D-Link DWL-500 - 11Mb Wireless LAN PCI Network Card Guide d'installation

Wandy RouterOS v2.8 Reference Manual - Written by Mikrotik - Table Of Contents Basic Setup Guide...

Router Users...393 Monitoring Ac

serial restart-delay 1 frame-relay lmi-type ansi frame-relay intf-type dce ! interface Serial0.1 point-to-point ip address 1.1.1.2 255.255.255.0 no ar

description connected to Internet no ip address encapsulation frame-relay IETF serial restart-delay 1 frame-relay lmi-type ansi frame-relay intf-type

Description • I cannot ping through the synchronous frame relay interface between Wandy router and a Cisco router Frame Relay does not support addres

General Information Summary The Wandy router can act as an ISDN client for dialing out, or as an ISDN server for accepting incoming calls. The dial-o

• HFC 2BDS0 based adapters - hfc • W6692 based adapters - w6692 For example, for the HFC based PCI card, it is enough to use /driver add name=hfc comm

ISDN dial-out connection, use the ISDN dial-out configuration menu under the submenu. ISDN client interfaces can be added using the add command: Prop

bundle-128K (yes | no; default: yes) - use both channels instead of just one authentication (pap | chap | mschap1 | mschap2; default: mschap2, mschap1

If you would like to remain connected all the time, i.e., as a leased line, then set the idle-timeout to 0s. All that remains is to enable the interfa

connection - netwatch, and a script, which runs the netwatch. This is an example of how to make simple router backup system. In this example we'l

PPTP Interface Document revision 1.1 (Fri Mar 05 08:25:22 GMT 2004) This document applies to Wandy RouterOS V2.8 Table of Contents Table of Cont

SNMP Service... 432 General Information...

Summary PPTP (Point to Point Tunnel Protocol) supports encrypted tunnels over IP. The Wandy RouterOS implementation includes support for PPTP client

• http://support.microsoft.com/support/kb/articles/q162/8/47.asp • http://www.ietf.org/rfc/rfc2637.txt?number=2637 • http://www.ietf.org/rfc/rfc3078.t

status (text) - status of the client • Dialing - attempting to make a connection • Verifying password... - connection has been established to the serv

PPTP Server Users interface pptp-server Description There are two types of items in PPTP server configuration - static users and dynamic connections

Internet. On the Preforma PPTP server a user must be set up for the client: [admin@HomeOffice] ppp secret> add name=ex service=pptp password=lkjrht

Test the connection through the PPTP tunnel to the LocalHomeOffice interface: [admin@RemoteOffice]> /ping 10.150.2.254 10.150.2.254 pong: ttl=255 t

PPTP Setup for Windows Microsoft provides PPTP client support for Windows NT, 2000, ME, 98SE, and 98. Windows 98SE, 2000, and ME include support in th

Table of Contents Table of Contents General Information Summary Quick Setup Guide Specifications Related Documents Description Wireless Interface Co

Example Network Scan Description Property Description Example Wireless Security Description Property Description Notes Wireless Aplication Examples AP

• To make the wireless interface as a wireless station, working in 802.11a standard and Service Set Identifier p2p: /interface wireless set wlan1 ssid

General Information... 463 The Traceroute Co

Wandy RouterBoard and systems based on Intel i815 and i845 chipsets are tested and work stable with Atheros cards. There might be many other chipsets

• 5GHz-turbo - IEEE 802.11a up to 108Mbit scan-list (multiple choice: integer | default-ism; default: default-ism) - the list of channels to scan • de

• disabled - WDS interfaces are disabled • dynamic - WDS interfaces are created 'on the fly' • static - WDS interfaces are created manually

Registration Table interface wireless registration-table Description In the registration table you can see various information about currently conn

Description The access list is used by the Access Point to restrict associations of clients and by clients to restrict associations to a given list of

interface-type (read-only: text) - shows the hardware interface type noise-floor-control (read-only: yes | no) - does this interface support noise-flo

5355, 5360, 5365, 5370, 5375, 5380, 5385, 5390, 5395, 5400, 5405, 5410, 5415, 5420, 5425, 5430, 5435, 5440, 5445, 5450, 5455, 5460, 5465, 5470, 5475,

5305,5310,5315,5320,5325,5330,5335,5340,5345,5350,5355, 5360,5365,5370,5375,5380,5385,5390,5395,5400,5405,5410, 5415,5420,5425,5430,5435,5440,5445,545

simultaneously mtu (integer: 68..1600; default: 1500) - Maximum Transmission Unit name (name; default: wlanN) - interface name ssid (text; default: Wa

recommended to use WDS and DFS simultaneously - it is most probable that these routers will not connect to each other. Example [admin@Wandy] interfac

General Information ... 486 Serial Console Co

Example [admin@Wandy] interface wireless align> print frame-size: 300 active-mode: yes receive-all: yes audio-monitor: 00:00:00:00:00:00 filter-ma

Property Description (name) - interface name to use for scanning refresh-interval (time; default: 1s) - time in seconds to refresh the displayed data

packets key-2 (text) - hexadecimal key which will be used to encrypt packets with the 40bit-wep or 104bit-wep algorithm (algo-2) algo-3 (none | 40bit-

supported-rates-a/g=6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps, 54Mbps basic-rates-b=1Mbps basic-rates-a/g=6Mbps max-station-count=2007 ack-timeou

Router Neighbour • ssid = wds-test • IP Address = 192.168.0.1 • Network Mask = 255.255.255.0 Router Home configuration. At first we should configure t

Flags: X - disabled, R - running, D - dynamic 0 R name="wds1" mtu=1500 mac-address=00:01:24:70:3B:AE arp=enabled disable-running-check=no ma

192.168.1.1 64 byte ping: ttl=64 time=16 ms 192.168.1.1 64 byte ping: ttl=64 time=15 ms 3 packets transmitted, 3 packets received, 0% packet loss roun

General Information Summary Ethernet over IP (EoIP) Tunneling is a Wandy RouterOS protocol that creates an Ethernet tunnel between two routers on top

• The EoIP protocol encapsulates Ethernet frames in GRE (IP protocol number 47) packets (just like PPTP) and sends them to the remote side of the EoIP

private intranet or the Internet. Both routers can communicate with each other through the IP network. Example Our goal is to create a secure channel

BIOS upgrading...526 BIOS Configurati

# INTERFACE BRIDGE 0 eoip-remote none 1 office-eth none 2 isp none [admin@Our_GW] interface bridge> port set "0,1" bridge=bridge1 And the

Example Frame Relay Configuration Examples Wandy Router to Wandy Router Wandy Router to Cisco Router Troubleshooting Description General Information

• enabled - the interface will use ARP protocol • proxy-arp - the interface will be an ARP proxy • reply-only - the interface will only reply to the r

patch cable included with the Xpeed 300 SDSL adapter (such a connection is called Back-to-Back). Lets name the first router r1 and the second r2. Rout

description connected to EthernetLAN ip address 10.0.0.254 255.255.255.0 ! interface Serial0 description connected to Internet no ip address encapsula

Specifications Related Documents Additional Documents Installation Example Wireless Interface Configuration Description Property Description Example T

0 D RealTek 8139 1 Arlan 655 0xD000 [admin@Wandy] driver> Wireless Interface Configuration interface arlan Description The wireless card status

0 R outer ether 1500 1 R arlan1 arlan 1500 More configuration and statistics parameters can be found under the /interface arlan menu: [admin@Wandy] in

This document applies to Wandy RouterOS V2.8 Table of Contents Table of Contents General Information Summary Quick Setup Guide Specifications Relate

Summary MAC level bridging of Ethernet, Ethernet over IP (EoIP), Prism, Atheros and RadioLAN interfaces are supported. All 802.11b and 802.11a client

Description Notes Logging into the Wandy Router Description Adding Software Packages Description Navigating The Terminal Console Description Notes Bas

data rate between hosts may vary). Additional Documents http://users.pandora.be/bart.de.schuymer/ebtables/br_fw_ia/br_fw_ia.html Bridge Interface S

