Showing posts with label mikrotik. Show all posts
Showing posts with label mikrotik. Show all posts

Mikrotik Hotspot Redirect After Login

August 22, 2014
This tutorial assumed you already create Hotspot in your router. If you don't know how to create a hotspot in Mikrotik router, click here and create the Hotspot. .

After successfully creating the hotspot server go to "Files" Menu of  the main Window of Mikrotik router Copy "hotspot" folder into your PC.


Open "alogin" file with text editor


Replace "link-redirect" text with your desire URL




Now you're done! After successfully logging into the Hotspot server your client automatically redirects to your external link. 

Don't forget to copy this folder into Mikrotik Router "Files" Menu. You can also drag and drop this folder into "Files" menu. 
Tags # mikrotik # network Continue Reading
By at
Tags ,

Open DNS Recursive Resolver Attack

January 02, 2014
Dear blog reader, few days back I have face a huge DNS Amplification/Reflection attack from Mikrotik (MT) router. The Attack has been organized from different source to different destination. 

This attack also has been seen in different vendor router like d-link di-1705b, Buffalo,AirLive, Cisco(Cisco Systems, Inc. Firmware: 4608)

The Attack is possible because of MT router apply following tcp and udp packet filter destination port 53.

 IP>firewall>filter rules
chain=input action=drop protocol=udp in-interface=ether1-WAN dst-port=53
chain=input action=drop protocol=tcp in-interface=ether1-WAN dst-port=53

Same rule can be maintain for other router to block and disable resolver.

Please Note: in-interface should be your WAN port.

How to check your IP is used as open resolver

Linux command

#dig -t A jpudasaini.com.np @8.8.8.8

Note: Replace 8.8.8.8 with your IP address


Tags # cisco # mikrotik # network Continue Reading
By at
Tags , ,

How to create VPN/PPTP server on Mikrotik RouterOS.

December 27, 2013
Dear Blog reader today I'm going to setup VPN/PPTP server for Mikrotik RouterOS. Its very easy to set it up. Just follow below tutorial.

Logical Diagram for this tutorial.



Step1:
Go the IP>Pool>
Give Pool for your VPN server IP address list. See below



 Step 2:
Now Click on PPP> Interface>PPTP server>
Now check Enable to enable the server


Step 3:
Go to profile>
Name:- Give name
Local Address:- choose what you name while creating POOL
Remote Address:- Same as Pool name
DNS:- Give free or given by your ISP



Step 4:
Click on Secrets>
Name:- This is a username to login to VPN server
Password:- Password for your username
Profile:- What you create previous in VPN profile.


Now your VPN server is ready to login. If your VPN profile need to internet access then add to NAT under firewall 
Go the firewall>NAT and add your IP address then masquerade VPN server IP address.

General>Chain>srcnat>src Address>10.10.10.0/29>Out Interface>WAN1>action>masquerade





Tags # mikrotik # network Continue Reading
By at
Tags ,

Script for mikrotik router

June 13, 2013
Here is some script of Mikrotik router to add IP address and make queue list on top.

Adding such a huge IP Address one by one is very difficult and time consuming task. So here a script to add IP Address in Mikrotik router.

Tested on MT OS verson 5.x

 Make sure you already open the MT with Winbox, in my case I already done.
Click on System Menu on the left and choose Script from popup menu, see below


Now on Script list window. click Plus(+), then copy paste below script on source field. Like in picture

:for i from=2 to=51 do={/queue simple add name="192.168.20.$i" target-address="192.168.20.$i/32" max-limit="64000/128000" parent=Night-User time=19h-7h,sun,mon,tue,wed,thu,fri}

(Modified it with our requirement)



To view the queue list, which we have just add Click on Queues on the left pane, you can see look like this.


This Script make your queue list at top of the list. 

/queue simple move [find name=(you-name)] 0



Tags # mikrotik # network Continue Reading
By at
Tags ,

Mikrotik SXT 5nD r2 setup in bridge mode

May 31, 2013
How to connect two Mikrotik RouterBoard SXT 5nD r2 devices together in Bridge Mode
Upgrading you SXT's to the Latest version of RouterOS
Doing a Bandwidth Test between two RouterBoard SXT-5nD's


Mikrotik routerboard default IP is 192.168.88.1

You can connect with routerboard by WinBox through IP and MAC address. You need to download WinBox from mikrotik website.

By default routerboard have Admin as username and blank password.

If you want to connect with device through IP then don't forget to add same network address into your pc NIC, otherwise connection isn't established. Else you can connect through MAC so choose MAC address from Elipsis next to "connect" field.

When you login, "RouterOS Default configuration" screen is popup. click okay.

Do same for other device to login to routerOS
If you followed the process then you already open both device.

Now you can set a HostName for those devices.

  • Click on the system button on the left then Identity
  • Change the name to something useful.
  • Make the change to both radios

Connecting Wireless radio

 Steps to followed

  • Click the wireless button on the top left
  • "Wlan1" interface is grayed or dimmed, this means its currently disabled.
  • Right click "wlan1" interface and click Enable from dorpdown menu or just Blue Check button on top of menu bar. Now you can see the interface is enabled.

Its time to change radios device to Accesspoint and "Client"

Step to followed to make AccessPoint.
Access Point Configuration
  • Double click on Wlan1
  • Click the wireless tab at the top, next to General tab
  • Click the Mode drop-down menu and choose "Bridge"
  • Click the Band drop-down menu and choose "5Ghz-only-N"
  • On Channel Width  drop-down choose "20/40MHz HT Above
  • Choose "nv2" on Wireless Portocol
  • Click the HT tab at the top, next to wireless tab
  • From HT Guard Interval drop-down menu choose "long"
  • Select all 4 HT chain options and also select  all HT AMPDU priorities 
  • Click on WDS tab, on WDS mode drop-down menu choose dynamic.
  • And WDS Default  Bridge "bridge1"
  • On Nstreme tab select "Disable CSMA" and Framer policy "dynamic size"
  • Now select Apply button on the top right.








