I have started recently at a ISP. We use quite a bit of microtik hardware and my boss would like me to learn how to program this type of stuff. I would like to thank you for showing me the basics. I will be going through this series and learning.
Thanks for the feedback, you can also consider watching my free MTCNA guide that I have been posting on TH-cam. Here's the playlist! th-cam.com/play/PLJ7SGFemsLl3XQhO8g0hHCrKnC6J3KURk.html
Another tip is to do "system routerboard upgrade" when you are done with the firmware upgrade. ensuring the RB is also on latest firmware. Thank you for coming back to us. great work!!
I love your channel. Could you make a video where you show and explain how to configure 4 public IP addresses (4x/32) on WAN and internal traffic still gets routed on mikrotik, not on ISP network?
How are the 6 routers connected? I assume you are using EVE-NG, you can try and connect all the routers to the management cloud. This should in theory allow you to see all the routers in the neighbors list and to connect to them. Otherwise you could also connect then all and enable ROMON then connect to the one device you have access to on ROMON (inside winbox) then this will allow you to connect to all the devices. I have some videos on the channel that covers ROMON, otherwise you can take a look at the MT docs: help.mikrotik.com/docs/display/ROS/RoMON
Yes, though you would do that through the MikroTik's firewall where you can use the "Input" chain and allow SSH only on a specific interface and then block SSH on other interfaces. You could also use interface lists instead of just specifying individual interfaces.
4 ปีที่แล้ว
Hi, thanks for the great video. it's exactly the situation I'm trying to simulate me for. But when I add another Mikrotik, he just doesn't take the DHCP address. He takes it from DHCP only from the NET network. An ordinary VPC will take her. When I set a fixed IP from the recent range in Mikrotik-2, I see it in the neighbors in Mikrotik-1, I can pink on it, but I can't get on it via Winbox and it won't even appear there. I don't know if something will be misconfigured in EVE NG. Could you give me an advice please?
Hello, please explain how to emulate WAN with mikrotik router. What i want to accomplish is to emulate internet using one router and 3 router connected to this one. The idea is that there is there is a HQ network and 2 branch networks, i want to make l2tp/ipsec connections from branch offices to HQ. HQ and branch offices have STATIC IPs. But i don't know how to emulate internet using mikrotik. Maybe i should just setup static IPs on every router?Basically branch office gateways should have access to HQ gateways through emulated WAN
Well what you could do is just connect all MikroTiks to the management cloud and emulate each interface having a WAN IP. Or just create a single "WAN" MikroTik in the middle where all MikroTiks connect to that is used to route traffic to each WAN interface. Hope that makes sense and good luck with your labbing :)!
@@TheNetworkBerg Thanks for the answer, how to setup static routing between hosts connected to that "WAN" router. Should i look up about static routes setup?
@@デク-b7j I have a video in this getting started playlist about static routing which you can go over. But essentially you will just point each 0.0.0.0/0 route to the WAN router and the WAN router will know how to get to each WAN IP so that you can create your IPSEC tunnels.
Hello E, if you right click on the topology there should be a "Network" option, select this and from there you can create a bridge to your management network in Eve to give internet access. it is called "Management(Cloud0)"
Hey. I recently got a MikroTik Router for a school project and I have no idea on navigating my way in getting started with the basic configuration and the rest. Checked out on how to do so, and sadly noticed the videos are old, not updated, a lot of changes, updates like Winbox64 has been made and mostly you have been very active. By the way, Nice video but looking at this and now. This video is old. I will really appreciate and be truly blessed if you could guide me in this my small project in getting started with the basic configuration. Please I need help.
What do you need help with exactly? You can also watch my newly released MTCNA course which covers most of the basics in ROS. th-cam.com/play/PLJ7SGFemsLl3XQhO8g0hHCrKnC6J3KURk.html
Thanks for the kind words :) Well... According to ISOC (Internet Society) MikroTik is very much up there when it comes to connecting to the internet with Cisco and Juniper. I also tend to see ISPs prefer using MikroTiks as a CPE for customer sites since the device is a lot cheaper than its competitors and it has all the functions you want to see in a CPE. Personally I work with MikroTik on a daily basis so there is definitely work for MikroTik Engineers.
Sir Berg, we are hoping you can include the Captive Portal guide in Free MTCNA that include vouchers and facebook login. Thank you coming from Cebu, Philippines.
