Using the built in Mikrotik scripting and email tools is an easy way to create automatic backups, that are emailed to you everyday at scheduled times. This guide will give you a detailed walk through of the 3 parts to setting this up.
Continue reading
Configuring login notes to appear as pop-up messages in Winbox, that also display in the terminal is quite easy, and can be done in just a few simple steps.
Firstly, login to your Mikrotik router. Navigate to System > Notes:
Continue reading
Post Notes: as of RouterOS 7.18 – ip – added support for /31 address
Contents:
Mikrotik WireGuard Interface Setup
In this guide, I’ll show you how to easily set up a VPN tunnel using WireGuard between a Windows PC and a MikroTik router. Whether you need to manage your router remotely or access hosts on your network from anywhere, this tutorial will covers each aspect and aims to simplify the steps to make it easy for anyone at any skill level.
Continue reading
A simply way to create firewall filter rules that are only active at certain times without needing to use scripts, is to utilize the built in “Time” field that can be found in the “Extra” menu when configuring a firewall filter on Mikrotik RouterOS.
Its important to make sure your routers system clock is correctly recording time. The easiest way to do this is to use an NTP server. You can find my guide on how to do this 👉 here.
Continue reading
In this guide we’ll be focussing on setting up an NTP client on Mikrotik RouterOSv7 for global time and date sync, and ensuring that the system clock is keeping time correctly.
NTP functions by allowing a device to sync its UTC time and date from a global time server. In our use case, it enables a Mikrotik router running an NTP client to get accurate UTC time and dates from an external NTP server. Once the MikroTik router syncs its UTC time and date via NTP, the system clock applies the configured local time zone to display the correct time.
Continue reading
This guide aims to effectively demonstrate the steps required to setup a simple DHCP server on MikroTik RouterOS.
Step 1:
Before we start with the DHCP server, there are two considerations we need to take into account. 1, what IP subnet are we going to use for our LAN range that DHCP hands out? 2, what interface is the DHCP server going to live on?
Continue reading
In this guide we’re taking a look at one possible way to setup a “drop all, except whitelisted IP addresses” config. The premise for this setup, is to be a very easy way to stop network users from visiting websites other that what we explicitly allow.
Continue reading
Adding a DHCP lease exclusion is typically a simple task on most routers—just a few clicks to add the desired IP to an exclusion list. However, on RouterOS, the process is quite manual and requires a bit more effort. This guide will walk you through the steps to create a DHCP exclusion in RouterOS, leveraging its granular configuration capabilities.
Lets take a look at two different approaches to achieve the same end result.
Continue reading
Post Notes: as of RouterOS 7.18 – ip – added support for /31 address
The steps below aim to illustrate how to setup a site to site VPN between two Mikrotik devices using WireGuard. Pre-existing local networks and firewalls exist on both R1 and R2. Between R1 and R2 the WireGuard tunnel will use 172.17.0.0/30. R2 has 172.17.0.1 assigned to its WireGuard interface, while R1 has 172.17.0.2 assigned to its WireGuard interface. The network used, or the order in which IP addresses are assigned is not important, however it is considered best practice to use a point to point subnet between peers.
Continue reading
In this post we’ll discuss two different ways to control standard DNS queries (UDP/TCP port 53) within a network using Mikrotik RouterOS. The intended outcome for doing this is to be able to either send all DNS queries from devices on your network to a specific external DNS server, such as 1.1.1.3 (CloudFlare DNS for Families), or to send all DNS queries on your network to the routers internal DNS server. The latter configuration allows for the addition of blackhole DNS records to be put within your routers cache for hosts to query.
Continue reading