I’ve been given the job to look after the company’s network. It was put together by someone else who has now left or was a contractor. The company currently has fewer than 15 employees.
We have one RB750Gr2 as the main device that connects everything to the internet. We then have 3 hap ac lites for access points. For some reason the access points are set to WISP APs? Is this needed for a small company? That ISP has stated in a contract that the company needs to provide a hot spot.
A server is connected to the RB750Gr2 where a website is hosted and Resilio (p2p file sharing/syncing software) is used.
What i would like to know is how to set this all up from scratch? Is there a step by step guide/course/tutorials i can use? Should i look at CCNA?
So…
Security (How deep does that get?)
Firewall
How to setup access points
Giving internal IP addresses
Dealing with static services such as the website and Resilio
Is there a way to register a device as a trusted device and give it full access to the network, but guest/visitor devices only have internet access.
Anything else that i might not be aware of at all.
I’m actually an electronics engineer (degree level). I have an understanding of home networking but when i run WinBox, i realise that it can get significantly more complex, and i’m currently out of my depth.
Also…
Whilst having a play trying to restrict my work laptop and phone from accessing the network, i’ve managed to block them. They can connect to the network, but when i attempt to search for other devices or access the internet, nothing works. Unfortunately, i can’t remember what i’ve done. What might i have done? And is there an easy way to search for this using the MAC address for my devices?
And i’ve somehow locked myself out of the access points. When i attempt to connect to them via their MAC addresses in WinBox, i use the correct passwords, but it still tells me that i have the incorrect password. When i inputted the MAC address for one of the access points and put in the password for the RB750Gr2, it connects me to the RB750Gr2, and not the access point. What might i have done?
MTCNA would be a good starting point. Forum can help you to sort a specific problem and point you to wards the right direction. But learning from scratch by yourself would take sometime and your company would benefit from having the training at least to get you the basics.
Whilst having a play trying to restrict my work laptop and phone from accessing the network, i’ve managed to block them. They can connect to the network, but when i attempt to search for other devices or access the internet, nothing works. Unfortunately, i can’t remember what i’ve done. What might i have done? And is there an easy way to search for this using the MAC address for my devices?
few things you may have done:
blocked LAN to LAN traffic in bridge, filter, or IP - > Firewall → Filter
you might give them a smaller subnet on DHCP setting. for example, /32, instead of the /24
you may have blocked broadcast on them
solutions:
change your laptop manually to static IP.
check your firewall rules, Bridge filter rules, look for the ones with Action : Drop (disable all your firewall rules and check, then you know if it is the firewall rules. you can easyly enable them again)
The one thing to learn quickly is that mikrotik is an onion, as soon as you think you have understood something, there is another friggen layer.
If you do not have training, knowledge in packet flow and Networking principles, and are not a real nerd (cannot pronounce Linux - charlies brown’s friend ), then like me you will be up sheets creek without a paddle… for awhile.
Luckily the folks here are very patient, unless they get a fit of laziness and ask you to read the stuff you have already read and didnt understand the first time LOL.
Good luck.
The only advice I can give and dont follow is USE SAFE MODE!
Thank you all for your responses. I appreciate the help and advice.
Is MTCNA the best starting point? Or will a more generic course be more suitable?
It’s not that i want to rush my learning curve, i just want to feel comfortable in what i’m doing to the level where i have a vague idea about everything and feel comfortable in a little trial and error.
Thank you solar77. I will check them out. I’ve only just learnt how to export a backup(?)/the settings(?) into a plain text file. I shall also look for the assigned IP and MAC addresses of my devices in there.
Cheers for advice anav. I don’t have the understanding for commercial(?) level networking but fortunately i’m quite the geek/nerd. So let’s see what i can pick up
I tried to make a backup of an AP and copy the backup on to the computer i was running WinBox on. It was able to make the backup but when i attempted to copy it over, It came up with the error that it wasn’t able to do it because something is running (9). I’ve paraphrased the error message because i can’t quite remember the exact wording. What might have been the issue?
I have stated to the boss that i would feel a lot more comfortable to play with an offline version to get to grips with it before i alter the live version but he doesn’t want to purchase another unit.
One day i did accidently block every device from the network, including the computer i used to access the Mikrotik with WinBox. He wasn’t happy. lol, and i think his first line was, “How am i suppose to run my business now?!”. He still doesn’t want to get a device for me to play with offline. I only got myself out of that hole by plugging my computer in to the internet input port of the RB750Gr2.
Well get a hap AC2 if you want a router OS and wifi in one box for cheap.
The Stephen Discher book RouterOS by Example, is being reprinted as we speak so the second edition in the near future will also include the 6.42 information.
CHR is a RouterOS system for virtual machines. It is in all aspects identical to a physical device (except it can’t emulate wireless signals and other specific interface types).
What’s the difference between an Ethernet router and a RouterBoard/RouterOS?
It is the same thing. RouterOS is the name of the OS, RouterBOARD is the brand name of the product.
The rb941 is the cheapest full featured physical device that whoever can get to practice. Also other devices are available from second hand for fraction of their original price.
For someone who wish to start with networking a physical device is much more comfortable than virtual chr because it is autonomous and does not depend on the environment which moreover such user is not able to configure correctly anyway.
), then like me you will be up sheets creek without a paddle… for awhile.
