This document provides a tutorial on configuring MikroTik routers for various purposes such as proxy servers, bandwidth management, bridging, and network address translation (NAT). It discusses how to access MikroTik devices, set up basic configurations like naming and IP addresses. It then explains how to configure MikroTik for transparent proxy servers, separate proxy servers, bandwidth limiting using queues, and bridging interfaces. The document also discusses enabling graphing tools on MikroTik to monitor traffic and system resources.
1. Setup router
//to create a name for network card
//to assign ip address to network card
//to create NAT rule
//to assign gateway
//to assign dns
//to create dhcp
2.Create login page(Hotspot)
How to link from Mikrotik to Radius server
1. Setup router
//to create a name for network card
//to assign ip address to network card
//to create NAT rule
//to assign gateway
//to assign dns
//to create dhcp
2.Create login page(Hotspot)
How to link from Mikrotik to Radius server
Configure proxy firewall on SuSE Linux Enterprise Server 11Tola LENG
In this practice you will be able:
-How to install and configure the iptables and proxy firewall when we want to block the packet.
-How to allow or deny the services or packet when the client access to the Internet.
Konfigurasi Server Gateway dengan fitur PROXY, WEBSERVER dan DHCPWalid Umar
Panduan diatas dikhusukan untuk siswa dan guru TKJ yang hendak mempraktekkan tentang panduan untuk membangun sebuah server gateway dengan fitur proxy, webserver dan dhcp
Basic Security
@ Updates
-Update manager
-Enable automatic security updates(Update Setting)
=> Super windows => type the key word (System Setting) =>
@ Firewall
-In Ubuntu all ports are block by default
-Default firewall-ufw (turned off by default)
+sudo ufw status
+sudo ufw enable/disable
-Firestarter for graphical interface (recommanded)
+sudo apt-get install firestarter
+Preferences
@ User Accounts
-User & Groups
+Disable user guest
-Do not use root user (Disable by default)
+sudo passwd
+sudo passwd -l root (disable/changed expiry password)
-Use sudo instead of root (/etc/sudoers)
+sudo visudo OR sudo gedit /etc/sudoers(To set the privilege user authorized)
+sudo adduser tolaleng sudo
-Deleting Users
+sudo deluser canamall
-Removing world readable permission to home directory
+sudo chmod 0750 /home/username
-Locking/Unlocking user
+sudo passwd -l username (enable user expiry)
+sudo passwd -u username (disable user expiry)
-passwords
+sudo chage canamall (Set the password expiration)
+sudo chage-l canamall (show the password expiration)
@ Antivirus
-Clam TK (Under Accessories), other anti-virus
@ Unistall Applications
-Ubuntu Software Center-> Installed software section-> Select application and click remove
@ Processes
-To see processes
+ps aux or top
+system monitor(cacti, nagios,)
-
@ Logs
-Some of logs
+ /var/log/messages : general log messages
+ /var/log/boot : system boot log
+ /var/log/debug/ : debugging log messages
+ /var/log/auth.log : user login and authentication logs
+ /var/log/daemon.log : running services such as squid,ntpd and other log message to this file
+ /var/log/kern.log : kernel log file
-Viewing logs
+ tail, more, cat, less, grep
+ GNOME system log viewer
@Firewall
ufw
=> Security Host
* Create Standard User and enable user passwd (complexity password, strong passwd, passwd expired, invalid day of passwd, Lock and Unlock user, disable user Guest, )
* Secure remote network and host
-Telnet(Secure with the host and address connection)
-SSH (Secure with the authentication encryption key)
=> Security Backup (Data Hosting)
*Make a Full Backup of Your Machine
-Aptik (backup application)
-rsync (Remote synce)
-Gsync (Remote)
-Amanda
-Rsnapshot
Asas Pelayaran Internet Oleh
Ahmad Faizar Jaafar Unit Web & Digital Komponen
Jabatan Pengurusan Sistem & Teknologi Maklumat
(JPSTM) PTAR, UiTM
http://faizar.atspace.com/courses.html
http://faizaronestop.blogspot.com/
http://faizar.multiply.com
Configure proxy firewall on SuSE Linux Enterprise Server 11Tola LENG
In this practice you will be able:
-How to install and configure the iptables and proxy firewall when we want to block the packet.
-How to allow or deny the services or packet when the client access to the Internet.
