Instruction/ maintenance manual of the product AT-WR4500 Allied Telesis
Go to page of 264
PN 613-0 00813 Rev. B AT-WR4500 Series IEEE 802.11abgh O utdoor Wireles s Rou ters RouterOS v3 Configu ration and U ser Gu ide.
2 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Copyright © 2009 Allied Telesis International All rights r eserved. No part of this pu blication m ay be reproduce d without pr ior written permission from Allied Teles is International.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 3 RouterOS v3 Con figuration a nd User Gui de LIMITATION OF LIABILITY AND DAMAGES THE PRODUCT AND THE SOFTWARES WITHIN ARE PROVIDED "AS IS," BASIS.
4 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de C ONTENTS 1 Introduction ........... ............ ............. ................ ............. ............ .................. ............ ..
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 5 RouterOS v3 Con figuration a nd User Gui de 4.3.15 Network Scan .............. ............ ................. ............ ............. ............ .................. ............. ...
6 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 6.1.2 DHCP Client Setu p................ ............ ................. ............ ............ ............. .................. ...........
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 7 RouterOS v3 Con figuration a nd User Gui de 8.5.3 Monitoring L2 TP Client ................... ............... ............. ............ ............. .................. ............ ...
8 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 10.1.5 HotSpot User Profiles ...................... ............... ............. ............ ............ .................. ............. .
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 9 RouterOS v3 Con figuration a nd User Gui de F IGURES Figure 1: AT-WR4 500 Ser ies typical application ............. ............. ............ ............. ................. ...........
10 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de P REFACE Purpose of Th is Guid e This guide describes the AT-WR450 0 Series Outdoor Wi rel.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 11 RouterOS v3 Con figuration a nd User Gui de C ONTACTING A LLIED T ELESIS This section provides Allied Telesis contact information for technical supp ort as well as sales and corporate infor mation.
12 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 1 Intr oduc tion Thank you for p urchasing an AT-WR450 0 series Wireless Router . Please refer to th e ATWR45xx Quick Installation Guid e for infor mation on how t o install connec t and initially setup each rou ter model.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 13 RouterOS v3 Con figuration a nd User Gui de 1.1 F eatur es The AT-WR450 0 series Rout erOS firmware is very rich of features and very flexible. Among oth ers: • Real IP routing fu nctionalities • 2.
14 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 2 Conf iguring RouterOS 2.1 Logging in the A T -WR4500 Rout er There are m any options for.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 15 RouterOS v3 Con figuration a nd User Gui de Figure 3: Win Box main wi ndow Select f rom t he menu bar located in th e left most part of the window the comman d or menu that you want to access and st art con figuring th e equip ment.
16 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de After log ging int o th e rou ter you will be present ed with the Router OS™ Welco me Sc.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 17 RouterOS v3 Con figuration a nd User Gui de A comm and or an argument does not need to be completed, if it is not ambiguou s. Fo r e xample, instead of typing interf ace you can t ype just in or int .
18 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 3 Conf iguration and Softwar e Mana g em ent Document revisi on: 1.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 19 RouterOS v3 Con figuration a nd User Gui de To see the files st ored on th e router: [admin@AT-WR 4562] > file print # NAME TYP E SIZE CREATI ON-TIME 0 test.
20 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de It is impossible to i mport the wh ole router confi guration using thi s feature. It can only be used to import a part of configura tion (for exa mple, firewall rules) in order to spare you som e typing.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 21 RouterOS v3 Con figuration a nd User Gui de Standards and Te chnologies: None Hardware usage : Not signifi cant 3.
22 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 3.2.3 Adding P ackage Source Submenu level: /system u pgrade upgra de-package- source Description In this su bmenu you can add remote r outers fro m which to download RouterOS soft ware packages.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 23 RouterOS v3 Con figuration a nd User Gui de • The package dep endency is checked befo re installing a soft ware package.
24 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de If a package is marked for unins tallation, but it is required for an other (depend ent) package, th en the marked package ca nnot be unin stalled.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 25 RouterOS v3 Con figuration a nd User Gui de Example To downgrade th e RouterOS (assuming that all needed pac kages are already uploade d): [admin@AT-WR 4562] system package> down grade Router will be rebooted.
26 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Example Suppose we need to cancel security pack age uninst allation action schedule d on reb oot: [admin@AT-WR 4562] system package> prin t Flags: X – d isabled # NAME VERSION SCHEDULED 0 routeros -rb500 3.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 27 RouterOS v3 Con figuration a nd User Gui de Example See the available p ackages: [admin@AT-WR 4562] system upgrade> refr esh [admin@AT-WR 4562] system upgrade> prin t # SOURCE NAME VER SION STAT US COMPL ETED 0 192.
28 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de • Ethern et interface supp ort • IP over IP tun nel interf ace support • Ethern et o.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 29 RouterOS v3 Con figuration a nd User Gui de Package name Contents Prerequisite s Additional Li cense wireless Support for wireless int.
30 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 4 Conf iguring Interfaces 4.1 General In terface Set tings Document revisi on: 1.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 31 RouterOS v3 Con figuration a nd User Gui de One or more inter faces can be monitored at t he same time. To see overall traff ic passing thr ough all interfac es at time, use aggregate instead of interface name.
32 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de default - sup ort long cables short - suppo rt short cables standard - same as default disable-running-c heck (yes | no; defau lt: yes ) - disable ru nnin g check.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 33 RouterOS v3 Con figuration a nd User Gui de full-duplex (yes | no) - wh ether tran smission of data o ccurs in tw o directions simu lt.
34 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de • No implied pro tocol limits on link distan ce • No implied pro tocol speed de gradat.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 35 RouterOS v3 Con figuration a nd User Gui de ack-tim eout range 5GHz 5GHz-turbo 2.4GHz-G 30km 249 137 368 35km 298 168 320 40km 350 190 375 45km 405 - - These are not the pr ecise value s.
