+ All Categories
Home > Documents > Mikrotik Firewall Training.pdf

Mikrotik Firewall Training.pdf

Date post: 24-Sep-2015
Category:

Documents
Upload: vichet-heng
View: 339 times
Download: 20 times
Download Report this document
Share this document with a friend
Popular Tags:
hengvichet mr
sousvichea mrs
39
Indirect Manager: Mr. Glenn Miller Direct Manager: Mr. Chhann Sokob Supervisor: Mr. Im Somara Team Member: Mr. Heng Vichet Mr. Sous Vichea Mrs. Yun Sophearum Trainer: Mr. Va Vandy 4/12/2012 1
Transcript

  • IndirectManager: Mr.GlennMillerDirectManager: Mr.ChhannSokobSupervisor: Mr.ImSomaraTeamMember: Mr.HengVichet Mr.SousVichea Mrs.YunSophearumTrainer: Mr.VaVandy 4/12/2012 1

  • Content

    1. MikroTikRouterOSBasics2. MikroTikRouterOSBasicConfiguration3. MikroTikRouterOSFirewallandWebProxy4. MikroTikRouterOSBandwidthLimit5. MikroTikRouterOSLocalNetworkManagement6. MikroTikRouterOSRoutingforVPN7. MikroTikRouterOSTroubleshooting

    4/12/2012 2

  • Requirements&Objective1. Requirements

    Networkbasics TCP/IPBasics Internet&VPNtechnologies

    2. Objectiveoftraining Fundamentals/Basics Firewalling QualityofService VirtualPrivateNetworks

    4/12/2012 3

  • MikroTikrouterOSBasic1. AdvanceofRouter

    Networkingdevicethatforwardsthedatapackets. RoutingoccursatNetworklayer. Actsasajunctionbetweentwoormorenetworks. DifferentfromaSwitchandaHub.

    2. RouterOSanditsFeatures ItisarouteroperatingsystemandsoftwarewhichturnsaregularPC

    intoadedicatedrouter Router BandwidthControl Firewall HotSpotGateway VPNServer/Client WirelessAP/Router Allinonebox

    4/12/2012 4

  • MikroTikrouterOSBasic3. Routermaybemanagedthroughthefollowing

    interfaces: Localterminalconsole Serialconsole Telnet SSHSSH(secureshell) MACTelnet Winbox(Popular)

    4/12/2012 5

  • MikroTikrouterOSBasic WinBoxremotetoMKT

    4/12/2012 6

  • MikroTikrouterOSBasic WinBoxInterface

    4/12/2012 7

  • MikroTikrouterOSBasicStructure InternetStructurewithP3oEClient/IPBaseConnection

    4/12/2012 8

  • MikroTikRouterOSBasicConfiguration1. InterfaceDescription(Name)2. CreateVirtualInterface(Bridge&Switchport)3. RouterconfigurationsetipaddressesWAN(P3oEor

    IPBase)andLAN4. DNS&DHCPserverconfiguration5. SetupofIPMasquerading6. NetworkTimeProtocol(NTP)tosynchronizeclock7. Configurationbackupandexportofselectedsettings8. MikroTiklicenses

    4/12/2012 9

  • MikroTikRouterOSBasicConfiguration1. InterfaceDescription(Name)

    ClickInterfacesGeneralTabNameApplyOK

    4/12/2012 10

  • MikroTikRouterOSBasicConfiguration2. CreateVirtualInterface(Bridge&Switchport)

    a) CreateBridge ClickBridgeBridgeTabAddGeneralTabName(Input

    BridgeName)ApplyOK

    4/12/2012 11

  • MikroTikRouterOSBasicConfiguration2. CreateVirtualInterface(Bridge&Switchport)

    ClickBridgeBridgeTabAddGeneralTabName(InputBridgeName)ApplyOK

    4/12/2012 12

  • MikroTikRouterOSBasicConfiguration2. CreateVirtualInterface(Bridge&Switchport)

    b) Addinterfacetobridge ClickBridgePortTabAddGeneralTabInterface(Num)SelectBridgeNameApplyOK

