Getting Started: MikroTik basic setup

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hello everybody the network Berg here hope you've been doing well this video is going to be a very very very beginner friendly and basic video just to teach you how to set up a mikrotik router from the beginning and to get it to do things like do DHCP and connect to the land and also even connect to the internet so it's going to be pretty exciting we're going to be using even G which is something I've been using for a while now and it's really great emulation software in order to just set that up from the computer but I've got some friends here as well that we could potentially do some other interesting things on if we want some form of a physical lab but I'm going to just dive straight in using a emulated router so let's quickly get on that let's get in Eve and the first thing that I want to do is just get a note up and we're gonna connect a micro tech router here I'm not gonna use version 7 because this is like really cool stuff that's coming in the future but it's not up and running yet so I'm just going to use version 6 of 4 7 which i think is currently the latest version at the date of this video but it might update and I'll just choose a different icon for it just so that it looks unique on my - apology so there we have a little mikrotik router I'm just going to connect this to my virtual LAN on Ethernet one and then I'm just going to start up the device so this device is now booting up and it's going to act like any normal mikrotik router so that's why I would suggest maybe if you want to get into studying any it doesn't matter who the vendor is it could be cisco juniper howie anything get yourself an emulator just so that you can get that actual hands-on experience so I'm just going to jump onto this mikrotik router now it's the default login credentials I might have to type it back in and there we go so I've got a ranching mikrotik router on here so let's just quickly see is there any IP address yes I'm getting an IP address from DHCP that was assigned but I just quickly want to see if I can access this meeting so I'm going to jump on to win box which is the tool that we can use to access the mikrotik devices you can access it over MAC address or IP so I'll just use the MAC address for now and I'm going to connect so you can get this tool from WWE critique comm it's in the download section and it works pretty great it's it's a graphic user interface but if the router has an IP you can also SSH or town that into it and manage it that way so we can have a look at the interfaces i've only assigned for interfaces to this virtual router but we could have pushed that up to as many as we wanted to and there's also different physical router boards that have various different ports like you saw what I showed you earlier like the HAP Lite has three ports and then the 951 that I showed you has five ports so first thing we want to do is just assign an IP we've already got this over the DHCP but I want to assign my own IP address so to assign an IP you can just click on the plus and then let's just give it a 1 9 2 1 6 8 2 4 6 dot 20/24 because that is the subnet range that my virtual LAN runs on it is on ether one so I'm just going to apply that so now if I go into CMD I should be able to ping that address and I can so let's quickly open up another win mock session you see can i connect to that IP 191 6 8 2 4 6.20 yes I can awesome so we've given the router a basic IP address let's just head back to that topology and then you'll see their Ethernet one it's got those IP addresses the one from the HCP and then the 20 that I assigned so my virtual land can actually get to this now so what I would like to do now is maybe a sign a DHCP server on the mikrotik myself and like I said this is gonna be very basic just to get everybody going but let's jump back on the mikrotik and let's go into our IP and there's a DHCP you get DHCP client and you get the HTTP server so client is what the router used when I booted it up the first time to get its own IP address so if I go there you'll see there's ether one has been said to obtain a DHCP address but if I go to the DHCP server I can actually configure this mikrotik to hand out its own IPs so I'm going to do this now but just maybe going into my IP addresses and let's just assign a new subnet a new IP address range so let's imagine this would be our land our computers that will connect to the router so I'm going to use something like one seven two got sixteen dot zero dot one slash 24 for my lab and I'll just put that on ether two so that's been assigned to ether two now and if I go into my DHCP there's two ways to do this the easy one is to just run the wizard it's real simple real quick so you just hit this DHCP setup and ask you which interface will be the DHCP server port so I want that on ether - I can go next - what is the address space so that looks correct to me it will be addresses in that range what's the gateway 0.1 that's right and here you can also specify which addresses you want to give out so think about if you wanted to exclude some addresses maybe like a printer or a server or some other device you could do that here so these are just the IP addresses that we are going to sign out and I think my critic actually assigns the IP addresses out in Reverse so - 5 4 will be the first IP somebody gets but I might I might be wrong we'll see DNS server so that you could even make Google but I'll leave it as that be that is the DNA server that my router is getting in each time we can leave it as that and there we go DHCP is being configured so we can quickly taste this just by adding another router I'll just make another mikrotik and that's fine going to save that and then this mikrotik I'm just going to connect up to ether two and then I'm going to start this up so while we wait for that to start up I actually won't even take that long let's just see if we can access it that's what I like about the virtual equipment it's real quick but mikrotik devices typically don't take long to start either admin blank and then I just want to see do I have an IP address I might have to put the DHCP client on the second router will see no IP address print now it's getting an IP address and there