36 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de band - operatin g band 2.4ghz-b - IEEE 802. 11b 2.4ghz-b/g - IEE E 802 .11g (support s also legacy IEEE 802.11b p rotocol) 2.4ghz-g-turbo - IEEE 802.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 37 RouterOS v3 Con figuration a nd User Gui de radar-detect - A P scans ch annel list fr om "scan-list" and chooses t he freque.
38 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de address to the one of a differ ent device.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 39 RouterOS v3 Con figuration a nd User Gui de wds-cost-range ( integer ; def ault: 50-150 ) - r ange, within which the b ridge port cost of the WDS link s are adjusted.
40 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de To see current interface sett ings: [admin@AT-WR 4562] interfa ce wireless> print Flags.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 41 RouterOS v3 Con figuration a nd User Gui de overhead (and th us increase s peed). The card is not w aiting for frames, bu t in case a n umber of packets are queue d for transmitting, t hey can be co mbined.
42 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de mtu ( integer : 0 ..1600; default : 1500 ) - Maximum Tr ansmissi on Unit name ( name ) - r.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 43 RouterOS v3 Con figuration a nd User Gui de [admin@AT-WR 4562] interfa ce wireless> print Flags: X - d isabled, R - running 0 R nam.
44 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de client- tx-limit ( read-only: integer ) - t ransmit rate limit on the AP, in bits pe r sec.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 45 RouterOS v3 Con figuration a nd User Gui de To get additional statistics: [admin@AT-WR 4562] interfa ce wireless> registration-t ab.
46 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de The association p rocedure is as follows: w hen a new client w ants to associate t o the A.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 47 RouterOS v3 Con figuration a nd User Gui de 2512 , 2532, 2552, 2572 , 2592, 2612, 2 632, 2652, 2672 , 2692, 2712, 2 732) - the list of 2GHz IEEE 802.
48 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de There is a special ar gument for t he print command - p rint count- only. It forces th e print comman d to print only the coun t of informati on topics.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 49 RouterOS v3 Con figuration a nd User Gui de Example [admin@AT-WR 4562] interfa ce wireless i nfo> print 0 interface -type=Atheros A.
50 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 59 60:0,5965:0,5 970:0,5975:0,5 980:0,5985:0, 5990:0,5995:0 , 60 00:0,6005:0,6 010:0,6015:.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 51 RouterOS v3 Con figuration a nd User Gui de max-station-c ount ( integer ; default: 2007 ) - numb er of clien ts that can conne ct to this AP simultaneously mtu ( integer : 6 8.
52 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Property Description arp (disabled | en abled | pro xy-arp | reply-on ly; default: en able.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 53 RouterOS v3 Con figuration a nd User Gui de audio-min ( i nteger ; default: - 100 ) - signal-st rength at wh ich audio (beep er) frequ.
54 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Example [admin@AT-WR 4562] interfa ce wireless a lign> monitor wlan2 # ADDRESS SSID RXQ AVG-RXQ LAST- RX TXQ LAST-T X CORRECT 0 00:01:24: 70:4B:FC wire lesa -60 -60 0.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 55 RouterOS v3 Con figuration a nd User Gui de Example To set t he followin g transmit po wers at e ach rates: 1Mbp s@10dBm, 2 Mbps@1 0dBm, 5.
56 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 4.3.16 Security Pr ofiles Submenu level: /interface wi reless security- profile s Description This section pro vides WEP (Wired Equivalent Privacy) and W PA/WPA2 (Wi-Fi Pr otected A ccess) functions t o wireless inte rfaces.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 57 RouterOS v3 Con figuration a nd User Gui de radius-mac-m ode (as-usern ame | as-userna me-and-passw ord; default: a s-username ) - whe.
58 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de tls-mode (no-cer tificates | d ont-verify-certific ate | verify-c ertificate; def ault: no.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 59 RouterOS v3 Con figuration a nd User Gui de file-size ( read-onl y: integer ) - c urrent file size (kB) memory-over-l imit- packets ( .
60 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Property Description channel-ti me ( time ; default: 200ms ) - how long to snoop each chan.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 61 RouterOS v3 Con figuration a nd User Gui de • disabled=no • On client (station): • mode=station • band=5ghz • ssid=test • disabled=no Configure th e Access Point a nd add an IP address (10.
62 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Configure th e station and add an IP address (1 0.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 63 RouterOS v3 Con figuration a nd User Gui de • Configure AP to sup port W DS connection s • Set wds-defa ult-bridge to b ridge1 • On WDS station : • Configure it as a WDS Statio n, using mode= station-wds • Configure t he WDS Access Point.
64 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Now configure the WD S st ation and put th e wire less ( wl an1 ) an d eth ernet ( Local ).
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 65 RouterOS v3 Con figuration a nd User Gui de This example wil l show you h ow to create a VAP: [admin@VAP] interface wir eless> prin.
66 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Nstr eme This example sho ws you how to configure a point-to-p oint Nstrem e link.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 67 RouterOS v3 Con figuration a nd User Gui de Configure Nstreme -Client wireless sett ings and enable N streme on it: [admin@Nstre me-Cl.
68 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 5180 MHz [DualNS - 2] [DualNS - 1] 5805 MHz Figure 8: Nstrem e dual ne twork exam ple Conf.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 69 RouterOS v3 Con figuration a nd User Gui de As we have not c onfigured the DualNS-2 rou ter, we cann ot define the remo te-mac param eter on DualNS-1 .
70 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de WEP Security This example shows h ow to configure WEP (Wired Eq uivalent Privacy) on Access Point and Clients . In example w e will configure an Ac cess Point which will use 104bit-wep for on e station and 40bit-w ep for other clients.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 71 RouterOS v3 Con figuration a nd User Gui de Configure th e Access Point: [admin@WEP_A P] interface wireless secu rity-profiles> add name=Sta tionX ... mode=st atic-keys-req uired static- algo-1=40bit-w ep static-key -1=1234567890 .
72 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Configure WEP_St ation1: [admin@WEP_S tation1] inte rface wireles s security-pro files> add na me=Station1 ... mode=st atic-keys-req uired static- sta-private-al go=104bit-wep .
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 73 RouterOS v3 Con figuration a nd User Gui de Config of WE P_StationX: [admin@WEP_S tationX] inte rface wireles s security-pro files> add na me=StationX ... mode=st atic-keys-req uired static- algo-1=40bit-w ep static-key -1=1234567890 .
74 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de On t he AP in default or in your own made profile as an e ncryption algorithm choose w pa-psk .
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 75 RouterOS v3 Con figuration a nd User Gui de 4.4 VLAN Int erfaces Document revisi on: 1.2 (Mon Sep 19 13:46: 34 GMT 2005) Applies to: V2.9 4.4.1 Gener a l Information Summar y VLAN is an implementation o f the 802.
76 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de reply-only - the interface wil l only reply t o the req uests for to its ow n IP addresses.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 77 RouterOS v3 Con figuration a nd User Gui de On Router 1 : [admin@AT-WR 4562] ip addr ess> add addr ess=10.10.10.1 /24 interface =test [admin@AT-WR 4562] ip addr ess> print Flags: X - d isabled, I - invalid, D - dynamic # ADDRES S NETWORK BROADCAST INTERFAC E 0 10.
78 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Quick Setup Guide To put int erface ether1 and ether2 in a brid ge.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 79 RouterOS v3 Con figuration a nd User Gui de Property Description admin-mac: (MAC address) - MAC address ass igned to t he bridge if au.
80 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Example To group ether1 and ether2 in the already created bridg e1 bridge (ver sions from 2.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 81 RouterOS v3 Con figuration a nd User Gui de Example To monitor a bri dge port: [admin@AT-WR 4562] interfa ce bridge por t> mo 0 sta.
82 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de There are thr ee bridge filter tables: • filter - bridge firew all with th ree predefin .
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 83 RouterOS v3 Con figuration a nd User Gui de dst-address ( IP ad dress ; defa ult: 0.0.0 .0/0 ) - destination IP address (only if M AC prot ocol is set to IP v4) dst-mac-addre ss ( MAC addr ess ; default: 00:00: 00:00:00:00 ) - destination MAC address dst-port ( integer : 0.
84 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de stp-forward-dela y ( time : 0.. 655 35) - forward delay time r stp-hello-tim e ( time : 0..655 35) - stp hello packets time stp-max-age ( time : 0.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 85 RouterOS v3 Con figuration a nd User Gui de Property Description action (accept | arp-reply | dr op | dst-nat | jump | log | mark | pa.
86 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 4.5.11 T roubl eshooting Description Router shows that my rule i s invali d • in-interfa.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 87 RouterOS v3 Con figuration a nd User Gui de 5 IP and Routing 5.1 IP Addr esses an d ARP Document revisi on: 1.
88 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Property Description actual-interface (re ad-only: name) - only applicable to log ical interf aces like bridges o r tun nels. Holds the name of t he actual hardw are interface th e logical one is boun d to.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 89 RouterOS v3 Con figuration a nd User Gui de If ARP fe ature is t urned of f on the interface, i.e., arp=di sabled is use d, ARP requ ests from clients are not answered b y the rou ter. There fore, st atic ARP entry should be added to t he clients as well.
90 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Network A 192 .168.0.0/24 198 .168.0.130/25 Network B 192.168.0 .128/25 ether2 198.168.0 .129/25 198.168.0.20/2 4 198 .168.0.30/24 198 .168.0.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 91 RouterOS v3 Con figuration a nd User Gui de Example Consider the following conf iguration: Reserved for dial in 10.0.0.230 ..240 Pppoe - inX addresses 10.0.0.217 /32 10.0.0.217/24 ether1 10.
92 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de interface with th e networ k being th e same as the a ddress o n the r outer on the ot her side of t he p2p link (there may be n o IP on that in terface, bu t there is an IP fo r that ro uter).
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 93 RouterOS v3 Con figuration a nd User Gui de Related T opic s IP Addresses and ARP Routes, Eq ual Cost Multip ath Routing, Polic y Rout.
94 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Example To enable RIP p rotocol to re distribute the rou tes to the conne cted network s: .
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 95 RouterOS v3 Con figuration a nd User Gui de 5.2.4 Networks Submenu level: /routing rip network Description To start the RIP p rotocol, yo u have to define t he netw orks on wh ich RIP will run.
96 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de This list shows rout es learned by all dynamic rou ting protocols ( RIP, O.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 97 RouterOS v3 Con figuration a nd User Gui de The necessary con figuration o f the RIP general settings is as follows: [admin@AT-WR 4562.
98 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Alliedware+ Route r Configur ation ... interface Et hernet0 ip address 10.0.0.26 255 .255.255.0 no ip direc ted-broadcast ! interface Se rial1 ip address 192.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 99 RouterOS v3 Con figuration a nd User Gui de Related T opic s • IP Addresses and ARP • Routes, Equ al Cost Multipath Routing, Polic y Routing • Log Management Description Open Shortest Pat h Fir st p rotocol is a link-state routin g pr otocol.
100 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Within one area, only the rou ter that is conn ected to an other a rea (i.e. Area bord er rou ter) or to another AS (i.e. Autonomou s System bou ndary router) shoul d have the pr opagation of th e default rout e enabled.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 101 RouterOS v3 Con figuration a nd User Gui de However, are as do not need t o be ph ysical connected to ba ckbone.
