i had a problem with my router..so i change it to mikrotik…
but i had some problem.. i cant find a way to set up this mikrotik( im totally new with this)
im only had a router config..
interface GigabitEthernet0/0
ip address yyy.yyy.yyy.yyy yyy.yyy.yyy.yyy
ip verify unicast source reachable-via rx allow-default 100
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
no cdp enable
no mop enabled
!
interface GigabitEthernet0/1
ip address xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
ip access-group inside_inbound in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
no mop enabled
!
router ospf 1
log-adjacency-changes
redistribute static subnets
default-information originate always
!
ip route xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx y.y.y.y
!
!
no ip http server
no ip http secure-server
!
ip access-list extended inside_inbound
permit icmp any any
permit ip any y.y.y.y xxx.xxx.xxx.xxx
permit ip y.y.y.y xxx.xxx.xxx.xxx any
!
logging trap debugging
logging facility local2
access-list 100 permit udp any any eq bootpc
snmp-server community aaa-ro RO 10
snmp-server community aaa-rw RW 10
no cdp run
anyone can help me to implement this to mikrotik…??
/interface ethernet
set ether1 arp=enabled auto-negotiation=yes
set ether2 arp=enabled auto-negotiation=yes
/ip address
add interface=ether1 address=yyy.yyy.yyy.yyy/CIDR
add interface=ether2 address=xxx.xxx.xxx.xxx/CIDR
/ip firewall filter
add action=accept chain=inside-inbound protocol=icmp
add action=accept chain=inside-inbound dst-address=y.y.y.y/CIDR
add action=accept chain=inside-inbound src-address=y.y.y.y/CIDR
add chain=forward action=accept connection-state=established
add chain=forward action=accept connection-state=related
add chain=forward action=drop connection-state=invalid
add chain=forward action=jump jump-target=inside-inbound in-interface=ether2
/ip firewall nat
add chain=srcnat action=masquerade out-interface=ether1
/ip route
add dst-address=xxx.xxx.xxx.xxx/CIDR gateway=y.y.y.y
/routing ospf instance
set default redistribute-static=as-type-2 distribute-default=always-as-type-2
/ip service
disable www,www-ssl
# Missing access-list 10 in your config. Fill in the proper IP below.
/snmp community
add address=<CIDR block> name=aaa-ro read-access=yes write-access=no
add address=<CIDR block> name=aaa-rw read-access=no write-access=yes
# Disable 'CDP' entirely
/ip neighbor discovery
set [find] discover=no
That’s most of it. A few things are missing such as access-list 10 and which interfaces you want to run OSPF on. In this config, OSPF will not function on your router. Assuming you only want to run it inside then you’ll have to do:
/routing ospf interface
add interface=ether2
You’ll need to specify authentication and authentication-key parameters if you use password security in your OSPF network.