Konfigurasi Server Gateway dengan fitur PROXY, WEBSERVER dan DHCPWalid Umar
Panduan diatas dikhusukan untuk siswa dan guru TKJ yang hendak mempraktekkan tentang panduan untuk membangun sebuah server gateway dengan fitur proxy, webserver dan dhcp
Basic Security
@ Updates
-Update manager
-Enable automatic security updates(Update Setting)
=> Super windows => type the key word (System Setting) =>
@ Firewall
-In Ubuntu all ports are block by default
-Default firewall-ufw (turned off by default)
+sudo ufw status
+sudo ufw enable/disable
-Firestarter for graphical interface (recommanded)
+sudo apt-get install firestarter
+Preferences
@ User Accounts
-User & Groups
+Disable user guest
-Do not use root user (Disable by default)
+sudo passwd
+sudo passwd -l root (disable/changed expiry password)
-Use sudo instead of root (/etc/sudoers)
+sudo visudo OR sudo gedit /etc/sudoers(To set the privilege user authorized)
+sudo adduser tolaleng sudo
-Deleting Users
+sudo deluser canamall
-Removing world readable permission to home directory
+sudo chmod 0750 /home/username
-Locking/Unlocking user
+sudo passwd -l username (enable user expiry)
+sudo passwd -u username (disable user expiry)
-passwords
+sudo chage canamall (Set the password expiration)
+sudo chage-l canamall (show the password expiration)
@ Antivirus
-Clam TK (Under Accessories), other anti-virus
@ Unistall Applications
-Ubuntu Software Center-> Installed software section-> Select application and click remove
@ Processes
-To see processes
+ps aux or top
+system monitor(cacti, nagios,)
-
@ Logs
-Some of logs
+ /var/log/messages : general log messages
+ /var/log/boot : system boot log
+ /var/log/debug/ : debugging log messages
+ /var/log/auth.log : user login and authentication logs
+ /var/log/daemon.log : running services such as squid,ntpd and other log message to this file
+ /var/log/kern.log : kernel log file
-Viewing logs
+ tail, more, cat, less, grep
+ GNOME system log viewer
@Firewall
ufw
=> Security Host
* Create Standard User and enable user passwd (complexity password, strong passwd, passwd expired, invalid day of passwd, Lock and Unlock user, disable user Guest, )
* Secure remote network and host
-Telnet(Secure with the host and address connection)
-SSH (Secure with the authentication encryption key)
=> Security Backup (Data Hosting)
*Make a Full Backup of Your Machine
-Aptik (backup application)
-rsync (Remote synce)
-Gsync (Remote)
-Amanda
-Rsnapshot
Asas Pelayaran Internet Oleh
Ahmad Faizar Jaafar Unit Web & Digital Komponen
Jabatan Pengurusan Sistem & Teknologi Maklumat
(JPSTM) PTAR, UiTM
http://faizar.atspace.com/courses.html
http://faizaronestop.blogspot.com/
http://faizar.multiply.com
Tola.leng mail server (sq_mail & rcmail)_q5_Tola LENG
1. Design a new network infrastructure. 3
2. Install & Configure Domain Name System: 3
a. Install DNS 3
Test mail in Webserver machine 7
3. Postfix Service: 9
a. Install Postfix 10
b. Send email test (postfix) 10
4. Configure Postfix: 12
a. Enable some option for mail server 13
b. Test Send/Receive mail 14
5. Configure Dovecot: 15
a. Download Dovecot package *.rpm 15
b. Extract *.rpm package 15
c. Configure Dovecot file 16
d. Use Mail client 17
_other User 19
6. Configure Web mail: 22
• To Configure webmail in webserver machine NOT use in mail server machine 22
a. Squirrelmail 24
Configure in Server Setting 28
Configure Vhost 34
Test Result 36
b. Roundcube 38
Create and Configure Vhost 41
Let user access 43
7. Set option change password: 46
a. Squirrelmail 47
b. Roundcube 51
8. SMTPS and POP3S to secure encryption message` 51
a. Create certificate 51
b. Configure 52
9. Configure sasl sender and receiver/smpts authentication. 63
a. Configure SMTP Authentication /SASL Sender 63
10. Create address list/group (aliases address) 67
11. User SSL to encryption connection on browser 70
12. User authentication from AD or OpenLDAP 79
Configure LDAP Server on Mail Server 80
Configure LDAP Client on mail Server 82
Restart services 87
Create user in ldap 88
Let Webserver Join Domain with Mail server LDAP 92
Enable LDAP on Squirrelmail 99
Let’s User test Authentication 104
Let ‘ user change password 107
in this webinar, we will discuss about the fundamental concept of VLAN, and how it is implemented on Mikrotik devices (Routerboard router and Cloud Router Switch - CRS). instructor will do a demo and QA session
How to manage internet clients of an ISP with PPPoE and MikroTik. For
centralized AAA (Authentication, Authorization and Accounting), freeRadius is used.