102 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 5.3.5 Interfac es Submenu level: /routing ospf interface Description This fac ility pro vides tool s f or ad ditional in -depth configuration of OSPF interface sp ecific p arameters.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 103 RouterOS v3 Con figuration a nd User Gui de Property Description neighbor-id ( IP addr ess ; def ault: 0.
104 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Example The following tex t can be obs erved just after adding an O SPF net work: admin@AT-WR4 562] routing ospf> neighbo r print router-id=1 0.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 105 RouterOS v3 Con figuration a nd User Gui de Now let's set up th e OSPF_MAIN router .
106 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Assign IP addre sses to the se interfaces: [admin@OSPF_ peer_1] ip ad dress> print Flags: X - d isabled, I - invalid, D - dynamic # ADDRE SS NETWOR K BROADCAST INTERFA CE 0 10.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 107 RouterOS v3 Con figuration a nd User Gui de Add the same area as in pr evious rou ters: [admin@OSPF_ peer_2] routi ng ospf area> print Flags: X - d isabled, I - invalid # NAME AREA-ID STUB DEFAULT-COST AUTHENTICATI ON 0 backbone 0.
108 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Routing tables with Revised Link Cost This example sho ws how to set u p link cost.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 109 RouterOS v3 Con figuration a nd User Gui de On OSPF_peer _1: [admin@OSPF_ peer_1] > ip route pr Flags: X - d isabled, I - invalid, D - dynamic, J - r ejected, C - connect, S - static, r - rip, o - ospf, b - bgp # DST -ADDRESS G GATE WAY DISTANCE IN TERFACE 0 Do 192.
110 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de The OSPF rout ing changes as follows: Routes on OSPF_MAIN rou ter: [admin@OSPF_ MAIN] ip .
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 111 RouterOS v3 Con figuration a nd User Gui de Filter NAT Description RouterOS has follow ing types of rout es: dynamic ro utes - aut omatically created route s for ne tworks, wh ich are directl y accesse d through an interface.
112 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de bgp-origin (inco mplete | igp | egp) - th e origin of the route prefix bgp-prepend ( in teger : 0.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 113 RouterOS v3 Con figuration a nd User Gui de You can use policy r outing even i f you use masquerading on y our private n etworks. The sour ce address will be the same a s it is in the lo cal network.
114 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de ISP1 gives us 2 Mbps and ISP2 - 4Mbps so w e want a traff ic ratio 1:2 (1/3 of the source/d estination IP pairs from 192.168.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 115 RouterOS v3 Con figuration a nd User Gui de Configuration o f the IP addres ses: [admin@PB-Ro uter] ip addr ess> print Flags: X - d isabled, I - invalid, D - dynamic # ADDRESS N ETWORK BROADCAST INTERFACE 0 192.
116 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 6 DHCP and DNS 6.1 DHCP Client and Ser ver Document revisi on: 2.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 117 RouterOS v3 Con figuration a nd User Gui de 68 po rt. The initial negotiati on involves commu nication b etween broadcast addresses (on some ph ases sender will u se source address o f 0.
118 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de If host-name pr operty is not specified, client's sy stem identity wi ll be sent in th e respective f ield of DHCP request.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 119 RouterOS v3 Con figuration a nd User Gui de • specified, rx -rate is as tx- rate too.
120 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de the sour ce-address is left as 0 .0.0 .0 , then the static address will be u sed.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 121 RouterOS v3 Con figuration a nd User Gui de Property Description store-leases-dis k (time-interv al | immediate ly | never; defau lt: 5min ) - ho w freque ntly lease changes should be sto red on disk 6.
122 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Note that the IP addresses as signed static ally are not pr obed.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 123 RouterOS v3 Con figuration a nd User Gui de Example To assign 10.5 .2.100 st atic IP address for th e existing DHC P client (sh own i.
124 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Property Description code ( integer : 1.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 125 RouterOS v3 Con figuration a nd User Gui de Example To add a DH CP relay named relay on ether1 interface resendin g all rece ived requests to the 10.0.0.1 DHCP server: [admin@AT-WR 4562] ip dhcp -relay> add n ame=relay inte rface=ether1 .
126 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de The wizard h as made the follo wing configur ation based on t he answe rs above: [admin@AT-WR 4562] ip dhcp -server> prin t Flags: X - d isabled, I - invalid # NAME INT ERFACE RELAY ADDR ESS-POOL LEAS E-TIME ADD-AR P 0 dhcp1 eth er1 0.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 127 RouterOS v3 Con figuration a nd User Gui de IP addresses of D HCP-Rela y : [admin@DHCP- Relay] ip add ress> print Flags: X - d isabled, I - invalid, D - dynamic # ADDRESS N ETWORK BROADCAST INTERFACE 0 192.
128 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de [DHCP-Server] Local 192.168.0.1/24 Public 10.1.0.2/24 Internet RADIUS Server 172.16.0.2/24 To - Radius 172.16.0.1/24 Local Network Address Range : 19 2.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 129 RouterOS v3 Con figuration a nd User Gui de 6.2 DNS Client a nd Ca che Document revisi on: 1.
130 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Example To set 159.1 48.60.2 as the pr imary DNS server and allow the rout er to be used as a DN S server, do the following: [admin@AT-WR 4562] ip dns> set primary- dns=159.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 131 RouterOS v3 Con figuration a nd User Gui de Description The Router OS has an embed ded DNS ser ver feature in DNS cache.
132 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 7 AAA Conf ig uration 7.1 RADIUS cli ent Document revisi on: 1.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 133 RouterOS v3 Con figuration a nd User Gui de domain ( text ; defau lt: "" ) - M icrosoft Win dows doma in of client passed t.
134 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de port ( integer ; defau lt: 1700 ) - The p ort numb er to listen f or the reque sts on .
