Setting up a gateway on MikroTik Routers: Difference between revisions

From 44Net Wiki
Jump to navigation Jump to search
mNo edit summary
mNo edit summary
 
(15 intermediate revisions by 2 users not shown)
Line 1: Line 1:
The MikroTik Routers By default support  IP-IP  tunneling  so setting  up a gateway is quiet easy
To setup a Gateway you need to have mikrotik router (all models support IPIP by default)


The mikrotik router is a very powerful device and there are a lot of options that can be used
The example here will show the router that  the WAN Port  is connected to the DMZ  of your Main router (the one that  you get the ISP  from it)  and the 44 Net will appear on the Lan Port  (wan and lan Referring to  a home router model)


The example here will deal with the router that the WAN Port is connected to the DMZ   of your Network and the 44 Net will appear on the Lan Port  (Referring to a home router)
Before you start  configure  the DMZ of your main router  at least to allow two direction (Incoming/Outgoing) traffic to the InterNet   and make sure that the  wan  of the mikrotik router have ip on the same network  of your DMZ  and check that the MikroTik Interface can communicate with the   Main ISP router


The configuration can be done with the web interface (webFig)  or in manual text command with telnet or SSH  connection to the router
The configuration can be done with the web interface (webFig)  or in manual text command with telnet or SSH  connection to the router


First a tunnel interface must be created to the Main AMPRNET router
At first assign 44 Net address to your router Interface
You do it by the web  : IP --> Addresses  --> Add New , a new screen will open , fill your 44 Net IP 44.xxx.YYY.ZZZ/your sub net (usually it will be /24)
feel the network it should usually be same as the IP but with 0 in the end


you do it in the web by this : interfaces --->  add new --> IP  tunnel  
Now chose which interface you assign this IP for , there is a drop down menu that show all of your interfaces  , chose the one that connected to the local net
 
Now a tunnel interface have to  be created  between your router and  the main  AMPRNet router
 
You do it in the web by this : interfaces --->  Add New --> IP  tunnel ,
a Screen will open  
a Screen will open  


Change the name to say  UCSD  
Change the name to say  UCSD  


add in the local address your router address on the DMZ (in home it will probably be 10.0.0.x or 192.168.1.x)
Fill in the local address field your router address on the DMZ (in home it will probably be 10.0.0.x or 192.168.1.x)


at the remote address put the address of the AMPRNET router (169.228.66.251)
At the remote address fill the address of the AMPRNET router (169.228.34.84)


Press the apply button and you are done
Press the apply button and you are done


now some routes commands needed to be done  
The  Command in  command line interface (via Telnet  ot SSH)  is as follows
/interface ipip
add allow-fast-path=no  local-address=10.0.0.180 name=UCSD \
    remote-address=169.228.34.84
 
Make sure to check that  no keep alive is active on that  interface as the amprnet router dont like the keep alive data .
 
Now some routes commands needed to be done  


1) Route all the traffic to the tunnel interface
1) Route all the traffic to the tunnel interface
Line 26: Line 40:
You do it by : IP --> Routes  and clicking on the 0.0.0.0  line
You do it by : IP --> Routes  and clicking on the 0.0.0.0  line
and changing the gateway  to the tunnel interface name and clicking apply
and changing the gateway  to the tunnel interface name and clicking apply
The command line  in text  is as follow
  /ip route
add distance=1 gateway=UCSD


2) route command for the tunnel to go to the InterNet
2) route command for the tunnel to go to the InterNet
Line 31: Line 50:
You do it by the web  as follows :  IP  ---> routes --->  add new
You do it by the web  as follows :  IP  ---> routes --->  add new


at the screen , type in the destination address 169.228.66.251/32  
at the screen , type in the destination address 169.228.34.84/32  
and at the gateway type the ip address of the next router (for home network it is usually  10.0.0.138  or 192.168.1.1)
and at the gateway , type the ip address of the next router (for home network , it is usually  10.0.0.138  or 192.168.1.1)
 