Very informative videos. Please do a video on running a PPPoE server on a VLAN combined with another VLAN running on the same interface for Ubiquiti Airmax devices bridge management
wait i am new here but did just this, logged into winbox via the mac, on port 2.. i added a /30 to my WAN port x.x.x.2 GW .1 on eth1 plugged into my PC to test, made my pc .1 and i cannot connect via web/telnet/ or winbox.. but i can PING... this is a fresh mikrotik out of the box... What is it with eth1? Thanks
When you say fresh, do you mean out of the box with the default configuration or have you removed the default configuration by doing a factory-reset no-default-configuration? MikroTik default configuration has a lot of firewall rules blocking a lot of traffic on Eth1 so that is why stuff like management won't work if you run the default config
@@TheNetworkBerg hey thanks for quick response.. Yes Fresh out.. why all the videos im watching show nothing of the sort.. to be fair, im a cisco/brocade router jockey so i get routing 100% all day... but this eth1 has me plagued.... and i can't find anything to work around.. How to make eth1 x.x.x.2 reachable from the outside world if its Public sitting off a router port?? Thanks
If you want to setup DHCP for the same scope on two different interfaces you will need to bridge those interfaces. Note though that when you select an interface for the DHCP you must select the Bridge interface and not one of the two interfaces.
Hello, I make use of EVE-NG, in this video I was using the community edition which is totally free to use, to get EVE-NG please visit their site at eve-ng.net (PS video will also show you how to install :) ) th-cam.com/video/uEH3IN1295k/w-d-xo.html
I thought you said it was very basic. Well i must be very stupid because you lost me in your first 3 minutes. Don't you have something that can setup a basic ap for home use that gets the internet wirelessly from another router.
Sorry if I lost you in the video, this video does not cover wireless at all unfortunately and is more or less just introducing you to how to add basic things like IP addresses to interfaces and how Winbox works. What it sounds like is you really just want to connect to another AP's SSID which you can do from the WLAN of your router then just configure DHCP on the WLAN interface to obtain an IP and route traffic to the internet through its default gateway received from the DHCP server I could recommend looking at TKSJA's channel who created content specifically aimed at home users. th-cam.com/channels/_vCR9AyLDxOlexICys6z4w.html
@@TheNetworkBerg Hello Berg, thanks for your response, yes that is what i want to do. I have read your other reply, so now i understand who you are targeting as viewers. ISP geeks. 😇. But i do get lots of info from your vids so thanks for that.
Ok, now upload a similar video without that command line mumbo jumbo that a lot people aren't eager to use, or do you seriously believe that everyone is your level?
Hi SamC, I am showing you how to do this on WinBox and the CLI, if you don't like the CLI bits you can skip forward. Do not be intimidated by the CLI though it is a very useful tool and can be a lot faster to configure or troubleshoot your networks. Once you are comfortable with the CLI you can more easily also manage or transition into different vendors equipment like Cisco or Juniper that do not make use of a GUI for the bulk of their configurations so I think using CLI as a beginner is definitely something that people should get used to.
As part of a basic setup, I wanted to ask a question related to this diagram i.mt.lv/cdn/product_files/RB750Gr3-dsw_161117.png. How would one disable switching?
By removing the default configuration or removing the bridge that the ports are assigned to, this should eliminate switching and each port will work on its own broadcast domain.
Because WWW runs on HTTP and is vulnerable, I would always recommend disabling HTTP unless you are only going to use webfig to manage your device and then even in that case I would suggest changing the ports and enforcing allowed from IPs on the IP Service and Firewall Rules.
I have started recently at a ISP. We use quite a bit of microtik hardware and my boss would like me to learn how to program this type of stuff. I would like to thank you for showing me the basics. I will be going through this series and learning.
Thanks for the feedback, you can also consider watching my free MTCNA guide that I have been posting on TH-cam. Here's the playlist!
th-cam.com/play/PLJ7SGFemsLl3XQhO8g0hHCrKnC6J3KURk.html
Another tip is to do "system routerboard upgrade" when you are done with the firmware upgrade. ensuring the RB is also on latest firmware. Thank you for coming back to us. great work!!
Great video - very helpful. Thanks!
Berg, you are the best!
