1

()Mikrotik
()Mikrotik Certified Network Associate MTCNA

.
: :
. ( )ISP .
5995 )router( 5991 )Router Board( 2002
)Mikrotik User Meeting MUM( 2006

.
)RouterOS( ( )Transparent packet filter
( )IEEE 802.11a,b,g
( )RouterBoard
.
( )RouterBoard .

:

( )RouterBoard :
( )CLI ( )Telnet, SSH )serial cable( ().
)WebFig( . )WinBox( ( )www.mikrotik.com :

: ( )IP )192.168.88.1/24(
( )ether1 )admin( .
.
()WinBox
( )winbox :

()
)MAC Address( )admin(
)Connect( :

( )system ( )password :

( )password :

( )
(.)change

(
) )System( )Resources( :

( )www.mikrotik.com ( )wiki.mikrotik.com
.
( )interfaces or ports
( )ether1, ether2, ether3, ether4 :
( )IP ( )Addresses :

( LAN
)and WAN ( )+ :

( )interface )ether1( )IP address(

)192.168.0.1/24( subnet (
)mask ( )class c )ok( :

.
( )manual
:

11

:
-5 (.)admin
-2 .
-3 (.)manual
( )winbox
:
-5 .
-2 (.)identity
-3 (.)safe mode
-4 (.)NTP
-5 .
-5


( )admin
:
( )System )users( :

)Admin( ( )full
( )+ :

11

( )user1 :
:)read( -5 (.)for monitoring only
:) write( -2 ()
.
:) full( -3
(.)Admin

: ( )groups ()+
.

)Allowed address( :

)ok( :

12

13

)Admin(
.
-2
( )winbox ( ...( :
)system( )identity( :

)MUSTAFA( )ok( :

14

( )Mustafa
.
-3 ( )safe mode
( )new terminal )ctrl + X(


.

15

)ctrl + X( :

16

-4 ( )SNTP client ( )system ( )SNTP client

( )enabled ( )unicast :

17

)system( ( )Clock
:

-5 )files( ( )backup
:

18

( )restore
()copy

( )paste .
.

19

:
-5 )RB 1000( ( )Ethernet

)winbox(
.
-2
( )winbox

.
-3 )RouterOS(

.
:
-5
-2
-3
-4
-5
-6

(.)winbox
(.)rebooting
.
()logging
(.)log
(.)reset configuration

( )winbox : :

21

( )safe mode :

21

()Remove

22

)system( ()reboot
)ok( :

23

( )command line
)new terminal( :

24

()
:

25

)System( )logging( :

( )rule ( )+ :

26

27

:
-5
-2
-3
-4

( )disk .
( )echo .
( )memory .
( ) remote ( )IP
(.)actions

)log( :

28

)system( ( )reset configuration :

29

( )keep user configurations

)Reset configuration( ( )backup
.

.

31

5






:

( )wireless access point )mikrotik router(
( )switch
:
-5 .
-2 .
( )wireless interfaces )192.168.100.1( )255.255.255.0( ( default
.)192.168.100.254( )gateway
( )Winbox ( )mac address
)192.168.100.254(
:

31

( )Winbox ( )IP ()MAC

( )IP :

)access point(
:

32

( )access point AP
( )Station ( )wireless
:

( )my net
( )wireless ( )scan ( my
)net ( )connect .

33

( )IP
()Wireless access points
)IP( ( )DHCP client
:
( )DHCP client ( )+ ( )IP
( )Access Point :

( )tools )tracert or ping( :

34

( )Domain Name System DNS
DNS
( )IP ( )DNS DNS )+(
( )primary DNS and secondary DNS ( allow remote
)requests :

DNS ()router IP
( ) DNS server
.

35

:
DNS
:

( )Masquerade
:

( )masquerade ( )with public access

( )private addresses
(:)IPV4
Class A
10.0.0.0 - 10.255.255.255
Class B
172.16.0.0 - 172.31.255.255
Class C
192.168.0.0-192.168.255.255
:

36

:
-5 .)AP(
-2 .
-3 .
-4 .
:
-5
-2 ( )DNS ()default gateway
( )upgrade :
-5 ( )www.mikrotik.com ( )downloads

( )ftp://192.168.200.254 .
-2 ( )winbox ( )files
:

37

-3 ( )system ( )packages :

38

)enable( )disable( ( )uninstall

:

39

( )6-5

.
( )system license :

41

( )www.mikrotik.com :

41

PPPOE Server


)hotspot(
)point to point protocol over Ethernet PPPOE(
:
(:)PPPOE
-5 (.)LAN and WAN IP address configuration
-2 (.)DNS Server
-3 (.)DHCP server
-4 (.)IP pool to be assigned automatically
-5 (.)PPPOE
-6 ( )profiles .
-1 .
-8 .
:

( )IP )addresses( ( )+ ( )LAN
( )WAN :

42

( )DNS ( )IP DNS (

)server ( )setting ( )+ )primary DNS=8.8.8.8(
( )secondary DNS=8.8.4.4 ( Allow remote
)requests :

)DHCP server(
)IP( ( )DHCP server ( )DHCP ( )DHCP setup :

43

:
-5 ) LAN port(
.
-2 ( )DHCP
.
-3 )LAN port( (.)DNS server
-4
( )DHCP )192.168.1.200( ( )192.168.1.254
.
54
.
-5 (.)DNS server