Port Settings interface bridge port Description The submenu is used to group interfaces in a particular bridge interface. Property Description int

root-port: ether2 path-cost: 180 [admin@Wandy] interface bridge> Bridge Port Monitoring Command name: /interface bridge port monitor Description

[admin@Wandy] interface bridge host> print Flags: L - local BRIDGE MAC-ADDRESS ON-INTERFACE AGE bridge1 00:00:B4:5B:A6:58 ether1 4m48s bridge1 00:3

protocol name/number • all - match all the IP protocols action (accept | drop | passthrough; default: accept) - action to undertake if the packet matc

2. Configure the bridge interface 3. Enable the bridge interface 4. Assign an IP address to the bridge interface, if needed Note that there should be

actual interface will be the bridge interface to which these interfaces belong. You can check this by typing /ip address print detail Hosts on LAN seg

General Information Summary The Wandy RouterOS supports MOXA C101 Synchronous 4Mb/s Adapter hardware. The V.35 synchronous interface is the standard

22 RxCB IN X 23 RxCA IN V short 9 and 25 pin Additional Documents For more information about the MOXA C101 synchronous 4Mb/s adapter hardware please

[admin@Wandy] interface moxa-c101> monitor 0 dtr: yes rts: yes cts: no dsr: no dcd: no [admin@Wandy] interface moxa-c101> Connect a communicatio

standard network PC interfaces to expand the router capabilities. Remote control with easy real-time Windows application (WinBox) • Advanced Quality o

[admin@Wandy] ip route> print Flags: X - disabled, I - invalid, D - dynamic, J - rejected, C - connect, S - static, R - rip, O - ospf, B - bgp # DS

Building configuration... Current configuration: ... ! interface Ethernet0 description connected to EthernetLAN ip address 10.1.1.12 255.255.255.0 ! i

Description RSV/V.35 Synchronous Link Applications Example General Information Summary The Wandy RouterOS supports the following Cyclades PC300 Ada

Connect a communication device, e.g., a baseband modem, to the V.35 port and turn it on. The Wandy driver for the Cyclades Synchronous PCI Adapter all

RSV/V.35 Synchronous Link Applications Example Let us consider the following network setup with Wandy Router connected to a leased line with baseban

ip classless ip route 0.0.0.0 0.0.0.0 10.1.1.254 ! ... end CISCO# Send ping packets to the Wandy router: CISCO#ping 1.1.1.1 Type escape sequence to ab

Troubleshooting Description Application Examples PPPoE in a multipoint wireless 802.11 network General Information Summary The PPPoE (Point to Poin

/interface pppoe-server server add service-name=internet interface=wlan1 \ \... default-profile=pppoe-profile • To configure Wandy RouterOS to be a PP

interface (name) - interface the PPPoE server can be connected through mtu (integer; default: 1480) - Maximum Transmission Unit. The optimal value is

• Terminated - interface is not enabled or the other side will not establish a connection uptime (time) - connection time displayed in days, hours, mi

• For the CD, write the ISO image onto a blank CD. • For the floppies, run the Disk Maker on your Windows workstation to create the installation flopp

time (i.e. 2 * keepalive-timeout), not responding client is proclaimed disconnected. one-session-per-host (yes | no; default: no) - allow only one ses

Troubleshooting Description • The PPPoE server shows more than one active user entry for one client, when the clients disconnect, they are still sh

interface may be set to MTU 1600 so that the PPPoE interface may be set to MTU 1500. This optimizes the transmission of 1500 byte packets and avoids a

And finally, we can set up PPPoE clients: [admin@MT_Prism_AP] ip pool> add name=pppoe ranges=10.0.0.230-10.0.0.240 [admin@MT_Prism_AP] ip pool>

Notes Example PPP Server Setup Description Property Description Example PPP Client Setup Description Property Description Notes Example PPP Applicatio

• Log Management • AAA Additional Documents • http://www.ietf.org/rfc/rfc2138.txt?number=2138 • http://www.ietf.org/rfc/rfc2138.txt?number=2139 Ser

interface ppp-server Description PPP server provides a remode connection service for users. When dialing in, the users can be authenticated locally u

profile (name; default: default) - local profile to use for dialout allow (multiple choice: mschap2, mschap1, chap, pap; default: mschap2, mschap1, ch

[admin@Wandy] ppp secret> /int ppp-server [admin@Wandy] interface ppp-server> add port=serial1 disabled=no [admin@Wandy] interface ppp-server>

Notes Example Proxy-ARP feature Description Example Unnumbered Interfaces Description Example General Information Summary The following Manual disc

www.Wandy.com, just press the 'New' button on the upper right-hand corner of the Wandy's web to create your account • Choose the approp

bridging between interfaces is used (starting from RouterOS version 2.8). In case of bridging, the IP address can be assigned to any interface in the

entries. Normally the table is built dynamically, but to increase network security, it can be built statically by means of adding static entries. Pro

Example Consider the following configuration: The Wandy Router setup is as follows: admin@Wandy] ip arp> /interface ethernet print Flags: X - disa

[admin@Wandy] ip address> As you can see, a dynamic connected route has been automatically added to the routes list. If you want the default gatewa

Wandy Router to Wandy Router IPsec Between two Masquerading Wandy Routers Wandy router to CISCO Router Wandy Router and Linux FreeS/WAN General Info

is looked up to decrypt it (using packet source, destination, security protocol and SPI value). If no SA is found, the packet is dropped. If SA is fou

Group 2 1024 bits RFC2409 Group 5 1536 bits RFC3526 IKE Traffic To avoid problems with IKE packets hit some SPD rule and require to encrypt it with n

manual-sa (name; default: none) - name of manual-sa template that will be used to create SAs for this policy • none - no manual keys are set dont-frag

To add a policy to encrypt all the traffic between two hosts (10.0.0.147 and 10.0.0.148), we need do the following: [admin@WiFi] ip ipsec policy> a

proposed lifetime hash-algorithm (multiple choice: md5 | sha; default: md5) - hashing algorithm. SHA (Secure Hash Algorithm) is stronger, but slower e

Adding Software Packages Description The basic installation comes only with the system package. This includes basic IP routing and router administrat

Property Description local-address (read-only: IP address) - local ISAKMP SA address remote-address (read-only: IP address) - peer's IP address

lifebytes (read-only: integer) - soft/hard expiration threshold for amount of processed data current-addtime (read-only: text) - time when this SA was

ip ipsec counters Property Description out-accept (read-only: integer) - shows how many outgoing packets were matched by accept policy (including the

• transport mode example using ESP with automatic keying and automatic policy generating on Router 1 and static policy on Router 2 • for Router1 [admi

[admin@Wandy] > ip ipsec peer add address=10.0.1.2 \ \... secret="gvejimezyfopmekun" enc-algorithm=des • for CISCO router ! Configure ISA

dst-address=10.0.1.1 auth-algorithm=sha1 enc-algorithm=des replay=4 state=mature auth-key="7575f5624914dd312839694db2622a318030bc3b" enc-key

conn mt left=192.168.0.108 leftsubnet=192.168.87.0/24 right=192.168.0.155 rightsubnet=10.0.0.0/24 authby=secret pfs=no auto=add • ipsec.secrets config

Notes Example Application Examples Standard Policy-Routing Setup General Information Summary The following manual surveys the IP routes management,

route with multiple gateways (in the form gateway=x.x.x.x,y.y.y.y) The routing protocols may create routes with equal cost automatically, if the cost

C - connect, S - static, r - rip, o - ospf, b - bgp # DST-ADDRESS G GATEWAY DISTANCE INTERFACE 0 S 192.168.0.0/16 r 10.10.10.2 1 Local 1 S 0.0.0.0/0 r

Wireless ...…………...41 Aironet Arlan...

radius Radius client settings redo Redo previosly undone action setup Do basic setup of system snmp SNMP settings special-login Special login users un