The command line  is as follows
 
/ip route
add distance=1 dst-address=169.228.34.84/32 gateway=10.0.0.138


Now you should have connectivity from your  44 Net  to the rest of the world (but not to any other 44 net  networks worldwide )
Now you should have connectivity from your  44 Net  to the rest of the world (but not to any other 44 net  networks worldwide )


In  order  to have a full connectivity to the other 44 Net  networks  a tunnel  (and corresponding  route command) must be added  for every 44 Net gateway
In  order  to have a full connectivity to the other 44 Net  networks  a tunnel  (and corresponding  route command) must be added  for every 44 Net gateway
The MikroTik  have ability to run an automatic script  that deal  with the routing to the rest of the  AMPRNET  networks
The script  run inside the router and take care  of all  the routes 
In general  it listen to the routes advertisements send from the  AMPR.ORG  main router  and translating it to  routes commands to the router
The Script can be found here  http://www.yo2loj.ro/hamprojects/ampr-gw-2.0.rsc
The Commands to  run it can be found  here  http://www.yo2loj.ro/hamprojects/ampr-gw-README.txt

Latest revision as of 17:23, 30 May 2017

To setup a Gateway you need to have mikrotik router (all models support IPIP by default)

The example here will show the router that the WAN Port is connected to the DMZ of your Main router (the one that you get the ISP from it) and the 44 Net will appear on the Lan Port (wan and lan Referring to a home router model)

Before you start configure the DMZ of your main router at least to allow two direction (Incoming/Outgoing) traffic to the InterNet and make sure that the wan of the mikrotik router have ip on the same network of your DMZ and check that the MikroTik Interface can communicate with the Main ISP router

The configuration can be done with the web interface (webFig) or in manual text command with telnet or SSH connection to the router

At first assign 44 Net address to your router Interface You do it by the web  : IP --> Addresses --> Add New , a new screen will open , fill your 44 Net IP 44.xxx.YYY.ZZZ/your sub net (usually it will be /24) feel the network it should usually be same as the IP but with 0 in the end

Now chose which interface you assign this IP for , there is a drop down menu that show all of your interfaces , chose the one that connected to the local net

Now a tunnel interface have to be created between your router and the main AMPRNet router

You do it in the web by this : interfaces ---> Add New --> IP tunnel , a Screen will open

Change the name to say UCSD

Fill in the local address field your router address on the DMZ (in home it will probably be 10.0.0.x or 192.168.1.x)

At the remote address fill the address of the AMPRNET router (169.228.34.84)

Press the apply button and you are done

The Command in command line interface (via Telnet ot SSH) is as follows

/interface ipip
add allow-fast-path=no  local-address=10.0.0.180 name=UCSD \
   remote-address=169.228.34.84

Make sure to check that no keep alive is active on that interface as the amprnet router dont like the keep alive data .

Now some routes commands needed to be done

1) Route all the traffic to the tunnel interface

You do it by : IP --> Routes and clicking on the 0.0.0.0 line and changing the gateway to the tunnel interface name and clicking apply

The command line in text is as follow

 /ip route
add distance=1 gateway=UCSD

2) route command for the tunnel to go to the InterNet

You do it by the web as follows : IP ---> routes ---> add new

at the screen , type in the destination address 169.228.34.84/32 and at the gateway , type the ip address of the next router (for home network , it is usually 10.0.0.138 or 192.168.1.1)

The command line is as follows

/ip route
add distance=1 dst-address=169.228.34.84/32 gateway=10.0.0.138

Now you should have connectivity from your 44 Net to the rest of the world (but not to any other 44 net networks worldwide )

In order to have a full connectivity to the other 44 Net networks a tunnel (and corresponding route command) must be added for every 44 Net gateway

The MikroTik have ability to run an automatic script that deal with the routing to the rest of the AMPRNET networks

The script run inside the router and take care of all the routes

In general it listen to the routes advertisements send from the AMPR.ORG main router and translating it to routes commands to the router

The Script can be found here http://www.yo2loj.ro/hamprojects/ampr-gw-2.0.rsc

The Commands to run it can be found here http://www.yo2loj.ro/hamprojects/ampr-gw-README.txt