Tuesday, December 13, 2016

Connect Multiple Offices With Eoip Tunnel

2 comments
Office Side I Have RB3011UiAS-RM 


Configuration
/interface ethernet
set [find default-name=ether1 ] name=ether1 comment=WAN-Network
set [find default-name=ether2 ] name=ether2
set [find default-name=ether3 ] name=ether3
set [find default-name=ether4 ] name=ether4
set [find default-name=ether5 ] name=ether5
set [find default-name=ether6 ] name=ether6
set [find default-name=ether7 ] name=ether7
set [find default-name=ether8 ] name=ether8
set [find default-name=ether9 ] name=ether9
set [find default-name=ether10 ] name=ether10
/interface eoip add name="2nd Branch" remote-address=###2nd Branch WAN-IP
/interface eoip add name="3nd Branch" remote-address=###3rd Branch WAN-IP
/interface eoip add name="4nd Branch" remote-address=###4th Branch WAN-IP
/interface bridge
add name=DHCP
/interface bridge port
add bridge=DHCP interface=ether2
add bridge=DHCP interface=ether3
add bridge=DHCP interface=ether4
add bridge=DHCP interface=ether5
add bridge=DHCP interface=ether6
add bridge=DHCP interface=ether7
add bridge=DHCP interface=ether8
add bridge=DHCP interface=ether9
add bridge=DHCP interface=ether10
add bridge=DHCP interface="2nd Branch"
add bridge=DHCP interface="3rd Branch"
add bridge=DHCP interface="4th Branch"
/ip address
add address=###your WAN-IP interface=ether1
add address=192.168.10.1/23 interface=DHCP network=192.168.10.0
/ip dns
set servers=8.8.8.8,8.8.4.4
/ip pool
add name=dhcp_pool1 ranges=192.168.10.2-192.168.11.254
/ip dhcp-server
add address-pool=dhcp_pool1 disabled=no interface=DHCP name=dhcp2 lease-time=1h relay=\
    192.168.10.1
/ip dhcp-server network
add address=192.168.10.0/23 dns-server=8.8.8.8,8.8.4.4 gateway=192.168.10.1
/ip firewall nat
add action=masquerade chain=srcnat comment="Masquerade DHCP Network" \
    src-address=192.168.10.0/23
/ip route
add distance=1 gateway=###your gateway
/system identity
set name=Main-Branch

Other Branches Configuration......
we use hexlite

2nd Branch
/interface ethernet
set [find default-name=ether1 ] name=ether1 comment=WAN-Network
set [find default-name=ether2 ] name=ether2
set [find default-name=ether3 ] name=ether3
set [find default-name=ether4 ] name=ether4
set [find default-name=ether5 ] name=ether5
/interface eoip add name="eoip-tunnel1" remote-address=(###Main Branch WAN-IP) tunnel-id=20
/interface bridge
add name=Local-Network
/interface bridge port
add bridge=Local-Network interface=ether2
add bridge=Local-Network interface=ether3
add bridge=Local-Network interface=ether4
add bridge=Local-Network interface=ether5
add bridge=Local-Network interface=eoip-tunnel1
/ip address
add address=(###your WAN-IP) interface=ether1
/ip route
add distance=1 gateway=(###your gateway)
/system identity
set name=2nd-Branch 

3rd Branch
/interface ethernet
set [find default-name=ether1 ] name=ether1 comment=WAN-Network
set [find default-name=ether2 ] name=ether2
set [find default-name=ether3 ] name=ether3
set [find default-name=ether4 ] name=ether4
set [find default-name=ether5 ] name=ether5
/interface eoip add name="eoip-tunnel1" remote-address=(###Main Branch WAN-IP) tunnel-id=30
/interface bridge
add name=Local-Network
/interface bridge port
add bridge=Local-Network interface=ether2
add bridge=Local-Network interface=ether3
add bridge=Local-Network interface=ether4
add bridge=Local-Network interface=ether5
add bridge=Local-Network interface=eoip-tunnel1
/ip address
add address=(###your WAN-IP) interface=ether1
/ip route
add distance=1 gateway=(###your gateway)
/system identity
set name=3rd-Branch