Routing Tables Routing tables is a way to organize routing rules into groups for a purpose of easy management. These tables can be created/deleted in

src-address (IP address/mask) - source IP address/mask dst-address (IP address/mask) - destination IP address/mask interface (name | all; default: all

2. Create the default route in each of the tables: [admin@Wandy] ip policy-routing> table from_net1 add gateway=10.0.0.1 [admin@Wandy] ip policy-ro

Table of Contents Table of Contents Summary Specifications Related Documents Notes Connection Tracking Description Property Description Example Servi

Description Using Connection Tracking, you can observe connections passing through the router. Connection Timeouts Here comes a list of connection t

0 U 0.0.0.0:5678 255.255.255.255:5678 udp 1s 1 U 1.1.1.1:49679 255.255.255.255:69 udp 11s 2 U 1.1.1.1:56635 255.255.255.255:69 udp 27s 3 A 10.1.0.128:

Document revision 2.4 (Tue Apr 13 15:51:20 GMT 2004) This document applies to Wandy RouterOS V2.8 Table of Contents Table of Contents General Inform

Description Packets entering the router can be marked for further processing them against the rules of firewall chains, source or destination NAT rule

tcp-options (any | syn-only | non-syn-only; default: any) - TCP options protocol (ah | egp | ggp | icmp | ipencap | ospf | rspf | udp | xtp | all | en

limit-time=0s action=passthrough mark-flow=myflow tcp-mss=dont-change mark-connection="" 1 src-address=0.0.0.0/0:0-65535 in-interface=all ds

Command Action command [Enter] Executes the command [?] Shows the list of all available commands command [?] Displays help on the command and the list

General Information Summary The Wandy Neighbor Discovery Protocol (MNDP) eases network configuration and management by enabling each Wandy router to

• if no info is received from a neighbor for more than 180 seconds the neighbor information is discarded Setup ip neighbor discovery Property Descr

Firewall Filters Document revision 1.6 (Fri Apr 23 14:28:08 GMT 2004) This document applies to Wandy RouterOS V2.8 Table of Contents Table of Con

Specifications Packages required: system License required: level1 (P2P filters limited to 1), level3 ip firewall Standards and Technologies: IP Hardw

NAT rules and queuing. Additional arrows from IPsec boxes shows the processing of encrypted packets (they need to be encrypted / decrypted first and t

the packet matches the rule, one of the: • accept - accept the packet. No action, i.e., the packet is passed through without undertaking any action, e

| integer; default: any) - specifies a match to the value of Type of Service (ToS) field of IP header: • any - match any packet (i.e., do not check th

should be used with destination to this chain from a rule within another chain. The policy of user added chains is none, and it cannot be changed. Cha

Address All connections form the private addresses are masqueraded, and appear as coming from one external address - that of the router. This can be d

0 ;;; Allow established TCP connections protocol=tcp tcp-options=non-syn-only connection-state=established action=accept 1 ;;; Allow UDP connections p

enable name command to enable the interface with a given name or number, for example: [admin@Wandy] interface> print Flags: X - disabled, D - dynam

src-address=:20 dst-address=:1024-65535 protocol=tcp tcp-options=syn-only action=accept 6 ;;; Reject and log everything else action=reject log=yes [ad

addresses. If you want to allow connections to the server on the local network, you should use destination Network Address Translation (NAT). Example

servers Specifications Packages required: system License required: level1 ip pool Standards and Technologies: none Hardware usage: Not significant R

Peer-to-Peer Traffic Control Document revision 1.3 (Wed Apr 21 11:56:49 GMT 2004) This document applies to Wandy RouterOS V2.8 Table of Contents

Packages required: system License required: level1 (Limited to 1 firewall rule), level3 ip firewall, /ip firewall mangle, /queue Hardware usage: Incre

• all-p2p - match all known P2P traffic • any - match any packet (i.e., do not check this property) mark-flow (text; default: "") - change f

Point-to-Point Traffic Control Examples Summary This section will give you two examples of tupical peer-to-peer traffic control configurations. Cumu

Document revision 1.4 (Fri Mar 05 08:42:58 GMT 2004) This document applies to Wandy RouterOS V2.8 Table of Contents Table of Contents General Inform

• Package Management • IP Addresses and ARP Description Virtual Router Redundancy Protocol is an election protocol that provides high availability fo

• simple - plain text authentication • ah - Authentication Header using HMAC-MD5-96 algorithm password (text; default: "") - password requir

• The local LAN with network address 192.168.0.0 and 24-bit netmask: 255.255.255.0. The router's address is 192.168.0.254 in this network • The I

[admin@Wandy] ip vrrp> address print Flags: X - disabled, A - active # ADDRESS NETWORK BROADCAST VIRUAL-ROUTER 0 192.168.1.1/24 192.168.1.0 192.168

Configuring Backup VRRP router Now we will create VRRP instance with lower priority (we can use the default value of 100), so this router will back up

Table of Contents General Information Summary Specifications Related Documents Description Common NAT Parameters Description Property Description Note

Network Address Translation is subdivided into two separate facilities: • Source NAT This type of NAT allows 'hiding' of private networks be

The TOS can be one of five types, each of them is an instruction to: • low-cost - minimize monetary cost • low-delay - minimize delay • normal - norma

Source NAT Description Source NAT is a firewall function that can be used to 'hide' private networks behind one external IP address of the

If the packet matches the masquerade rule, then the router opens a connection to the destination, and sends out a modified packet with its own address

Example This example shows how to add a dst-NAT rule that gives access to the http server 192.168.0.4 on the local network via external address 10.0.0

Specifications Packages required: system License required: level1 ip upnp Standards and Technologies: TCP/IP, HTTP, XML, IGD Hardware usage: Not sign

interface (name) - interface name UPnP will be run on type (external | internal) - interface type, one of the: • external - the interface global IP ad

Here, the default route is listed under #0. As we see, the gateway 10.0.0.1 can be reached through the interface 'Public'. If the gateway wa

Description Property Description Notes Example General Information Summary The Wandy Packet Packer Protocol (M3P) optimizes the data rate usage of

• small packets going to the same MAC level destination (regardless of IP destination) are collected according to the set configuration and aggregated

Example To enable maximal compression on the ether1 interface: [admin@Wandy] ip packing> add interface=ether1 packing=compress-all \ \... unpacking

Summary DNS cache is used to minimize DNS requests to an external DNS server as well as to minimize DNS resolution time. This is a simple recursive DN

Notes If the property use-peer-dns under /ip dhcp-client is set to yes then primary-dns under /ip dns will change to a DNS address given by DHCP Serv

Flushing DNS cache Command name: /ip dns cache flush Command Description flush - clears internal DNS cache Example [admin@Wandy] ip dns> cache f

case you want to prevent or grant access to the certain services. Please see the relevant sections of the Manual for more explanations. ip service Re

additional package to be installed, as well as to be enabled by administrator, exempli gratia bandwidth server. Port/Protocol Description 20/tcp File

HotSpot Gateway Document revision 3.3 (Tue Apr 27 20:43:43 GMT 2004) This document applies to Wandy RouterOS V2.8 Table of Contents Table of Conten

HotSpot Cookies Description Property Description Notes Example Walled Garden Description Property Description Notes Example Customizing HotSpot Servle

To set up routing, it is required that you have some knowledge of configuring TCP/IP networks. There is a comprehensive list of IP resources compiled

• connection time • downloaded/uploaded traffic (bytes) Universal Client feature may be used with HotSpot enabled-address method to provide IP network

amount of traffic each of its clients have used, and also can send this information to a RADIUS server. The HotSpot system may limit each particular u

either case, HTTP POST method (if not possible, then - HTTP GET method) is used to send data to the HotSpot gateway. HotSpot can authenticate users us

firewall table. Question&Answer-Based Setup Command name: /ip hotspot setup Command Description hotspot interface (name) - interface to run Hot

Notes Depending on current settings and answers to the previous questions, default values of following questions may be different. Some questions may

enabled http-cookie-lifetime (time; default: 1d) - validity time of HTTP cookies allow-unencrypted-passwords (yes | no; default: no) - whether to auth

auth-mac-password: no auth-http-cookie: yes http-cookie-lifetime: 1d allow-unencrypted-passwords: no login-mac-universal: no split-user-domain: no [ad

