Switch to Linear ModeSwitch to Hybrid ModeSwitch to Threaded Mode
Printer Friendly View | Email this page | Register Now to start posting!
wenasong
wenasong's Avatar
KencanaNET FTW!!


Join Date: Jan 2010
Location: *Near Resort World Sentosa*
Posts: 6,789
Trade rep: 30 (100%)
Infractions: 0/0 (0)
VRZ Mikrotik wenasong Dec 30th, 11, 02:34 AM #1

As I have promised to some of the VRZ forumers, I hereby wanted your support to make this "UNOFFICIAL" community to lift off.

All users, dealers, suppliers, or even Certified Mikrotik Consultants and Trainer please fall in to this thread.

My intention is to create awareness that Mikrotik is available in Singapore and there are consumers using it not only as a SME or even Enterprise router but as a home router here in SG.

I personally own Mikrotik products ranging from the sub $100 Routerboards to $5000 SMP multicore x86 based RouterOS(ROS) router. The ROS, it works.

To start, please post any questions regarding to Mikrotik. Anything including product availabilty, support and HOWTO. I will try my best to answer your question and doubt.

I will try to bring in vendors for Certification Training and do a one off how to for connecting these hardwares to the fiber broadband.

P.S.:
I'm in no way a marketing people from Mikrotik, just a satisfied consumers that want to help and share, as we always say, SIC, sharing is caring.
--------------------------------------------------------------------------------------------
Quick Look to Mikrotik Interface

[WebFig] Please go to:

RouterOS router configuration page DEMO1
or
RouterOS router configuration page DEMO2

For [Winbox], download the program and input,

User ID, demo
Password, [empty]

--------------------------------------------------------------------------------------------


Bzzzzzzzzzzzzt Blitz.

Cert : #1212NA195 , #1404TCE008 , #1404WE064 , #1405RE146 , #1405INE010
id.png
Last edited by wenasong; Aug 8th, 14 at 02:38 PM..
Thanks for this useful post: Dec 30th, 11, from lonerboi, Mar 4th, 12, from marky982
wenasong
wenasong's Avatar
KencanaNET FTW!!


Join Date: Jan 2010
Location: *Near Resort World Sentosa*
Posts: 6,789
Trade rep: 30 (100%)
Infractions: 0/0 (0)
wenasong Dec 30th, 11, 02:36 AM #2
LIST OF USERS AND THEIR HARDWARE as per (26/2/2014)

Dr_ARCHer ---> RB250 and RB750
wenasong ---> RB450G, RB493G + R52Hn, RB800 + 3x R52Hn + 1x RS5HPn (Outdoor) , RB800 + R52Hn + Bigfoot Killer N-1103 (Indoor), RB1100, RB1200, RB750UP, RB1100AHx2, OmniTik, RB-SXT, SXT G-5HnD, SXT-5HPnD, SEXTANT, SEXTANT G-5HPnD, RB751G-2HnD, RB951G-2HnD, RB951Ui-2HnD, RB2011L-IN. RB2011LS-IN, RB2011UiAS-2HnD-IN, RB2011L-RM, Metal 5, CCR1036-8G-2S+, CRS125-24G-1S-2HnD-IN, RB260GS, RB912UAG-5HPnD and Groove A52HPn
ahduck ---> RB493G + R52Hn
dev_ ---> RB750GL
Dreamslacker ---> RB250GS
mmatrix ---> RB250
dEthANGeL ---> RB250GS + RB450G
maxxx40 ---> RB493G + R52Hn
hanszz ---> RB751G-2HnD
nts ---> RB751G-2HnD
pegasus21 ---> RB751G-2HnD and RB2011L-IN
buaya ---> RB1100 and RB411AH
leiao ---> 2x RB2011L-IN
rogerydh ---> RB751G-2HnD, RB2011L-IN, and Groove A-2Hn
&d00 ---> RB450G and RB411GL + Compex WLM200N5-26-ESD Dbii-F50N-Pro
chiatming ---> RB951-2n
jimmyc ---> RB1200
meiosis ---> RB750
elpibe10 ---> RB750GL, RB2011UiAS-2HnD-IN, RB951G-2HnD, OmniTIK UPA-5HnD, SXT Lite5, RB250GS, RB260GS.
Bzzzzzzzzzzzzt Blitz.