we go I am correct so two five four it gave us that first IP address and this is the new range so I'm just going to use this mikrotik behind as a land example but let's say I wanted to go to the Internet if I was on this mikrotik router and I tried to ping a terator a today it would fail which which isn't nice so if I was a home user at this this might be a problem for me and I already know this other router doesn't have a route don't worry too much about any of the routing aspects I just want you to understand that this should be its gateway so this my critics gateway is the other mikrotik so I just want to check do I have a route yes so I know how to get to the Internet but our issue is my virtual network and also the internet doesn't know about my 172 dot 16 address space so it's failing so to get that to work we actually need to implement that network address translation and that is very easy to set up as well so let's just jump back into the actual router not the client not the person that wants Internet and let's just go into our IP firewall and then we can just go to NAT hit the plus we can go in and we can change this various different options here and I'm gonna teach you about all of this stuff this is just to get you a basic router up and running so it gets Internet connectivity and some of the do's and don'ts when you do bring up a router for the first time so what we're going to do is we're gonna set up a source NAT and what we're gonna say is anything going out of Ethernet 1 which is the LAN or to the Internet we're going to say we want to mask curate that and we're going to apply so what a masquerade rule does is whenever let me just go back to that topology so what the masquerade rule is going to do is this one seven 2.16 IP it's gonna try and get to the Internet when it gets to this router the router will then masquerade the IP address that one seven 2.16 dot 0.254 IP behind the IP address of its Ethernet one address or interface so if I go back into this router and I try and ping eight or eight or eight or eight now we should have a success so we do have success we can get to Google's DNS server and the reason is because that traffic is now being that's it great so that's some a very basic form just to get us internet connectivity let's jump back into this boy so there's a few extra things that I just want you to take note of when you do bring up on the router for the first time because you you've done it you've got internet on this device now so this is fantastic but there are some things that I believe is based effort whenever you do bring a new up especially if it's for your house or maybe for a business and that would be to change a few details so if you go into your IP addresses and you go to your services these things it might seem confusing but the things you don't need you can disable like this API and FTP and this www just go ahead and disable that that's what I tend to do whenever I bring up a new router other things that I would suggest is you could also change these ports just something that's not standard so SSH I make this might make this something like 2204 or 22 or 2 or 2201 so let's maybe do that so let's just keep the port as is what make it 20 something 23:01 and the one box port that I'm going to leave default because I can't change that from the wind box application and the other thing that I want you to also do is as you see there's an available from so if you double click back in you can actually click on there and when available from means is it means you can only access these management ports from a specific IP so I might only want to be able to access this from my virtual LAN range as well as you can hit on this arrow to the bottom to create a new row and maybe also from the land range so I'm going to apply that and I'm going to do the same for the telnet and wind box actually let's just make the town that only come in from the web and let's make one box also come in from both address spaces and we're going to taste this now as well just so that you can see what happens let me just redo that apologies to 46.0 slash 24 1 7 to 1600 slash 24 alright so now I've set up from addresses so what this means is if I let's say open up a party session and I go to one ninety two dot one sixty eight dot two for 6.20 that's the IP address I gave the router if I want to connect on the town net port now and I just hit open it's actually not gonna work but if I turn it in now from one nine two and six eight two four six or twenty if I use that port 23:01 and I hit open now it works and because it's an available from address so only my virtual LAN can access it if I try and do that from this other router that I've got connected here which only has at one seven 2.16 IP if I try and turn it to this router now from this device you see the connection is refused so this will just save you some time to protect against unwanted issues you don't want your device compromised so please make sure you update those ports another thing that I think is pretty big is your users so if we go into our system and we go into our users make sure your admin account you have two options you can leave the admin account it's fine you can you can keep an admin account but make sure you also try and add and allow to dress for this so that people can't just use the address wherever they are and then the other spectrum there is a password so make sure that your admin account password isn't something basic you saw when we started this up the first time it was admin and blank if that's your default credentials people will get into your equipment super quickly and that that sucks so let's change this password to something else so let's make it maybe like mikrotik at one two three make root meet critique with a capital m at 23 Wow and there's are too many characters let's type something there we go so we can apply that so now if I want to access this device I need the proper credentials so let's do that and I'll try and SSH and now 191 6 8 2 4 6 2 20 and a connection refused that's fine it's probably a type I made somewhere let's just reconnect so if I try and open up this terminal it'll also prompt me for my credentials there we go so now you need to authenticate also you can't connect and change some things here something