To choose the login method to be used if smart method is set as the value of login-method property, the following algorithm is used: • If a client has

routes may be specified separated with commas limit-uptime (time; default: 0s) - total uptime limit for user (pre-paid time) • 0s - no limit limit-byt

HotSpot Active Users ip hotspot active Description The active user list shows the list of currently logged in users. Nothing can be changed here, e

one: The server's address is now 192.168.0.4, and we are running web server on it that listens to the TCP port 80. We want to make it accessible

Notes RADIUS user database is consulted only if the required username is not found in local user database The value set in interim-update is overridde

Example To add a HotSpot server named dhcp1 to the DHCP server hotspot-dhcp giving IP addresses from the hotspot address pool: [admin@Wandy] ip hotsp

information about HotSpot service provider or billing options. Property Description dst-host (text; default: "") - domain name of the desti

the login page 2. request for '/' on the HotSpot host • if user is logged in, rstatus.html is displayed; if rstatus.html is not found, redir

• hostname - DNS name or IP address (if DNS name is not given) of the HotSpot Servlet ("hotspot.example.net") • identity - RouterOS identity

• uptime-secs - uptime in seconds ("125") • session-timeout-secs - session timeout in seconds ("3475" or "" if there is

concatenation of the following: chap-id, the password of the user and chap-challenge (in the given order) The gateway uses CHAP authentication in case

Description There are two kinds of errors: fatal non-fatal. Fatal errors are shown on a separate HTML page called error.html. Non-fatal errors are ba

• your uptime limit is reached - self-explanatory • your traffic limit is reached - either limit-bytes-in or limit-bytes-out limit is reached • no mor

added to the ARP table. DHCP server will add entries only for clients which have obtained DHCP leases: /interface prism set prism1 arp=reply-only 4. A

Command Description Safe Mode Description General Information Summary The Terminal Console is used for accessing the Wandy Router's configurat

/ip firewall rule hotspot-temp add action=reject \ comment="reject access for unauthorized hotspot clients" 13. Add hotspot chain: /ip firew

/ip firewall rule hotspot-temp add flow="hs-auth" action=return \ comment="return if connection is authorized" /ip firewall rule h

1. make sure, web-proxy software package is installed and DNS client is configured 2. it is assumed, that HotSpot is set up and successfully running o

Summary Specifications Description Additional Documents DHCP Client Setup Description Property Description Command Description Notes Example DHCP Clie

General usage of DHCP: • IP assignment in LAN, cable-modem, and wireless systems • Obtaining IP settings on cable-modem systems IP addresses can be bo

add-default-route (yes | no; default: yes) - whether to add the default route to the gateway specified by the DHCP server use-peer-dns (yes | no; defa

DHCP server) • renewing... - the DHCP client is trying to renew the lease • rebinding... - the renew operation has failed, and lease time is over, so

interface and the source-address is left as 0.0.0.0, then the static address will be used. If there are multiple addresses on the interface, an addres

dns-server (text) - the DHCP client will use these as the default DNS servers. Two comma-separated DNS servers can be specified to be used by DHCP cli

server (read-only: name) - server name which serves this client expires-after (read-only: time) - time until lease expires tx-rate (integer; default:

[admin@Wandy] > Instead of typing ip route path before each command, the path can be typed only once to move into this particular branch of menu hi

Description DHCP Relay is just a proxy that is able to receive a DHCP request and resend it to the real DHCP server Property Description name (name)

Notes Depending on current settings and answers to the previous questions, default values of following questions may be different. Some questions may

Description Universal Client Interface Setup Property Description Notes Example Universal Host List Description Property Description Example Universal

Universal Client Interface Setup ip hotspot universal Property Description interface (name) - interface to run universal client on address-pool (na

Property Description mac-address (read-only: MAC address) - client's MAC address address (read-only: IP address) - client's IP address to-a

Service Port ip hotspot universal service-port Description Just like for classic NAT, the Universal Client Interface 'breaks' some protocol

Property Description Notes Voicetronix Voice Ports Property Description Command Description Notes LineJack Voice Ports Property Description Command De

A simple example Description Setting up the Wandy IP Telephone Setting up the IP Telephony Gateway Setting up the Welltech IP Telephone Setting up Wan

• Quicknet Technologies cards: • Internet PhoneJACK (ISA or PCI) for connecting an analog telephone (FXS port) • Internet LineJACK (ISA) for connectin

Description This submenu is used for managing all IP telephony voice ports (linejack, phonejack, isdn, voip, voicetronix, zaptel) Property Descripti

numbers, names are not assigned by the console internally, but are one of the items' properties. Thus, they would not change on their own. Howeve

parameters of PSTN line, as well as for detecting and generating the tones agc-on-playback (yes | no; default: no) - automatic gain control on playbac

CODEC used for the audio connection (time) - duration of the phone call Notes As some Voicetronix cards fail to detect loop drop correctly, with loop

Command Description blink - blink the LEDs of the specified voice port for five seconds after it is invoked. This command can be used to locate the re

PhoneJack Voice Ports ip telephony voice-port phonejack Property Description name (name) - name given by the user or the default one type (read-only:

• on-hook - the handset is on-hook, no activity • off-hook - the handset is off-hook, the number is being dialed • ring - call in progress, direction

Command Description clear-call - terminate a current call established with the specified voice port (name) - port name to clear call with show-stats

playback-volume (integer: -48..48; default: 0) - playback volume in dB • 0 - 0dB meand no change to signal level record-volume (integer: -48..48; defa

• [ ] - matches any single character from the set in brackets • [^ ] - matches any single character not from the set in brackets There is a possibilit

This is the so-called "routing table" for voice calls. This table assigns numbers to the voice ports.The main function of the numbers routin

# DST-PATTERN VOICE-PORT PREFIX 0 12345 XX 1 1111. YY 2 22... ZZ 333 3 ... QQ 55 4 222 KK 44444 5 3.. LL 553 [admin@Wandy] ip telephony numbers> •

IPIP Tunnel Interfaces...82 General Information...

If you've typed just the common part, pressing the tab key once has no effect. However, pressing it for the second time shows all possible comple

ip telephony region Description Regional settings are used to adjust the voice port properties to the PSTN system or the PBX. For example, to detect

quality can be achieved by using the G.711-uLaw CODEC requiring 64kb/s throughput for each direction of the call. It is used mostly within a LAN. The

• h323-call-type - call leg type (should be VoIP) • h323-call-origin - indicates origin of call relatively to the gateway (answer for calls from IP ne

Gatekeeper ip telephony gatekeeper Description For each H.323 endpoint gatekeeper stores its telephone numbers. So, gatekeeper knows all telephone

registered Example In most simple case with one phonejack card and some remote gatekeeper, configuration can be as follows: [admin@Wandy] ip telephon

Flags: I - invalid, X - disabled, D - dynamic, R - registered # DST-PATTERN VOICE-PORT PREFIX 0 78 linejack1 1 3... vctx1 2 33_ voip1 3 5.. voip1 4 XD

RouterOS. Let us consider the following example of IP telephony gateway, one Wandy IP telephone, and one Welltech LAN Phone 101 setup: Setting up the

call, or want to receive calls from, i.e., (the IP telephone 10.0.0.224 and the Welltech IP telephone 10.5.8.2): [admin@voip_gw] ip telephony voice-po

2. Check if you have the codecs arranged in the desired order: usr/config$ voice -print Voice codec setting relate information Sending packet size : G

Configuration on the Wandy side • G.729a codec MUST be disabled (otherwise connections are not possible at all!!!) /ip telephony codec disable G.729A-

# NAME TYPE MTU 0 R ether1 ether 1500 1 R ether2 ether 1500 2 R ether3 ether 1500 3 R ether4 ether 1500 [admin@Wandy] > interface set 0,1,2 mtu=146

ip address 10.0.0.101 255.255.255.0 no ip mroute-cache speed auto half-duplex ! ip classless ip route 0.0.0.0 0.0.0.0 10.0.0.1 no ip http server ! dia

voice-port=vctx1 prefix=1 • IP telephony gateway #2 should have /ip telephony voice-port voip add name=gw1 remote-address=10.0.0.182 /ip telephony num

Virtual Links Description Property Description Notes Example Neighbours Description Property Description Notes Example General Information Summary

1. Change general OSPF settings of redistributing connected, static and default routes. The default route should be distributed only from border route

Notes Within one area, only the router that is connected to another AS (i.e. border router) should have the propagation of the default route enabled.

