Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Target Audience:
Course prerequisites:
Corporate networks
The course material is separated in modules, each of which is ended with a laboratory whose
goal is to reinforce the material that has been demonstrated.
Title
Module 1
Introduction
Objective
About MikroTik
What is RouterOS
What is RouterBoard
First time accessing the router
Winbox and MAC-Winbox
Webfig and Quickset
RouterOS command line interface (CLI)
Null Modem cable
SSH and Telnet
New terminal in Winbox/Webfig
RouterOS CLI principles
<tab>, double <tab>, ?, navigation
command history and its benefits
Initial configuration (Internet access)
WAN DHCP-client
LAN IP address and default gateway
Basic Firewall - NAT masquerade
Upgrading RouterOS
Package types
Ways of upgrading
RouterBOOT firmware upgrade
Manage RouterOS logins
Manage RouterOS services
Managing configuration backups
Saving and reload backup
Editing export file
RouterOS license
Levels
Updating a license
Netinstall
Reinstall RouterOS
Reset RouterOS
Sources of additional information
http://wiki.mikrotik.com/wiki/Manual:TOC
http://www.tiktube.com/
http://forum.mikrotik.com/
Distributor and consultant support
support@mikrotik.com
Module 1 laboratory
Module 3
Bridging
Module 4
Wireless
Routing overview
Routing concepts
Route flags
Static routing
Creating routes
Setting default route
Manage dynamic routes
Implementing static routing on simple network
Module 2 laboratory
Bridging overview
Bridge concepts
Creating bridges
Adding ports to bridges
Module 3 laboratory
802.11n Concepts
Frequencies (bands, channels, advanced channels) datarates /HT chains (Tx power, rx sensitivity, country regulations)
Legacy 802.11a/b/g stuff
Setup simple wireless link
Access Point configuration
Station configuration
MAC-address filtering
Default-authentication
Access-list
Connect-list
Default-forwarding
Wireless Security and Encryption
WPA-PSK
WPA2-PSK
MikroTik wireless protocols
NV2 (TDMA) configuration
Monitoring Tools
Wireless scan
Snooper
Registration table
Bridge wireless networks
Station-bridge
Module 4 laboratory
Module 6
Firewall
ARP
ARP modes
RouterOS ARP table
DHCP server and client
DHCP client
Server setup
Leases management
DHCP-server network configuration
RouterOS tools
E-mail
Netwatch
Ping, Traceroute
Profiler (CPU load)
Contacting support@mikrotik.com
supout.rif, autosupout.rif and viewer
/system logging and debug logs
readable configuration (item comments and names)
network diagrams
Module 5 laboratory
Firewall principles
Connection tracking and states
Structure, chains and actions
Firewall Filter in action
Filter actions
Protecting your router (input)
Protection your customers (forward)
Basic Address-List
Source NAT
Masquerade and src-nat action
Destination NAT
dst-nat and redirect action
Module 6 laboratory
Module 8
Tunnels
Simple Queue
Target
Destinations
Max-limit and limit-at
Bursting
One Simple queue for whole network (PCQ)
pcq-rate configuration
pcq-limit configuration
Monitoring
Interface traffic monitor
Torch
Graphs
SNMP
Module 7 laboratory
PPP settings
ppp profile
ppp secret
ppp status
IP pool
Creating pool
Managing ranges
Assigning to service
Secure local network
PPPoE service-name
Create PPPoE server
Point-to-point addresses
Creating PPPoE clients on RouterOS
Secure remote networks communication
PPTP client and PPTP server
SSTP client and SSTP server without certificates
Setup routes between networks
Module 8 laboratory
Objective
Point to point
addressing
VPN
What is VPN?
Different types of VPN
Site to site connectivity with tunnels (IPIP, EoIP, PPTP,
SSTP, L2TP, PPPoE) + LAB
Vlan and it's usage
QinQ implementation + LAB
Vlan and managed switch
Vlan and switch chip configuration on Rbs + LAB
OSPF
What is OSPF?
How OSPF protocol works (Hello protocol, Database
distribution and LSA types explained)
OSPF network structure (Areas, Router types)
OSPF neighbors and neighbor states (DR and BDR
election) + LAB
External Route Distribution methods (type1, type2) +
LAB
Interface cost and interface types (broadcast, NBMA,
etc.) + LAB
SPT calculation algorithm
OSPF and multicast (problems with NBMA)
Stub, NSSA and area ranges (route aggregation) + LAB
Virtual links, usage and limitations + LAB
OSPF routing filters and limitations + LAB
Wireless Standard
Objective
o Wireless routers
o RouterBoard Hardware
o Wireless cards
o Antenna types
o 802.11 a/b/g/n
o Bands and channel width
o Frequencies
Wireless Tools
Wireless Troubleshooting
802.11n
Wireless Security
Title
Objective
o Encryption
o EAP
o Management Frame Protection
Wireless Bridging
Nstreme Protocol
Nv2 Protocol
Objective
Firewall filter/nat/mangle
Quality of Service
DNS client/cache
DHCP client/relay/server
Title
Web Proxy
Objective
o advanced DHCP
DHCP relay configuration + LAB
Basic configuration
Proxy rule lists
o Access list + LAB
o Direct Access list + LAB
o Cache list + LAB
Regular expression + LAB
Objective
Module 2
PPTP/L2TP
Title
Module 3
PPPoE
Objective
Module 4
PPP Bridging
Title
Module 5
IPSec
Objective
Introduction;
Theory and concepts;
Comparison to other VPN protocols;
IPSec Peer;
Use different authentication methods;
IPSec exchange modes;
Encryption and Hash algorithms;
NAT-Traversal;
Lifetime and Lifebytes;
DPD protocol;
Policy;
IPsec protocol and action;
Tunnels;
Generate dynamic Policy;
Proposal;
Encryption and Authentication algorithms;
Lifetime;
PFS;
Installed-SA;
Flush SA;
Create IPSec between two routers with NAT + LAB;
Set peer;
Set policy;
Set NAT rules;
Confirm the secure link is established;
Title
Module 6
HotSpot
Objective
Module 7
RADIUS
Introduction;
Concepts;
Usage environments;
Setup HotSpot with default settings + LAB;
HotSpot Login Methods + LAB;
HTTP CHAP/PAP;
MAC;
Cookie;
HTTPS;
Trial;
RADIUS
Users + LAB;
Add users;
Set MAC-address for user;
Set MAC-address for username;
Limit Uptime and Limit Bytes In/Out;
Reset limits for user;
Monitor Users;
Host Table;
Active Table;
SNMP for users;
Profile + LAB;
Keepalive timeout;
Shared users;
Rate-Limit;
Address-list;
Incoming/Outgoing filter;
Incoming/Outgoing Packet Mark;
Bypass HotSpot;
walled-garden;
walled-garden ip;
ip-binding;
Customize HotSpot + LAB;
Advertisement;
Customize pages;
RADIUS client + LAB;
add radius client;
set service;
use-radius for the specific service;
RADIUS server;
User Manager + LAB;
Install the latest user-manager;
Add routers;
Add users;
Set profile;
RADIUS incoming
Objective
MPLS
Traffic Engineering