-6 )lease time(
( )DHCP
.
-1 .
4.
( )PPPOE server :
)IP( ( ) pool ( )+
( )PPPOE :

44

( )PPPOE ( )PPP ( )+
( )apply ( )ok :

( )PPPOE Server
( )+ ( )PPPOE-server
( )LAN port ( )ether2 )Maximum Transmission Unit MTU(

45

( )Maximum Receive Unit MRU

( )keep alive time out ( )one session per host
( )PAP ( )Password Authentication Protocol
)apply( ( )ok :

( )profiles
( )profiles ( )PPP )two default profiles(

( )profile512 )local address(
( )LAN ( )Remote address
( )PPPOE ) PPPOE-server(
( )DNS server ( )limits
( )512 KB( )tx/rx
:

46

( )secrets ( )+
( )name )test(
( )password ( )test
( )broadband . ( )service
( ) PPPOE
( )profile512 )apply( ( )ok :

47

( )PPPOE
)default route( ( network address translation
)NAT :
)IP( ( )Firewall ( )NAT ( )net firewall rule
)chain=srcnat , src.address=10.10.10.0/24( : ( )action
( )action=masquerade
( )Apply (.)ok

48

( )default route ( )IP

( )routes ( )static route )0.0.0.0(
( )gateway ( )WAN ( )apply ()ok
:

49

()PPPOE setting- client side
( )PPPOE
:

:
:

.

51

.
:
( )Wireless ( )Winbox
)Security profiles( ( )+
:

( )mode .
( ) Authentication types
.
( )group( )unicast ( )aes ccm ( )WPA
( )WPA2 .
: ()wan1 bridge

51

( )bridge ( )ports ( )wan1 ()remove

: ()Wan1( )DHCP client

( )IP ( )DHCP client )Wan1( )interface(

(.)ok
: ()NAT

.
: :)Station(

52

53

: ( )scan
( )scan
:

54

)ok( ( )Server
)clients( ( )Ethernet
)Access Point( .
( )broad band
( )user name ( )password
()test, test


( )RouterOS
( )VMware Workstation
:
( )www.mikrotik.com ( )downloads

( )www.filecrop.com :

55

( )VMware Workstation
:

)create new virtual machine( :

( )typical )next( :

56

57

)next( :

( )other ( )version ( )other )next( :

58

( )mikrotik
( )location )next( :

50
( )store virtual disk as a single file )next(
:

59

)finish( :

( )
( )LAN card ( )WAN card )network adapter(
:

)add( :

)next( :

61

61

)finish( :

)ok( )power on( :

62

( )CD :

( )Use ISO image file : )browse(

63

64

( )mikrotik )power(
( )reset :

( )a :

( )I )n( ( )y )enter(
:

65

)Setting(
:

66

( )host only .
( ) ( )winbox
:
http://www.mikrotik.com/download
:

67

( )connect ( )MAC address

( )1-5 :

(:)MikroTik hotspot

.

.
.


(.)2-LAN Card and 1-Wireless LAN card

68

( )LAN card
)ADSL modem(
( )DHCP server ( )DHCP client
:

( )DNS
( )DHCP server :

69

( )8.8.8.8
( )DNS :

( ) IP address ( DHCP
)server ( )subnet mask /8 or/16 or /24
:

71

( )interface :

( )wireless )AP_Bridge mode(

( )Wireless access point
. ( )Band )2GHZ-B/G(

71

( )labtops ( )Service Set Identifier SSID

)apply( )enable(
:

72

( )
)wlan( :)next(

)local IP address(

. ( )masquerade network )next(
:

( )IP address pool

:

73

( )SSL/HTTPS certificates
( )none :

74

()SMTP Server

)0.0.0.0( :

( )DNS
( )DHCP
:

75

( )DNS

() ( )www.yahoo.com

( )dot :

76

()user name
( )password
:

77

( )laptops or PC with WIFI card
.
)tunneling communication(




.



)Virtual Local Area Network VLAN(
( )Virtual Private Networks ()Routers
( ) switches
( )channels

78

( )Point to Point Protocol PPP
( )encryption
( )Authentication ( )compression
( )trunk lines
( )ISP
( )broadband connection :
-5 ( )Point to Point Protocol Over Ethernet PPPOE

( )ISP
( ) Digital Subscriber Line xDSL
) PPP(
( .)serial cables
( Static or
)DHCP addresses ( )data link layer
( )Switches (.)bridges

-2 ( :)Point to Point Tunnel Protocol PPTP

( )IP PPP
( )encapsulation ( .)IP ( )PPP
( )MPPE ( )Microsoft Point to Point Encryption

) PPTP(
.

79

-3 ( :)Layer 2 Tunnel Protocol L2TP

( )VPN ( )ISP


)Cisco Layer 2 Forwarding Protocol L2F( (.)PPTP

81

-4 ( :)Secure Socket Tunnel Protocol SSTP

( )Secure Socket Layer SSL 3.0
443 ( )TCP .
:

(.)TCP 443
( )SSL ( )server certificate
.
SSTP ( )HTTPS ( state
)machine ( .)
( )PPP and SSTP ( )IP binding (.)SSTP
SSTP .

(:)BCP
)Bridge Control Protocol(
( )MikroTik RouterOS PPP
PPP IP
( )Bridging and routing ( )winbox
.