Hi all
Is there a way to mass manage Mikrotiks from one point? Things like doing OS updates changes in configurations. I think this would help a lot on a large network.
I am sure that others have done what I did: I have a mysql database and scripts on a server that audit/update devices. It of course uses APIs that others in the community have developed and graciously published as open source. I have 235 Mikrotik devices currently being managed, not counting spares on the shelf.
I am not aware of any “product” that will manage a large network of devices. I am thinking of publishing my system, but I haven’t gotten around to developing a web interface for it yet. It currently runs/updates via the command line on the virtual machine that it resides on.
In my limited experience, I’ve been very happy with the granular control and monitoring capabilities of a mikrotik router paired with ubiquiti unifi network switches and AP (managed by unifi controller). The unifi has a central management web-GUI for their switches and APs, you can even start rolling fw updates of all equipment with one click.
In a few clicks (without any typing) you can copy settings between APs and switches for fast deployment. Almost like networking for dummies. I learned much of my knowledge from using unifi.
However unifi-controller’s router ui is so simple and limited in what you can do, it doesn’t hold a candle to winbox.
Thats great for Ubiquiti Unifi gear but completely awry of the question, Mikrotik also has a similar controller for AP’s in their CAPsMAN package. Your post reeks of corporate shill and is completely useless to the topic.
To answer OP, I too have rolled out my own in-house NMS for Mikrotik routers en-mass, although its not fully comprehensive it does what i need it to do (manage a few address lists and reoprt some info not available/suited to SNMP), all based on the RouterOS API.
Thanks for your replies. I wish there was one central management system for Mikrotik just like Ubiquiti. It would help ease the job. I work for an ISP and we use MIkrotik. The network is growing too big that’s why I thought of this.
Look into the Tr069 protocol, there are both commercial and open source applications for this
i.e.
commercial - avsystem
open source - freeacs, genieacs
These are good for client devices and pulling config on boot, but in terms of edge/bottom fo tower etc where you dont want to reboot and manage things like firewall entries etc its not that great.
My centralised system spawned out of literally just adding IP’s to the management whitelist and building from there. When out in the field and we need to add a temporary IP, hit my web portal and it adds it to every router for 30 minutes (or however long) couldnt do that via tr069 without rebooting the router.
There is at least one commercial product, Unimus, which handles mass config management, auditing, etc. - I’ve not used it, but they were one of the vendors at MUM Birmingham a few weeks ago
Indeed, take a look at Unimus.
We do Mass Config Push, upgrades across the network, etc.
You can use this to push changes to firewalls across many routers, upgrade RouterOS or RouterBOOT, etc.
You will also get configuration change notifications (so anytime a config of any device changes, you get a graphical diff in email).
Am i wrong to think that “the dude” can be used to manage routers and other devices from a central location, or has it been abandoned?
The Dude is a monitoring solution (NMS) - not configuration management.
Let’s say you want to change a password on 100 'Tiks, or find all 'Tiks running with wireless at freq. 5800 across the network.
The Dude will not do that for you - that is the job of a Configuration Management (NCM) solution.
Ideally, you should have both an NMS and an NCM in your network.
I would like to ask you for a solution proposal for this model situation:
Current solution: PON optical network (5000 PON ONT - transparent bridge) + 5000 CPE (soho home wifi routers of various brands) no central CPE management
Required solution: 5000 CPE (routers of the same brand and type) with central management
Features:
- after user reset, automatic recovery from the ISP database
- bulk configuration and supervision
- bulk upgrade system
- Changes to the user configuration by sending a warning
- CPE offline reason (power off / unknown)