4th Branch
/interface ethernet
set [find default-name=ether1 ] name=ether1 comment=WAN-Network
set [find default-name=ether2 ] name=ether2
set [find default-name=ether3 ] name=ether3
set [find default-name=ether4 ] name=ether4
set [find default-name=ether5 ] name=ether5
/interface eoip add name="eoip-tunnel1" remote-address=(###Main Branch WAN-IP) tunnel-id=40
/interface bridge
add name=Local-Network
/interface bridge port
add bridge=Local-Network interface=ether2
add bridge=Local-Network interface=ether3
add bridge=Local-Network interface=ether4
add bridge=Local-Network interface=ether5
add bridge=Local-Network interface=eoip-tunnel1
/ip address
add address=(###your WAN-IP) interface=ether1
/ip route
add distance=1 gateway=(###your gateway)
/system identity
set name=4th-Branch

Sunday, December 11, 2016

L2TP Tunnel (Remotely Connect To Work Computer From Home)

1 comments

L2TP is a secure tunnel protocol for transporting IP traffic using PPP. L2TP encapsulates PPP in virtual lines that run over IP, Frame Relay and other protocols (that are not currently supported by MikroTik RouterOS). L2TP incorporates PPP and MPPE (Microsoft Point to Point Encryption) to make encrypted links. The purpose of this protocol is to allow the Layer 2 and PPP endpoints to reside on different devices interconnected by a packet-switched network. With L2TP, a user has a Layer 2 connection to an access concentrator - LAC (e.g., modem bank, ADSL DSLAM, etc.), and the concentrator then tunnels individual PPP frames to the Network Access Server - NAS. This allows the actual processing of PPP packets to be separated from the termination of the Layer 2 circuit. From the user's perspective, there is no functional difference between having the L2 circuit terminate in a NAS directly or using L2TP. for more details

/ip pool
add name=L2TP ranges=172.16.100.1-172.16.100.254
/ppp profile
add dns-server=10.10.0.1,8.8.8.8 local-address=10.10.0.1 name=L2TP-VPN \
    remote-address=L2TP
/interface l2tp-server server
set default-profile=L2TP-VPN enabled=yes ipsec-secret=itlearnweb use-ipsec=yes
/ppp secret
add name=test password=test profile=L2TP-VPN service=l2tp
/ip firewall nat
add action=masquerade chain=srcnat comment="L2TP-VPN Masquerade" src-address=\
    172.16.100.1-172.16.100.254

Sunday, November 27, 2016

Mikrotik Interface Bonding 2 Ethernets

4 comments
Bonding is a technology that allows aggregation of multiple ethernet-like interfaces into a single virtual link, thus getting higher data rates and providing failover.
  
###Router-1
/interface bonding
add name=bonding1 slaves=ether9,ether10
/ip address
add address=172.16.1.1/24 interface=bonding1 network=172.16.1.0

###Router-2
/interface bonding
add name=bonding1 slaves=ether9,ether10
/ip address
add address=172.16.1.2/24 interface=bonding1 network=172.16.1.0


Sunday, October 30, 2016

Loop Protect (loop-protect feature for ethernet,vlan,eoip,eoipv6 interfaces)

1 comments

Loop protect feature can prevent Layer2 loops by sending loop protect protocol packets and shutting down interfaces in case they receive loop protect packets originated from themself. The feature works by checking source MAC address of received loop protect packet against MAC addresses of loop protect enabled interfaces. If the match is found, loop protect disables the interface which received the loop protect packet. Log message warns about this event and interface is marked with a loop protect comment by system. RouterOS loop protect feature can be used on bridged interfaces as well as on ethernet interfaces which are set for switching in RouterBoard switch chips.
Loop protect works on ethernet, vlan, eoip and eoipv6 interfaces. It supports adjusting loop protect packet sending interval and interface disable time. Configuration changes or expiration of disable time resets loop protection on interface. 

Saturday, October 29, 2016

Net Monitoring For Employees & Schools (Monitor, Record and Report All Employee Activity)

3 comments
Employee monitoring software has become an essential tool for tracking your employee activity to increase productivity in offices.

If you are a business leader, a teacher, a chairman of a company or project supervisor, you need strong tracking application to keep an eye over the screen of your team members.

It happens many times that many team members spare their time in watching unnecessary content on the Internet or using your resources for their personal use or just spending time in web browsing.

If you want to monitor their activities, you need nothing more than installing our software. You don't need to register - just download and install.


Net Monitor for Employees Professional lets you see the screens of all network computer monitors, making it easy to detect an unauthorized and prohibited PC or Mac use.

With this tool, not only can you monitor screens, you can also take control of any network PC or Mac by controlling the mouse and keyboard.

When you are not at your desk, you can record screens, visited web sites and used applications for later review of your team member activity.

