PoE solution with NetProtector

PoE solution with NetProtector

 

Power surge unstable and vulnerable to lightning normally be a concern for network administrators who install outdoor wireless devices in the tower. Power needs could be said that risky needs. Power is not stable and lightning can easily cause damage to the device. Especially if grouding done only with makeshift tools and without adequate calculation.

To minimize problems of power on the wireless router we present a new product named NetProtector. PoE is a module which is designed to distribute power while protecting the router from the power of abnormal activity, eg due to lightning or power surge unstable.

NetProtector not a switch, however, but instead of POE is equipped with Surge Arrester features so as to provide protection against electrical surges on the router.

PoE function will also allow us so to the distribution of power to each - each device, without having to add an adapter and PoE for each device. Installation topology would be as follows:

On the back of the device there is a grounding cable NetProtector. These cables stay connected to the existing system grouding in your network infrastructure.

There are 2 types NetProtector we provide, manageable and standard NetProtector NetProtector. For NetProtector manageable product, there are features that can be used to set NetProtector remotely via a web-base.

NetProtector standard features:

• PoE adapter functionality
• Bulit-in netprotector
• All ports shielded
• Standard power socket DC 2.1/5.5
• Solid, sleek, all-aluminum, painted black desktop case
• 0.3 m grounding cable included

As for NetProtector manageable, additional features in addition to standard features. Here are some additional features manageable NetProtector:

• Restarter functionality
• Management via www (web-base)
• Watchdog

NetProtector comes with two types of casing, casing desktop and rackmount chassis. Type the desktop with a simple shape and small allows us to setup with limited space. And rackmount chassis for penampatan in 1U server rack (19 inch).

Modular

Especially for a product with 1U chassis, the number of interfaces can be expanded to 24. If by default the number of ethernet only 8, we can add the modules separately in order to cater for the number of ethernet network needs us.

Remotely via the Web

Netprotector is manageable features that are helpful for network admins who want to monitor the condition of the power on the device. By default web-base can be accessed at the address http://192.168.0.100

Login page will appear asking for username and password information. NetProtector default account is as follows:

Username = admin
Password = admin
Display the home page of web-base NetProtector. Contains information on the features and functionality of existing features.

Relays

A feature to control the power output. In this feature, the network administrator can turn on / off the power outpout on a specific interface.

Watchdog

Condition monitoring devices connected to PoE-Out is based on IP addresses with the standard ping. IP address of the device that should be monitored by IP Address NetProtector segment. NetProtector will display the status of the monitored devices. Under normal conditions, the device status says "OK". If the device unreacheable within a specified period, the status will change to "FAIL". There is an option that we can choose if the router is experiencing fail. If we check the option "Add Relay", then when the device status into fail, NetProtector will automatically reset power PoE on the interface connected to the device with a fail status. Power reset process within approximately 2.5 minutes.

Measurements

Displays detailed status of NetProtector devices, such as input voltage and temperature.

Settings

We can do some settings on Netprotector. Settings such as IP Address, Gateway, and Password. In parameter mode, fill it with a value of 0 if NetProtector will automatically obtain an IP address from the DHCP server. Or fill it with value 1 if the IP address is configured statically.

Reset

If in the future we forget the password or IP address of the router, we can reset to the default initial configuration Netprotector. We can do a reset using the reset button located on the back of the casing, or some are located at the front of the chassis, depending on the type of product.

Steps to perform a reset:

• Turn off the device NetProtector
• Press the "Reset" and remains on hold
• Give power to the device by plugging the power jack.
• Wait a few seconds, then release the reset button.
• Turn off netprotector by unplugging the power jack, and then on again.
• Netprotector already is reset, you can try the remote router with a default IP address.

NetProtector product offers convenience and security in terms of power. A solution of the network admins will concern the unstable power surge or due to lightning.

