MikroTik RouterBoard RB532A: Difference between revisions
Brian Wilson (talk | contribs) |
Brian Wilson (talk | contribs) |
||
| Line 1: | Line 1: | ||
== RouterBoard 532A == | == RouterBoard 532A == | ||
In DNS, it's called OpenWRT and can be reached via ssh or https://openwrt | |||
or from outside the lan at https://alseageo.dyndns.biz/ | |||
Support for it in [[OpenWrt]] seems to be pretty good, they have the latest releases prebuilt for it. I used instructions in this page to get it loaded. | Support for it in [[OpenWrt]] seems to be pretty good, they have the latest releases prebuilt for it. I used instructions in this page to get it loaded. | ||
| Line 29: | Line 32: | ||
* eth2 00:0c:42:10:1c:6e | * eth2 00:0c:42:10:1c:6e | ||
=== | === Miscellaneous onfiguration === | ||
==== Password ==== | ==== Password ==== | ||
| Line 58: | Line 61: | ||
option ifname eth1 | option ifname eth1 | ||
option proto static | option proto static | ||
option ipaddr 10.127.32. | option ipaddr 10.127.32.5 | ||
option netmask 255.0.0.0 | option netmask 255.0.0.0 | ||
| Line 99: | Line 102: | ||
Installed changeip client. | Installed changeip client. | ||
==== | ==== Firewall ==== | ||
Not set up yet. | |||
==== NTP ==== | ==== NTP ==== | ||
| Line 124: | Line 126: | ||
Installed MatrixSSL so that we can connect to router using a secure connection. | Installed MatrixSSL so that we can connect to router using a secure connection. | ||
==== | ==== Syslog ==== | ||
Set to log to Kilchis. 10.127.32.27/514 | |||
Do a MARK every 20 minutes. | |||
==== Wake-On-Lan ==== | ==== Wake-On-Lan ==== | ||
Not available yet in X-Wrt. This would allow us to power on Desktop machines remotely. | Not available yet in X-Wrt. This would allow us to power on Desktop machines remotely. | ||
=== VPN === | |||
==== OpenVPN ==== | |||
Installed package. Not configured yet. | |||
Revision as of 20:17, 22 December 2007
RouterBoard 532A
In DNS, it's called OpenWRT and can be reached via ssh or https://openwrt or from outside the lan at https://alseageo.dyndns.biz/
Support for it in OpenWrt seems to be pretty good, they have the latest releases prebuilt for it. I used instructions in this page to get it loaded.
I installed KAMIKAZE (7.09) then later I found out about X-WRT and installed their version from http://downloads.x-wrt.org/xwrt/kamikaze/7.09/
I no longer put all 4 screws into the MicroTik case. :-)
Install took 10 minutes including opening up the case. OpenWrtDocs/Hardware/Mikrotik/RB532
Support in dd-wrt is not good. There is an old beta.
CF layout
Kamikaze fits in a 16MB flash so any old CF card will do for booting.
Ethernet ports
There are three, the one to the left of the serial port is eth0 To the right are eth1 and eth2
By default in Kamikaze eth0 is in DHCP so it would make a good WAN port
MAC numbers
- eth0 00:0c:42:10:1c:6c
- eth1 00:0c:42:10:1c:6d
- eth2 00:0c:42:10:1c:6e
Miscellaneous onfiguration
Password
Root password set from the console port command line using "passwd". Set to the usual root password.
Network
Putting the D-Link mac address assures we wull get the same IP address assigned by Comcast.
/etc/config/network
config interface loopback
option ifname lo
option proto static
option ipaddr 127.0.0.1
option netmask 255.0.0.0
config interface wan
option ifname eth0
option proto dhcp
option macaddr xx:xx:xx:xx:xx put the dlink mac here
config interface lan
option ifname eth1
option proto static
option ipaddr 10.127.32.5
option netmask 255.0.0.0
config interface dmz
option ifname eth2
option proto static
option ipaddr 192.168.123.1
option netmask 255.255.255.0
Route command
Adding a default route so that you can get the webif stuff running initially
route add -net 0.0.0.0 gw 192.168.123.254
DHCP
We provide DHCP only to the DMZ zone.
/etc/config/dhcp
config dhcp
option interface lan
option ignore 1
config dhcp
option interface dmz
option start 100
option limit 150
option leasetime 12h
config dhcp
option interface wan
option ignore 1
Dyndns
Installed changeip client.
Firewall
Not set up yet.
NTP
Set timezone to US/Pacific Installed client.
QoS
Install but not configured yet. I'd like to use this to control bandwidth used for offsite backups. I want full utilization at night and 200 Kbps during business hours. A way to switch it down to a low bandwidth manually would be good.
SNMP
Not installed or configured yet. Could be set to log to cacti on Kilchis
SSL
Installed MatrixSSL so that we can connect to router using a secure connection.
Syslog
Set to log to Kilchis. 10.127.32.27/514 Do a MARK every 20 minutes.
Wake-On-Lan
Not available yet in X-Wrt. This would allow us to power on Desktop machines remotely.
VPN
OpenVPN
Installed package. Not configured yet.