Design an Implementation of A Messaging and Resource Sharing Softwarenilabarai
In this article it has been looked how to program using sockets by implementing an echo server along with a client that is used to send and receive string messages. It will start off by giving a quick introduction to TCP/IP fundamentals and then explain how sockets fit into the diagram. Most network application can be divided into two pieces: a client and a server. A client is the side that initiates the communication process, where as the server responds to incoming client requests. There would be contains three types of service from this software, that is Message Transfer service, Voice Transfer service and File Transfer service. All this sorts are the design issue of this software.
Read| The latest issue of The Challenger is here! We are thrilled to announce that our school paper has qualified for the NATIONAL SCHOOLS PRESS CONFERENCE (NSPC) 2024. Thank you for your unwavering support and trust. Dive into the stories that made us stand out!
The Roman Empire A Historical Colossus.pdfkaushalkr1407
The Roman Empire, a vast and enduring power, stands as one of history's most remarkable civilizations, leaving an indelible imprint on the world. It emerged from the Roman Republic, transitioning into an imperial powerhouse under the leadership of Augustus Caesar in 27 BCE. This transformation marked the beginning of an era defined by unprecedented territorial expansion, architectural marvels, and profound cultural influence.
The empire's roots lie in the city of Rome, founded, according to legend, by Romulus in 753 BCE. Over centuries, Rome evolved from a small settlement to a formidable republic, characterized by a complex political system with elected officials and checks on power. However, internal strife, class conflicts, and military ambitions paved the way for the end of the Republic. Julius Caesar’s dictatorship and subsequent assassination in 44 BCE created a power vacuum, leading to a civil war. Octavian, later Augustus, emerged victorious, heralding the Roman Empire’s birth.
Under Augustus, the empire experienced the Pax Romana, a 200-year period of relative peace and stability. Augustus reformed the military, established efficient administrative systems, and initiated grand construction projects. The empire's borders expanded, encompassing territories from Britain to Egypt and from Spain to the Euphrates. Roman legions, renowned for their discipline and engineering prowess, secured and maintained these vast territories, building roads, fortifications, and cities that facilitated control and integration.
The Roman Empire’s society was hierarchical, with a rigid class system. At the top were the patricians, wealthy elites who held significant political power. Below them were the plebeians, free citizens with limited political influence, and the vast numbers of slaves who formed the backbone of the economy. The family unit was central, governed by the paterfamilias, the male head who held absolute authority.
Culturally, the Romans were eclectic, absorbing and adapting elements from the civilizations they encountered, particularly the Greeks. Roman art, literature, and philosophy reflected this synthesis, creating a rich cultural tapestry. Latin, the Roman language, became the lingua franca of the Western world, influencing numerous modern languages.
Roman architecture and engineering achievements were monumental. They perfected the arch, vault, and dome, constructing enduring structures like the Colosseum, Pantheon, and aqueducts. These engineering marvels not only showcased Roman ingenuity but also served practical purposes, from public entertainment to water supply.
Unit 8 - Information and Communication Technology (Paper I).pdfThiyagu K
This slides describes the basic concepts of ICT, basics of Email, Emerging Technology and Digital Initiatives in Education. This presentations aligns with the UGC Paper I syllabus.
The French Revolution, which began in 1789, was a period of radical social and political upheaval in France. It marked the decline of absolute monarchies, the rise of secular and democratic republics, and the eventual rise of Napoleon Bonaparte. This revolutionary period is crucial in understanding the transition from feudalism to modernity in Europe.
For more information, visit-www.vavaclasses.com
The Indian economy is classified into different sectors to simplify the analysis and understanding of economic activities. For Class 10, it's essential to grasp the sectors of the Indian economy, understand their characteristics, and recognize their importance. This guide will provide detailed notes on the Sectors of the Indian Economy Class 10, using specific long-tail keywords to enhance comprehension.
For more information, visit-www.vavaclasses.com
Ethnobotany and Ethnopharmacology:
Ethnobotany in herbal drug evaluation,
Impact of Ethnobotany in traditional medicine,
New development in herbals,
Bio-prospecting tools for drug discovery,
Role of Ethnopharmacology in drug evaluation,
Reverse Pharmacology.
Students, digital devices and success - Andreas Schleicher - 27 May 2024..pptxEduSkills OECD
Andreas Schleicher presents at the OECD webinar ‘Digital devices in schools: detrimental distraction or secret to success?’ on 27 May 2024. The presentation was based on findings from PISA 2022 results and the webinar helped launch the PISA in Focus ‘Managing screen time: How to protect and equip students against distraction’ https://www.oecd-ilibrary.org/education/managing-screen-time_7c225af4-en and the OECD Education Policy Perspective ‘Students, digital devices and success’ can be found here - https://oe.cd/il/5yV
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfTechSoup
In this webinar you will learn how your organization can access TechSoup's wide variety of product discount and donation programs. From hardware to software, we'll give you a tour of the tools available to help your nonprofit with productivity, collaboration, financial management, donor tracking, security, and more.
How to Create Map Views in the Odoo 17 ERPCeline George
The map views are useful for providing a geographical representation of data. They allow users to visualize and analyze the data in a more intuitive manner.
How to Split Bills in the Odoo 17 POS ModuleCeline George
Bills have a main role in point of sale procedure. It will help to track sales, handling payments and giving receipts to customers. Bill splitting also has an important role in POS. For example, If some friends come together for dinner and if they want to divide the bill then it is possible by POS bill splitting. This slide will show how to split bills in odoo 17 POS.
1. TUTORIAL MIKROTIK STEP BY STEP
By: Anung Muhandanu
MikroTik Overview
Mikrotik now widely used by ISPs, hotspot providers, or by the owner of the
cafe. Mikrotik OS router makes the computer into a reliable network that is equipped
with various features and tools, for both wired and wireless.
In this tutorial the author presents a discussion and a simple and simple
instructions on configuring the proxy for certain purposes and the public is typically
collected in server / router cafe as well as other tissues, such configuration for
example, for server NAT, Bridging, BW management, and MRTG.
Mikrotik version I use for this tutorial is MikroTik RouterOS 2.9.27
Access MikroTik:
1.
via console
Mikrotik router board or PC can be accessed directly via the console / shell
and remote access using putty (www.putty.nl)
2.
via Winbox
Mikrotik can also be accessed / remotely using software tools Winbox
3.
via web
Mikrotik can also be accessed via web / port 80 by using a browser
•
Naming MikroTik
[ropix@IATG-SOLO] > system identity print
name: "Mikrotik"
[ropix@IATG-SOLO] > system identity edit
value-name: name
Enter the editor type for example I change the name IATG-SOLO:
IATG-SOLO
C-c quit C-o save&quit C-u undo C-k cut line C-y paste
Edit and then press Clrl-O to save and exit the editor
1
2. If using Winbox, it looks like this:
•
Changing the name of the interface:
[ropix@IATG-SOLO] > /interface print
Flags: X - disabled, D - dynamic, R - running
#
NAME
TYPE
RX-RATE
0 R ether1
ether
0
1 R ether2
ether
0
[ropix@IATG-SOLO] > /interface edit 0
value-name: name
TX-RATE
0
0
MTU
1500
1500
The value 0 is the value ether1, if you want to replace ethet2 value 0 replaced by 1.
Entrance to the editor, for example I replace it with name local:
local
C-c quit C-o save&quit C-u undo C-k cut line C-y paste
Edit and then press Cltr-o to save and exit the editor, Do the same for interfaces ether
2, so that if seen again will appear like this:
[ropix@IATG-SOLO] > /interface print
Flags: X - disabled, D - dynamic, R - running
#
NAME
TYPE
RX-RATE
TX-RATE
0 R local
ether
0
0
1 R public
ether
0
0
MTU
1500
1500
2
3. Via Winbox:
Select the menu interface, click the name of the interface that wants to be edited, so it
appears the edit window interface.
•
Setting IP Address:
[ropix@IATG-SOLO] > /ip address add
address: 192.168.1.1/24
interface: local
[ropix@IATG-SOLO] > /ip address print
Flags: X - disabled, I - invalid, D - dynamic
#
ADDRESS
NETWORK
BROADCAST
0
192.168.0.254/24
192.168.0.0
192.168.0.255
INTERFACE
local
Enter the IP address value in the column address and netmask, enter the name of the
interface that wants to be given an IP address. For public interface Interface 2,
namely, the same way as above, so that if seen again will be 2
interfaces:[ropix@IATG-SOLO] > /ip address print
Flags: X - disabled, I - invalid, D - dynamic
#
ADDRESS
NETWORK
BROADCAST
0
192.168.0.254/24
192.168.0.0
192.168.0.255
1
202.51.192.42/29
202.51.192.40
202.51.192.47
INTERFACE
local
public
3
4. Via Winbox:
•
Make Mikrotik NAT
Network Address Translation or more commonly referred to as NAT is a method to
connect more than one computer to the Internet network using a single IP address.