You can easily log which websites your employees are visiting or log application use activity - see if employee is using the application and for how long.

Advanced key logger reports allow you to see what your employee are typing in each application.

With the ability to block individual websites, you'll find Net Monitor for Employees Professional invaluable for preventing unproductive web browsing during work time.

Now you can know for sure whether the employee are working hard or they are just wasting time. Record computer screens to get a proof.

Download With Crack

Winrar Password
itlearweb

Sunday, October 23, 2016

Mikrotik Wireless Range Extender ( Universal Repeater )

1 comments



















How To Upgrade RouterBOARD Firmware

2 comments
  • Open Winbox and go to "System/Routerboard" menu.
  • New window "Routerboard" will pop up, where you can see current and latest available firmware.
  • Click on "Upgrade" button 
  • Click on "Reboot" button 

Thursday, July 28, 2016

4 Wan Equal Load Balancing PPPoE Clients (PCC)

10 comments

Ether 1 = DSL 1 = 192.168.1.1
Ether 2 = DSL 2 = 192.168.2.1
Ether 3 = DSL 3 = 192.168.3.1
Ether 4 = DSL 4 = 192.168.4.1
Ether 5 is your Local  192.168.5.1

/interface ethernet
set [ find default-name=ether1 ] name=ether1
set [ find default-name=ether2 ] name=ether2
set [ find default-name=ether3 ] name=ether3
set [ find default-name=ether4 ] name=ether4
set [ find default-name=ether5 ] name=ether5
/ip address
add address=192.168.1.2/24 interface=ether1 network=192.168.1.0
add address=192.168.2.2/24 interface=ether2 network=192.168.2.0
add address=192.168.3.2/24 interface=ether3 network=192.168.3.0
add address=192.168.4.2/24 interface=ether4 network=192.168.4.0
add address=192.168.5.1/24 interface=ether5 network=192.168.5.0
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether1 max-mru=1480 max-mtu=\
    1480 name=pppoe-out1 password=#PWD use-peer-dns=no user=#USER1
add add-default-route=yes disabled=no interface=ether2 max-mru=1480 max-mtu=\
    1480 name=pppoe-out2 password=#PWD use-peer-dns=no user=#USER2
add add-default-route=yes disabled=no interface=ether3 max-mru=1480 max-mtu=\
    1480 name=pppoe-out3 password=#PWD use-peer-dns=no user=#USER3
add add-default-route=yes disabled=no interface=ether4 max-mru=1480 max-mtu=\
    1480 name=pppoe-out4 password=#PWD use-peer-dns=no user=#USER4
/ip pool
add name=dhcp_pool1 ranges=192.168.5.2-192.168.5.254
/ip dhcp-server
add address-pool=dhcp_pool1 disabled=no interface=ether1 name=dhcp1
/ip dhcp-server network
add address=192.168.5.0/24 gateway=192.168.5.1
/ip dns
set allow-remote-requests=yes cache-size=15000KiB servers=\
    208.67.222.222,208.67.220.220
/system note set note="Server Configuration By <HAMZA KHALIL> (www.itlearnweb.com)" show-at-login=yes
/ip firewall mangle
add chain=prerouting in-interface=pppoe-out1
add chain=prerouting in-interface=pppoe-out2
add chain=prerouting in-interface=pppoe-out3
add chain=prerouting in-interface=pppoe-out4
add action=mark-connection chain=prerouting dst-address-type=!local \
    new-connection-mark=wan1_conn per-connection-classifier=\
    both-addresses-and-ports:4/0
add action=mark-connection chain=prerouting dst-address-type=!local \
    new-connection-mark=wan2_conn per-connection-classifier=\
    both-addresses-and-ports:4/1
add action=mark-connection chain=prerouting dst-address-type=!local \
    new-connection-mark=wan3_conn per-connection-classifier=\
    both-addresses-and-ports:4/2
add action=mark-connection chain=prerouting dst-address-type=!local \
    new-connection-mark=wan4_conn per-connection-classifier=\
    both-addresses-and-ports:4/3
add action=mark-routing chain=prerouting connection-mark=wan1_conn \
    new-routing-mark=to_wan1
add action=mark-routing chain=prerouting connection-mark=wan2_conn \
    new-routing-mark=to_wan2
add action=mark-routing chain=prerouting connection-mark=wan3_conn \
    new-routing-mark=to_wan3
add action=mark-routing chain=prerouting connection-mark=wan4_conn \
    new-routing-mark=to_wan4
/ip firewall nat
add action=masquerade chain=srcnat out-interface=pppoe-out1
add action=masquerade chain=srcnat out-interface=pppoe-out2
add action=masquerade chain=srcnat out-interface=pppoe-out3
add action=masquerade chain=srcnat out-interface=pppoe-out4
add action=masquerade chain=srcnat comment="Masquerade Dhcp Network" src-address=192.168.5.0/24
/ip route
add check-gateway=ping distance=1 gateway=pppoe-out1 routing-mark=to_wan1
add check-gateway=ping distance=1 gateway=pppoe-out2 routing-mark=to_wan2
add check-gateway=ping distance=1 gateway=pppoe-out3 routing-mark=to_wan3
add check-gateway=ping distance=1 gateway=pppoe-out4 routing-mark=to_wan4
add check-gateway=ping distance=1 gateway=pppoe-out1
add distance=2 gateway=pppoe-out2
add distance=3 gateway=pppoe-out3
add distance=4 gateway=pppoe-out4

