University of Babylon, IT CollegeInformation Network Dep., Third Class, Second Semester

MTCNA CourseMikroTik Certified Network Associate

2014-2015 By M.Sc. I.T Alaa A. Mahdi

2

Objectives• Upgrade RouterOS ;

• get packages;• upgrade ways;• type of packages;

• Manage RouterOS logging;• Manage RouterOS services;• Backup and export/import configuration;

• save and reload backup;• edit export file;

• RouterOS license;• levels;• update license;

• NTP client configuration;• Netinstall;

• reinstall RouterOS;• reset RouterOS

3

RouterOS Upgrade MethodsYou can upgrade RouterOS in the following ways: 1- Winbox – drag and drop files to the Files menu 2- FTP - upload files to root directory 3- The Dude – See manual here

Note: RouterOS cannot be upgraded through serial cable. Using this method only RouterBOOT can be upgraded.

4

Upgrade process

• First step - visit www.mikrotik.com and head to the download page, there choose the type of system you have the RouterOS installed on.

• Download the Combined package, it will include all the functionality of RouterOS:

5

6

Using Winbox • Connect to your router with Winbox, Select the

downloaded file with your mouse, and drag it to the Files menu. If there are some files already present, make sure to put the package in the root menu, not inside the hotspot folder!:

• The upload will start: • After it finishes - REBOOT and that's all! The

New version number will be seen in the Winbox Title and in the Packages menu

7

8

Using FTP

• Open your favourite FTP program (in this case it is Filezilla), select the package and upload it to your router (demo2.mt.lv is the address of my router in this example).

9

10

If you wish, you can check if the file is successfully transferred onto the router (optional):

And reboot your router for the upgrade process to begin :system reboot After the reboot, your router will be up to date, you can check it in this menu: /system package print if your router did not upgrade correctly, make sure you check the log

More Info. On Package see System-Packages PDF file

11

Log

• RouterOS is capable of logging (track)various system events and statusinformation. Logs can be saved in routersmemory (RAM), disk, file, sent by email oreven sent to remote syslog server.

12

13

Logging configuration

14

Rule

• topics– log all messages that falls into specified topic

or list of topics. For example, we want to log NTP debug info without too much details:

/system logging add topics=ntp,debug,!packet

15

Rule

• prefixprefix added at the beginning of log messages.

• actionspecifies one of the system default actions or user specified action listed in actions menu

Default: memory: logs are stored in local memory buffer.

16

Logging Example Logging to file

• To log everything to file, add new log action: /system logging action add name=Filetarget=disk disk-file-name=Log

17

• and then make everything log using this new action:/system logging action=File

18

• You can log only errors there by issuing command:

• /system logging topics=error action=File

19

• This will log into files log.0.txt and log.1.txt.

• You can specify maximum size of file in lines by specifying disk-lines-per-file. <file>.0.txt is active file were new logs are going to be appended and once it size will reach maximum it will become <file>.1.txt, and new empty <file>.0.txt will be created.

20

• You can log into USB flashes or into MicroSD/CF (on Routerboards) by specifying it's directory name before file name. For example, if you have accessible usb flash as usb1 directory under /files, you should issue following command:

• /system logging action add name=usb target=disk disk-file-name=usb1/log

• For more information see Manual:System/Log Pdf file

21

Manage RouterOS services

• This section lists protocols and ports usedby various MikroTik RouterOS services.

• It helps you to determine why yourMikroTik router listens to certain ports, andwhat you need to block/allow if you want toprevent or grant access to the certainservices.

22

/ip service

• Some service settings can be changed under /ip service menu.

• You can specify IP addresses from which the service is accessible, for example: – ip service> set www port=8081

address=10.5.0.0/16

23

24

(System Reset ) Configuration Reset

• System reset command is used to erase allconfiguration on the router. Before doing that, itmight be useful to backup the router'sconfiguration.

• /system reset-configuration• The command clears all configuration of the

router and sets it to the default including thelogin name and password, IP addresses andother configuration is erased, interfaces willbecome disabled. After the reset commandrouter will reboot.

25

Backup and

Export/Import Configuration

26

Backup Configuration• The backup save command is used to store the

entire router configuration in a backup file. The file is shown in the /file submenu. It can be downloaded via ftp to keep it as a backup for your configuration.

