Community discussions

MikroTik App
 
brandonrossl
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 61
Joined: Wed Jun 08, 2011 10:09 pm

Home router setup steps

Wed Jun 08, 2011 10:34 pm

Hey all, I've been pouring through the documentation and can find steps to accomplish 1 thing but not a document that explains things well enough. I've reached the limit of many home routers (they lag and choke) and talked to a guy that does long wifi backhauls for our local baseball diamond (Go Flying Squirrels!) and he recommended Routerboard.

I have a 433AH with a R52nM intended to be used with 25/25 Fios and beaten to death with torrents, netflix, uploading large files as backup and eventually VPN use for me from work.

So far the steps I was able to put together are:
1 update RouterOS (currently on 4.11) UPDATED, now on 5.4
2 enable ether1 to be DHCP client to get IP and DNS from verizon fios i set dhcp client on ether1
3 give gateway ip 192.168.1.1 in ip address list (in which section should i do this?)
4 bridge ether2 ether3 and wifi (is this right?)
5 enable DHCP server to give out addresses on pool 192.168.1.1/24 to bridge?
6 enable NAT with masquerading on bridge?

So what else am I missing? I figure if I can get enough detail I can piece together a good post with every step so people like me can set this thing up for basic use and only post with decent questions.
 
Feklar
Forum Guru
Forum Guru
Posts: 1726
Joined: Tue Dec 01, 2009 11:46 pm

Re: Home router setup steps

Thu Jun 09, 2011 4:50 pm

What else are you looking to do?

You will likely want to configure the firewall to at least protect the router, there are several user submitted Wiki's on how to do this.
QoS is a nice feature, but it is a very complex one as well. It would not be very easy to cover it in a few posts. It's better to read the documentation on it, watch videos and presentations, and once you have a basic understanding to ask questions.

As for your other questions:
3.) Assign it to the router under ip-> address. Since you want to bridge ether2 and ether3 together, then assign the IP to the bridge.
5.) Make an ip->pool with your addresses you want handed out by DHCP. Make a DHCP server on the bridge and assign it the pool. Set up DHCP Server Network as well.
6.) Set up the appropriate Firewall NAT rules for the private subnet to the public internet.
 
tinka
Frequent Visitor
Frequent Visitor
Posts: 54
Joined: Wed Dec 02, 2009 5:48 pm

Re: Home router setup steps

Thu Jun 09, 2011 9:44 pm

i found the following

http://wiki.mikrotik.com/wiki/A_script_ ... ou_started

very usefull. If you go through the script you can also see what steps are needed.
 
User avatar
nsayer
Frequent Visitor
Frequent Visitor
Posts: 78
Joined: Thu Jun 02, 2011 5:32 pm
Location: Santa Clara, CA, US

Re: Home router setup steps

Fri Jun 10, 2011 2:29 am

I just went through this whole exercise for my own home LAN.

Things you might consider adding:

1. IPv6, including an IPv6 firewall. You can get a free tunnel from several places. I use tunnelbroker.net. If you have a dynamic IP on your WAN side, there's a script you can run on the wiki that will update the tunnel when your WAN IPv4 changes.

2. There's a script that will write static DNS entries in a fake top level DNS domain for the DHCP client IDs. So you can ping local hosts by name rather than having to remember their addresses.

3. L2TP VPN. What wasn't documented was what you had to configure in the firewall for it to work. I had to pass UDP ports 500, 1701, 4500 and protocol 50 (ipsec-esp) in the 'input' chain. Other than that, the advice in the wiki worked. Works beautifully with my Macs and iOS devices. If I had had this up a few weeks ago, I'd have been able to use Netflix instant watching while I was in Ottawa. :/

4. It was pointed out to me in a neighboring thread that the default firewall rules don't have anything in the 'forward' chain. Relying on NAT alone for security is probably not for the best. You'd probably do well to copy the input chain rules present by default to the forward chain. You'd certainly need to do this for IPv6, where there is no NAT to "protect" you.
 
brandonrossl
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 61
Joined: Wed Jun 08, 2011 10:09 pm

Re: Home router setup steps

Tue Jun 14, 2011 11:28 pm

Thanks for that script! Playing with it now, wish me luck!

I'll post back for any other hangups or findings that may help others.

Who is online

Users browsing this forum: No registered users and 42 guests