Sunday, July 24, 2016

MikroTik Send Email When CPU Goes On 100%

3 comments


/system script
add comment="Send Email When CPU  Goes 100%(www.itlearnweb.com)" name=cpu owner=admin policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive source=":global sub1 ([/system identity get name])\r\
    \n:global sub2 ([/system clock get time])\r\
    \n:global sub3 ([/system clock get date])\r\
    \n:global sub4 \"CPU LOAD 100%\"\r\
    \n:global adminrece #YOUR@gmail.com\r\
    \n:global gmailid #YOUR@gmail.com\r\
    \n:global user #USER\r\
    \n:global gmailpwd #YOUR PWD\r\
    \n:global gmailip 74.125.136.108\r\
    \n/tool e-mail \r\
    \nset address=\$gmailip from=\$gmailid password=\$gmailpwd port=25 start-tls=yes user=\$user\r\
    \n/tool e-mail send to=\$adminrece subject=\"\$sub4 \$sub3 \$sub2 \$sub1\" body=\"Please Check something is wrong ##CPU 100%## \"\r\
    \n/"
/system scheduler
add comment="Send Email When CPU  Goes 100%(www.itlearnweb.com)" interval=5s name=cpu on-event=\
    ":if ([ /system resource get cpu-load]>100) do={ /system script run [find name=cpu]; }\r\
    \n/" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive start-time=startup
/system note set note="Server Configuration By <HAMZA KHALIL> (www.itlearnweb.com)" show-at-login=yes



Reboot MikroTik When CPU Load 100%

3 comments


/system scheduler
add comment="Reboot Server If CPU 100%" interval=3s name=cpu on-event=\
    ":if ([ /system resource get cpu-load]>100) do={ /system reboot; }\r\
    \n/" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive start-time=startup

Sunday, July 17, 2016

Send Mikrotik Log Every Day Via E-mail

0 comments

Send Mikrotik Log Every Morning 7:00 AM
Just copy and paste

/system script
add name=log owner=admin policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive source=":log warn\
    ing \"Mikrotik Log File Sending By www.itlearnweb.com....\"\r\
    \n:global sub1 ([/system identity get name])\r\
    \n:global sub2 ([/system clock get time])\r\
    \n:global sub3 ([/system clock get date])\r\
    \n:global sub4 Log\r\
    \n:global adminrece #YOUR@gmail.com\r\
    \n:global gmailid #YOUR@gmail.com\r\
    \n:global user #USER\r\
    \n:global gmailpwd #PASSWORD\r\
    \n:global gmailip 74.125.136.108\r\
    \n:log warning \"Creating Log File.....\"\r\
    \n:delay 5s\r\
    \nlog print file=\"log \$sub1\"\r\
    \n/tool e-mail \r\
    \nset address=\$gmailip from=\$gmailid password=\$gmailpwd port=25 start-tls\
    =yes user=\$user\r\
    \n/tool e-mail send to=\$adminrece subject=\"\$sub4 \$sub3 \$sub2 \$sub1\" f\
    rom=\$gmailid file=\"log \$sub1\"\r\
    \n server=\$gmailip start-tls=yes\r\
    \n:log warning \"Sending Log File.....\"\r\
    \n:delay 5s\r\
    \n/system logging action set memory memory-lines=1\r\
    \n/system logging action set memory memory-lines=1000\r\
    \n/file remove \"log \$sub1\"\r\
    \n:log warning \"Log Cleared & Removed Log File By www.itlearnweb.com.......\
    ...\""
/system scheduler
add comment="Log Send Via Email  Every Day 7:00AM" interval=1d name=\
    "Log Send Via Email" on-event=log policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=\
    jul/17/2016 start-time=07:00:00
/