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 135 RouterOS v3 Con figuration a nd User Gui de • NAS-Port-Id - async PPP - serial port name; PPPoE - ethernet interface name on which .
136 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de you should firs t cre ate a ppp chain and make jum p r ules that would put actual traffic to this chain).
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 137 RouterOS v3 Con figuration a nd User Gui de instances may b e send by RADIUS ser ver to sp ecify add itional URLs wh ich are choo sen in r ound robin fashion . • Mikrotik-Ad vertise-Inter val - Time interval between tw o adjacent advertisement s.
138 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Change of Autho rization RADIUS d isconnect and Change of Auth orization ( according to RFC3576) are supported as well.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 139 RouterOS v3 Con figuration a nd User Gui de Name VendorID Value RFC where it i s defined Called-Station-Id 30 RFC2865 Calling-Station.
140 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Name VendorID Value RFC where it i s defined MS-CHAP2-Succes s 31 1 26 RFC2548 MS-MPPE-En.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 141 RouterOS v3 Con figuration a nd User Gui de 7.2 PPP User A AA Document revisi on: 2.5 (Fri Jul 07 14:52:59 GMT 2006) Applies to: V2.9 7.2.1 Gener a l Information Summar y This document provides summary, conf iguration ref erence and examples on PPP user mana gement.
142 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de default - derive this value fro m the inte rface default profile; same as no if t his is .
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 143 RouterOS v3 Con figuration a nd User Gui de There are two defaul t profil es that cannot be remo ved: [admin@rb13] pp.
144 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de routes ( text ) - rou tes that ap pear on t he server wh en the client is con nected. The rou te format is: d st- address [[gat eway] [metr ic]] (for example , 10.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 145 RouterOS v3 Con figuration a nd User Gui de 7.2.5 PPP User Remote AA A Submenu level: /ppp aaa Property Description accounting (yes |.
146 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 7.3.2 Router User Gr oups Submenu level: /user group Description The rout er u ser grou ps provide a convenien t way to assign different pe rmissions and access right s to different u ser classes.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 147 RouterOS v3 Con figuration a nd User Gui de Example To add rebo ot group t hat is allowed to reboot the ro uter locally or using t el.
148 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Example To add user joe w ith passwor d j1o2e3 belongin g to write grou p, enter t he fol.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 149 RouterOS v3 Con figuration a nd User Gui de use-radius (yes | no; default: no ) - specifies wh ether a use r database on a R ADIUS se.
150 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 8 VPNs and T u nneling 8.1 EoIP Document revisi on: 1.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 151 RouterOS v3 Con figuration a nd User Gui de The EoIP inte rface appears as an Ether net interface under t he interf ace list. This interf ace support s all fe atures of an Eth ernet inte rface.
152 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 8.1.3 EoIP Application Ex ample Description Let us assume we want to bridge tw o networks: 'Office LAN' and 'Remot e LAN'.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 153 RouterOS v3 Con figuration a nd User Gui de Configure the E oIP tunnel b y adding the eoip t unnel interfaces at b oth rout ers.
154 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 8.2 Interface Bond ing Document revisi on: 1.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 155 RouterOS v3 Con figuration a nd User Gui de Description To provide a prop er failover, you should specify link-moni toring paramet er.
156 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de name ( name ) - descriptive na me of bon ding interface primary ( name ; default: non e ) - Int erface is used as prim ary outp ut media. If prim ary interface fa ils, only then ot hers slaves will be use d.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 157 RouterOS v3 Con figuration a nd User Gui de Office2 configu ration: [admin@offic e2] interface > print Flags: X - d isabled, D - d.
158 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Bonding co nfiguratio n for Office1 [admin@offic e1] interface bonding> add slaves=eoi.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 159 RouterOS v3 Con figuration a nd User Gui de Add an IPIP inter face (by def ault, its name w ill be ipip1 ): [admin@10.5. 8.104] interf ace ipip> add local-address =10.5.8.104 remote-addre ss=10.
160 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Use /ip address ad d command to assign an IP add ress to the IPIP interface. There is no authentica tion or 'st ate' for this int erface.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 161 RouterOS v3 Con figuration a nd User Gui de Now both routers can p ing each other: [admin@AT-WR 4562] interfa ce ipip> /pin g 1.1.1.2 1.1.1.2 64 b yte ping: ttl =64 time=24 m s 1.1.
162 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Related T opic s IP Addresses and ARP AAA Configur ation EoIP IP Security Additional Resour ces http://www.linu xguide.it/docs.p hp?Ne tworking:VPN:IPSec% 2FL2TP http://en.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 163 RouterOS v3 Con figuration a nd User Gui de mrru ( integer : 512 ..65535 ; default: disabled ) - maximum p acket size t hat can be rece ived on the link.
164 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 8.5.4 L2TP Ser ver Setup Submenu level: /interface l 2tp-server ser ver Description The L2 TP server creates a dy namic in terface for each connected L2TP client.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 165 RouterOS v3 Con figuration a nd User Gui de so if you need a persiste nt rules fo r that u ser, create a static entry for him/her . Otherwise it is safe t o use dynamic configur ation.
166 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 8.5.6 L2TP Application E xamples Router -to-Router Secure T unnel Example W ISP#1 192.168.8 0.0/24 W ISP# 2 192.168.8 1.0/24 Home Office To Intern et 192.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 167 RouterOS v3 Con figuration a nd User Gui de And finally, the server must b e enabled: [admin@HomeO ffice] interf ace l2tp-serv er ser.
168 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de On the L2 TP server it can alt ernatively b e done using r outes paramete r of the u ser .
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 169 RouterOS v3 Con figuration a nd User Gui de ISP#1 192 .168.80.0/24 W ISP# 2 192 .168.81.0/2 4 Remote Off ice To Int ernet 192 .168.81.1/2 4 LAN 10.15 0.1.254/2 4 192.168.80 .111/24 1 0 .
