I am a GUI guy. What is not thoroughly explained in the visible Interface, I will most likely never bother to use, or find out how to use. Call it the Microsoft effect or whatever. Sorry, but true. So far.
After looking around a bit I decided upon some (IMO) heavy stuff to control my home network. I also need to learn so I figure that while I learn setting up my net, I will have use for at work. A common and simple approach that has served me well so far.
So I got this router and downloaded Winbox. Then I downloaded the manual. And started Winbox. Hmmm..."where can I do this"..."where do I do that"..."must be a simpler explanation"..."manual only refers to commands??!!"...HOKAY. I am in waaaay over my head.
Eventually I will figure it out, but I find so many features and functions that I do not know anything about (and I seriously mean ZERO knowledge) that I do not even dare touch the stuff. I am happy the internet is working. Maybe I should rephrase "happy" with "lucky"...
As you can see I have two options:
- reinsert my D-Link Router (which basically sucks but I can do some stuff in it knowing what I am doing)
- start a flak fire of questions here and require explanations that imply [Click there, fill in that value there and hit that button]
I am giving the latter a chance. Sorry Mikrotik. Do not mean to bother you with my incompetence, but your manual and interface approach asks for it.
Change the default gateway and IP range of my network
Why? Cause I want to.
The default gateway is 192.168.88.1. The distributed IP's range is a mystery. I do not understand why it says 192.168.88.1/24. What does the /24 stand for?
So how do I change the default to 192.168.99.100 with a range up to 192.168.99.110? Under DHCP Server? So what is IP ARP? Should I set my default values there instead? What does broadcast mean in that context?
Port forwarding to DDNS and firewall ruling.
This should be pretty simple. After all I have done it many times. On the D-Link. But when I look it up, again, 90% stuff I do not understand or even know whether I should use it or not. I read the Firewall and QoS chapters several times but I cant figure it out. Service ports? Well, yes I grasp the basic concept, but does it mean that if I list one port there it would be open for the entire network? And why so many options...?
That above is pretty clear and I managed to find the correct settings in the Firewall to actually believe it was correctly set up, but what if I want to specify that all connections from a certain local IP via the port 4455 are to be trusted regardless of protocol?Quick Setup Guide
To add a firewall rule which drops all TCP packets that are destined to port 135 and going through the router, use the following command:
/ip firewall filter add chain=forward dst-port=135 protocol=tcp action=drop
To deny acces to the router via Telnet (protocol TCP, port 23), type the following command:
/ip firewall filter add chain=input protocol=tcp dst-port=23 action=drop
To only allow not more than 5 simultaneous connections from each of the clients, do the following:
/ip firewall filter add chain=forward protocol=tcp tcp-flags=syn connection-limit=6,32 action=drop
The DDNS has its own little application, it seems. But I can not find it. The tool dns-update command works, but I fail to see if it stores any information to be used by the router anywhere.
sigh...I rest for now. So who votes for my D-Link?