Send UserManger Database Through Email

1 comments

:log warning "UserManger Database Sending By www.itlearnweb.com...."
:global sub1 ([/system identity get name])
:global sub2 ([/system clock get time])
:global sub3 ([/system clock get date])
:global sub4 Usermanger
:global adminrece #YOUR@gmail.com
:global gmailid #YOUR@gmail.com
:global user #USER
:global gmailpwd  #PASSWORD
:global gmailip 74.125.136.108
:log warning "Creating New Database....."
/tool e-mail
set address=$gmailip from=$gmailid password=$gmailpwd port=25 start-tls=yes user=$user
/tool user-manager database save name=database
/tool e-mail send to=$adminrece subject="$sub4 $sub3 $sub2 $sub1 Usermanger Database" from=$gmailid file=database.umb server=$gmailip start-tls=yes
:delay 30s
/file remove database.umb
:log warning "Usermanger Database File Removed ...."
/

Saturday, July 9, 2016

Non Payment Reminder For PPPoE Users

8 comments

























/ip proxy
set enabled=yes max-cache-size=none parent-proxy=0.0.0.0 src-address=0.0.0.0
/ip proxy access
add action=deny dst-host=!itlearnweb.comli.com redirect-to=\
    itlearnweb.comli.com/
/ip pool
add name=block ranges=172.16.100.1-172.16.100.254
/ip firewall filter
add action=drop chain=forward comment="Block Access For ''Non Payment Users''" \
    dst-port=!80 log-prefix="" protocol=tcp src-address=\
    172.16.100.1-172.16.100.254
/ppp profile
add dns-server=8.8.8.8,8.8.4.4 local-address=10.10.0.1 name="Non Payment" \
    rate-limit=256K/256K remote-address=block


Thursday, July 7, 2016

Users Base Policy Routing

5 comments
1. Policy Base Rounting....  

/ip route
add gateway=192.168.1.1 routing-mark=ISP-1
add gateway=192.168.2.1 routing-mark=ISP-2
/ip route rule
add dst-address=192.168.11.0/24 action=lookup table=main
add dst-address=192.168.12.0/24 action=lookup table=main
add dst-address=192.168.1.0/24 action=lookup table=main
add dst-address=192.168.2.0/24 action=lookup table=main
add src-address=192.168.1.0/24 action=lookup table=ISP-1
add src-address=192.168.2.0/24 action=lookup table=ISP-2
add routing-mark=ISP-1 action=lookup table=ISP-1
add routing-mark=ISP-2 action=lookup table=ISP-2
/system note set note="Server Configuration By <HAMZA KHALIL> (www.itlearnweb.com)" show-at-login=yes
/ip firewall mangle
add chain=prerouting src-address=192.168.11.0/24 action=mark-routing \
new-routing-mark=ISP-1 passthrough=no
add chain=prerouting src-address=192.168.12.0/24 action=mark-routing \
new-routing-mark=ISP-2 passthrough=no



2. DHCP Server
For DHCP Setup Click Here

2nd Method.. 
Use One Mikrotik or Cisco Manageable Switch With Vlans... 



Sunday, July 3, 2016

How To Set Correct Interface Names

0 comments

1st Method Change The Name ..

  • /interface ethernet
  • set [ find default-name=ether1 ] name=ether1
  • set [ find default-name=ether2 ] name=ether2
  • set [ find default-name=ether3 ] name=ether3
  • set [ find default-name=ether4 ] name=ether4
  • set [ find default-name=ether5 ] name=ether5
  • set [ find default-name=ether6 ] name=ether6
  • set [ find default-name=ether7 ] name=ether7
  • set [ find default-name=ether8 ] name=ether8
  • set [ find default-name=sfp1 ] name=sfp1

2nd Method Set The Comments .. 
  • /interface ethernet
  • set [ find default-name=ether1 ] comment=ether1
  • set [ find default-name=ether2 ] comment=ether2
  • set [ find default-name=ether3 ] comment=ether3
  • set [ find default-name=ether4 ] comment=ether4
  • set [ find default-name=ether5 ] comment=ether5
  • set [ find default-name=ether6 ] comment=ether6
  • set [ find default-name=ether7 ] comment=ether7
  • set [ find default-name=ether8 ] comment=ether8
  • set [ find default-name=sfp1 ] comment=sfp1