170 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Finally, the pro xy APR must b e enabled on the 'Office' in terface: [admin@Rem.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 171 RouterOS v3 Con figuration a nd User Gui de Generally sp eaking, PPPoE is used t o hand out IP addresses to clients based on the user (and workst ation, if desired) authen tication as opp osed to workstation only authe ntication, when static IP a ddresses or DHCP are used.
172 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Related T opic s IP Addresses and ARP RADIUS client PPP User AA A Log Management Additional Resour ces Links for PPPoE documentati on: http://www.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 173 RouterOS v3 Con figuration a nd User Gui de Example To add and enable PPPoE clie nt on the gig interf ace connecting to the AC that p.
174 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de If no service name is specified i n WindowsXP, it will use only servi ce with no name . So if you want to serve WindowsXP cli ents, leave your service na me empty.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 175 RouterOS v3 Con figuration a nd User Gui de 8.6.5 PPPoE Users Description The PPPoE users are auth enticated th rough a RADIUS server (if conf igured), and if RADI US fails, th en the local PPP user databese is use d.
176 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 8.6.7 Application Exampl es PPPoE in a multipoint wireles s 802.11g network In a wireless n etwork, the PPPoE s erver may be attached to an Ac cess Point (as well as to a re gular station of wireless inf rastructure) .
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 177 RouterOS v3 Con figuration a nd User Gui de Now, configure th e Ethe rnet interface, add the IP address and set th e default rout e: [admin@PPPoE -Server] ip a ddress> add a ddress=10.
178 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 8.6.8 T roubleshooting Description I can connect to my PPPo E server.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 179 RouterOS v3 Con figuration a nd User Gui de Quick Setup Guide To make a P PTP tunne l between 2 RouterOS routers with IP addresses 10.5 .8.104 (PPTP se rver) and 10.1.0.172 (PPTP client), follo w the next steps.
180 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Additional Resour ces http://msdn.mi crosoft.com/lib rary/backgrnd/ht ml/underst anding_ppt p.htm http://sup port.microsoft.com/ suppo rt/kb/articles/q162/8 /47.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 181 RouterOS v3 Con figuration a nd User Gui de 8.7.3 Monitoring PPTP C lient Command name: /interface pptp-cli ent monitor Property Desc.
182 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Specifying MRRU means enabling MP ( Multilink PPP) over singl e link. This prot ocol is us ed to split big packets into smaller on es.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 183 RouterOS v3 Con figuration a nd User Gui de Example To add a static en try for ex1 us er: [admin@AT-WR 4562] interfa ce pptp-serve r&.
184 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Then the user shou ld be added in the PP TP server list: [admin@HomeO ffice] interf ace p.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 185 RouterOS v3 Con figuration a nd User Gui de On the PPTP server it can alt ernatively be don e using rout es parameter of the user con.
186 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de [ Remote Office ] 192.168.81.1/24 Internet ISP #2 192.168.81.0/ 24 ISP #1 192.168.80.0/ 24 192 .1 68 . 80 . 111 / 24 10.150.1.1 /24 10.150.1.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 187 RouterOS v3 Con figuration a nd User Gui de Finally, the pro xy APR must b e enabled on the 'Office' in terface: [admin@Rem.
188 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Description IPsec (IP Security) su pports se cure (encrypte d) communicati ons over IP net works.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 189 RouterOS v3 Con figuration a nd User Gui de • Phase 2 - The peers establish one or more SAs that will b e used by IPsec to encr ypt data.
190 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de large packets with don't fragm ent flag will no t be able to pass the r outer inherit - do not change the f ield set - set the f ield, so that eac h packet matchin g the rule wil l not be f ragmented.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 191 RouterOS v3 Con figuration a nd User Gui de Example To ad d a policy to encrypt all th e traffic bet ween t wo hosts (1 0.0.0.147 and 1 0.0.0.14 8), we n eed do the following: [admin@WiFi] ip ipsec pol icy> add sa-s rc-address=10.
192 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de lifeti me ( time ; default: 1d ) - phase 1 lifet ime: specifies how long the SA wi ll be .
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 193 RouterOS v3 Con figuration a nd User Gui de remote-addre ss ( read-only: I P address ) - p eer's IP address side ( multiple choi.
194 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Example Sample printou t looks as follo ws: [admin@WiFi] ip ipsec> in stalled-sa pr int Flags: A - A H, E - ESP, P - pfs 0 E spi= E727605 src-a ddress=10.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 195 RouterOS v3 Con figuration a nd User Gui de Example To flush all the S As installed: [admin@AT-WR 4562] ip ipse c installed-s a> flush [admin@AT-WR 4562] ip ipse c installed-s a> print [admin@AT-WR 4562] ip ipse c installed-s a> 8.
196 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de for Router1 [admin@Route r1] > ip ipse c manual-sa a dd name=ah-sa1 ... ah-spi= 0x101/0x100 a h-key=abcfed [admin@Route r1] > ip ipse c policy add src-address=10 .
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 197 RouterOS v3 Con figuration a nd User Gui de configure IPsec for Router1 [admin@Route r1] > ip ipse c policy add src-address=10 .1.0.0/24 ... dst-add ress=10.2.0.0 /24 action=en crypt tunnel=y es .
198 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 9 Fir ewall and QoS 9.1 Filter Document revisi on: 2.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 199 RouterOS v3 Con figuration a nd User Gui de RouterOS has very powerfu l firewall implement ation with fe atures including: • statef.
200 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Property Description action (accept | add-dst-to -address-list | add-src-t o-addres s-lis.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 201 RouterOS v3 Con figuration a nd User Gui de unicast - IP addres ses used f or one p oint to anot her point transmission.
