@@TheNetworkBerg Looking forward for more of the configuration series. Don't understand with abundance of Mikrotik docs, blogs and videos, your video was the most informative I have seen on the web. Please keep the great work
For masquerade, I generally do srcnat and type the network address that I want to allow to connect to internet into the "src address" and don't choose out port at all. Is this approach okay?
Yes this is fine if you have no other networks configured on the router. If there were other networks then you might run into issues of connections being natted out as the router's address when trying to get to a remote network. Example is Ether 1 = WAN Ether 2 = LAN Ether 3 = P2P Link to remote office If you have routing to a different network over ether 3 then traffic will just get natted out as whatever L3 IP exists on ether3. This might be a problem if you have things like servers or firewalls that are set to only allow the LAN subnets, but traffic is being natted out as a different IP. I hope that helps you understand better, but you shouldn't have issues getting to the internet with the method you are using :)
I saw this type of habit a lot and I consider it a mistake, no offence. You jumped into the settings and connect a blank router to the internet. No no.... First you need to make a new admin user and disable the default admin account. Then to set some basic firewall rules. Only after you can connect the router to the internet, set a DHCP server etc. Internet is a dangerous place. Any new device connected to the internet is scanned/attacked in less than 5-10 minutes. You need to avoid that.
Thanks for your comment, this video is purely to showcase the basics required to configure a router for internet access and to be a DHCP server as per the requirements set by MikroTik for their MTCNA. The entire series focuses on the MTCNA certification track and focuses on questions MikroTik may ask for a basic setup. There are other videos in the playlist covering firewall rules, or there are separate videos covering securing your router on the channel as well. I totally agree though that a basic setup with no firewall rules is a potential recipe for disaster :)
@@TheNetworkBerg You are an Mikrotik expert, and your guides are followed (also) by some ppl with limited IT knowledge. You got the point of my message, of course. Thanks for answer.
Thank you so very much for explaining so well and consisted. I have been difficulties setting my Mikrotik until now
Glad it was helpful!
@@TheNetworkBerg Looking forward for more of the configuration series. Don't understand with abundance of Mikrotik docs, blogs and videos, your video was the most informative I have seen on the web. Please keep the great work
Your videos are always impressive to say the least. Thank you for the quality presitentation and education.
Thank you very much!
Great stuff, thanks for you efforts!
Impressive work man thank you
Nice video, TNX
hi
am just trying to configure mikrotik hex router in wireless option but there is no WLAN showing icon on interface option ..how to i install it
Please can you tell me what good books to read about MikroTik RouterOS?
For masquerade, I generally do srcnat and type the network address that I want to allow to connect to internet into the "src address" and don't choose out port at all. Is this approach okay?
Yes this is fine if you have no other networks configured on the router. If there were other networks then you might run into issues of connections being natted out as the router's address when trying to get to a remote network.
Example is
Ether 1 = WAN
Ether 2 = LAN
Ether 3 = P2P Link to remote office
If you have routing to a different network over ether 3 then traffic will just get natted out as whatever L3 IP exists on ether3. This might be a problem if you have things like servers or firewalls that are set to only allow the LAN subnets, but traffic is being natted out as a different IP.
I hope that helps you understand better, but you shouldn't have issues getting to the internet with the method you are using :)
I saw this type of habit a lot and I consider it a mistake, no offence.
You jumped into the settings and connect a blank router to the internet. No no....
First you need to make a new admin user and disable the default admin account. Then to set some basic firewall rules. Only after you can connect the router to the internet, set a DHCP server etc.
Internet is a dangerous place. Any new device connected to the internet is scanned/attacked in less than 5-10 minutes. You need to avoid that.
Thanks for your comment, this video is purely to showcase the basics required to configure a router for internet access and to be a DHCP server as per the requirements set by MikroTik for their MTCNA. The entire series focuses on the MTCNA certification track and focuses on questions MikroTik may ask for a basic setup.
There are other videos in the playlist covering firewall rules, or there are separate videos covering securing your router on the channel as well. I totally agree though that a basic setup with no firewall rules is a potential recipe for disaster :)
@@TheNetworkBerg You are an Mikrotik expert, and your guides are followed (also) by some ppl with limited IT knowledge. You got the point of my message, of course. Thanks for answer.