Tag: RouterOS

MikroTik Tutorial: show mac address table

MikroTik Tutorial: show mac address table

Here are the commands to show the mac address table on a MikroTik Router. In addition to using the command line to show the mac address table, this tutorial I will also show you how to search for a specific MAC address and filter the table to show mac addresses learned through a specific port. There are actually several commands that you should know, depending on how your router is configured.

Read More Read More

The Perfect MikroTik Config Restore Script

The Perfect MikroTik Config Restore Script

Restoring config files on MikroTik routers have always been a pain. I set out to make the perfect config restore script for MikroTik routers.

Have your every tried to paste configuration commands into a MikroTik router? Yeah, it doesn’t work. As soon as the script adds an interface to a bridge or changes an IP you get disconnected and the rest of the script lines fail to restore.

Using the ‘run after reset‘ method is really the best way to restore a MikroTik router’s configuration but it has it’s own little caveats like editing the script first and adding a :delay 15s; line at the top.

After reboot, there is no clear indication if the import was successful or failed. While troubleshooting an error riddled backup I had the idea of introducing an audible beep before and after the import process. This lead me to develop this script.

Read More Read More

MikroTik Script: Router Rebooted Script

MikroTik Script: Router Rebooted Script

This is a useful little RouterOS script that will email you a nice report when your router reboots. The emailed report contains recent critical log events that may point you to the cause for the reboot. ie “router was rebooted without proper shutdown” or “out of memory condition was detected”.

Read More Read More

MikroTik Tutorial: Firewall ruleset for IPsec whitelisting

MikroTik Tutorial: Firewall ruleset for IPsec whitelisting

This article will show you how to setup a firewall whitelist for IPsec peer associations on a MikorTik router. The firewall ruleset will make use of address-lists to allow UDP 500 traffic only from trusted networks.

The address list for trusted networks will be called ipsec-trusted-nets and all other hosts that attempt IPsec traffic will be added to the list ipsec-uninvited.

Read More Read More

MikroTik Script: Authentication Logging w/ Email Reports

MikroTik Script: Authentication Logging w/ Email Reports

In this article I will show you how to configure a separate log file on a MikroTik router that will only contain authentication log entries.  The log file will contain log entries for winbox, webfig, ssh, telnet, ftp as well as VPN user authentications.  Additionally,  we will configure a scheduled script to email this log file to ourselves daily.

Read More Read More

MikroTik RouterOS Automation with NAPALM

MikroTik RouterOS Automation with NAPALM

In this tutorial, we will explore using the NAPALM python module to query data from a MikroTik Router.

Before we begin, you are expected to have python3 and pip installed as well as access to a MikroTik router running RouterOS. NAPALM will attempt to connect to the router on the default API port of 8728. You will need to enable the API service which is found in IP | Services using winbox

Read More Read More

MikroTik Tutorial: Adding a 2nd Wireless SSID Virtual Access Point

MikroTik Tutorial: Adding a 2nd Wireless SSID Virtual Access Point

How to configure a VirtualAP in RouterOS

This example assumes you are starting with the RouterOS default configuration. The screenshots below detail the steps required to add a second access point to a MikroTik router. This quick tutorial does not address the setup steps required to secure your wireless network WPA/WPA2 wireless authentication.

Read More Read More