Skip to content

Instantly share code, notes, and snippets.

@mvandermeulen

mvandermeulen/Mikrotik

Created December 17, 2020 15:57
Show Gist options
  • Save mvandermeulen/6a1182dbddba586bf73e8a861374336e to your computer and use it in GitHub Desktop.
Save mvandermeulen/6a1182dbddba586bf73e8a861374336e to your computer and use it in GitHub Desktop.
Download ZIP
Mikrotik commands, tips and triks.
Raw
Mikrotik
_5
get mac address:
put [/interface ethernet get [/interface ethernet find default-name=ether1] mac-address ]
***********************************************************
add ip address:
ip address> add address=10.10.10.1/24 interface=ether2-sw
***********************************************************
route ip:
ip route add dst-address=0.0.0.0/0 gateway=my.gate.way.ip
***********************************************************
nat ip:
ip firewall nat add chain=srcnat src-address=my.ip.address(192.168.22.0/24) out-interface=ether1(اتر خروجی) action=masquerade
***********************************************************
edit interface name:
interface ethernet set ether1 name = myEther
***********************************************************
delete ip address:
ip address remove [find address="10.10.10.1/24"]
ip address remove numbers=0
***********************************************************
disable and enable ethernet interface:
interface ethernet Disable myEther
interface ethernet Enable myEther
***********************************************************
set comment on interface ethernet:
interface ethernet Comment comment=this is a test comment myEther
***********************************************************
import/exports all mikrotik configs on that device:
export file=config1
import file-name=config1.rsc
***********************************************************
Tx means transmitted (upload), Rx means received (download)
***********************************************************
disallow internet access for one PC:
allow from PC to LAN:
add chain=forward src-address=<PC2_IP> dst-address=<LAN_SUBNET> action=accept
deny from PC:
add chain=forward src-address=<PC2_IP> action=reject
deny from PC:
add chain=forward src-address=<PC2_IP> dst-address=!<LAN_SUBNET> action=reject
***********************************************************
edit note:
system note edit note
Ctrl+o
***********************************************************
ipsec vpn server:
ip and route:
/ip address
add address=192.168.200.2/24 interface=ether2 network=192.168.200.0
/ip route
add distance=1 gateway=192.168.200.1
address pool:
/ip pool
add name=pool1 ranges=192.168.230.0/24
NAT rule:
/ip firewall nat
add action=masquerade chain=srcnat out-interface=UPLINK \
src-address=192.168.230.0/24
ipsec policy group:
/ip ipsec policy group
add name=GROUP1
mode config:
/ip ipsec mode-config
add address-pool="IPSec Pool" address-prefix-length=32 name=\
CFG1 static-dns=8.8.8.8,9.9.9.9 system-dns=no
ipsec profile:
/ip ipsec profile
add enc-algorithm=aes-256,aes-192,aes-128 name=profile1
ipsec peer:
/ip ipsec peer
add name=peer1 passive=yes profile=profile1 send-initial-contact=no
ipsec proposal:
/ip ipsec proposal
add enc-algorithms=aes-256-cbc,aes-128-cbc name=proposal1 pfs-group=none
ipsec identity:
/ip ipsec identity
add auth-method=pre-shared-key-xauth generate-policy=\
port-strict mode-config=CFG1 password=123 peer=peer1 \
policy-template-group=GROUP1 secret=12345678 username=\
a.karimi
/ip ipsec settings
set xauth-use-radius=yes
***********************************************************
hide mikrotik mac router:
ip -> naighbors -> discovery settings -> none
***********************************************************
check router taffic:
ip -> firewall -> nat -> chain forward -> src-address ip مدنظز -> action log
***********************************************************
نوشتن نت برای دسترسی به آر دی پی
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
update mikrotik:
first backup configs and download it -> go x86 section and download CD Image-> on esxi go on and load upload image file
-> go to server and add iso -> on next tab load VMOption forse to boot -> select iso image to be first boot\
-> install all packages -> turn off routeros and select hard drive to be first boot
***********************************************************
get mikrotik an ip addres from dhcp server:
ip -> dhcp-client -> add-> interface=ether2 -> user-peer-dns=yes -> use-peer-ntp=yes -> add-default-route=yes
ip -> dhcp-client -> enable -> ->
***********************************************************
dest nat to local ip address:
nat -> chain=dstnat -> protecol=tcp -> des.port 1234 -> src. Address=IR -> Des.Address=Valid -> action=dst-nat ->
to-Addrees=192.168.ip -> port=1010
***********************************************************
save system backup:
system backup save name=mik_bak_xx_xx
export mikrotik configurations:
export file=mik_src_xx_xx
show files in files:
/file print
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
-> -> -> -> -> -> -> -> -> -> -> -> -> ->
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
***********************************************************
check routers
tracert -d 1.1.1.1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment