Workbench WiFi

MikroTik RouterOS hints and tips

It’s no secret that I am a fan of MikroTik products for low- to mid-range layer 3 router tasks. MikroTik’s RouterOS is based on Linux, not unlike many other router appliances, and has a similarly wide feature set. The low cost of most MikroTik devices means I can easily build a full switch and router test lab for less than the cost of a single Cisco AP, freeing time and money for layer 1 and 2 challenges.

The only way to learn RouterOS is to purchase a RouterBoard and get your hands dirty. Download winbox, browse the release notes, explore the forums, search the wiki, and challenge yourself to build many different configs. Please, please, please use Winbox. The RouterOS web interface is helpful in a pinch, but is nowhere near as nice to use as the Winbox client. And as much as I love the CLI, the Winbox GUI is much more conducive to exploring than stumbling around in an alien text environment (the RouterOS CLI is nothing like Cisco IOS). I have successfully used Winbox in Windows versions XP through 10, and in Linux and Mac OS X via wine. You may have to tinker with wine font settings, but it will work fairly well on most versions of Linux and OS X.

The MikroTik User Meetings, or MUMs, are regional conferences full of presentations and vendor exhibits. The MUM Archive is a great place to browse slides and videos from past MUM presentations, some of which are linked below.

Manito Networks has published a very useful MikroTik Router Hardening guide along with many other handy RouterOS-related posts.

Rick Frey, a consultant and certified MikroTik instructor, has a great MikroTik firewall presentation from about two years ago.

Andis Arins, another MikroTik consultant and instructor, presented his Top 10 Configuration Mistakes at the USA MUM last year. This is available as both a PDF of his slides, and as a YouTube video.

These should be enough resources to get started. It took me a few weeks of casually playing with my first RouterBoard before I got the hang of it. It’s not Cisco, but that’s sort of the point!


Leave a Reply

Your email address will not be published. Required fields are marked *