Cert : #1212NA195 , #1404TCE008 , #1404WE064 , #1405RE146 , #1405INE010
id.png
Last edited by wenasong; Apr 9th, 14 at 03:10 PM..
wenasong
wenasong's Avatar
KencanaNET FTW!!


Join Date: Jan 2010
Location: *Near Resort World Sentosa*
Posts: 6,789
Trade rep: 30 (100%)
Infractions: 0/0 (0)
wenasong Dec 30th, 11, 02:36 AM #3
EVENTS, DEALS and PRICES


MIKROTIK RELATED JOBS:

TEMP/PART-TIME/FULL-TIME: Technical Support

WHERE TO BUY :

Can directly buy from me (PM), best is to check price and availability with local distributor first.

EVENT:

NONE AT THE MOMENT

SELLERS/SUPPLIERS:

wenasong (PM or Thread [individual])
s_alagas (Alagas Network)

Nteractive (NTeractive Technologies)


Forum's 2nd-hand Mikrotik Marketplace Sale Threads:

Mikrotik Routerboard RB493G + R52Hn Wireless Card

BNIB MikroTik RouterBoard 2011UiAS-2HnD-IN - $150
Bzzzzzzzzzzzzt Blitz.

Cert : #1212NA195 , #1404TCE008 , #1404WE064 , #1405RE146 , #1405INE010
id.png
Last edited by wenasong; Jul 17th, 14 at 12:12 AM..
wenasong
wenasong's Avatar
KencanaNET FTW!!


Join Date: Jan 2010
Location: *Near Resort World Sentosa*
Posts: 6,789
Trade rep: 30 (100%)
Infractions: 0/0 (0)
wenasong Dec 30th, 11, 02:36 AM #4
UPDATE: Posted Scripts for SI, VQ and MR

I will be posting a full fledge tutorial soon on setting up Mikrotik for
SuperInternet, Singtel ADSL PPPoE, Starhub Cable and Singtel Fiber (only if someone let me inside their house to do real world testing).

It will be set up on a lab network but will yield the same result in real-life.

Topics Covered:
NAT
Bridge
NTP
DNS
DHCP v4/v6
Switch
Wireless
Security


Topics [maybe] covered:
Simple Queues
Port Forwarding
PPTP VPN (simple)
Static Routing


Topics covered later if there is a lot more visible Mikrotik users:
Mesh / WDS
ECMP
ARP
VRRP
EoIP
SSTP/L2TP:IPSec VPN (really not easy)


