Hi
All
Iv got my RouterBOARD RB951u-2HnD setup and is running well But im looking to use pppoe connections in place of dhcp ip’s for alot more control over bandwinth etc.
This is a roughtly how iv got the RouterBOARD setup, if i have left anything out or you want to know more about a part of my setup please ask and id happily give you the info:
jun/03/2015 13:28:45 by RouterOS 6.18
software id =
/interface bridge
add admin-mac=4###########3 auto-mac=no l2mtu=1598 name=bridge-local
add admin-mac=4#########3 auto-mac=no l2mtu=1598 name=bridgeWiFi
/interface ethernet
set [ find default-name=ether1 ] comment=“Fibre Inbound” name=ether1-gateway
set [ find default-name=ether2 ] comment=“LAN Master port”
set [ find default-name=ether4 ] comment=“WiFi-Network Testing” name=
ether4-wifi-network
set [ find default-name=ether5 ] comment=“WiFi - Omni” name=
ether5-wifi-network
/ip neighbor discovery
set ether1-gateway comment=“Fibre Inbound” discover=no
set ether2 comment=“LAN Master port”
set ether4-wifi-network comment=“WiFi-Network Testing”
set ether5-wifi-network comment=“WiFi - Omni”
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
add authentication-types=wpa-psk,wpa2-psk eap-methods=“”
management-protection=allowed mode=dynamic-keys name=#########
supplicant-identity=“” wpa-pre-shared-key=###### wpa2-pre-shared-key=\
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n country=“united kingdom”
distance=indoors l2mtu=2290 mode=ap-bridge radio-name=
“#########” security-profile=######## ssid=
“##########” wireless-protocol=802.11
/ip pool
add name=LAN-Pool ranges=1#########.254
add name=WiFI-Pool ranges=1##########.254
/ip dhcp-server
add address-pool=LAN-Pool disabled=no interface=bridge-local lease-time=10m
name=default
add address-pool=WiFI-Pool disabled=no interface=bridgeWiFi lease-time=1d
name=WiFi-DHCP
/interface pppoe-client
add ac-name=“” add-default-route=yes allow=pap,chap,mschap1,mschap2
default-route-distance=1 dial-on-demand=no disabled=no interface=
ether1-gateway keepalive-timeout=60 max-mru=1480 max-mtu=1480 mrru=1600
name=pppoe-out1 password=######### profile=default service-name=“”
use-peer-dns=yes user=##########
/queue tree
add name=Parent parent=global queue=default
add max-limit=10M name=UPLOAD packet-mark=Customer_PKMARK_UP parent=Parent
queue=pcq-upload-default
add max-limit=40M name=DOWNLOAD packet-mark=Customer_PKMARK_DOWN parent=
Parent queue=pcq-download-default
/interface bridge port
add bridge=bridge-local interface=ether2
add bridge=bridge-local interface=wlan1
add bridge=bridgeWiFi interface=ether4-wifi-network
add bridge=bridgeWiFi interface=ether5-wifi-network
add bridge=bridge-local interface=ether3
/ip address
add address=1######/24 comment=“LAN Network” interface=bridge-local
network=1######.0
add address=1######/24 comment=“WiFi Network” interface=bridgeWiFi
network=1######0
/ip dhcp-client
add comment=“default configuration” dhcp-options=hostname,clientid disabled=
no interface=ether1-gateway
/ip dhcp-server lease
add address=1######3 client-id=1:#########7 mac-address=
6##########7 server=WiFi-DHCP
add address=1######4 client-id=1:##########3 mac-address=
A##########3 server=WiFi-DHCP
/ip dhcp-server network
add address=1######/24 comment=“WiFi Network” dns-server=1######.1
gateway=1######.1
add address=1######/24 comment=“default configuration” dns-server=
1######1 gateway=1######.1
/ip dns
set allow-remote-requests=yes cache-size=4096KiB servers=8.8.8.8
/ip dns static
add address=1######.1 name=router
add address=1######.1 name=LAN-GW.local
add address=1######.1 name=WiFi-GW.local
/ip firewall filter
add action=drop chain=input comment=“SSH Brute Force Protection”
connection-state=new dst-port=22 protocol=tcp src-address-list=
ssh_blacklist
add action=add-src-to-address-list address-list=ssh_blacklist
address-list-timeout=1w3d chain=input connection-state=new dst-port=22
protocol=tcp src-address-list=ssh_stage3
