Mikrotik ki configration

 

یہ MikroTik RouterOS کی basic router configuration ہے جو آپ کے دئیے گئے Scenario کے مطابق ہے۔

سادہ الفاظ میں یہ کن کاموں کے لیے ہے:

  • ether1 کو WAN کے طور پر configure کرنا

  • Public IP, Subnet, Gateway اور DNS set کرنا

  • ether2 اور ether3 پر دو الگ LAN networks بنانا

  • ether2 پر DHCP server چلانا

  • ether3 کو صرف static IPs پر رکھنا یعنی وہاں DHCP نہیں چلے گا

  • Internet share کرنے کے لیے NAT masquerade لگانا

  • کچھ basic firewall rules اور services hardening کرنا



Mikrotik ki conf karden simple , router model is MikroTik RouterOS 6.49.8 (c) 1999-2023

Port 1 = WAN IP 180.178.134.198
		Subnet=255.255.255.252
		GW= 180.178.134.197
		DNS= 180.178.128.100
		DNS= 180.178.139.210


Eth 2 = LAN IP 10.10.10.0/24
Eth 3 = LAN IP 10.10.20.0/24

Eth 2 LAN say DHCP nikalna ha 
Ehh 3 LAN StatIC IP per ho 

 MikroTik RouterOS 6.49.8 (c) 1999-2023


=============================================================================================================

Scenario Summary

ether1 = WAN

IP: 180.178.134.198/30

Gateway: 180.178.134.197

DNS: 180.178.128.100, 180.178.139.210

ether2 = LAN (DHCP enable)

Network: 10.10.10.0/24

ether3 = LAN (Static IP only)

Network: 10.10.20.0/24

DHCP nahi chalay ga

===============================================================================================================

/ip address add address=180.178.134.198/30 interface=ether1

/ip route add gateway=180.178.134.197

/ip dns set servers=180.178.128.100,180.178.139.210 allow-remote-requests=yes

/ip address add address=10.10.10.1/24 interface=ether2

/ip address add address=10.10.20.1/24 interface=ether3

/ip pool add name=dhcp_pool_lan ranges=10.10.10.10-10.10.10.200

/ip dhcp-server add name=dhcp_lan interface=ether2 address-pool=dhcp_pool_lan lease-time=1d

/ip dhcp-server network add address=10.10.10.0/24 gateway=10.10.10.1 dns-server=180.178.128.100,180.178.139.210

/ip dhcp-server enable dhcp_lan

/ip firewall nat add chain=srcnat out-interface=ether1 action=masquerade

/ip dns set servers=180.178.128.100,180.178.139.210,8.8.8.8 allow-remote-requests=yes

/ip service disable telnet

/ip service set ssh address=10.10.10.0/24,10.10.20.0/24

/ip firewall filter add chain=input connection-state=invalid action=drop

/ip firewall filter add chain=input connection-state=established,related action=accept

/ip firewall filter add chain=input src-address=10.10.10.0/24 action=accept
/ip firewall filter add chain=input src-address=10.10.20.0/24 action=accept
/ip firewall filter add chain=input in-interface=ether1 action=drop

Comments

Popular posts from this blog

Windows 11 rdp problem resolved

Microsoft Activation Scripts (MAS)

Windows 11 ke common RDP issues fix karta hai