SuperInternet, Viewqwest, and MR Script for DHCP acquired IP Address
Code:
/interface bridge
add arp=proxy-arp l2mtu=1598 name=bridge1 protocol-mode=rstp
/interface ethernet
set 1 speed=1Gbps
set 2 master-port=ether2 speed=1Gbps
set 3 master-port=ether2
set 4 master-port=ether2
/ip pool
add name=dhcp_pool1 ranges=192.168.x.x-192.168.x.x
/ip dhcp-server
add add-arp=yes address-pool=dhcp_pool1 disabled=no interface=bridge1 \
    lease-time=1d name=dhcp1
/interface bridge port
add bridge=bridge1 interface=ether2
/ip address
add address=192.168.x.1/24 interface=bridge1 network=192.168.x.0
/ip dhcp-client
add default-route-distance=0 dhcp-options=hostname,clientid interface=ether1
/ip dhcp-server network
add address=192.168.x.0/24 dns-server=192.168.x.1 domain=Mikrotik gateway=\
    192.168.x.1
/ip dns
set allow-remote-requests=yes cache-size=8192KiB servers=\
    8.8.8.8,8.8.4.4
/ip firewall address-list
add address=10.0.0.0/8 list=rfc-1918
add address=127.0.0.1 list=rfc-1918
add address=192.168.0.0/16 list=rfc-1918
add address=172.16.0.0/20 list=rfc-1918
add address=10.0.0.0/8 list=rfc-1918
add address=172.16.0.0/12 list=rfc-1918
add address=192.168.0.0/16 list=rfc-1918
add address=224.0.0.0/4 list=rfc-1918
add address=240.0.0.0/4 list=rfc-1918
add address="YOUR DHCP BOUND IP ADDRESS" list=public-add
add address=10.0.0.0/8 list=rfc-1918
add address=127.0.0.1 list=rfc-1918
add address=192.168.0.0/16 list=rfc-1918
add address=172.16.0.0/20 list=rfc-1918
add address=10.0.0.0/8 list=rfc-1918
add address=172.16.0.0/12 list=rfc-1918
add address=192.168.0.0/16 list=rfc-1918
add address=224.0.0.0/4 list=rfc-1918
add address=240.0.0.0/4 list=rfc-1918
add address="YOUR DHCP BOUND IP ADDRESS" list=public-add
/ip firewall filter
add chain=input port=500,1701,4500,50 protocol=udp
add chain=input comment="5 pings in 5 seconds limits" \
    limit=5,5 protocol=icmp
add action=add-src-to-address-list address-list=icmp-attack \
    address-list-timeout=12h chain=input comment=\
    "add all other icmp input into icmp-attack address list." protocol=icmp
add action=drop chain=input comment=\
    "drop excessive icmp traffic for 12 hours" protocol=icmp \
    src-address-list=icmp-attack
add action=drop chain=forward comment="block rfc 1918 and multicast inbound" \
    in-interface=ether1 src-address-list=rfc-1918
add action=drop chain=forward comment=\
    "block our addressing inbound - spoofed" in-interface=ether1 \
    src-address-list=public-add
add action=drop chain=input comment="block rfc 1918 and multicast inbound" \
    in-interface=ether1 src-address-list=rfc-1918
add action=drop chain=input comment="block our addressing inbound - spoofed" \
    in-interface=ether1 src-address-list=public-add
add action=add-src-to-address-list address-list=port-scan \
    address-list-timeout=2w chain=input comment=\
    "add port scannes to port-scan list" in-interface=ether1 protocol=tcp \
    psd=21,3s,3,1 src-address-list=!internal-nets
add action=add-src-to-address-list address-list=port-scan \
    address-list-timeout=2w chain=input comment="NMAP FIN Stealth scan" \
    protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg
add action=add-src-to-address-list address-list=port-scan \
    address-list-timeout=2w chain=input comment="SYN/FIN scan" protocol=tcp \
    tcp-flags=fin,syn
add action=add-src-to-address-list address-list=port-scan \
    address-list-timeout=2w chain=input comment="SYN/RST scan" protocol=tcp \
    tcp-flags=syn,rst
add action=add-src-to-address-list address-list=port-scan \
    address-list-timeout=2w chain=input comment="FIN/PSH/URG scan" protocol=\
    tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack
add action=add-src-to-address-list address-list=port-scan \
    address-list-timeout=2w chain=input comment="ALL/ALL scan" protocol=tcp \
    tcp-flags=fin,syn,rst,psh,ack,urg
add action=add-src-to-address-list address-list=port-scan \
    address-list-timeout=2w chain=input comment="NMAP NULL scan" protocol=tcp \
    tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg
add action=tarpit chain=input comment=\
    "tarpit port-scan address list to router" protocol=tcp src-address-list=\
    port-scan
add action=drop chain=input comment=\
    "drop port-scan address list to our router" src-address-list=port-scan
add action=drop chain=forward comment=\
    "drop port-scan address list to our infrastructure" src-address-list=\
    port-scan
add action=drop chain=forward comment="drop windows ports" port=135-139 \
    protocol=tcp
add chain=forward comment=\
    "allow smtp-bypass list to create multiple sessions" dst-port=25 \
    protocol=tcp src-address-list=smtp-bypass
add action=drop chain=forward comment="drop smtp traffic marked as spam" \
    dst-port=25 protocol=tcp src-address-list=spam-block
add action=add-src-to-address-list address-list=spam-block \
    address-list-timeout=2h chain=forward comment=\
    "more than 5 smtp connections out as spam.  add to address list" \
    connection-limit=30,32 dst-port=25 limit=50,5 protocol=tcp \
    src-address-list=rfc-1918
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
add action=redirect chain=dstnat dst-address-type=!local dst-port=53 \
    protocol=udp to-addresses=0.0.0.0 to-ports=53
/ip firewall service-port
set ftp disabled=yes
set tftp disabled=yes
set irc disabled=yes
set h323 disabled=yes
set sip disabled=yes
/ip service
set telnet disabled=yes
set ftp disabled=yes
set ssh port=22
set api disabled=yes
/system clock
set time-zone-name=Asia/Singapore
/system identity
set name="Mikrotik Router"
/system logging
add topics=route
/system ntp client
set enabled=yes primary-ntp=192.5.41.41 secondary-ntp=192.5.42.42
id.png
Last edited by wenasong; Jan 17th, 13 at 11:46 PM..
Thanks to wenasong for this useful post! Apr 17th, 12, from jefrie2004
Dr_ARCHer
Dr_ARCHer's Avatar
Family man