• simple - plain text authentication • md5 - Keyed Message Digest 5 authentication Example To define additional OSPF area named local_10 with area-id

This facility profides tools for additional in-depth configuration of OSPF interface specific parameters. You do not have to configure interfaces in o

Property Description neighbor-id (IP address; default: 0.0.0.0) - specifies router-id of the neighbour transit-area (name; default: (unknown)) - a no

dr-id (read-only: IP address) - designated router's router id for this neighbor backup-dr-id (read-only: IP address) - backup designated router&a

Example Neighbors Description Property Description Example Routes Property Description Notes Example Example General Information Summary Wandy Rout

added - places a new item before an existing item with specified position. Thus, you do not need to use the move command after adding an item to the l

• RIPv2 Protocol • Cisco Systems RIP protocol overview General Setup Property Description redistribute-static (yes | no; default: no) - specifies w

garbage-timer: 2m [admin@Wandy] routing rip> Interfaces routing rip interface Description In general you do not have to configure interfaces in

To start the RIP protocol, you have to define the networks on which RIP will run. Property Description address (IP address/mask; default: 0.0.0.0/0)

Property Description dst-address (read-only: IP address/mask) - network address and netmask of destination gateway (read-only: IP address) - last gat

metric-static: 1 metric-connected: 1 metric-ospf: 1 metric-bgp: 1 update-timer: 30s timeout-timer: 3m garbage-timer: 2m [admin@Wandy] routing rip>

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA

Example Troubleshooting Description General Information Summary The Border Gateway Protocol (BGP) allows setting up an interdomain dynamic routing

routing bgp Property Description enabled (yes | no; default: no) - enable or disable BGP as (integer; default: 1) - autonomous system number router-i

network (IP address/mask; default: 0.0.0.0/0) - network to advertise Notes You can add to the list as many networks as required. The router is not ch

0 192.168.0.254 65002 no no none none [admin@Wandy] routing bgp> peer print status # REMOTE-ADDRESS REMOTE-AS STATE ROUTES-RECEIVED 0 192.168.0.254

If another user tries to enter safe mode, he's given following message: [admin@Wandy] > Hijacking Safe Mode from someone - unroll/release/don&

General Information Summary Prefix lists are used to filter routes received from or sent to other routers. Specifications Packages required: routing

Prefix List Rules routing prefix-list list <listname> Property Description prefix (IP address/mask; default: 0.0.0.0/0) - network prefix to m

Property Description Notes Example Router Users Property Description Notes Example Monitoring Active Router Users Property Description Example Router

RADIUS Client Setup Description Property Description Notes Example Suggested RADIUS Servers Description Supported RADIUS Attributes Description Gene

exception is that particular IP addresses take precedence over IP pools in the local-address and remote-address settings, as described later on). RADI

[admin@Wandy] user group> add name=reboot policy=telnet,reboot,read [admin@Wandy] user group> print 0 ;;; users with read only permission name=&

Monitoring Active Router Users user active print Property Description when (read-only: date) - log-in time name (read-only: name) - user name address

Local Point-to-Point AAA Local P2P User Profiles ppp profile Description P2P profiles are used to define default values to users managed in /ppp se

outgoing-filter="" wins-server="" [admin@Wandy] ppp profile> Use VJ compression only if you have to because it may slow down th

Flags: X - disabled # NAME SERVICE CALLER-ID PASSWORD PROFILE 0 ex pptp lkjrht ex [admin@Wandy] ppp secret> print detail Flags: X - disabled 0 name

General Information Summary The Wandy RouterOS is distributed in the form of software packages. The basic functionality of the router and the operati

To enable RADIUS AAA: [admin@Wandy] ppp aaa> set use-radius=yes [admin@Wandy] ppp aaa> print use-radius: yes accounting: yes interim-update: 0s

Local IP Traffic Accounting Table ip accounting snapshot Description When a snapshot is made for data collection, the accounting table is cleared a

initiated to the web page. The snapshot will be displayed on the web page. TCP protocol, used by http connections with the wget tool guarantees that n

Notes The order of the items in this list is significant. Microsoft Windows clients send their usernames in form domain\username Example To set a RAD

other UNIX RADIUS servers (eg. XTRadius). Note that it may conflict with the default configuration files of RADIUS server, which have references to th

NOTE: if Framed-IP-Address or Framed-Pool is specified it overrides remote-address in default configuration Idle-Timeout overrides idle-timeout in def

Stop Accounting-Request These packets can additionally have: Acct-Terminate-Cause session termination cause (see RFC2866 5.10) Attribute Numeric Val

This document applies to Wandy RouterOS V2.8 Table of Contents Table of Contents Summary Specifications Description Certificates Description Propert

used for encryption, and the other - for decryption. It is important to understand, that both keys can encrypt and decrypt, but what is encrypted by o

Notes Server certificates may have ca property set to no, but Certificate Authority certificates must have it set to yes Certificates and encrypted p

descriptive name, version number and extension .npk, exempli gratia system-2.8rc3.npk, routerboard-2.8rc3.npk. You should check the available hard dis

4 ssh 22 0.0.0.0/0 5 hotspot-ssl 443 0.0.0.0/0 cert1 [admin@Wandy] ip service> FTP (File Transfer Protocol) Server Document revision 2.2 (Tue A

File Transfer Protocol Server file Description Wandy RouterOS has an industry standard FTP server feature. It uses ports 20 and 21 for communication

Example General Information Summary Ping uses Internet Control Message Protocol (ICMP) Echo messages to determine if a remote host is active or ina

If DNS service is configured, it is possible to ping by DNS address. To do it from Winbox, you should resolve DNS address first, pressing right mouse

Summary Specifications Related Documents Description Additional Documents Queue Types Description Property Description Notes Example Interface Default

queues should always be configured on the outgoing interface regarding the traffic flow. There are two additional virtual interfaces in queue tree whi

queues (known as classless queues) are attached to the main (attached to the root, which represent real interface) Hierarchical Token Bucket (HTB) and

• global-in - represents all the input interfaces in general (INGRESS queue). Please note that queues attached to global-in applies to incomming traff

kind (pfifo | bfifo | red | sfq | pcq; default: pfifo) - kind of the queuing algorithm used: • pfifo - Packets First-In First-Out • bfifo - Bytes Firs

Property Description interface (name) - interface name queue (name; default: default) - default queue for the interface Example To change the defaul

Notes If a package is marked for uninstallation, but it is required for another (dependent) package, then the marked package cannot be uninstalled. Y

total-burst-threshold (text; default: 0) - Total (bidirectional) average burst threshold (bits/s) total-burst-time (text; default: 0) - total (bidirec

burst-time (text; default: 0) - for how long the burst is allowed Notes max-limit must be equal or greater than limit-at. To apply queues on flows, t

Thus, the network administrator is able to allocate a definite portion of the total data rate and grant it to a particular network segment or interfac

1 name="Server" target-address=0.0.0.0/0 dst-address=192.168.0.17/32 interface=Local queue=default priority=8 limit-at=0/0 max-limit=0/0 [ad

priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0 [admin@Wandy] queue tree> Thus, we used queue trees for limiting the upload. Th

[admin@Wandy] ip firewall src-nat> Then we have to mark download and upload traffic. To do so with masqueraded traffic, let's add 2 mangle rul