    4/12/2012 13

  • MikroTikRouterOSBasicConfiguration3. RouterconfigurationsetipaddressesWAN(P3oEor

    IPBase)andLAN SetupWAN(IPBaseIPAddress)

    ClickIPSelectAddressAddAddress(110.74.204.40/27)SelectInterfaceApplyOK

    4/12/2012 14

  • MikroTikRouterOSBasicConfiguration3. RouterconfigurationsetipaddressesWAN(P3oEor

    IPBase)andLAN SetupWAN(IPBaseGateways)

    ClickIPSelectRoutesAddDst.Address(0.0.0.0/0)Gateways(110.74.204.62)ApplyOK

    4/12/2012 15

  • MikroTikRouterOSBasicConfiguration3. RouterconfigurationsetipaddressesWAN(P3oEor

    IPBase)andLAN SetupWAN(PPPoEClient)

    ClickPPPInterfaceTabAddPPPoEClientGeneralTabSelectInterfaceName(EzecomConn)MaxMTU(1454)SelectInterfaceDialOutTabUserandpassword(SIPAccount)OtherOption(Default)ApplyOK

    4/12/2012 16

  • MikroTikRouterOSBasicConfiguration3. RouterconfigurationsetipaddressesWAN(P3oEor

    IPBase)andLAN SetupWAN(PPPoEClient)

    4/12/2012 17

  • MikroTikRouterOSBasicConfiguration4. DNS&DHCPserverconfiguration

    a) DSNServer ClickIPSelectDNSSettingtypeserveripTick

    AllowRemoteRequestApplyOK

    4/12/2012 18

  • MikroTikRouterOSBasicConfiguration4. DNS&DHCPserverconfiguration

    a) DHCPProcess

    4/12/2012 19

  • MikroTikRouterOSBasicConfiguration4. DNS&DHCPserverconfiguration

    a) DHCPServer ClickIPSelectDHCPDHCPSetupSelectDHCP

    Serverinterface(LAN)NextDHCPAddressSpace(192.168.1.0/24)NextGatewayforDHCP(LANip)NextAddresstoGiveOutNextDNSServerNextLeasetime(3d:00:00:00)NextOK

    4/12/2012 20

  • MikroTikRouterOSBasicConfiguration5. SetupofIPMasquerading

    ClickIPFirewallTabNATAddGeneralTabChain(Scrnat)InterfaceOut(EtherWANorP3oEClientName)ActionTabApplyOK

    4/12/2012 21

  • MikroTikRouterOSBasicConfiguration6. NetworkTimeProtocol(NTP)tosynchronizeclock

    NTPClient ClickSystemSelectSNTPClientTickEnableMode(Unicast)PrimaryNTP&SecondaryofISPApplyOK

    4/12/2012 22

  • MikroTikRouterOSBasicConfiguration6. NetworkTimeProtocol(NTP)tosynchronizeclock

    Clock/Timezone ClickSystemClockTimeTabTimezonename(Asia/PhnomPenh)ManualTimeZoneTimeZone(+07:00)ApplyOK

    4/12/2012 23

  • MikroTikRouterOSBasicConfiguration7. Configurationbackupandexportofselectedsettings

    a) BackupConfiguration ClickFilesClickBackup

    b) RestoreConfiguration ClickFilesSelectonBackupfileClickonRestore

    4/12/2012 24

  • MikroTikRouterOSBasicConfiguration9. MikroTiklicenses

    ClickSystemLicenses:SoftwareID,UpgradealbeTo,Level

    4/12/2012 25

  • MikroTikRouterOSFirewallandWebProxy1. Enableproxyserver

    GotoNewTerminal

    4/12/2012 26

  • MikroTikRouterOSFirewallandWebProxy1. CreateFilterRuleandNATforproxyserver

    FirewallRULEDrop ClickIPFirewallFilterRulesTabAddChain(input)Protocol(tcp)Dst.Port(8080)In.Interface(WAN)ActionTabAction(Drop)ApplyOk