Join Date: Mar 2007
Location: East
Posts: 2,911
Trade rep: 7 (100%)
Infractions: 0/0 (0)
Dr_ARCHer Dec 30th, 11, 06:00 AM #5
Okay. I have the RB250 and the RB750. Impulse purchases.
sg.png
lonerboi Registered User


Join Date: Jan 2007
Posts: 613
Trade rep: 19 (100%)
Infractions: 0/0 (0)
lonerboi Dec 30th, 11, 12:41 PM #6
woot, appreciate your effort. am very keen on this ^^
Specs
i5 750 @ 160fsb
P55A UD4P
HAVIK 140
Superflower Golden King 1000W Platinum
4x 2gb 1600 corsair dominator cl9
Sapphire 5770 vapour X
NZXT Phantom

banned list:
lingmong(confirmed sales and back out)
gld998(rude)
shrek02(bid and uncontactable)
neofik(bid and uncontactable)
Cerato4(bid, won, lowball on meetup)
sg.png
Porky_88 Registered User


Join Date: Oct 2008
Posts: 71
Trade rep: 0 (0%)
Infractions: 0/0 (0)
Porky_88 Dec 30th, 11, 02:47 PM #7
possible to get this in sg??
Routermaxx 6 Port Gigabit Router Dual Core

perfect fit for what I wanna do... VPN router...
sg.png
wenasong
wenasong's Avatar
KencanaNET FTW!!


Join Date: Jan 2010
Location: *Near Resort World Sentosa*
Posts: 6,789
Trade rep: 30 (100%)
Infractions: 0/0 (0)
wenasong Dec 31st, 11, 11:39 PM #8
Quote:
Originally Posted by Porky_88 View Post
possible to get this in sg??
Routermaxx 6 Port Gigabit Router Dual Core

perfect fit for what I wanna do... VPN router...
@porky

Have you heard about RB1100AHx2?

It is much faster and cheaper than that routermaxx. Both are dual core but the RB is hardware accelerated. I have ordered this piece of hardware for my VPN gateway too. It supports IPSec acceleration too.

Btw, the RB is capable to achieve 1000000 pps.
Bzzzzzzzzzzzzt Blitz.

Cert : #1212NA195 , #1404TCE008 , #1404WE064 , #1405RE146 , #1405INE010
id.png
Porky_88 Registered User


Join Date: Oct 2008
Posts: 71
Trade rep: 0 (0%)
Infractions: 0/0 (0)
Porky_88 Jan 1st, 12, 12:50 AM #9
Quote:
Originally Posted by wenasong View Post
@porky

Have you heard about RB1100AHx2?

It is much faster and cheaper than that routermaxx. Both are dual core but the RB is hardware accelerated. I have ordered this piece of hardware for my VPN gateway too. It supports IPSec acceleration too.