Configuration Export and Import Document revision 2.1 (Fri Mar 05 08:51:02 GMT 2004) This document applies to Wandy RouterOS V2.8 Table of Contents

not descend recursively through the command hierarchy. export also has the argument file, which allows you to save the script in a file on the router

Description The import command is used to load a saved configuration script. Example To load the saved export file use the following command: [admin@

General Information Summary SNMP is an application layer protocol. It is called simple because it works that way - the management station makes a r

Description System Software Package The system software package provides the basic functionality of the Wandy RouterOS, namely: • IP address managem

Property Description enabled (yes | no) - whether the SNMP service is enabled contact (text; default: "") - contact information for the NMS

You can use the SNMP protocol to get statistics from the router in these submenus: • /interface • /interface pc • /interface wavelan • /interface wire

interfaces.ifTable.ifEntry.ifIndex interfaces.ifTable.ifEntry.ifDescr interfaces.ifTable.ifEntry.ifType interfaces.ifTable.ifEntry.ifMtu interfaces.if

ip.ipForward.ipCidrRouteTable.ipCidrRouteEntry.ipCidrRouteNextHopAS ip.ipForward.ipCidrRouteTable.ipCidrRouteEntry.ipCidrRouteMetric1 ip.ipForward.ipC

ifMIB.ifMIBObjects.ifXTable.ifXEntry.ifHCOutBroadcastPkts ifMIB.ifMIBObjects.ifXTable.ifXEntry.ifHighSpeed RFC2790 host.hrStorage.hrStorageTable.hrSt

<TD>Max Speed:</TD> <TD>1250.0 kBytes/s</TD> </TR> <TR> <TD>IP:</TD> <TD>10.10.2.1</TD> &l

Specifications Related Documents MAC Telnet Server Property Description Notes Example Monitoring Active Session List Property Description MAC Telnet C

Example To enable MAC telnet server on ether1 interface only: [admin@Wandy] tool mac-server> print Flags: X - disabled # INTERFACE 0 all [admin@Wan

Ping Document revision 15-Jul-2003 (1.10) This document applies to Wandy RouterOS V2.8 Table of Contents Table of Contents General Information Summa

the number of routers between the source and the destination. The Ping Command Command name: /ping Property Description (IP address | MAC address)

gps support for GPS devices none none hotspot HotSpot gateway none any additional license isdn support for ISDN devices ppp none lcd support for none

To disable MAC pings: [admin@Wandy] tool mac-server ping> set enabled=no [admin@Wandy] tool mac-server ping> print enabled: no [admin@Wandy] too

Standards and Technologies: Dynamic Updates in the DNS (RFC 2136), Secure DNS Dynamic Update (RFC 3007) Hardware usage: Not significant Related Docum

Document revision 1.2 (Fri Mar 05 09:45:04 GMT 2004) This document applies to Wandy RouterOS V2.8 Table of Contents Table of Contents General Inform

Property Description interface (name) - the name of the interface to monitor protocol (any | any-ip | icmp | igmp | ipip | ospf | pup | tcp | udp | in

Bandwidth Test Document revision 1.5 (Fri Mar 05 09:19:20 GMT 2004) This document applies to Wandy RouterOS V2.8 Table of Contents Table of Conte

Protocol Description The TCP test uses the standard TCP protocol with acknowledgments and follows the TCP algorithm on how many packets to send accor

[admin@Wandy] tool> Active sessions: [admin@Wandy] tool> bandwidth-server session print # CLIENT PROTOCOL DIRECTION USER 0 35.35.35.1 udp send a

tx-total-average: 3.53Mbps rx-current: 3.33Mbps rx-10-second-average: 3.68Mbps rx-total-average: 3.49Mbps [admin@Wandy] tool> Packet Sniffer D

Property Description Example Sniff MAC Address General Information Summary Packet sniffer is a feature that catches all the data travelling over th

filter-protocol (all-frames | ip-only | mac-only-no-ip; default: ip-only) - specific protocol group to filter • all-frames - sniff all packets • ip-on

PCI-to-CardBus Bridge to use IRQ 11 as in ThinRouters none none ups APC Smart Mode UPS support none none web-proxy HTTP Web proxy support none none wi

file save command is used. Example In the following example the packet sniffer will be started and after some time - stopped: [admin@Wandy] tool snif

• idpr-cmtp - idpr Control Message Transport • gre - General Routing Encapsulation • esp - IPsec ESP protocol • ah - IPsec AH protocol • rspf - Radio

• rarp - Reverse Address Resolution Protocol • ipx - Internet Packet exchange protocol • ipv6 - Internet Protocol next generation ip-protocol (ip | ic

tool sniffer host Description The submenu shows the list of hosts that were participating in data excange you've sniffed. Property Description

is running, and select a specific interface: [admin@Wandy] tool sniffer> stop [admin@Wandy] tool sniffer> set interface=bridge1 [admin@Wandy] to

Table of Contents General Information Summary Specifications Related Documents Description The Traceroute Command Property Description Notes Example

Property Description (IP address) - IP address of the host you are tracing route to port (integer: 0..65535) - UDP port number protocol (UDP | ICMP) -

Table of Contents Table of Contents Summary Specifications Related Documents ICMP Bandwidth Test Description Property Description Example General I

first-ping-size (integer: 32..64000; default: 32) - first ICMP packet size second-ping-size (integer: 32..64000; default: 1500) - second ICMP packet s

PCI Information Property Description Example Reboot Description Notes Example Shutdown Description Notes Example Configuration Reset Description Examp

PPTP Interface...120 General Information...

• Routing - Static routing; Equal cost multi-path routing; Policy based routing (classification by source and destination addresses and/or by firewall

System Resource system resource Notes In monitor command priotout the values for cpu usage and free memory are in percentage and kilobytes, respecti

14 IDE 1 [admin@Wandy] > IO Port Usage Monitor Command name: /system resource io print Description IO usage shows which IO (Input/Output) ports

Example To list all available USB ports: [admin@Wandy] system resource usb> print # DEVICE VENDOR NAME SPEED 0 1:1 USB OHCI Root Hub 12 Mbps [admi

Only users, which are members of groups with reboot privileges are permitted to reboot the router. Reboot can be called from scripts, in which case it

system identity Description The router identity is displayed before the command prompt. It is also used for DHCP client as 'host name' para

The history of system configuration changes is held until the next router shutdown. The invoked commands can be 'undone' (in reverse order t

Table of Contents Table of Contents Summary Specifications Related Documents Description Configuring the LCD's Settings Property Description Exam

2 Data 0 7 3 Data 1 8 4 Data 2 9 5 Data 3 10 6 Data 4 11 7 Data 5 12 8 Data 6 13 9 Data 7 14 14 Register Select 4 18-25, GND Ground 1, 5, 16 Powering:

enabled: no type: powertip [admin@Wandy] system lcd> To enable Powertip parallel port LCD: [admin@Wandy] system lcd> print enabled: no type: pow

3 X 5s Aggregate traffic in packets/sec 4 X 5s Aggregate traffic in bits/sec 5 X 5s Software version and build info 6 X 5s ether1 7 X 5s prism1 [admin

• ISDN - ISDN dial-in / dial-out; PAP, CHAP, MSCHAPv1 and MSCHAPv2 authentication protocols; RADIUS authentication and accounting; 128K bundle support

Support Output File Document revision 2.1.0 (Wed Mar 03 16:11:16 GMT 2004) This document applies to Wandy RouterOS V2.8 Table of Contents Table of C

problem. SSH (Secure Shell) Server and Client Document revision 2.0 (Fri Mar 05 09:09:40 GMT 2004) This document applies to Wandy RouterOS V2.8

• PuTTY • Secure CRT • Most SSH compatible telnet clients Specifications Packages required: security License required: level1 system ssh Standards an

2 www 80 0.0.0.0/0 3 hotspot 8088 0.0.0.0/0 4 ssh 65 0.0.0.0/0 5 X hotspot-ssl 443 0.0.0.0/0 none [admin@Wandy] ip service> SSH Client Command na