Number of use of this method due to limited availability of IP addresses, the need for
security , and the ease and flexibility in network administration.
Currently, the widely used IP protocol is IP version 4 (IPv4). With a length of the
address 4 bytes means that there are 2 to the power 32 = 4,294,967,296 IP addresses
available. This amount is theoretically the number of computers that can directly
connect to the internet. Because of this limitation most of the ISPs (Internet Service
Provider) will only allocate one address for one user and this address is dynamic,
meaning that a given IP address will be different every time the user connects to the
Internet. This will make it difficult for businesses to lower middle class. On the one
hand they need more computers are connected to the Internet, but on the other hand
only one IP address which means there is only one computer that can connect to the
internet. This can be overcome by using NAT. By NAT gateways that run on one
computer, one IP address can be shared with several other computer and they can
connect to the internet simultaneously.
Suppose we want to hide the local network / LAN 192.168.0.0/24 202.51.192.42
behind one IP address provided by ISP, which we use is a feature of Mikrotik source
network address translation (masquerading). Masquerading changes the data packets
from the IP address and port from the network 192.168.0.0/24 to 202.51.192.42
henceforth be forwarded to the global Internet network.
4
5. To use masquerading, source NAT rule with action 'masquerade' should be added to
the firewall configuration:
[ropix@IATG-SOLO] > /ip firewall nat add chain=srcnat
action=masquerade out-interface=public
If using Winbox, will look like this:
•
As a transparent web proxy mikrotik
One function is to store the proxy cache. If a LAN uses a proxy to connect to the
Internet, it is done by the browser when a user accesses a web server URL is to take
these requests on a proxy server. Whereas if the data is not contained in the proxy
server then proxies to pick up directly from the web server. Then the request is stored
5
6. in the cache proxy. Furthermore, if there are clients who make requests to the same
URL , it will be taken from the cache. This will make access to the Internet faster.
How to ensure that each user accessing the Internet through a web proxy that we have
enabled? To this we can apply the transparent proxy. With transparent proxy, every
browser on computers that use this gateway automatically goes through a proxy.
Enabling web proxy in mikrotik fiture:
[ropix@IATG-SOLO] > /ip proxy set enabled=yes
[ropix@IATG-SOLO] > /ip web-proxy set
cache-administrator= ropix.fauzi@infoasia.net
[ropix@IATG-SOLO] > /ip web-proxy print
enabled: yes
src-address: 0.0.0.0
port: 3128
hostname: "IATG-SOLO"
transparent-proxy: yes
parent-proxy: 0.0.0.0:0
cache-administrator: "ropix.fauzi@infoasia.net"
max-object-size: 8192KiB
cache-drive: system
max-cache-size: unlimited
max-ram-cache-size: unlimited
status: running
reserved-for-cache: 4733952KiB
reserved-for-ram-cache: 2048KiB
Make a rule for transparent proxy on the firewall NAT, precisely there masquerading
under the rule for NAT:
[ropix@IATG-SOLO] > /ip firewall nat add chain=dstnat ininterface=local src-address=192.168.0.0/24 protocol=tcp dst-port=80
action=redirect to-ports=3128
[ropix@IATG-SOLO] > /ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0
chain=srcnat out-interface=public action=masquerade
1
chain=dstnat in-interface=local src-address=192.168.0.0/24
protocol=tcp dst-port=80 action=redirect to-ports=3128
In Winbox:
1. Enable web proxy on the menu IP> Proxy> Access> Settings (check box enabled)
6
8. 3. Make a rule for transparent proxy on the menu IP> Firewall> NAT
•
Transparent proxy with proxy servers separate / independent
MikroTik Web Proxy built in according to my observations not so good compared to
the squid proxy in Linux, squid in Linux has more flexibility to be modified and
diconfigure, eg for delay-pool feature and ACL lists that include files, not in the proxy
series 2.9.x.
Usually most people prefer to create their own proxy servers, with PC Linux /
FreeBSD and live directing all clients to the PC.
Topology PC proxy can be in a local network or using public ip.
Configuration almost similar to the transparent proxy, the difference is in the action
NAT rule is as follows:
8
9. In the above example 192.168.0.100 is the IP proxy server port 8080
•
Mikrotik as a bandwidth limiter
Mikrotik can also be used for bandwidth limiter (queue). To control the data rate
allocation mechanism.
In general there are 2 types of bandwidth management at the proxy, the simple queue
and queue trees. Please use one only.
The next tutorial mikrotik all settings using Winbox, because it is more user friendly
and efficient.
Simple queue:
For example we will limit the bandwidth of the client with ip 192.168.0.3 that is for
upstream and downstream 128kbps 64kbps
Settings on the menu Queues> Simple Queues
Queue tree
Click the ip> firewall> magle
9
10. Make a rule (click the + red) with the following parameters:
On the General tab:
Chain = forward,
Src.address = 192.168.0.3 (or ip who want the limit)
On the Action tab:
Action = mark-connection,
New connection-mark = client3 con (or the name of the mark we created a
distinguished conection)
Click Apply and OK
10
11. Create another rule with the following parameters:
On the General tab: chain = forward,
Connection mark = client3-con (choose from dropdown menu)
On the Action tab:
Action = mark-packet,
New pcket Mark = client3 (or the name of the packet we created a distinguished
mark)
Click Apply and OK
Click the Queues> Queues Tree
11
12. Make a rule (click the + red) with the following parameters:
On the General tab:
Name = client3-in (eg),
Parent = public (which is the direction of outgoing interface),
Mark = client3 Package (choose from the dropdown, just that we make to magle)
Queue Type = default,
Priority = 8,
Max limit = 64k (for setting the bandwidth max download)
Click aplly and Ok
12
13. Create another rule with the following parameters:
On the General tab:
Name = client3-up (eg),
Parent = local (as an interface into which direction),
Mark = client3 Package (choose from the dropdown, just that we make to magle)
Queue Type = default,
Priority = 8,
Max limit = 64k (for setting max upload bandwidth)
Click aplly and Ok
Mikrotik as Bridging
Bridge is a way to connect two separate network segments together in a protocol
itself. Packages that are forwarded based on Ethernet addresses, not IP addresses
(such as routers). Because the packet forwarding done at Layer 2, all protocols can be
via a bridge.
So the analogy is like this, you have a local network 192.168.0.0/24 gateway to an
ADSL modem which also as a router with a local ip 192.168.0.254 and public ip
222.124.21.26.
You want to create a proxy server and proxy as a BW management for all clients.
Well want to put the location for the PC mikrotik? Among the hub / switch and
gateway / modem? Do not be like him as a NAT and we have to add 1 block io
private again different from the gateway modem?
The solution set as a bridging proxy, so seolah2 he only bridge between UTP cable
only. Topology as follows:
Internet----------Moderm/router-----------Mikrotik--------Switch/Hub-----Client
Setting bridging using Winbox
1. Add a bridge interface
Click the Interface menu and then click the + sign to add a red color interface, select
the Bridge
13
14. to name bridge interface, eg, we named bridge1
2. adding ether interface on the local and public interface
Click the IP> Bridge> Ports, then click the + sign to add a new rule:
Make 2 rules, to local and public interface.
3. Giving IP address to bridge interface
Click the IP menu and then click the + sign to add an interface IP, eg 192.168.0.100,
select bridge1 interface (or the name of the bridge interface that we created earlier)
14
15. By giving the IP address on bridge interface, the proxy can be either remote from the
network which is connected to a local interface or the public.
Mikrotik as MRTG / Graphing
Graphing is a tool in mokrotik enabled to monitor changes in the parameters at any
time. Changes that change the form of graphs uptodate and can be accessed using a
browser.
Graphing can display the information in the form:
* Resource usage (CPU, Memory and Disk usage)
* Traffic passing through the interfaces
* Traffic through simple queues
Activating the function grapping
Click the Tools menu> Graphing> Resource Rules
Is to enable graphing for Mikrotik resource usage. While allow address is anywhere
IP that can access these charts, 0.0.0.0 / 0 for all ip address.
Click the Tools menu> Graphing> Interface Rules
Is to enable graphing for monitoring traffic passing through the interface, please
select which interface you want monitored, or select "all" for all.
15
16. Graphing consists of two parts, first to collect information / data that both show in a
web format. To access the graphics, type the URL with the format http://
[Router_IP_address] / graphs / and choose from the menus there, where you want to
display graphics.
Sample results graph for traffic public interface:
Similarly, the authors convey a little tutorial for just sharing the knowledge or
simplify for easy understanding of the tutorials that are already available on the
official site mikrotik.
Warmest Regards,
Anung Muhandanu
16