdeje85@gmail.com 110
  • 111. [LAB6] Service Management • Disable these IP Services : • Telnet • WWW • Change port of SSH from 22 to 222 • Try to access your router through Telnet, WWW and SSH • Explain the result Rahmat D. Djatmiko erdeje85@gmail.com 111
  • 113. [LAB6] Backup/Restore • Do binary backup • Do configuration backup (export) • Download both of binary anda configuration backup file to local computer • Open all of file with notepad / wordpad • Explain the different • Restore the bnary backup file • Restore the configuration backup (import) Rahmat D. Djatmiko erdeje85@gmail.com 113
  • 115. Reinstall • Reinstall RouterOS if the original one became damaged • Reinstall RouterOS if the “admin” password was lost • Can be found on MikroTik’s web site under the download tab • Installation can be using • CD Instalation • Netinstall • Every RouterBOARD, can only be installed using netinstall Rahmat D. Djatmiko erdeje85@gmail.com 115
  • 116. Step-by-step Netinstall For RBs without a COM port. • Connect computer to Ethernet port 1 • Give computer a static IP address and mask • Launch Netinstall • Click on “Net booting” and write a random IP address in the same subnet as computer • In “Packages” section, click “Browse” and select directory containing valid NPK files Rahmat D. Djatmiko erdeje85@gmail.com 116
  • 117. Launch Netinstall • Allow this program to passed through any firewall Rahmat D. Djatmiko erdeje85@gmail.com 117
  • 118. Configure Netinstall • Click Net booting – Check Boot Server enabled – write a random IP address in the same subnet as computer Rahmat D. Djatmiko erdeje85@gmail.com 118
  • 119. Change the boot-sequence • To be able to install a Router, first the router has to be instructed to boot using Ethernet • There are saveral method to do this • Serial Console • Terminal Console • Winbox • Reset-button Rahmat D. Djatmiko erdeje85@gmail.com 119
  • 120. Changing the boot Sequence via Winbox Rahmat D. Djatmiko erdeje85@gmail.com 120 1 2 3 4
  • 121. Changing the boot Sequence via Reset Button • unplug the device power, hold the reset button, apply power and wait until the ACT LED stop flashing. Now release the button to clear reboot from ethernet. Rahmat D. Djatmiko erdeje85@gmail.com 121
  • 125. Post Installation • After doing Neinstall, then the configuration and files will be totally empty • Get in to the Router through MAC-Winbox, then do a soft-reset and restore your previous backup Rahmat D. Djatmiko erdeje85@gmail.com 125
  • 126. NEXT : ROUTING END OF INTRODUCTION MODULE Rahmat D. Djatmiko erdeje85@gmail.com 126