202 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de time - sp ecifies the time in terval over which t he packe t rate is measur ed burst - number of packets to match in a bu rst log-prefix ( tex t ) - all messa ges writte n to logs will cont ain the prefix spe cified herein.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 203 RouterOS v3 Con figuration a nd User Gui de tcp-flags (ack | cwr | ece | f in | psh | rst | syn | ur g) - tcp flags to match ack - ac.
204 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Make jumps to n ew chains: add chain=fo rward protoco l=tcp action= jump jump-targ et=tcp.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 205 RouterOS v3 Con figuration a nd User Gui de Submenu level: /ip firewall mangle Standards and Te chnologies: IP Hardware usage : Incre.
206 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de chain (forwar d | input | output | p ostrouting | pr erouting) - specify the cha in to pu t a particular rule in to.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 207 RouterOS v3 Con figuration a nd User Gui de that particular clien t local-dst - tru e, if a packet h as local destin ation IP a ddres.
208 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de every - match e very every +1 th p acket. For example, if every=1 th en the r ule matches every 2n d packet counter - specifies w hich co unter t o use.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 209 RouterOS v3 Con figuration a nd User Gui de rst - drop conn ection syn - new conne ction urg - urgent dat a tcp-mss ( integ er : 0.
210 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Change MSS It is a well kn own fact t hat VPN links h ave smaller pack et s ize due to incapsulation o verhead.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 211 RouterOS v3 Con figuration a nd User Gui de The packet flow t hrough th e route r is depicted in the follo wing diagram : Figure 32: Pac ket Flow Di agram As c an b e seen on the diagram, there are five chains in the processin g pip eline.
212 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Routed traffi c The traffic re ceived for the rou ter's M AC address on th e respe ctive port, is passed to the routing procedures and can be of one of th ese four t ypes: • the traffic which is destined to the route r it self.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 213 RouterOS v3 Con figuration a nd User Gui de Property Description assured ( read-onl y: true | false ) - shows wh ether re play was se.
214 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de max-entries ( re ad-only: integ er ) - the maximu m number o f conn ections the connectio.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 215 RouterOS v3 Con figuration a nd User Gui de 9.3.6 Gener a l Fir ew all Information Description ICMP TYPE:CO DE values In or der to protect your rout er and atta ched pri vate netw orks, you n eed to con figure firew all to drop o r reject most of ICMP tr affic.
216 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de widely ab used f or u nlicensed software and media destribution . Even wh en it is use d for legal p urposes, p2p may he avily di sturb oth er net work traffic, su ch as ht tp and e-m ail.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 217 RouterOS v3 Con figuration a nd User Gui de 9.4.2 NA T Description Network Address Translation is an Int ernet standard that allow s .
218 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de address-list p arameter add-src-to-addre ss-li st - adds source ad dress of an IP p acket.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 219 RouterOS v3 Con figuration a nd User Gui de dst-limit ( integer / time {0,1} , integer ,dst-address | dst-port | sr c-address{ +}, time {0,1}) - limits the packet per second (pps) rate on a per destination IP or p er destination port base.
220 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de every - match e very every +1 th p acket. For example, if every=1 th en the r ule matches every 2n d packet counter - specifies w hich co unter t o use.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 221 RouterOS v3 Con figuration a nd User Gui de 9.4.3 NA T Applications Description In this section some NAT app lications and ex amples of them are discussed.
222 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 10 Hot Spot Ser vice 10.1 HotSpot Gatewa y Document revisi on: 4.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 223 RouterOS v3 Con figuration a nd User Gui de [HotSpot Gat eway] WAN/LAN Interf ace Internet RADIUS HotSpot Interf ace Figure 34: HotS pot exam ple network The Hot Spot int erface shou ld have an IP address ass igned to it.
224 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Before the au thentication When enablin g H otSpot on an int erface, the s ystem auto matically set s up ever ything needed to sh ow login pa ge fo r all clients that are not lo gged in.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 225 RouterOS v3 Con figuration a nd User Gui de amount of time pe r MAC address to be freely used with some limitations imp osed by the provided u ser profile. In case the M AC address still has som e trial time unu sed, the login pa ge will con tain th e link for trial login.
226 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de • /ip hotspot ser vice-port - a ddress translation helpers fo r the one-to- one NAT •.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 227 RouterOS v3 Con figuration a nd User Gui de 10.1.3 HotSpot In terfac e Setup Submenu level: /ip hotspot Description HotSpot system is put on in dividual interfa ces.
228 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 10.1.4 HotSpot S er ver Pr ofiles Submenu level: /ip hotspot p rofile Property Description dns-name ( text ) - DNS name of the HotSpot server.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 229 RouterOS v3 Con figuration a nd User Gui de smtp-server ( IP addr ess ; def ault: 0.
230 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de There can be mul tiple cookies w ith the same M AC address. For example, there will be a separate cookie for each web brows er on the same c omputer.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 231 RouterOS v3 Con figuration a nd User Gui de Example To allow unaut horized req uests to t he www.e xample.com domain 's /paynow.html page: [admin@AT-WR 4562] ip hots pot walled-ga rden> add path ="/paynow.
232 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de This is an ordered lis t, so you can put more specifi c entries on th e top of th e list for them to o verride more common rule s that appear lower.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 233 RouterOS v3 Con figuration a nd User Gui de Property Description name ( read-only : name ) - prot ocol name ports ( read-only: int eg.
234 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de All o ther packets ex cept DNS and lo gin requests fr om unauthorized clients sho uld pas.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 235 RouterOS v3 Con figuration a nd User Gui de Packet filter rule s From /ip firewal l filt er print dynamic command, you can get so met.
236 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 10.3.10 Customi zing HotSpot: HTTP Serv let P ages Description You can create a complet e.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 237 RouterOS v3 Con figuration a nd User Gui de if user is logged in, rstatus.htm l is displayed; if rstatus.htm l is not fo und, redirect.html is used to redirect to the status page if user is not logged in , rlogin.