 

Implementation of Wireless Roaming with WDS

Implementation of Wireless Roaming with WDS

In the modern era will need an internet connection can hardly be said that an important requirement. Many companies or educational institutions then try giving access to the internet in an open area so that users can be much more comfortable. Case that arises is to cover the needs of a large area such as a school, college or open areas, sometimes can not be reached with a single wireless device. Moreover, wireless users who are mobile or move - move. MikroTik provide solutions to the needs of roaming wireless WDS feature.
Topology

There is more than one access point which will emit wireless with the same SSID. Client can connect to any access point, depending on the signal from the access point where the terdetct good on the client side. When the client relocates and interrupted by one access point, the client will be in automatically switch to another access point that the client reaches.

Static WDS

MikroTik features Dynamic and Static WDS WDS. Usually the connection stability considerations, network admins prefer a static WDS. It is a bit more complicated configurations, but the connection is not easy to change - change if the signal drops. When the connection between repeter switch, the connection will typically break up more or less in a single ping. If too often, it will display the impression of a connection like breaking - breaking up. Therefore, many choose to implement static WDS. That is, we set the access point to which repeaters will be connected. So even though the signal goes down, the connection will not move - move. As an example, we will try to wake up the implementation of the WDS static topology such as the following details:

Access Point Master

AP router becomes the master must be connected to the internet. If you are connected to the internet properly, the time setting as a master AP. First create interface Bridge. At STP settings, select mode RSTP protocol option.

Then add the wlan interface into the bridge port. Go to the ports tab, then click the + button. Select wlan1 interface and navigate to the bridge that has been created, then click OK.

Setting the bridge was finished, then we are setting the wlan interface as an access point. Double-click on the wireless interface and then go to the Wireless tab. Set the AP-Bridge mode. Other parameters can be adjusted as needed.

then we started setting static WDS. Double click on the wireless interface, then go to the tab "WDS". In WDS mode option, please select static. Then at WDS Default Bridge option, select the bridge that was made ​​before.

Then create a new WDS interface manually in the Wireless menu. Click the + button and select WDS.

In the WDS options address mac-address with the contents of repeaters that will be connected to the master AP. Consider the previous topology image. AP Master connected to Repeater 1 and Repeater 3. Then the WDS option will insert the address mac-address inetrface wireless Repeater 1 and Repeater 3.

WDS settings are finished, then we just set the Hotspot Server AP Bridge Master in the interface that has been created. If Hotspot Server is installed on the laptop wlan interface is connected to the repeater will not get service Hotpsot.

Repeater 1

Setting up for the first repeater 1 bridge interface with wlan1 port, in this step is done almost the same way when setting the bridge on the AP Master. If the setting of the bridge has been completed, setting the wireless interface as a WDS Slave.

Then the settings on the WDS tab with WDS Mode = Static Default Bridge and WDS Bridge select the interface that has been created. Next create static WDS Wireless menu. Slightly different from the settings on the AP Master, this time setting the address WDS Repeater 1 is filled with mac-address interface wireless AP and Repeater Master 2. Remember, connected to AP Repeater 1 and Repeater 2 masters.

Setting static WDS on Repeater 1 has been completed. If we want to connect to a repeater 1 interne, provide live ip address on the bridge interface that was made earlier. Add to this the DNS and gateway. If the AP Master hotpsot run the service, do not forget their mac-address bindings - each repeater remember MikroTik Router does not have a browser to the hotspot login.

Repeater 2

Setting the repeater 2 repeaters are also nearly equal to 1, such as setting the bridge, and WDS settings on the wireless interface. That little difference is when adding static WDS. 2 Rada Repeater, WDS Address filled with mac-address Repeater 1 and Repeater Repeater 3 for 2 will be connected with the second repeater.

Repeater 3

Similar to the Repeater 2, setting the bridge and WDS settings on each wireless interface with the settings on the repeater 1. And When creating static WDS, WDS we address the contents of the AP mac-address mac-address Master and Repeater 2. 3 Repeater Where this AP will be connected to the Master and to the Repeater 2.

Setting static WDS is finished. If all the devices both master and Repeater AP can connect with each other well, then the static WDS interface that we have previously made will be the status of RSA (Running, Slave, Active).