• Important! The backup file contains sensitive information, do not store your backup files inside the router's Files directory, instead, download them, and keep them in a secure location.

27

• The configuration backup can be used for backing up MikroTik RouterOS configuration to a binary file, which can be stored on the router or downloaded from it using FTP for future use.

• The configuration restore can be used for restoring the router's configuration from a backup file. The restoration procedure assumes the configuration is stored on the same router, where the backup file was originally created.

28

Restore

• To restore the system configuration, it is possible to upload that file via ftp and load that backup file using load command in /system backup submenu.

29

Example- BackupTo save backup file HelloITStudent, do>system backup save name=HelloITStudentConfiguration backup saved

30

Example- Restore

• To load the saved backup file HelloITStudent: > system backup load name=HelloITStudentRestore and reboot? [y/N]: y Restoring system configuration System configuration restored, rebooting now

31

WinBox – Backup & Restore• All operations of backup and restore are

exist in File menu:

32

Export/ Import

• The configuration export can be used fordumping out complete or partial MikroTikRouterOS configuration to the console screen orto a text (script) file, which can be downloadedfrom the router using FTP protocol. Theconfiguration dumped is actually a batch ofcommands that add (without removing theexisting configuration) the selected configurationto a router.

• The configuration import facility executes abatch of console commands from a script file.

33

Exporting Configuration

• The export command prints a script that can be used to restore configuration. The command can be invoked at any menu level, and it acts for that menu level and all menu levels below it. The output can be saved into a file, available for download using FTP.

/export

34

Example• ip address export file= IT-address

35

Importing Configuration• The root level command /import [file_name]

executes a script, stored in the specified file adds the configuration from the specified file to the existing setup. This file may contain any console commands, including scripts.

• Import command used to restore configuration or part of it after a /system reset event or anything that causes configuration data loss.

• Note that it is impossible to import the wholerouter configuration using this feature. It can only be used to import a part of configuration (for example, firewall rules).

36

Example - Import• To load the saved export file, use

the following command:• import IT_address.rsc

37

RouterOS license

• RouterBOARD devices come preinstalled with a RouterOS license, if you have purchased a RouterBOARD device, nothing must be done regarding the license.

• For X86 systems (ie. PC devices), you need to obtain a license key.

38

• The license key is a block of symbols thatneeds to be copied from your mikrotik.comaccount, or from the email you received in,and then it can be pasted into the router.You can paste the key anywhere in theterminal, or by clicking "Paste key" inWinbox License menu. A reboot isrequired for the key to take effect.

39

Licensing information can be read:

40

License Levels

• You can purchase a Level 3, 4, 5 and 6. Level 1 is the demo license. The difference between license levels is shown in the table.

• Level 3 is a wireless station (client) only license..

41

Licenses and RouterOS Upgrades

• RouterOS can be upgraded only to certain versions. For example if you are running RouterOS v5, your license could restrict the upgrade only to v6, and not to v7.

42

NTP client configuration;• Having the system time set accurately is important for

many purpose, especially logging.• RouterBOARDs do not have an onboard battery to keep

the clock running, setup the NTP client should be a part of your configuration.

• The function of the NTP client is to query an NTP server and get the current time and then set the local clock.

• SNTP client is included in the system package. RouterOS implements SNTP protocol. NTP server and a NTP client is included in the separate ntp package, that is not installed by default.

43

Client configuration is located in the /system ntpclient console path. This configuration is shared by the SNTP client implementation in the systempackage and the NTP client implementation in the ntp package. When ntp package is installed and enabled, the SNTP client is disabled automatically.

192.43.244.18time.windows.comus.pool.ntp.org

44

45

• mode (One of broadcast or unicast; default value: broadcast) :

• In broadcast mode, client does not send any requests, and listens for the broadcast messages sent by the NTP server.

• In unicast mode client periodically sends requests to the currently selected active server, and waits for a reply message from that server.

• More Information see System/Time PDF file

46

System Clock

• Setting up the NTP client will not ensurethe local clock is accurate for local time soyou must set your zone on the Clocksetting to ensure your clock information ismeaningful.