General Information Summary The configuration backup can be used for backing up Wandy RouterOS configuration to a binary file, which can be stored o

Command name: /system backup load Example To load the saved backup file test: [admin@Wandy] system backup> load name=test Restore and reboot? [y/N

that can be connected to a serial (asynchronous) port. Specifications Packages required: system License required: level1 system Standards and Technol

7 RTS OUT 8 8 CTS IN 7 Setting Serial Console system serial-console Property Description enabled (yes | no; default: no) - whether serial console i

To send [Ctrl]+[X] to to serial port, press [Ctrl]+[X] [Ctrl]+[X] To send [Ctrl]+[Q] to to serial port, press [Ctrl]+[X] [Ctrl]+[Q] Example To connec

Specifications Packages required: gps License required: level1 system gps Standards and Technologies: GPS, NMEA 0183, Simple Text Output Protocol Hard

card with monitor • Serial console - First RS232 asynchronous serial port (usually, onboard port marked as COM1), which is by default set to 9600bit/s

Notes If you are synchronizing system time with a GPS device, you should correctly choose time zone if it is different from GMT as satellites are broa

Scripting Host and Complementary Tools Document revision 2.3 (Thu Apr 15 19:03:33 GMT 2004) This document applies to Wandy RouterOS V2.8 Table of

Description Property Description Command Description Notes Example Task Management Description Property Description Example Script Editor Description

console expressions. The configuration commands are described in the relevant documentation. The events can be used to invoke a script include the Sys

prefix : action for action_args i params[=values] from=1 to=10 do={:put $i} /interface monitor-traffic ether1,ether2,ipip1 prefix / path interface act

Variables Description Console allows you to create and use global (system wide) and local (only usable within the current script) variables. Variable

[admin@Wandy] > /interface [admin@Wandy] interface> find type=ether [admin@Wandy] interface> [admin@Wandy] interface> :put [find type=ethe

an element to a list. Notes When comparing two arrays note, that two arrays are equal if their respective elements are equal. Example Operator prior

comparison [admin@Wandy] interface> :put (10.0.2.3<=2.0.3.10) false [admin@Wandy] interface> :put (100000s>27h) true [admin@Wandy] interfa

• boolean • string There is no way to explicitly control this type conversion. In console integers are internally represented as 64 bit signed numbers

Synchronous Specifications Description Asynchronous Specifications Description ISDN Specifications Description VoIP Specifications Description xDSL Sp

\... do={:put $i; :incr i;}; :unset i;} 0 1 2 3 4 5 6 7 8 9 [admin@Wandy] > do - this action takes one argument, which holds the console commands t

[admin@Wandy] > delay - this action does nothing for a given amount of time. It takes one argument, an amount of time to wait, whish defaults to on

Monitor action with do argument can also be called directly from scripts. It will not print anything then, just execute the given script. Names of pro

system script Description In RouterOS, a script may be started in three different ways: • according to a specific time or an interval of time • on an

Task Management system script job Description This facility is used to manage the active or scheduled tasks. Property Description name (read-only:

• Ctrl+x - exits editor discarding changes Command Description edit (name) - opens the script specified by the name argument in full-screen editor N

If more than one script has to be executed simultaneously, they are executed in the order they appear in the scheduler configuration. This can be impo

[admin@Wandy] system scheduler> add interval=7d name="email-backup" \ \... on-event=e-backup [admin@Wandy] system scheduler> print Fla

interval (time; default: 1s) - the time between pings. Lowering this will make state changes more responsive, but can create unnecessary traffic and c

{.. subject="Router at second floor is up" to="[email protected]"} [admin@Wandy] system script> [admin@Wandy] system script> /

3Com FastEtherLink Chipset type: 3Com 3c590/3c900 (3Com FastEtherLink and FastEtherLink XL) PCI 10/100Base Compatibility: • 3c590 Vortex 10Mbps • 3c5

[admin@Wandy] system script> /tool traffic-monitor [admin@Wandy] tool traffic-monitor> add name=turn_on interface=ether1 \ \... on-event=eth-up

Notes You can type actual script source instead of the script name from /system script list. Example In the following example we will add a new sigw

UPS Monitor Document revision 2.0 (Fri Mar 05 09:14:02 GMT 2004) This document applies to Wandy RouterOS V2.8 Table of Contents Table of Conten

when the ‘utility’ power returns. The UPS monitor feature on the Wandy RouterOS supports • hibernate and safe reboot on power and battery failure • UP

battery power is below 10% alarm-setting (delayed | immediate | low-battery | none; default: immediate) - UPS sound alarm setting: • delayed - alarm i

Runtime Calibration Command name: /system ups run-time-calibration Description The run-time-calibration command causes the UPS to start a run time c

Example When running on utility power: [admin@Wandy] system ups> monitor on-line: yes on-battery: no run-time-left: 11m battery-charge: 100 battery

Example Time Zone Notes Example General Information Summary NTP protocol allows synchronizing time among computers in network. It is good if there

parallel client continues to look for more NTP servers by sending multicast messages periodically. Client system ntp client Property Description en

239.192.1.1 and responds to them Notes NTP server activities only when local NTP client is in synchronized or using-local-clock mode. If NTP server i

Chipset type: AMD PCnet32 PCI 10BaseT and 10/100BaseT Compatibility: • AMD PCnet-PCI • AMD PCnet-32 • AMD PCnet-Fast Broadcom Tigon3 Chipset type: Br

RouterBoard-specific functions Document revision 2.4 (Wed Mar 03 16:13:40 GMT 2004) This document applies to Wandy RouterOS V2.8 Table of Content

• Health monitoring • LED control (may be used in scripting) • Console reset jumper Specifications Packages required: routerboard License required: l

BIOS Configuration system routerboard bios Description In addition to BIOS own setup possibilities, it is possible to configure BIOS parameters in Ro

Description LM87 health controller chip provides some measurments of temperature and voltage. Information becomes available not sooner than 2 minutes

led1 (yes | no; default: no) - whether the LED1 is on led2 (yes | no; default: no) - whether the LED2 is on led3 (yes | no; default: no) - whether the

Table of Contents Table of Contents General Information Summary Specifications Description License Management Description Property Description Command

When upgrading to 2.8, you can update your existing key for version 2.5, 2.6 or 2.7 for free (during the existing key upgrade term) during the three-d

(text; default: "") - script to execute while the command is running (time; default: 1s) - how frequently to execute the given script - if s

been converted to 2.8 version • ERROR: Key for specified software ID is expired. You can purchase new key at www.Wandy.com website! - you may not upda

Standards and Technologies: Telnet (RFC 854) Hardware usage: Not significant Related Documents • Package Management • System Resource Management Tel

• Intel 21145 Tulip • IMC QuikNic FX • Conexant LANfinity Intel EtherExpressPro Chipset type: Intel i82557 "Speedo3" (Intel EtherExpressPro

MMM MM MMM III KKKKK RRR RRR OOO OOO TTT III KKKKK MMM MMM III KKK KKK RRRRRR OOO OOO TTT III KKK KKK MMM MMM III KKK KKK RRR RRR OOOOOO TTT III KKK K

Specifications Packages required: system License required: level1 system logging, /log Standards and Technologies: Syslog Hardware usage: Not signific

facility (name) - name of the log group, message type local (disk | memory | none; default: memory) - how to treat local logs • disk - logs are saved

Property Description time (text) - date and time of the event message (text) - message text Notes print command has arguments: • follow - monitor sy

• N-Way PCI-Bus Giga-Card 1000/100/10Mbps(L) • SK-9521 10/100/1000Base-T Adapter • SK-98xx Gigabit Ethernet Server Adapter • SMC EZ Card 1000 • Marvel

• NS8390-based PCMCIA cards RealTek RTL8129 Chipset type: RealTek RTL8129 PCI 10/100Base Compatibility: • RealTek RTL8129 Fast Ethernet • RealTek RTL

• VIA VT6121 • VIA VT6122 VIA vt86c100 "Rhine" Chipset type: VIA vt86c100 "Rhine" PCI 10/100Base Compatibility: • VIA Rhine (vt30

Bridge...168 General Information...

chips), IEEE802.11b/g (AR5212 MAC plus AR2111 PHY chips), IEEE802.11a/b/g (AR5212 MAC plus AR5111 and 2111 PHY chips) cards Cisco/Aironet Chipset typ

• WaveLAN Bronze/Gold/Silver ISA/PCMCIA Aironet Arlan Packages required: arlan Description This is driver for legacy Aironet Arlan cards, not for n

PCI 2/4/8 port up to 4 cards (up to 32 ports) • Cyclades Cyclom-Y and Cyclades-Z Series up to 32 ports per card, up to 4 cards (up to 128 ports) • TCL

HomePNA Packages required: system Description Linksys HomeLink PhoneLine Network Card (up to 10Mbit/s home network over telephone line) LCD Package

Notes Example Removing Device Drivers Description Notes on PCMCIA Adapters Description Notes General Information Summary Device drivers represent t

io (integer) - input-output port base address irq (integer) - interrupt request number isdn-protocol (euro | german; default: euro) - line protocol se

2 APIC U 3 4 serial port U 5 U 6 U 7 U 8 9 ether1 10 ether2 11 [Texas Instruments PCI1250 PC card Cardbus Controller] 11 [Texas Instruments PCI1250 PC

only Other PCMCIA-ISA and PCMCIA-PCI adapters might not function properly. Notes The Ricoh adapter might not work properly with some older motherboar

Related Documents • Wireless Client and Wireless Access Point Manual • Bridge Interfaces • ARLAN 655 Wireless Client Card • CISCO/Aironet 2.4GHz 11Mbp

Flags: X - disabled, D - dynamic, R - running # NAME TYPE RX-RATE TX-RATE MTU 0 R ether1 ether 0 0 1500 1 R bridge1 bridge 0 0 1500 2 R ether2 ether 0

Address Resolution Protocol...209 Proxy-ARP feature...

Property Description Example Troubleshooting Description Synchronous Link Applications Wandy router to Wandy router Wandy router to Wandy router P2P u

Property Description hdlc-keepalive (time; default: 10s) - Cisco HDLC keepalive period in seconds clock-rate (integer; default: 64000) - the speed of

Description • The farsync interface does not show up under the interface list Obtain the required license for synchronous feature • The synchronous li

round-trip min/avg/max = 26/27.6/31 ms [admin@Wandy] ip address> Wandy router to Wandy router P2P using X.21 line Consider the following example:

[admin@hq] interface pvc> add dlci=42 interface=farsync1 [admin@hq] interface pvc> print Flags: X - disabled, R - running # NAME MTU DLCI INTERF

L2TP Interface Document revision 1.1 (Fri Mar 05 08:26:01 GMT 2004) This document applies to Wandy RouterOS V2.8 Table of Contents Table of Contents

• accessing an Intranet/LAN of a company for remote (mobile) clients (employees) Each L2TP connection is composed of a server and a client. The Wandy

interface l2tp-client Property Description name (name; default: l2tp-outN) - interface name for reference mtu (integer; default: 1460) - Maximum Tran

Example of an established connection [admin@Wandy] interface l2tp-client> monitor test2 status: "connected" uptime: 4m27s encoding: "

that in both cases P2P users must be configured properly. Property Description name (name) - interface name user (text) - the name of the user that i

IP Pools... 261 General Information ...

And finally, the server must be enabled: [admin@HomeOffice] interface l2tp-server server> set enabled=yes [admin@HomeOffice] interface l2tp-server

(without need of bridging over EoIP tunnels). Please, consult the respective manual on how to set up a L2TP client with the software you are using. Th

Troubleshooting Description • I use firewall and I cannot establish L2TP connection Make sure UDP connections can pass through both directions betwee

Application Examples Point-to-Multipoint Wireless LAN Point-to-Point Wireless LAN General Information Summary The Wandy RouterOS supports the follo

Description CISCO/Aironet 2.4GHz card is an interface for wireless networks operating in IEEE 802.11b standard. If the wireless interface card is not

ap2 (MAC address) - forces association to the specified access point ap3 (MAC address) - forces association to the specified access point ap4 (MAC add

Suppose we want to configure the wireless interface to accomplish registration on the AP with a ssid 'mt'. We need to change the value of ss

3. Choosing the frequency, in our case we use 2442MHz. 4. (For CISCO/Aironet Bridges only) Set Configuration/Radio/Extended/Bridge/mode=access_point.

access-point-name: "" signal-quality: 35 signal-strength: -62 error-number: 0 [admin@Wandy] interface pc> The other router of the point-t

IPIP Tunnel Interfaces Document revision 1.1 (Fri Mar 05 08:25:43 GMT 2004) This document applies to Wandy RouterOS V2.8 Table of Contents Table

List of Services...292 HotSpot Gate

Related Documents • Package Management • Device Driver List • IP Addresses and ARP • Log Management Additional Documents • http://www.ietf.org/rfc/r

IPIP Configuration Application Example Suppose we want to add an IPIP tunnel between routers R1 and R2: At first, we need to configure IPIP interfac

Additional Documents Ethernet Interface Configuration Property Description Notes Example Monitoring the Interface Status Property Description Notes Ex

arp (disabled | enabled | proxy-arp | reply-only; default: enabled) - Address Resolution Protocol mtu (integer; default: 1500) - Maximum Transmission

• unknown - the connection is not recognized rate (10 Mbps | 100 Mbps | 1000 Mbps) - the actual data rate of the connection auto-negotiation (done | i

Synchronous Interface Configuration Description Property Description Notes Example Troubleshooting Description Synchronous Link Application Examples W

Synchronous Interface Configuration interface moxa-c502 Description Moxa c502 synchronous interface is shown under the interfaces list with the nam

dtr: yes rts: yes cts: yes dsr: yes dcd: yes [admin@Wandy] interface moxa-c502> Troubleshooting Description • The synchronous interface does not

[admin@Wandy] ip address> add address 1.1.1.2/32 interface moxa \ \... network 1.1.1.1 broadcast 255.255.255.255 [admin@Wandy] ip address> print

ip address 1.1.1.2 255.255.255.252 serial restart-delay 1 ! ip classless ip route 0.0.0.0 0.0.0.0 10.1.1.254 ! ... end CISCO# Send ping packets to the

Voice Port for Voice over IP (voip)... 350 Number 350 Regional Setti

Summary VLAN is an implementation of the 802.1Q VLAN protocol for Wandy RouterOS 2.7. It allows you to have multiple Virtual LANs on a single etherne

Additional Documents • http://www.csd.uwo.ca/courses/CS457a/reports/handin/jpbojtos/A2/trunking.htm • http://www.cisco.com/univercd/cc/td/doc/product/

0 R test 1500 enabled 1 ether1 [admin@Wandy] interface vlan> Application Example VLAN example on Wandy Routers Let us assume that we have two or

[admin@Wandy] ip address> RadioLAN 5.8GHz Wireless Interface Document revision 1.1 (Fri Mar 05 08:17:04 GMT 2004) This document applies to Wand

Related Documents • Package Management • Device Driver List • IP Addresses and ARP • Log Management Description Installing the Wireless Adapter The

rx-diversity (enabled | disabled; default: disabled) - receive diversity tx-diversity (enabled | disabled; default: disabled) - transmit diversity def

successfully-sent: 1 max-retries: 0 average-retries: 0 min-retries: 0 sent: 11 successfully-sent: 11 max-retries: 0 average-retries: 0 min-retries: 0

[admin@Wandy] ip address> print Flags: X - disabled, I - invalid, D - dynamic # ADDRESS NETWORK BROADCAST INTERFACE 0 10.1.1.12/24 10.1.1.0 10.1.1.

Troubleshooting Description General Information Summary Frame Relay is a multiplexed interface to packet switched network and is a simplified form

interface (name) - Frame Relay interface Notes A DLCI is a channel number (Data Link Connection Identifier) which is attached to data frames to tell