Then try to connect to the laptop through the wireless, the login page will appear, even if the laptop is connected to an access point in addition to the master, it could be 1 or repeater Repeater other.

http://freakscontent.blogspot.com/ 

NetWatch: Emergency Response Network Problem

NetWatch: Emergency Response Network Problem

Newatch MikroTik is one feature that is used to monitor the condition of the host. There are cases where we need to monitor the state of a host can be a very important hot so that if something happens to the host, network admin can get information immediately and can take precautions that are also responsive as possible. It would be very inefficient if a remote or network administrator should monitor the server within 24 hours. To facilitate monitoring, MikroTik provide NetWatch feature.

This feature can be accessed from the Tools menu -> NetWatch. When we click the plus (+), we can fill in the ip address of the host to be monitored.

• Host: IP address of the device information to be monitored.
• Interval: NetWatch works by sending a ping. At intervals of parameters, we can set a time period for the router sends a ping to check the condition of the host.
• Time Out: Timed how long the host will be considered down if the ping is sent from the router does not receive a response (unreachable).

In the picture above, we can see that the setting NetWatch will be monitoring the host with IP address 192.168.230.2. Information listed status "up" because the router can ping the IP address. If the router fails to send a ping, then the status will change to "down".

Subsequent need when there is a change of status, the router will send an email notification, so that network admins can know immediately and can perform the necessary tindaka. So that the router can send an email, we need an email server settings under Tools -> Email.

Without setting up Leih, NetWatch only displays status information monitored host, up or down. In order for the router to provide notification when the host changed status, we can write a script on the Tab "UP" and Tab "DOWN".

No Script tab "Up" will be run if the host is connected properly monitored. In the case this time, we will be set so that the router immediately sends an email notification when there erubahan status, then we need to add the script to the settings tab "UP" and Tab "Down". An example for a script to be run ketka Berbah status becomes "UP".

And the script on the tab "Down" will run if the host can not ping the router.

With the above script, the router will soon envy email notifications when the host down and also will send email notification when the router back up.

Scripts can also be run not only the script to send an email, we can create a custom script if we are familiar with scripting in MikroTik. Manual on scripting in proxy you can explore here: http://wiki.mikrotik.com/wiki/Manual:Scripting

http://freakscontent.blogspot.com/ 

Mapping the connections with Mark-Route

Mapping the connections with Mark-Route

Choice of using more than one internet connection could be a solution for the need netwok more smoothly and reliably. However, poor management can create the appearance of new problems. With the presence of more than one link, the connection will be passing through both links depending on the link which was empty. With some considerations, network admins sometimes choose to skip a connection to a particular path, ie the connection is an important application connections.

In the present case example suppose we have 2 internet connections with different bandiwdth. Then will we distinguish IIX path to the ISP with more bandwidth, namely ISP 1, and for the connection to the international will use an ISP with a smaller badwidth, call the ISP 2. If we image topology, it will look like the following image :

We use Mangle feature on the MikroTik router to mark a connection. First, to distinguish the target by the client traffic is traffic to IIX or international, we need a list of IPs that have been advertised in IIX (IP address in Indonesia) with address-list. The address list that will be used later weeks to determine whether the client access to web based ip local or international destination.

Do not worry, mikrotik.co.id has provided a list of IP addresses IIX script named nice.rsc that you can copy-paste at the terminal MikroTik. Nice.rsc files can also be downloaded directly from the terminal in RouterOS. Example command:

After downloading the file nice.rsc finished, do not forget to import into address-list, then the router will make a list of IP addresses in the firewall address-list called "nice"

Selanjuntya we will use a feature mangle to mark connections from the client, meuju to IIX or international. First we mark the connection that led to the IIX.

In the in-interface parameters please select the interface connected to the local network. Then we make another mangle to mark connections in addition to leading to the IIX, we will mark the leading international connections.

After successfully marking the connection, the next is the direct connection to one ISP by using the route, based on mark-routers that have been made previously. Quite easy, we create a new routing rule with dst address = 0.0.0.0 / 0 gateway ISP 1. Do not forget to mark part-route, we choose to mangle IIX connection, as well as for routing rule inernational connection.

The settings are finished, check the trace route to the IP address and the IP address international IIX, then note where the gateway traversed. Do not forget to do a masquerade NAT settings for both gateway that the client can connect to the internet. Usage will mangle can also be custom made, eg by port and protocol.

http://freakscontent.blogspot.com/