Welcome back, Looking forward to the series man👍
Appreciate it!
very interesting way to teach. think you so much. god bless you
thank you boss yes your presentation was very informative a big of help to all the IT guys
Glad it was helpful!
Perfect stuff! Just what I was looking for.
Need a help with my mikrotik router, I did the configuration but the internet is not there
I love your channel. Could you make a video where you show and explain how to configure 4 public IP addresses (4x/32) on WAN and internal traffic still gets routed on mikrotik, not on ISP network?
i have 6 routers in my lab but only one of them is showing up in winbox what am i doing wrong ? i thought i had a grasp on this.
How are the 6 routers connected? I assume you are using EVE-NG, you can try and connect all the routers to the management cloud. This should in theory allow you to see all the routers in the neighbors list and to connect to them. Otherwise you could also connect then all and enable ROMON then connect to the one device you have access to on ROMON (inside winbox) then this will allow you to connect to all the devices.
I have some videos on the channel that covers ROMON, otherwise you can take a look at the MT docs:
help.mikrotik.com/docs/display/ROS/RoMON
@@TheNetworkBerg Thank you I'll give it a go.
Looks pretty easy. Thanks.
Regarding SSH access to the mikrotik devices, can you limit which IP interfaces allow SSH to them?
Yes, though you would do that through the MikroTik's firewall where you can use the "Input" chain and allow SSH only on a specific interface and then block SSH on other interfaces. You could also use interface lists instead of just specifying individual interfaces.
Hi, thanks for the great video. it's exactly the situation I'm trying to simulate me for. But when I add another Mikrotik, he just doesn't take the DHCP address. He takes it from DHCP only from the NET network. An ordinary VPC will take her. When I set a fixed IP from the recent range in Mikrotik-2, I see it in the neighbors in Mikrotik-1, I can pink on it, but I can't get on it via Winbox and it won't even appear there. I don't know if something will be misconfigured in EVE NG. Could you give me an advice please?
Hello, please explain how to emulate WAN with mikrotik router. What i want to accomplish is to emulate internet using one router and 3 router connected to this one. The idea is that there is there is a HQ network and 2 branch networks, i want to make l2tp/ipsec connections from branch offices to HQ. HQ and branch offices have STATIC IPs. But i don't know how to emulate internet using mikrotik. Maybe i should just setup static IPs on every router?Basically branch office gateways should have access to HQ gateways through emulated WAN
Well what you could do is just connect all MikroTiks to the management cloud and emulate each interface having a WAN IP. Or just create a single "WAN" MikroTik in the middle where all MikroTiks connect to that is used to route traffic to each WAN interface. Hope that makes sense and good luck with your labbing :)!
@@TheNetworkBerg Thanks for the answer, how to setup static routing between hosts connected to that "WAN" router. Should i look up about static routes setup?
@@デク-b7j I have a video in this getting started playlist about static routing which you can go over. But essentially you will just point each 0.0.0.0/0 route to the WAN router and the WAN router will know how to get to each WAN IP so that you can create your IPSEC tunnels.
can you please tell me how did you configure the "net" node? The one that is representing the cloud/internet!
Hello E, if you right click on the topology there should be a "Network" option, select this and from there you can create a bridge to your management network in Eve to give internet access. it is called "Management(Cloud0)"
I would like some more info on The Dude -
Hey. I recently got a MikroTik Router for a school project and I have no idea on navigating my way in getting started with the basic configuration and the rest. Checked out on how to do so, and sadly noticed the videos are old, not updated, a lot of changes, updates like Winbox64 has been made and mostly you have been very active. By the way, Nice video but looking at this and now. This video is old. I will really appreciate and be truly blessed if you could guide me in this my small project in getting started with the basic configuration. Please I need help.
As I humbly wait for a response.
What do you need help with exactly? You can also watch my newly released MTCNA course which covers most of the basics in ROS.
th-cam.com/play/PLJ7SGFemsLl3XQhO8g0hHCrKnC6J3KURk.html
Nice video 👍 Is there much work out there for a mikrotik engineer?
Thanks for the kind words :) Well... According to ISOC (Internet Society) MikroTik is very much up there when it comes to connecting to the internet with Cisco and Juniper. I also tend to see ISPs prefer using MikroTiks as a CPE for customer sites since the device is a lot cheaper than its competitors and it has all the functions you want to see in a CPE. Personally I work with MikroTik on a daily basis so there is definitely work for MikroTik Engineers.