238 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de server-name - Hot Spot serv er name (set in the /ip hotsp ot menu, as th e name pro perty) Links: link-logi n - link to login page including ori ginal URL requ ested ("http://10.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 239 RouterOS v3 Con figuration a nd User Gui de radius<id>u - show the attri bute iden tified with <id> in unsigned integer f.
240 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de If you want to us e HTTP-CHAP authentication me thod it is supp osed that you incl ude the doLog in() function (which r eferences to th e md5.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 241 RouterOS v3 Con figuration a nd User Gui de (you should corre ct the link to point t o your server) • To erase the cook ie on logof f, in the page con taining link t o the logout (fo r example, in statu s.
242 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de • Hotspot will ask RADIUS ser ver whethe r to allow the login or not. If n ot allowed, alogin .html page will be displaye d (it can be modified to do an ything!).
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 243 RouterOS v3 Con figuration a nd User Gui de RADIUS client non-fatal error s: • invalid username o r pa sswor d - RADIU S server has rejected th e username and pas sword sent to it wit hout specifying a r eason.
244 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de If all fields has been filled in th e ip-b inding table and type h as been set to bypas s.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 245 RouterOS v3 Con figuration a nd User Gui de advertise-url ( multiple choice: t ext ; default: htt p://www.
246 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 10.4.3 HotSpot U ser s Submenu level: /ip hotspot u ser Property Description address ( IP addre ss ; default: 0 .0. 0.0 ) - static IP address.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 247 RouterOS v3 Con figuration a nd User Gui de Example To add user ex with password ex that is allowed to log in on ly with 01:23:45:67 :89:AB MAC address and is limited to 1 hour of work: [admin@AT-WR 4562] ip hots pot user> add name=ex passw ord=ex .
248 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Example To get the list of active user s: [admin@AT-WR 4562] ip hots pot active> p rint Flags: R - r adius, B - bl ocked # USER ADD RESS UPTIME S ESSION-TIMEOU T IDLE-TIMEOU T 0 ex 10.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 249 RouterOS v3 Con figuration a nd User Gui de 11 High A vailability pr otocols and techniqu es 11.
250 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de other configuration) active. A backup instance is no t 'ru nning', so all the settings attached to t hat inte rface is inactive.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 251 RouterOS v3 Con figuration a nd User Gui de 11.1.3 Vir tual IP addr esses Submenu level: /ip vrrp ad dress Property Description addre.
252 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de This example sh ows how to configure VRRP on the tw o rou ters sho wn on the diagram.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 253 RouterOS v3 Con figuration a nd User Gui de Testing fail over Now, when we will disconne ct the master router, t he backup on e will .
254 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Example To make s ystem gen erate a supp ort outp ut file and sen t it auto matically to support@ex ample.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 255 RouterOS v3 Con figuration a nd User Gui de 12 Monitoring and Mana gement 12.1 Log Manag e ment Document revisi on: 2.3 (Mon Jul 19 07:23:35 GMT 2004) Applies to: V2.9 12.1.1 Gener al Information Summar y Various syste m e vents and s tatus information can be logged.
256 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 12.1.3 Actions Submenu level: /system logg ing acti on Property Description disk-lines ( .
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 257 RouterOS v3 Con figuration a nd User Gui de Command Description print - shows lo g messages buffer - prints lo g messages t hat were .
258 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Specifications Packages requ ired: system , p pp (optional) License requ ired: Level1 Sub.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 259 RouterOS v3 Con figuration a nd User Gui de Property Description active-fl ow-timeout ( time ; def ault: 30m ) - maximu m life-time o.
260 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Some screensh ots from NTop program, which has gather ed Traffic-Flo w information from our router and displays it in ni ce graphs a nd statistics.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 261 RouterOS v3 Con figuration a nd User Gui de Figure 38: Netw ork load profile by ti me Figure 39: Tra ffic Load by protocol.
262 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 12.4 Graphin g Document revisi on: 1.1 (Wed Mar 15 09:46: 17 GMT 2006) Applies to: V2.9 12.4.1 Gener al Information Summar y Graphing is a t ool which is us ed for monitor ing various Ro uterOS p arameters over a period of time.
AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 263 RouterOS v3 Con figuration a nd User Gui de 12.4.3 Health Gr aphing Submenu level: /tool graphing health Description This submenu p rovides information about Rout erBoard's 'health' - voltage and t emperature .
264 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Example Add a simple qu eue to Graph er list with simple-queue name queue1 , allow limit .
An important point after buying a device Allied Telesis AT-WR4500 (or even before the purchase) is to read its user manual. We should do this for several simple reasons:
If you have not bought Allied Telesis AT-WR4500 yet, this is a good time to familiarize yourself with the basic data on the product. First of all view first pages of the manual, you can find above. You should find there the most important technical data Allied Telesis AT-WR4500 - thus you can check whether the hardware meets your expectations. When delving into next pages of the user manual, Allied Telesis AT-WR4500 you will learn all the available features of the product, as well as information on its operation. The information that you get Allied Telesis AT-WR4500 will certainly help you make a decision on the purchase.
If you already are a holder of Allied Telesis AT-WR4500, but have not read the manual yet, you should do it for the reasons described above. You will learn then if you properly used the available features, and whether you have not made any mistakes, which can shorten the lifetime Allied Telesis AT-WR4500.
However, one of the most important roles played by the user manual is to help in solving problems with Allied Telesis AT-WR4500. Almost always you will find there Troubleshooting, which are the most frequently occurring failures and malfunctions of the device Allied Telesis AT-WR4500 along with tips on how to solve them. Even if you fail to solve the problem, the manual will show you a further procedure – contact to the customer service center or the nearest service center