Btw, the RB is capable to achieve 1000000 pps.
I like RB1100AHx2 as well... BUT it's got fans..
Need fanless design
sg.png
jimmyc Registered User


Join Date: Sep 2005
Posts: 424
Trade rep: 13 (100%)
Infractions: 0/0 (0)
jimmyc Jan 1st, 12, 08:36 AM #10
thanks for the thread!
sg.png
evanshuang Registered User


Join Date: Aug 2005
Posts: 16,132
Trade rep: 12 (100%)
Infractions: 0/0 (0)
evanshuang Jan 1st, 12, 08:59 AM #11
hi, what would you recommend for a noob like me who wants a reliable home router with great performance with gigabit LAN & good wireless B/G/N? Currently I have 2 systems doing 24/7 BT, 1 system for gaming, and few laptops doing normal stuff... Need a good router that can handle my loads.

OS/firmware wise will it be complicated to set up?
sg.png
wenasong
wenasong's Avatar
KencanaNET FTW!!


Join Date: Jan 2010
Location: *Near Resort World Sentosa*
Posts: 6,789
Trade rep: 30 (100%)
Infractions: 0/0 (0)
wenasong Jan 2nd, 12, 03:22 PM #12
Quote:
Originally Posted by Porky_88 View Post
I like RB1100AHx2 as well... BUT it's got fans..
Need fanless design
RB1200 or RB1100AH both fanless.

I got a RB1100 modified with quiet Radeon 4870 heatsink.
Bzzzzzzzzzzzzt Blitz.

Cert : #1212NA195 , #1404TCE008 , #1404WE064 , #1405RE146 , #1405INE010
id.png
wenasong
wenasong's Avatar
KencanaNET FTW!!


Join Date: Jan 2010
Location: *Near Resort World Sentosa*
Posts: 6,789
Trade rep: 30 (100%)
Infractions: 0/0 (0)
wenasong Jan 2nd, 12, 03:27 PM #13
Quote:
Originally Posted by evanshuang View Post
hi, what would you recommend for a noob like me who wants a reliable home router with great performance with gigabit LAN & good wireless B/G/N? Currently I have 2 systems doing 24/7 BT, 1 system for gaming, and few laptops doing normal stuff... Need a good router that can handle my loads.

OS/firmware wise will it be complicated to set up?
RB493 + R52Hn is the current best solution.

RB2011 is the next best choice but you've got to wait.

OS wise yes, it is not easy to configure if you have no background on Networking.
Bzzzzzzzzzzzzt Blitz.

Cert : #1212NA195 , #1404TCE008 , #1404WE064 , #1405RE146 , #1405INE010
id.png
Porky_88 Registered User


Join Date: Oct 2008
Posts: 71
Trade rep: 0 (0%)
Infractions: 0/0 (0)
Porky_88 Jan 2nd, 12, 08:39 PM #14
Quote:
Originally Posted by wenasong View Post
RB1200 or RB1100AH both fanless.

I got a RB1100 modified with quiet Radeon 4870 heatsink.
RB1100AH can get in sg? how much?
sg.png
wenasong
wenasong's Avatar
KencanaNET FTW!!


Join Date: Jan 2010
Location: *Near Resort World Sentosa*
Posts: 6,789
Trade rep: 30 (100%)
Infractions: 0/0 (0)
wenasong Jan 4th, 12, 10:15 PM #15
deals and prices updated.
Bzzzzzzzzzzzzt Blitz.

Cert : #1212NA195 , #1404TCE008 , #1404WE064 , #1405RE146 , #1405INE010
id.png
New Thread | ↑↓ Similar Threads
Similar Threads Thread Starter Forum Replies Last Post
X4nth3r Gamers.com.sg 48 Apr 12th, 10
02:00 PM
floppy Hardware Depot 66 Dec 23rd, 08
01:00 PM
ORiN Chit Chatting 56 Jun 28th, 08
11:58 AM
dorm Chit Chatting 69 Jun 27th, 08
08:31 PM
Thread Tools Display Modes
Linear Mode Linear Mode