3.1 VLAN Example 1 (Trunk and Access Ports).Oh also enable proxy arp on ur lan bridge interface if u want the clients to be able to connect to ur lan. Find the largest size u can ping through at and go to ur vpn servrr config and put that in the mtu configuration section. Start at lik 1472 and work ur way down by like 10-20 each time till it works then go up till it doesnt. pSec_setupĭo that then once all that is set up connect a client to the tunnel server and do a ping -l (packet size) -f from a cmd at eithet and and ping the other end. From there sort our ur firwall by adding rules to accept input from ur lan and from the tunnel ports as well as to the ip could servers that the ips can be found at īasic firewall rules and security can be found here. From there set up a sstp or l2tp-ipsec server so that you can make clients connect to the dns name ip cloud gave you. I would assume you have a dynamic wan ip so i would enable ddns under ip cloud then if the router is not the one with the public address run ip cloud advanced use-local-address that will make ur routers ip be linked to the dns name that is publicly routable. You can repeat these steps multiple times if you have several Booster devices inside your hidden network, by simply changing the destination port each time 8293, 8294, etc. Always make sure that you have the latest version downloaded from the Mikrotik web site. NOTE: Older versions of the Winbox loader do not support this port specification. Now, if everything is set up right, you can now connect to the remote device using winbox by specifying the IP address of the Gateway, and specifying the port defined in 3 of STEP 4 above, using this notation:įor example, if you connect to the Gateway device on adress 192.168.1.1, then you will connect to the Booster using 192.168.1.1:8291 STEP 5: Connect to the Booster in Winbox. the address you are connecting to with the current winbox session)ĭst. Select the NAT tab, then click the red '+' icon near the top leftĭst. Now click IP in the menu, and choose Firewall STEP 4: Create a destination NAT rule to map incoming port 8292 to the Booster on port 8291. In the New Hotspot Binding dialog, set the Type to Bypassed, then click OK When the host entry details panel opens, click the button labelled Make Binding If it is not there, go back to point 12 in STEP 1 above Select the Hosts, then double click on the entry containing the Booster device. Still in the Gateway Winbox session, click on IP and then select Hotspot STEP 3: Add a bypass rule in the Gateway hotspot for the Booster device. Select the Leases tab, and then click on the entry containing the IP address observed in point 11 of STEP 1 above STEP 2: Make the Booster DHCP lease permanent in the Gateway DHCP Server.īack on the Winbox session to the Gateway, click on the IP menu item, then select DHCP Server Note that ping time-out is expected, but pinging the gateway will cause the Booster host to be added to the device list under the Gateway hotspot service. If you are not sure what is the name of the right interface, execute:Īnd look for the value of the wds-default-bridge setting.Īnd make a note of the IP address assignedĬhange (of course) the to the actual address of your gateway device. Note that you will need to change the interface to suit your configuration. ip dhcp-client add add-default-route=yes comment="" default-route-distance=0 disabled=no interface= use-peer-dns=yes use-peer-ntp=yes If your Booster device doesn't show up in the list, you can type it in manually, then click ConnectĮnter the username and password for the Booster, then execute the following command: We can use the mac-telnet tool from the Gateway device to add the dhcp client on the Booster:Ĭlick on the Telnet menu item, and select the MAC Telnet option, and notice that the IP address field now changes to a drop-down select field This can be done easily using winbox, but you can't access with winbox, right? Not a problem. STEP 1: Add an DHCP client address to the Booster device on the hotspot cell. The following steps will assume that the Booster is a simple WDS slave with no IP address assigned to any iterface. To acheive this task, we will map connections to the Gateway device on port 8292 to the winbox port (8291) on the Booster. How to connect to the Booster with Winbox too? We can connect to the Gateway using winbox by connecting to the public IP address. Mikrotik Router as a hotspot gateway running on the wireless network (the Gateway).Ī second device is connected by WDS to the gateway used as a network range extender (the Booster). icles_id=6Īccess "hidden" mikrotik device by Winbox by Mike Everest I posted the link below and I can now successfully access all my Mikrotik devices on my home network through the internet.īelow is what I used as a guideline, its from this link.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |