RB750 with seperate WiFi AP

RouterOS General
1

Good Day fellow Forumites!

Over the last few weeks Ive been doing some extensive research on the Mikrotik forums, and after purchasing my very own RB750 Im afraid Ive hit a little bit of a snag. I hope you guys will be able to advise me and point me into the right direction. For everyone’s reference, I come from a finance background, so my networking knowledge is limited, BUT I am a fast learner, and hey, Ive made it this far!

My setup:
I am currently running a Dlink ADSL router connected to a TP-link outdoor WiFi AP.
I have about 25 different users connected to the AP via MAC address filtering, and so far so good. :smiley:

Why I Bought a RB750:
I bought a RB750 with the primary goal of setting it up between my Dlink ADSL router and the TP-link AP.
Because this is a shared internet connection I want to block p2p during certain times, and while I am at it I might as well let my RB750 take care of all of the routing.


Where I am currently:
After numerous hours of research Ive managed to step up the basics such as time, login details etc. Ive also managed to experiment a little with the Firewall filtering and some of the available scripts out there. Basically I am comfortable with the interface of Winbox and i “think” I know the very basics.

What I need to do next:
I would really appreciate some help as to what my next step should be. Im not quite sure If I need to assign specific IP addresses, or bridge, with DNS setting and basic firewall?

Step 1: Would be to successfully set up my RB750 between my Dlink router and TP-link AP and let it take care of the routing and traffic.
Step 2: Would be to remove the 25 users from the TP-link Mac address filtering protocol, and add it to the RB750. Im not sure If Mac Address filtering would be the most secure, I am open to suggestions.
Step 3: Would be to activate the p2p rules, with a schedule for it to run only during certain times. Im also pretty flexible in terms of this rule, I actually just want my 25 users to experience a smooth, uninterrupted internet experience. Maybe QoS will be more suitable?
Step 4 - Haven t really thought about anything else!

The help required (thats where you come in)
Because my knowledge is quite limited, I would REALLY appreciate some help and advice with specific details. For example: “for step one, look at this link, follow this rule and change this and that”
As I mentioned In my intro, I am a fast learner, and I am up for the challenge, but please try to break down things as much as possible.

All the help will be greatly appreciated :smiley:

Edit: Ive added an illustrative picture
Foxhill.jpg

2

I would try to put the dlink router in passthrough mode. That means you only use the ADSL modem of it and it isnt’t doing any routing at all. Once you have done that you can/need to configure the pppoe connection on the RB750.

If your TP-Link AP is really an AP and not a router everything is fine with the setup. You can configure mac filter at the AP but that’s not really a security feature. MACs can be changed. As you want to encrypt the wifi traffic anyway you should configure WPA2. If you have done that the access is already limited to the ppl who know the WPA2 password.

QoS can help but if someone fills the DSL line with his p2p traffic it might not help enough. So blocking p2p is not a bad idea. But there is always a way around. It’s impossible to detected all p2p traffic especially if encryption is used by the p2p client. As it’s also difficult to hide all p2p traffic i would tell the users that it’s prohibited and you disconnect them if you detect them violating the rule.