Client Configuration


 Step to follow for client
  • Double click on wlan1
  • Click on Scan button on the right
  • The AP must show up, if it isn't, follow above steps again, if its does, then click on the SSID shown in the list and click the "connect" button then 'close'
After doing so you have connect client to AP. Wait we need change something more here .

Go to back to the wireless tab.
  • Click the Mode drop-down menu and choose "Station Bridge"
  • Click the Band drop-down menu and choose "5Ghz-only-N"
  • On Channel Width  drop-down choose "20/40MHz HT Above
  • Click the wireless protocol drop-down and choose "Any"
  • ON HT tab next to wireless tab select 4 HT chain options
  • From HT Guard Interval drop-down menu choose "long"
  • Then select all HT AMPDU priorities
  • Now click Apply button on right side.






On the wireless tables window you can see "R" next to the Wlan Interface. This indicate the cleint is register and connected to the AP.

Bandwidth test Between two SXT

  • Click the Tools button on the left then choose Bandwidth Test
  • Change the "Test To:" field to the address of the client - 192.168.88.1
  • From Protocol either choose "udp" or "tcp"
  • On Direction drop-down menu either choose of your choice 
  • Click the "user" field and enter admin for the username.
  • Now click Start button top right of the menu.
Here is my bidirectional TCP test.


Tags # mikrotik # network Continue Reading
By at
Tags ,

Basic Configuration Mikrotik Router

May 14, 2013
Make sure you have download Winbox from mikrotik site and plug MT Router power adapter into the power socket. Open the winbox and login with username admin and blank password. After that follow up below process for Basic router configuration.

Setp 1: Click on IP>Address>click Plus sign. Then Add IP address like below.

Type WAN IP here(IP provide by your ISP) and choose WAN interface.
Step 2: Again click On plus sign and add LAN IP and choose LAN interface.
Step 3: Add DNS, Click on IP>DNS>type ISP provided DNS here(I use open DNS ).
Step 4: To add route, Click on IP>Routes>click Plus sign, Add Your ISP's gateway here.
Step 5: NAT, Click on IP>Firewall>Click on NAT> click on + sign.
Choose <srcnat> Out. interface<WAN port> Apply>OK
On Action tab, choose masquerade>Apply and OK.
Step 6: Setup DHCP, IP>DHCP server>DHCP Setup>
Now follow up onscreen process.

                                         



<On this field Choose Your ISP DNS server> 
Now your router is ready to use.
Enjoy







Tags # mikrotik # network Continue Reading
By at
Tags ,

Simple Failover Mikrotik

May 13, 2013
Simple fail-over Mikrotik router configuration.
Most of the user wants backup link (Fiber link with Wireless backup), in case fiber down wireless link auto up. No downtime for the user. Here is simple setting on Mikrotik for fail-over.
I'm very great full to Anton to point out the mistake in src-address. It has been corrected now.

****default routes for new outgoing traffic.****
/ip route
add dst-address=0.0.0.0/0 gateway=ISP-GW-ADDR-1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=ISP-GW-ADDR-2 distance=2

++masquerade both WAN connections++
/ip firewall nat
add chain=srcnat src-address=192.168.0.0/24 out-interface=WAN-1 action=masquerade
add chain=srcnat src-address=192.168.0.0/24 out-interface=WAN-2 action=masquerade

Thats it.



Tags # mikrotik # network Continue Reading
By at
Tags ,

Mikrotik RouterOS update!!!!

January 20, 2013

How to upgrade Mikrotik RouterOS

 On the top of the WinBox screen we can clearly see the current version for RouterOS, Which is being currently used.  It is good idea to update RouterOS for better performance and security issue. The routerOS is downloaded from Mikrotikdotcom.

When file is downloaded, Open the folder or upzip the folder, right click and select all file then select COPY.
Now follow these step to each device.

-Click on File button on the left side.
-Click on Clipboard Icon from the File List window

Here you can see while file being started to upload.
When it's done then go to the System Button and then click Reboot.
After sometime you can heard double beep that's mean your device is ready to go.

Important: Make sure you don't disconnect the power while upgrading the device.Otherwise you surely broak the hardware.

Upgrading the firmware.

 We connected with our desire device.
-click the New Terminal button on the left side.
-Type "system routerboard upgrade".
-Enter y to confirm you want to upgrade.
-For reboot the device go to the system>Reboot or just type sys reboot then y to proceed.

Tags # mikrotik # network Continue Reading
By at
Tags ,

Setup Hotspot In Mikrotik Router

November 15, 2012

How to setup Hotspot in MT router


Lets began with Winbox Mikrotik login tool.

 Now You logged into the router, Then click on Address to add IP address 
 Type the IP address like below
 IP has bee setup. Now click On IP>Routes to add route. Most of the time your router already set default routes, you don't have to do anything, encase of you don't see in route then follow the this step.
  Its time for DNS setting. Click On IP got to DNS then Click on Setting tab.
Here you can type your DNS provided by you ISP.
For NAT. Click on IP>firewall>NAT>Plus sign, a NAT window open, see below
Then click on Acton tab and select masquerade.
Its time to setup hotspot, here are picture which show you how to setup hotspot.
Add user and user log on window. 
User log in.
Tags # mikrotik # network Continue Reading
By at
Tags ,