https://calee0219.github.io/tag/mikrotik/MikroTikHugoBlox Kit (https://hugoblox.com)en-us©Mon, 09 Aug 2021 07:48:37 +0800https://calee0219.github.io/media/icon_hu_da05098ef60dc2e7.pnghttps://calee0219.github.io/tag/mikrotik/https://calee0219.github.io/blog/note_mkt_routerboard/Mon, 09 Aug 2021 07:48:37 +0800https://calee0219.github.io/blog/note_mkt_routerboard/<h3 id="wiki"> </h3> <h2 id="reset">Reset</h2> <ul> <li>斷電時 按(插)住 reset 鍵，接電，等到燈光閃爍後，放開</li> <li>/system reset-configuration</li> </ul> <h2 id="連接">連接</h2> <ul> <li>下載官網給的 </li> <li>點開後，在 <code>connect to</code> 的地方打入 MAC address，按 <code>Connect To RoMON</code>，等他自己找到 routerboard</li> <li>Login 打 admin，Password 留白</li> <li><code>Connect</code></li> </ul> <h2 id="wan-設定">WAN 設定</h2> <h3 id="static-ip">Static IP</h3> <ul> <li>/ip route add gateway={getway} dst-address=0.0.0.0/0: 設定好對外連線的 gateway</li> <li>/ip address add interface={eth1} address={static ip} network={} netmask={}</li> <li>/ping 8.8.8.8</li> </ul> <h3 id="dhcp">DHCP</h3> <ul> <li>/ip dhcp-client add interface={port id}</li> <li>/ip dhcp-client enable: 將他開起來</li> </ul> <h2 id="lan">LAN</h2> <h3 id="nat">NAT</h3> <ul> <li>/ip address add interface=ether3 address={192.168.3.1} network={192.168.3.0} netmask={255.255.255.0} &lt;- 這裡的 address 會是下面機器的 gateway，netmask 會是下面機器可以用的網段</li> <li>/ip firewall nat add chain=srcnat src-address=192.168.2.0/24 action=masquerade: 讓網域下可以用 NAT 對外連線 (srnat: 將內網封包轉到外網)</li> </ul> <h3 id="dhcp-1">DHCP</h3> <ul> <li>/ip pool add name={name} ranges={x.x.x.x}-{x.x.x.x}: 先開出這個 DHCP Server 要分下去的 range</li> <li>/ip dhcp-server add name={name} interface={ether1} address-pool={pool name}</li> <li>/ip dhcp-server network add address={192.168.5.0/24} gateway={192.168.5.1}: 設定 DHCP default gateway</li> <li>/ip dhcp-server enable</li> </ul> <h3 id="dhcp-bind-mac-address">DHCP bind MAC address</h3> <ul> <li>/ip dhcp-server lease make-static</li> </ul> <h2 id="port-forwarding">Port Forwarding</h2> <ul> <li>/ip firewall nat add chain=dstnat action=dst-nat protocol=tcp dst-address={WAN IP} dst-port={外網看得到的 port} to-address={內網 ip} to-ports={內部 port(22/80)}</li> <li>/ip firewall nat move {4} destination={0}: 將規則往前移動</li> </ul> <h2 id="security">Security</h2> <ul> <li>/password old-password={} new-password={} confirm-new-password={}</li> <li>/user set 0 address={}</li> <li>/ip service ssh port={}: 改 ssh port</li> <li>/system ssh port={}: 改 ssh port</li> </ul> <h2 id="config">Config</h2> <h3 id="firewall-nat">firewall nat</h3> <h3 id="dhcp-server-lease">dhcp-server lease</h3>