    4/12/2012 27

  • MikroTikRouterOSFirewallandWebProxy1. CreateFilterRuleandNATforproxyserver

    NATRULE ClickIPFirewallNATTabAddChain(dsnat)Protocol(tcp)Dst.Port(80)ActionTabAction(dstnat)ToAddress(192.168.20.1)Toport(8080)ApplyOk

    4/12/2012 28

  • MikroTikRouterOSFirewallandWebProxy1. CreateFilterRuleandNATforproxyserver

    BlockWebSite ClickIPGeneralTabClickAccessAddDst.Host(websitewww.facebook.com)Action(Deny)ApplyOK

    4/12/2012 29

  • MikroTikRouterOSBandwidthLimit1. SimpleQueues

    ClickQueuesSimpleQueuesTabAddName(IP19)TargetAddress(192.168.20.19)Max.Limit(Up/Down)ApplyOK

    4/12/2012 30

  • MikroTikRouterOSLocalNetworkManagement1. AddressResolutionProtocol(ARP)

    a) TheARPprotocolprovidestwobasicfunctions: ResolvingIPv4addressestoMACaddresses Maintainingacacheofmappings

    b) ARPProcess ARPrequest(Broadcast) ARPreply(unicast)

    4/12/2012 31

  • MikroTikRouterOSLocalNetworkManagement2. DHCPserverwithdynamicandstaticIPaddress

    allocation LeaseTime(DHCPclient)

    4/12/2012 32

  • MikroTikRouterOSRoutingforVPN1. VPNSample

    4/12/2012 33

  • MikroTikRouterOSRoutingforVPN2. Routing(StaticRoute):Weconfigureroutedepend

    oncustomersrequirementoractualsituation.3. Verifystaticinroutingtable

    4/12/2012 34

  • MikroTikRouterOSRoutingforVPN3. AddStaticrouteinMKT

    ClickIPRoutesAddDst.Address(192.168.2.0/24)&Gateways(10.82.253.194)ApplyOK

    4. AddDefaultrouteinMKT ClickIPRoutesAddDst.Address(0.0.0.0/0)&

    Gateways(10.82.253.200)ApplyOK

    4/12/2012 35

  • MikroTikRouterOSTroubleshooting1. CheckPhysicalNetwork

    a) Cable,Connector,RouterandModem2. Logical(Configuration)

    a) RouterResource CPU Member Disk

    b) RouterInterface&Queue P3oEinterface Queuelimitation

    3. MorePractice

    4/12/2012 36

  • MikroTikRouterOSTroubleshooting1. Suggestion(exceptcustomerhaveITguy)

    a) Usernameandpasswordrouter

    PowerUser(Full) Username:admin Password:net@admin

    PrivilegeUser(Write) Username:ezecom Password:ezecomit

    4/12/2012 37

  • MikroTikRouterOSReferences1. http://www.mikrotik.com/2. http://wiki.mikrotik.com/wiki/Manual:TOC3. http://www.ispsupplies.com/mikrotiklicense

    levels.html4. http://gregsowell.com/?p=6805. https://powercode.fogbugz.com/default.asp?W37

    4/12/2012 38

  • Thankforyourattention

    4/12/2012 39


Recommended
Firewall : Mangle & Address List - Fahrezy Blog · Firewall • Mikrotik RouterOS Firewall stands between ... chain for a new rule • If the input doesn’t match the name of ...

Firewall : Mangle & Address List - Fahrezy Blog · Firewall • Mikrotik RouterOS Firewall stands between ... chain for a new rule • If the input doesn’t match the name of ...

