Thursday, December 22, 2016
Tuesday, December 13, 2016
Connect Multiple Offices With Eoip Tunnel
Office Side I Have RB3011UiAS-RM
Configuration
/interface ethernet
set [find default-name=ether1 ] name=ether1 comment=WAN-Network
set [find default-name=ether2 ] name=ether2
set [find default-name=ether3 ] name=ether3
set [find default-name=ether4 ] name=ether4
set [find default-name=ether5 ] name=ether5
set [find default-name=ether6 ] name=ether6
set [find default-name=ether7 ] name=ether7
set [find default-name=ether8 ] name=ether8
set [find default-name=ether9 ] name=ether9
set [find default-name=ether10 ] name=ether10
/interface eoip add name="2nd Branch" remote-address=###2nd Branch WAN-IP
/interface eoip add name="3nd Branch" remote-address=###3rd Branch WAN-IP
/interface eoip add name="4nd Branch" remote-address=###4th Branch WAN-IP
/interface bridge
add name=DHCP
/interface bridge port
add bridge=DHCP interface=ether2
add bridge=DHCP interface=ether3
add bridge=DHCP interface=ether4
add bridge=DHCP interface=ether5
add bridge=DHCP interface=ether6
add bridge=DHCP interface=ether7
add bridge=DHCP interface=ether8
add bridge=DHCP interface=ether9
add bridge=DHCP interface=ether10
add bridge=DHCP interface="2nd Branch"
add bridge=DHCP interface="3rd Branch"
add bridge=DHCP interface="4th Branch"
/ip address
add address=###your WAN-IP interface=ether1
add address=192.168.10.1/23 interface=DHCP network=192.168.10.0
/ip dns
set servers=8.8.8.8,8.8.4.4
/ip pool
add name=dhcp_pool1 ranges=192.168.10.2-192.168.11.254
/ip dhcp-server
add address-pool=dhcp_pool1 disabled=no interface=DHCP name=dhcp2 lease-time=1h relay=\
192.168.10.1
/ip dhcp-server network
add address=192.168.10.0/23 dns-server=8.8.8.8,8.8.4.4 gateway=192.168.10.1
/ip firewall nat
add action=masquerade chain=srcnat comment="Masquerade DHCP Network" \
src-address=192.168.10.0/23
/ip route
add distance=1 gateway=###your gateway
/system identity
set name=Main-Branch
Other Branches Configuration......
we use hexlite
2nd Branch
/interface ethernet
set [find default-name=ether1 ] name=ether1 comment=WAN-Network
set [find default-name=ether2 ] name=ether2
set [find default-name=ether3 ] name=ether3
set [find default-name=ether4 ] name=ether4
set [find default-name=ether5 ] name=ether5
/interface eoip add name="eoip-tunnel1" remote-address=(###Main Branch WAN-IP) tunnel-id=20
/interface bridge
add name=Local-Network
/interface bridge port
add bridge=Local-Network interface=ether2
add bridge=Local-Network interface=ether3
add bridge=Local-Network interface=ether4
add bridge=Local-Network interface=ether5
add bridge=Local-Network interface=eoip-tunnel1
/ip address
add address=(###your WAN-IP) interface=ether1
/ip route
add distance=1 gateway=(###your gateway)
/system identity
set name=2nd-Branch
3rd Branch
/interface ethernet
set [find default-name=ether1 ] name=ether1 comment=WAN-Network
set [find default-name=ether2 ] name=ether2
set [find default-name=ether3 ] name=ether3
set [find default-name=ether4 ] name=ether4
set [find default-name=ether5 ] name=ether5
/interface eoip add name="eoip-tunnel1" remote-address=(###Main Branch WAN-IP) tunnel-id=30
/interface bridge
add name=Local-Network
/interface bridge port
add bridge=Local-Network interface=ether2
add bridge=Local-Network interface=ether3
add bridge=Local-Network interface=ether4
add bridge=Local-Network interface=ether5
add bridge=Local-Network interface=eoip-tunnel1
/ip address
add address=(###your WAN-IP) interface=ether1
/ip route
add distance=1 gateway=(###your gateway)
/system identity
set name=3rd-Branch
4th Branch
/interface ethernet
set [find default-name=ether1 ] name=ether1 comment=WAN-Network
set [find default-name=ether2 ] name=ether2
set [find default-name=ether3 ] name=ether3
set [find default-name=ether4 ] name=ether4
set [find default-name=ether5 ] name=ether5
/interface eoip add name="eoip-tunnel1" remote-address=(###Main Branch WAN-IP) tunnel-id=40
/interface bridge
add name=Local-Network
/interface bridge port
add bridge=Local-Network interface=ether2
add bridge=Local-Network interface=ether3
add bridge=Local-Network interface=ether4
add bridge=Local-Network interface=ether5
add bridge=Local-Network interface=eoip-tunnel1
/ip address
add address=(###your WAN-IP) interface=ether1
/ip route
add distance=1 gateway=(###your gateway)
/system identity
set name=4th-Branch
Sunday, December 11, 2016
L2TP Tunnel (Remotely Connect To Work Computer From Home)
L2TP is a secure tunnel protocol for transporting IP traffic using PPP. L2TP encapsulates PPP in virtual lines that run over IP, Frame Relay and other protocols (that are not currently supported by MikroTik RouterOS). L2TP incorporates PPP and MPPE (Microsoft Point to Point Encryption) to make encrypted links. The purpose of this protocol is to allow the Layer 2 and PPP endpoints to reside on different devices interconnected by a packet-switched network. With L2TP, a user has a Layer 2 connection to an access concentrator - LAC (e.g., modem bank, ADSL DSLAM, etc.), and the concentrator then tunnels individual PPP frames to the Network Access Server - NAS. This allows the actual processing of PPP packets to be separated from the termination of the Layer 2 circuit. From the user's perspective, there is no functional difference between having the L2 circuit terminate in a NAS directly or using L2TP. for more details
/ip pool
add name=L2TP ranges=172.16.100.1-172.16.100.254
/ppp profile
add dns-server=10.10.0.1,8.8.8.8 local-address=10.10.0.1 name=L2TP-VPN \
remote-address=L2TP
/interface l2tp-server server
set default-profile=L2TP-VPN enabled=yes ipsec-secret=itlearnweb use-ipsec=yes
/ppp secret
add name=test password=test profile=L2TP-VPN service=l2tp
/ip firewall nat
add action=masquerade chain=srcnat comment="L2TP-VPN Masquerade" src-address=\
172.16.100.1-172.16.100.254