add action=add-src-to-address-list address-list=ssh_stage3
address-list-timeout=1m chain=input connection-state=new dst-port=22
protocol=tcp src-address-list=ssh_stage2
add action=add-src-to-address-list address-list=ssh_stage2
address-list-timeout=1m chain=input connection-state=new dst-port=22
protocol=tcp src-address-list=ssh_stage1
add action=add-src-to-address-list address-list=ssh_stage1
address-list-timeout=1m chain=input connection-state=new dst-port=22
protocol=tcp
add action=drop chain=input comment=“Winbox Brute Force Protection”
connection-state=new dst-port=8291 protocol=tcp src-address-list=
winbox_blacklist
add action=add-src-to-address-list address-list=winbox_blacklist
address-list-timeout=1w3d chain=input connection-state=new dst-port=8291
protocol=tcp src-address-list=winbox_stage3
add action=add-src-to-address-list address-list=winbox_stage3
address-list-timeout=1m chain=input connection-state=new dst-port=8291
protocol=tcp src-address-list=winbox_stage2
add action=add-src-to-address-list address-list=winbox_stage2
address-list-timeout=1m chain=input connection-state=new dst-port=8291
protocol=tcp src-address-list=winbox_stage1
add action=add-src-to-address-list address-list=winbox_stage1
address-list-timeout=1m chain=input connection-state=new dst-port=8291
protocol=tcp
add chain=input dst-port=22 protocol=tcp
add chain=input dst-port=8291 protocol=tcp
add action=passthrough chain=input comment=“External DNS request counters”
dst-address=83.####.90 dst-port=53 protocol=tcp
add action=passthrough chain=input dst-address=83.####.90 dst-port=53
protocol=udp
add chain=input comment=“Wifi DNS requests - Allow” dst-port=53 protocol=tcp
src-address=1######/24
add chain=input dst-port=53 protocol=udp src-address=1######/24
add chain=input comment=“LAN DNS request - Allow” dst-port=53 protocol=tcp
src-address=1######/24
add chain=input dst-port=53 protocol=udp src-address=1######/24
add action=drop chain=input comment=“General drop on input” connection-state=
new
/ip firewall mangle
add action=mark-connection chain=prerouting new-connection-mark=
Customer_CONMARK src-address=1######/24
add action=mark-packet chain=prerouting connection-mark=Customer_CONMARK
new-packet-mark=Customer_PKMARK_UP src-address=1######/24
add action=mark-packet chain=postrouting connection-mark=Customer_CONMARK
dst-address=1######/24 new-packet-mark=Customer_PKMARK_DOWN
/ip firewall nat
add action=masquerade chain=srcnat comment=“default configuration”
out-interface=ether1-gateway
add action=masquerade chain=srcnat comment=“LAN to Internet” out-interface=
pppoe-out1 src-address=1######/24
add action=masquerade chain=srcnat comment=“WiFi to Internet” out-interface=
pppoe-out1 src-address=1######/24
/ip route
add distance=1 gateway=pppoe-out1
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/ip upnp
set allow-disable-external-interface=no
/system clock
set time-zone-name=GMT
/system identity
set name=“##########”
/system ntp client
set enabled=yes primary-ntp=1##########7
/tool mac-server
set [ find default=yes ] disabled=yes
add interface=ether2
add interface=ether3
add interface=ether4-wifi-network
add interface=ether5-wifi-network
add interface=wlan1
add interface=bridge-local
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes
add interface=ether2
add interface=ether3
add interface=ether4-wifi-network
add interface=ether5-wifi-network
add interface=wlan1
add interface=bridge-local
Thanks for taking the time to read this, So i was wanting to know if i just need to setup the pppoe server with the RouterBOARD as it is or is there anything that would need changed on my settings?
This is the method i was thinking of using: http://wiki.mikrotik.com/wiki/Pppoe_server_with_profiles
Can i use this method on my current setup???
Sorry if this sounds strange, im prity new to setting this RouterBOARD up
Thanks in adavance for any help.