MikroTik Router board
Who is MikroTik and what is a Router board?
MikroTik are a Latvian based manufacturer who produce networking equipment namely Wireless and Router products, and one particular product we have been toying with is a Router board RB2011UAS-RM a 1U rack-mountable device with an LCD touchscreen which typically sells for around the £100* price mark. Linitx are not only MikroTik Certified Consultants but also sell an entire array of MikroTik products via their website. We contacted LinITX due to previously ordering M0n0wall/pf Sense based firewall devices from them. Which until now has served us and our clients very well for many years . However since FTTC (Fibre to the cabinet) has become more prevalent the throughput on these devices struggles without expensive hardware.
The Router Board (Router OS) is based on the Linux kernel, which then runs on these devices or can run on x86 hardware to provide a powerful network router. Which implements many of the features needed like DNS, DHCP, Fire walling, VPN, Bandwidth shaping/control. And Wireless hotspot/captive portal to name but a few. Depending on your requirements various models and OS Levels are available. And our device came preloaded with Router OS Level 5 ready to go out of the box.
Depending on what you prefer, router board screens are configured in several ways:
- WebFig – This is web based utility which provides access to the router to perform tasks such as monitor, configure and troubleshoot. Web Fig is an alternative to Win Box which is accessible on the routers ip address.
- WinBox – A Win32 utility which again will permit administration of the router but in a Windows environment. It is possible to run Win Box under Linux and Mac OSX under Wine.
- CLI – It is also possible to use Command Line Interface to access. And configure the router via Telnet, SSH, WinBox Terminal, Serial Cable (provided it has a serial connection)
Basic Setup
In the most recent version of Router OS (v6) this now includes a Quick option. Which will help most users quickly set the Router boards IP address, NAT, WAN IP and DHCP Server. Depending on what you are connecting to, in our case a PPPOE connection and have applied the Quick Set options you should now have a basic working router configure.
If you have not done so already, change the admin password ! System->Password.
Top Tip: Something you will find extremely essential as you setup/modify or test rules is ‘Safe Mode‘ I cannot stress this enough – at some point something you do or add will cause you to lose connection with your RB device, safe mode holds off applying your changes so a simple reboot of the RB will undo these changes and place you back where you were before the lock out. Safe Mode is your best friend here.
Next step is to set the clock. This way any logs will show a correct time/date which can be useful when tracking down changes. To do this Select System->Clock and select the tab Manual Time Zone. Here you can enter the Time Zone and any DST time settings that are required. In order to set the time you can select the tab called time and manually put this in. However it is generally better to use a NTP server to sync with. To do this select System->NTP Client and here set the required NTP servers (Primary/Secondary) and correct mode i.e Unicast and then select the tick box Enable. And even you have not yet set the time manually the RB should now automatically set the time from your preferred NTP server.
If you have not done so already it would be good to set a name for your RB device using the System->Identity – this will help if you manage multiple devices in your organization. If you are the sole admin of the RB you may not need to allow other user access. However you may need to setup other users with varying levels of permissions. This can be done via the System->Users menu option which you can then add other users, set specific groups etc.
Packet Filtering
Setting some basic filtering will help protect the Router, opening a Terminal and copy/paste the following is the quickest way to do this. It is possible to do this via the IP->Firewall-Filter Rules route .
Now that you have a very basic router setup, some input filtering and basic NAT rules the world is your oyster. The MikroTik Router OS perfom many features and complex tasks which I have not even begun to explore here. There are many useful videos, guides and user submitted scripts to cover most topics.
MikroTik International Training Programs and Certifications:
MTCNA
Mikrotik Certified Network Associate This course is the first and most basic course in the series of training courses of Mikrotik Company and it has practically no prerequisites. However, for better understanding, learners must have an initial acquaintance. With the concepts of network and IP protocol. And the TCP / IP model In this course, learners will be fully acquainted with the basic concepts of network equipment and micro-technology.. Such as (Router OS operating system and Router Board hardware). They also cover other topics in the higher courses in detail. At the end of the course, learners are able to make initial adjustments to the MikroTiks. They will also be able to set up Routing, DHCP, DNS, Wireless, Tunnel, Firewall and Queue, etc.
MTCRE
Mikrotik Certified Routing Engineer Prerequisite for this training course is MTCNA course. In the course of MikroTik Routing Engineering, the concepts and settings related to routing on MikroTik will be fully taught. At the end of this course, students will be able to set up static and dynamic routes such as OSPF, as well as tunnel and VLAN settings, etc.
MTCWE
Mikrotik Certified Wireless Engineer Prerequisite for this training course is MTCNA course. In the MTCWE training course, the concepts and settings of various types of wireless links will be fully taught using MikroTik. At the end of this training course, students will be able to set up all modes of wireless links such as Point to Point or Point to Multipoint.
conclusion
As a result in this article we explained the MikroTik and Router board so we hope you enjoy it.