@@TheNetworkBerg thank you for the detailed reply, subscribed :)
Sir Berg, we are hoping you can include the Captive Portal guide in Free MTCNA that include vouchers and facebook login. Thank you coming from Cebu, Philippines.
Very informative videos. Please do a video on running a PPPoE server on a VLAN combined with another VLAN running on the same interface for Ubiquiti Airmax devices bridge management
what about NTP settings? All my logs are from 1.1.1970
th-cam.com/video/hdC1vZHNjeE/w-d-xo.html
thanks it is good tutorial
Terimakasih informasinya
wait i am new here but did just this, logged into winbox via the mac, on port 2.. i added a /30 to my WAN port x.x.x.2 GW .1 on eth1 plugged into my PC to test, made my pc .1 and i cannot connect via web/telnet/ or winbox.. but i can PING... this is a fresh mikrotik out of the box... What is it with eth1?
Thanks
When you say fresh, do you mean out of the box with the default configuration or have you removed the default configuration by doing a factory-reset no-default-configuration?
MikroTik default configuration has a lot of firewall rules blocking a lot of traffic on Eth1 so that is why stuff like management won't work if you run the default config
@@TheNetworkBerg hey thanks for quick response.. Yes Fresh out.. why all the videos im watching show nothing of the sort.. to be fair, im a cisco/brocade router jockey so i get routing 100% all day... but this eth1 has me plagued.... and i can't find anything to work around..
How to make eth1 x.x.x.2 reachable from the outside world if its Public sitting off a router port??
Thanks
How to setup same DHCP server on 2 interfaces?
If you want to setup DHCP for the same scope on two different interfaces you will need to bridge those interfaces. Note though that when you select an interface for the DHCP you must select the Bridge interface and not one of the two interfaces.
Thank you so much for the tutorial
Can you please tell me which emulator that you use, is it free or paid..
Hello, I make use of EVE-NG, in this video I was using the community edition which is totally free to use, to get EVE-NG please visit their site at eve-ng.net (PS video will also show you how to install :) )
th-cam.com/video/uEH3IN1295k/w-d-xo.html
Great guide! Have my like and subscribe!
SSH failed cause port typed was 2202 instead of 2201.
That is correct :)
I thought you said it was very basic. Well i must be very stupid because you lost me in your first 3 minutes. Don't you have something that can setup a basic ap for home use that gets the internet wirelessly from another router.
Sorry if I lost you in the video, this video does not cover wireless at all unfortunately and is more or less just introducing you to how to add basic things like IP addresses to interfaces and how Winbox works. What it sounds like is you really just want to connect to another AP's SSID which you can do from the WLAN of your router then just configure DHCP on the WLAN interface to obtain an IP and route traffic to the internet through its default gateway received from the DHCP server
I could recommend looking at TKSJA's channel who created content specifically aimed at home users.
th-cam.com/channels/_vCR9AyLDxOlexICys6z4w.html
@@TheNetworkBerg Hello Berg, thanks for your response, yes that is what i want to do. I have read your other reply, so now i understand who you are targeting as viewers. ISP geeks. 😇. But i do get lots of info from your vids so thanks for that.
Ok, now upload a similar video without that command line mumbo jumbo that a lot people aren't eager to use, or do you seriously believe that everyone is your level?
Hi SamC, I am showing you how to do this on WinBox and the CLI, if you don't like the CLI bits you can skip forward. Do not be intimidated by the CLI though it is a very useful tool and can be a lot faster to configure or troubleshoot your networks. Once you are comfortable with the CLI you can more easily also manage or transition into different vendors equipment like Cisco or Juniper that do not make use of a GUI for the bulk of their configurations so I think using CLI as a beginner is definitely something that people should get used to.
As part of a basic setup, I wanted to ask a question related to this diagram i.mt.lv/cdn/product_files/RB750Gr3-dsw_161117.png.
How would one disable switching?
By removing the default configuration or removing the bridge that the ports are assigned to, this should eliminate switching and each port will work on its own broadcast domain.
Why disable www
Because WWW runs on HTTP and is vulnerable, I would always recommend disabling HTTP unless you are only going to use webfig to manage your device and then even in that case I would suggest changing the ports and enforcing allowed from IPs on the IP Service and Firewall Rules.