Documents

GLC Networks, Indonesia achmad@glcnetworks.com ... - … › presentations › UK16 › ...Firewall RAW table Mikrotik User Meeting London, November 14, 2016 Achmad Mardiansyah achmad@glcnetworks.com

GLC Networks, Indonesia [email protected] ... - … › presentations › UK16 › ...Firewall RAW table Mikrotik User Meeting London, November 14, 2016 Achmad Mardiansyah [email protected]

Documents

Mikrotik Most Wanted - · PDF file• Mikrotik dikenal sebagai Statefull Firewall yang melakukan ... VLAN, Firewall, Queue unlimited Proxy, Radius Client yes Dynamic Routing RB = yes

Mikrotik Most Wanted - · PDF file• Mikrotik dikenal sebagai Statefull Firewall yang melakukan ... VLAN, Firewall, Queue unlimited Proxy, Radius Client yes Dynamic Routing RB = yes

Documents

fmea training.pdf

fmea training.pdf

Documents

Contents · MikroTik RouterOS is the operating system of MikroTik RouterBOARD hardware. It has all the necessary features for an ISP - routing, firewall, bandwidth management, wireless

Contents · MikroTik RouterOS is the operating system of MikroTik RouterBOARD hardware. It has all the necessary features for an ISP - routing, firewall, bandwidth management, wireless

Documents

Circuit Training.pdf

Circuit Training.pdf

Documents

IP FIREWALL · 2019-01-21 · Davao City, Philippines ICT certification-based training center MikroTik Academy –Inquirinity Computer Academy Reseller of ICT products –MikroTik

IP FIREWALL · 2019-01-21 · Davao City, Philippines ICT certification-based training center MikroTik Academy –Inquirinity Computer Academy Reseller of ICT products –MikroTik

Documents

PDMS Training.pdf

PDMS Training.pdf

Documents

Firewall Pada Router Mikrotik DNS Flood Dengan Filter 24. Sistem …lib.unnes.ac.id/33070/1/Turnitin_Sistem_Pencegahan_UDP... · 2019. 10. 5. · Pada Router Mikrotik ORIGINALITY

Firewall Pada Router Mikrotik DNS Flood Dengan Filter 24. Sistem …lib.unnes.ac.id/33070/1/Turnitin_Sistem_Pencegahan_UDP... · 2019. 10. 5. · Pada Router Mikrotik ORIGINALITY

Documents

5566f7c82e9fcIPR Training.pdf

5566f7c82e9fcIPR Training.pdf

Documents

MikroTik Security Audit & Network Security and how your system works 4. What is Firewall? •In computing, a firewall is a network security ... Next to MikroTik Hotspot Security.

MikroTik Security Audit & Network Security and how your system works 4. What is Firewall? •In computing, a firewall is a network security ... Next to MikroTik Hotspot Security.

Documents

Faster better tech support with TLS Host Matching - MikroTik · wiki.mikrotik.com TLS host matching is a big help on classifying ssl traffic . IP > Firewall > New Firewall/NAT/Mangle

Faster better tech support with TLS Host Matching - MikroTik · wiki.mikrotik.com TLS host matching is a big help on classifying ssl traffic . IP > Firewall > New Firewall/NAT/Mangle

Documents

MikroTik Router OS Firewall Strategies

MikroTik Router OS Firewall Strategies

Documents

hAP lite - download2.mikrotik.comdownload2.mikrotik.com/news/news_64.pdf · bandwidth shaping, firewall, user access control ... mountable MikroTik ... it from the PoE input port.

hAP lite - download2.mikrotik.comdownload2.mikrotik.com/news/news_64.pdf · bandwidth shaping, firewall, user access control ... mountable MikroTik ... it from the PoE input port.

Documents

fileRouterOS / ip firewall filter add chain=forward protocol—gre : ... [admin@MikroTik) ip firewall mangle> /ping Path ... . ip firewall rule input . ip firewall rule

fileRouterOS / ip firewall filter add chain=forward protocol—gre : ... [admin@MikroTik) ip firewall mangle> /ping Path ... . ip firewall rule input . ip firewall rule

Documents

LeBert_missed training.pdf

LeBert_missed training.pdf

Documents

MikroTik Firewall : Securing your Router with Port Knocking

MikroTik Firewall : Securing your Router with Port Knocking

Technology

abap training.pdf

abap training.pdf

Documents