Somewhat off topic but I need some help configuring my MikroTik router.
I have a 2Mb ADSL connection (with 4 public IP addresses) that I want to
share between 4 users. I need the router to do the following:
1. Provide PPPoE client to automatically login to the ADSL connection
2. Provide PPPoE login for each user, with each user being assigned a static
IP address
3. Provide NAT from a public IP address to the static IP address assigned by
the PPPoE server in item 2
4. Limit one user to a 512Kb download/upload connection
5. Provide VPN and web server capability
Using the MikroTik documentation I have got 1,2 and 4 working, but would
still be grateful to see a 'working' configuration. Items 3 & 5 however are
proving to be more difficult, with the examples in the documentation not too
clear - for me anyway!
The MT router has two interfaces:
Public (10.0.0.217/24) - this is connected to the ADSL modem
Local (192.168.168.254/24) - this is connected to the aPPO Access Point via
a 10Mb hub
A copy of my router configuration for items 2 and 4 is enclosed. For
example purposes only, the public IP addresses for each users are:
User0 - 111.1.1.10
User1 - 111.1.1.11
User2 - 111.1.1.12
User3 - 111.1.1.13
Also, is there anything else I need to add to (or remove from!) the above
list?
The network set-up is as follows:
Internet -> ADSL Modem -> MT Router (Public Interface) -> MT Router (Local
Interface) -> 10Mb Hub -> aPPO (AP) ~~ aPPO (CB) -> Users
Best practice would be to include a router at each user's premises - do I
need to set the external IP address for the user's router to be their Public
IP address or the static IP address assigned by the MikroTik PPPoE server?
Also, would it be better to dispose of the hub and replace it with a switch
or a cross-over cable?
Thanks in advance,
Andy
MikroTik Router Setup
Item 1 - Provide PPPoE client to automatically login to the ADSL connection
Item 2 - Provide PPPoE login for each user, with each user being given a static IP
address
***PPPoE-Server setup***
/ interface pppoe-server server
add service-name="Granero" mtu=1492 mru=1492 authentication=mschap2,chap,pap
keepalive-timeout=10 \
one-session-per-host=yes default-profile=1-Maximum disabled=no
***PPP User Setup***
[EMAIL PROTECTED] ppp secret>
add name="User0" service=any caller-id="" password="user0" profile=1-Maximum \
local-address=0.0.0.0 remote-address=10.0.0.50 routes="" comment="" disabled=no
add name="User1" service=any caller-id="" password="user1" profile=1-Maximum \
local-address=0.0.0.0 remote-address=10.0.0.51 routes="" comment="" disabled=no
add name="User2" service=any caller-id="" password="user2" profile=1-Maximum \
local-address=0.0.0.0 remote-address=10.0.0.52 routes="" comment="" disabled=no
add name="User3" service=any caller-id="" password="user3" profile=1-Maximum \
local-address=0.0.0.0 remote-address=10.0.0.53 routes="" comment="" disabled=no
[EMAIL PROTECTED] ppp secret>
[EMAIL PROTECTED] ppp secret> print
Flags: X - disabled
# NAME SERVICE CALLER-ID PASSWORD PROFILE
REMOTE-ADDRESS
0 User0 any user0 1-Maximum
10.0.0.50
1 User1 any user1 1-Maximum
10.0.0.51
2 User2 any user2 1-Maximum
10.0.0.52
3 User3 any user3 1-Maximum
10.0.0.53
Item 3 - Provide NAT from a public IP address to the static IP address assigned by the
PPPoE server in item 2
Item 4 - Limit one user to a 512Kb download/upload connection
[EMAIL PROTECTED] ppp profile> print
Flags: * - default
0 * name="default" local-address=0.0.0.0 remote-address=0.0.0.0 session-timeout=0s
idle-timeout=0s use-compression=no use-vj-compression=no use-encryption=no
require-encryption=no only-one=no tx-bit-rate=0 rx-bit-rate=0 incoming-filter=""
outgoing-filter="" wins-server=""
1 name="0-512" local-address=0.0.0.0 remote-address=0.0.0.0 session-timeout=0s
idle-timeout=0s use-compression=yes use-vj-compression=yes use-encryption=yes
require-encryption=yes only-one=yes tx-bit-rate=512000 rx-bit-rate=512000
incoming-filter="" outgoing-filter="" wins-server=0.0.0.0
2 name="1-Maximum" local-address=0.0.0.0 remote-address=0.0.0.0 session-timeout=0s
idle-timeout=0s use-compression=yes use-vj-compression=yes use-encryption=yes
require-encryption=yes only-one=yes tx-bit-rate=0 rx-bit-rate=0
incoming-filter=""
outgoing-filter="" wins-server=0.0.0.0
Item 5 - Provide VPN and web server capability