else very basic but it'll save you time as well that would be just your identity so when you go into system identity it's nice to just give all your routers different names so just so that you're aware of what you're working on if all of them is just called mikrotik it's gonna confuse the heck out of you especially if you start working with hundreds or even thousands of the devices so I might call this the need the network verb home I'll apply that and that will now be the new name of the router one more thing that I quickly want to do is just jump on here and that's going to make critic now this will take us to the mikrotik site and here we can go to the software so as I was saying here you can download win Docs there's also a nice bandwidth test application you can download now but I'm not going to get into that for the basic setup now what we could do is we could actually upgrade our mikrotik to a new version I would always recommend going for the stable version so you can find your device here so depending on what model you're running you can find the correct software image to install on to it so I'm just using the cloud hosted router right now it's a trial version and six four seven one okay so that is the current version I'm using as well so I'm not going to change too much but what you could do is you could download this image so let's just see is it the road disk image so let's just download this quickly I just want to see what is downloaded that looks correct so once we've done it I just want to show you how to quickly upgrade your firmware because this will also save you so much time and it's very important if you don't upgrade your firmware it will leave you exposed and then hackers can potentially also come in so this is just my downloads folder so I'm just going to go into this EHR and there is my CHR and so that's the software image so I'm just going to quickly wait maybe I'm one version behind that's for you I am I am so we can actually upgrade this so what you could do is go into your file system you're going to files and then you can just copy this file this firmware image or the software image into your file directory and once it's uploaded you could just restart your mikrotik router and that would upgrade you to the newer version which is so cool so let's do that let's do a system reboot oh no I need to login again because this is that the other screen we had the first time I'm a chrome tick and 1 2 3 system reboot and that's also nice you see where we failed login attempts the mikrotik will tell you about that when you try and log in the first time alright so the device is busy restarting I'm just gonna fill in this posture so long I'm in crowed tic at 1 2 3 once it's ready you should see it come back up in this neighbors list so I'll just quickly try and refresh that there we go back up let's connect and it's the same version but anyways so this is how you would go about just updating your router OS version you just copy the file into the file directory and just reboot alternatively what you could do is you could also go to system and I believe it's packages yes and then from the packages you can just click here check for updates actually it didn't that is right and this should work so let's do it through here because I think because this is the CHR the file upload doesn't work for what I'm doing so let's just do it this way so let's do it download and install could not save packages probably because I have don't have enough space so let's just delete this old one let's try again there we go so it's busy downloading the new package it's going to install it now files as well but typically with the physical devices if you just drag it in to the file system and reboot done and thus that the CHR seems a little bit different but that's fine totally fine I mean this is how I've learned something so let's just wait for the device to come back up and confirm that it's actually updated there we go yes and it is the new version now great all right so we've got the new version installed a 6-4 7.1 awesome so everything's updated anything you see that's grayed out like this is disabled but you could enable that just by right-clicking or installing there's the enable button and there we go so now you've got a router that's doing nothing that's handing out DHCP you've got internet access I've shown you a few basic tips regarding just a bit of the security of the device and how to just upgrade the firmware or the software image on the device I hope this has been informative I'd like to thank you for watching if you've learned anything new please feel free to subscribe to the channel and like and share this video thanks bye
Info
Channel: The Network Berg
Views: 16,078
Rating: undefined out of 5
Keywords: #Router, #MikroTik, #MTCNA, #Internet, #LAN, #DHCP, #Software Upgrade, #Security, #NAT
Id: OXZAXPZce4U
Channel Id: undefined
Length: 22min 9sec (1329 seconds)
Published: Sat Jul 11 2020
Related Videos
Getting Started: MikroTik Bridge Configuration
The Network Berg
12K
TOP 10 RouterOS Configuration Mistakes
MikroTik
119K
MikroTips: managing many access points with CAPsMAN
MikroTik
25K
MikroTik Tutorial 1 - Getting Started Basic Configuration
TKSJa
881K
This is Why I Hate MikroTik
MikroTik
44K
MikroTik Router/Access Point Basic Setup
ISP Supplies
688K
MikroTik - 7 Things you need to know!
The Network Berg
36K
Why I use Mikrotik routers | hAP ac - Wifi Router with SPF
IT Solutions Network
1.8K
(2) Initial Setup of a MikroTik Router
Category5 Technology TV
70K
Mikrotik VLANs - CRS3XX Step by Step - Mikrotik Tutorial
The Network Trip
25K
đź“—MikroTik MTCNA - Monitoring (Interface/Traffic Monitor, Graphing, SNMP, Profiler)
The Network Berg
1.2K
Getting Started: MikroTik Firewall
The Network Berg
24K
đź“—MikroTik MTCNA - Route Configuration
The Network Berg
982
đź“—MikroTik MTCNA - Initial Manual Configuration
The Network Berg
895
MikroTik Unboxing and Setup
Crosstalk Solutions
188K
Myanmar: Hotel WiFi solutions with MikroTIK
MikroTik
8.5K
đź“—MikroTik MTCNA - PPTP Configuration
The Network Berg
573
Talking about MikroTik Certifications & Building more BGP labs (The Network Berg Stream Ep.07)
The Network Berg
1K
Mikrotik : VLAN configuration | NETVN
NETVN
122K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.