Posts belonging to Category HowTo



HowTo: MikroTik Secure VPN Part 1.5 MikroTik to MikroTik with IPSec

This is a short HowTo which will cover the set-up of Mikrotik to Mikrotik VPN but secured with IPsec. The use of IPsec can be very CPU intensive and it is recommended that the VPN server be set up on a Mikrotik which supports hardware based AES/IPsec encryption such as the Mikrotik RB850Gx2RB3011 or any CCR series router.

I will be using a RB850Gx2 as my VPN server and a Mikrotik mAP as my VPN clients, all the heavy IPsec processing will be done on the RB850Gx2 which has AES hardware for offloading IPsec calculations. ROS 6.33.3 or higher on the client side is required in order to make use of the ‘easy IPsec connect’ feature.
Continue reading “HowTo: MikroTik Secure VPN Part 1.5 MikroTik to MikroTik with IPSec” »

HowTo: Optimising MikroTik Firewall rules

When creating complex firewall rules on MikroTik routers, especially those with high levels of packet throughput, it is important that any rules are processed in an efficient manner. Firewall rules are processed top down. Every new packet is tested against each rule until a match is found. For high packet count traffic, this could mean that all those packets are having to be processed many times before it is matched. This can require a higher processing power than necessary and if the CPU reaches 100%, packet loss will occur.
Continue reading “HowTo: Optimising MikroTik Firewall rules” »

HowTo: Updating the LiniTX Controller and Unifi Software

Controller Logo

 

The LinITX embedded controller has proven popular since its launch with many units sold. All feedback has been taken on board and alterations have been made to the embedded OS and configuration to make the controller as easy to use as possible. All new controllers purchased in 2015 will include Webmin as standard which will provide a web Gui interface to the OS settings. The controller now includes automatic tasks, the most important of which automatically reboots the controller daily at midnight which frees up resources and reduces problems with Java.
Continue reading “HowTo: Updating the LiniTX Controller and Unifi Software” »

HowTo: Improved CAPsMAN Wireless Client Roaming

CAPsMAN is a very useful method of setting up a large number of APs (CAPs) in a building, but how can you help a client to roam better?  The problem is that clients can get “sticky”. They refuse to disconnect themselves from an AP, even though they have actually moved their location and are now much closer to another AP.  The client software seems to hang in there for dear life, despite having a very poor and low speed of connection, but it seems to decide, “some connection, no matter how bad, is better than none at all, but I will not check to see if there are any other APs that are stronger”. So they remain “stuck” to that distant AP, even though there is a better one nearby.  So what’s the solution?
Continue reading “HowTo: Improved CAPsMAN Wireless Client Roaming” »

HowTo: Load Balancing multiple Internet connections

A frequent request we receive is how to use a MikroTik Router to get more bandwidth by ‘joining’ multiple internet feeds together. There are a number of different methods, however it’s a good moment to clarify that the term ‘line bonding’ is not the same as ‘Load balancing’. With line bonding we are actually sending each packet in a ’round robin’ fashion up multiple lines and at the ISP end they are joined back together again into a single circuit.  This is a service that can only be carried out at a data centre or ISP and all lines must be all connected to a common interface sharing the same IP address.  Any Public IP Addresses used at the remote site must all be routable over any one of the multiple lines.  Not so easy when all the lines are possibly from completely different service providers.
Continue reading “HowTo: Load Balancing multiple Internet connections” »

HowTo: Using the UniFi Controller


unifi-overview

In this “HowTo” we will go through the steps of managing a Ubiquiti UniFi access point, the same process applies to the UAP, UAP LR, UAP Pro, UAP AC, and the UAP outdoor series of products. We will be using a pair of the new LinITX Embedded Controllers hosting Ubiquiti’s UniFi Controller. Both Version 3 and the new Beta Version 4 Unifi Controller will be included in this “HowTo”. Guest Portal will not be covered.
Continue reading “HowTo: Using the UniFi Controller” »

HowTo: MikroTik Secure VPN Part 1 MikroTik to MikroTik

This is part 1 of a VPN HowTo to aid in the set up of secure VPN services on Mikrotik Devices, in part 1 I will focus on basic set-up and MikroTik to MikroTik secure VPN. Part 1.5 can be found here which focuses on Mikrotik to Mikrotik IPsec VPN. Part 2 will focus on setting up a secure VPN with IPSec to a MikroTik from a mobile IOS or Android and a computer with Windows/OSX/Ubuntu based operating systems.
Continue reading “HowTo: MikroTik Secure VPN Part 1 MikroTik to MikroTik” »

HowTo: Building to Building PTP links using MikroTik Wireless Products

748_l

 

We are often asked how to make building to building or ‘point to point’ wireless links. As the MikroTik interface does not change between models this ‘How To’ can apply to any MikroTik Wireless based device. For this How To I will be using a pair of the new MikroTik SXT AC’s, to create a L2 transparent wireless bridge in a simple point to point mode (PtP).  This How To can also apply to point to multi point scenarios (PtMP). One SXT will be set up in ‘Bridge’ mode (effectively an AP) and the other as ‘Station Bridge’ (i.e. the ‘client’), to ensure best performance the link will be created and secured using the Mikrotik NV2 TDMA based protocol.
Continue reading “HowTo: Building to Building PTP links using MikroTik Wireless Products” »

HowTo: Building to Building PTP links using Ubiquiti Airmax products

(This how to also applies to 2.4GHz Ubiquiti Equipment)

We are often asked how to make building to building or ‘point to point’ wireless links. This HowTo explains how to use Ubiquiti Nanostations to make a transparent link.

The first port of call for configuring any Ubiquiti device is to manually change your systems IP address in order to communicate with the Ubiquiti equipment, in this HowTo I will be using 192.168.1.10 as my system IP (note that many Ubiquiti devices are configured on 192.168.1.20 from the manufacturer by default).
Continue reading “HowTo: Building to Building PTP links using Ubiquiti Airmax products” »

HowTo: Ubiquiti mFi mPower

Ubiquiti recently made their 3 port mFi mPower (EU plug only) available in Europe. It provides 3 plug sockets that can be controlled via WiFi using their freely downloadable mFi controller software. Setup is fairly straight forward.

mPower Initial config

In the first instance the mPower becomes an access point that you can connect your PC/Laptop or in my case my mobile phone to. The access point will have the name of mFi followed by the last 3 octets of its MAC address. There’s no encryption of password required to connect at this point.
Continue reading “HowTo: Ubiquiti mFi mPower” »