RSC files are just a text format of the config.
They are easy to read.
Also one can actually add them to ones config by entering them at the terminal window on winbox so quick!
What you need to do is three fold.
a. provide a network diagram - provides context to internet and devices on LAN and what vlans you want over what ports to what devices etc....
b. user requirements
- identify all users/device, or groups of users/device including admin as a special user
- identify all the traffic flows they need.
c. provide configs of all MT devices.
/export file=anynameyouwish ( minus router serial number, any public WANIP information etc. )
Sorry that it took me so long to reply. Still working on part of that request:
- I'm making the diagram now. But I suck at making them, so it's gonna take a while
- I'll have to provide that that outside of this list. *
- Device summaries listed below. ** RSC files attached for your review. Please let me know if I need to remove anything (first time using that command)
** The RBD25G-5HPacQD2HPnD currently acts as my router. The only reason it does is because I can't run an Ethernet cable down to my family's ISP router. So I had to resort to double-NAT over WiFi. If I could do it now, this thing would go first - in a heartbeat.
-
https://mikrotik.com/product/audience
The RB4011iGS+ is part of my current bridge, and provides ten extra RJ45 ports. It's been overshadowed by another appliance, but the presence of more RJ45 ports isn't a curse by any means. It'd probably still go, but only because of sits right underneath it...
-
https://mikrotik.com/product/rb4011igs_rm
The CRS326-24G-2S+RM smart switch could very easily remove the need for the RB4011iGS+ that sits above it. The only reason I haven't acted on it is because it hasn't hurt me to keep around 10 extra RJ45 ports. Also part of the current bridge.
-
https://mikrotik.com/product/CRS326-24G-2SplusRM
The CCR2004-1G-12S+2XS is part of the bridge. While laptops and other client devices may have a port on the RB4011iGS+ or CRS326-24G-2S+RM, servers and heavier appliances are to connect to this thing.
-
https://mikrotik.com/product/ccr2004_1g_12s_2xs
I'm looking into getting a RB4011iGS+5HacQ2HnD-IN, to replace the RBD25G-5HPacQD2HPnD and RB4011iGS+. My config may end up changing if it comes through.
* The current setup is for seven ESXi VMs that provide services to a small group of end users (less than 50), over VPN tunnel. The hypervisor tends to stay online for ~15 hours/day. Current services include (but aren't limited to):
- e-mail
- VoIP/PBX
- favourites/bookmarks sync
- cloud storage (Nextcloud)
- office/collaboration (OnlyOffice)
- maps navigation/routing (OSRM)
- multimedia streaming (PleX, Nextcloud)
In addition to this, there are backend vSphere services that need to be on their own network - vMotion, vSAN, Provisioning, Replication.
Most end user devices are expected to be smartphones/tablets, laptops, or desktop computers. They are expected to connect via SoftEther VPN client or their OS's built-in VPN client. There are currently two types of users:
- regular users (just use services)
- admins (administrate and configure backend)
Regular users only need access to services listed above. Admins have access to those, and then tools such as:
- vCenter/ESXi web UI
- LibreNMS
- Wazuh
- Cronicle
I'm not sure if I've answered everything for the 2nd bullet point. Please let me know if more info is needed.
EDIT: Removed attachments, due to potentially sensitive info. May replace in the future...