User Bandwidth Management Hotspot in Bypass (IP Binding)

User Bandwidth Management Hotspot in Bypass (IP Binding)

Technological developments require that all people have a smart phone digenggamannya, even the day the price of smart phones more affordable by all audiences in Indonesia. Automatically needs of the Internet is increasingly important for many people. No wonder if any crowded places such as offices, hotels, campuses, malls and so provide hotspot service. So many have concluded Wireless Hotspot must be through the media, if you are one of them please read the article below

If you already studied the article at the link we have agreed that in Mikrotik Hotspot is a system to provide authentication features to the user that will use the network. But we can also give privileges to some users that do not need authentication implementation examples there are more details in the article below

After Users in bypass, meaning the user is not able to do the bandwidth limitation using the User Profile. To overcome this we can do a number of ways depending IP bindings we do.

IP Binding by allocating a specific IP

In this method, we will allocate special ip address which will be given to the user bypasses. The ip router will allocate the bypass user based on mac-address, so the ip address user who bypassed unchanged - a fox. Just as making static-lease on a DHCP server settings. Do I go to the menu IP >> >> Hotspot IP Bindings.   Then add the Mac Address of the user who will be bypassed and decide to address it.

If using this bypass means, to perform management bandiwdth we just add Simple Queue leading to the IP we have set in to the IP Address Bindings.

IP Binding without allocation of IP Address

With this method, the user simply bypassed by mac-address user device. Ip address that will didapatakn random user depending on the DHCP server. How to bypass, select the menu Hotspot IP >> >> IP Bindings. Then add the Mac Address of the user who will be bypassed.

If using bypass this way, to be able to perform user management are bypassed we should mark the first packets through the router with mac address. We can use the features of Mangle. First we make a mark-conection first: Firewall IP >> >> >> Add Mangle

The next step makes Mark Packet based mac-connection that was made before, via menu Firewall IP >> >> >> Add Mangle

Lastly, we can make a new bandwidth management using the Simple Queue based mark-packet that has been made in the mangle. Do not forget, the parameter "Target" please fill in your hotspot network segment.

If the above steps are finished, then try to do bandwidth test user side are bypassed. Actually there are many ways you can do for the user management in bypass, like PCQ, static-leases, etc. Both the above steps are just as simple alternatives that can be used for bandwidth menagement user who bypassed the hotspot network.

User Database Migration Manager

User Database Migration Manager

When we wanted to create a hotspot service, it would be easier if we use a system to handle AAA (Authentication, Authorization and Accounting), fortunately in mikrotik already provided a tool that is usermanager. Usermanager contained in the database used to store information service includes the hotspot users, PPP users, DHCP Leases, Wireless AccessList, and RouterOS users.

Opening the business hotspot with daily user is not too difficult when we lose data, eg loss of user data that we have made. But a big problem if we already have a lot of users. Therefore perform a backup of data for maintenance purposes is an activity that can not be abandoned.

This time we will discuss how to do usermanager database backup and restore the database to a new router if the router is damaged.

Configuration

For example the present case there are two routers which first router has been installed user-manager and also have the data. Kemudain second router that the newly installed user-manager and there is no data. And for the second router the data will be drawn from the first router.

First, the router 1 we will "backup / save" database of user-manager. To process we will use the New Terminal. New Terminal we would type the command / tool user-manager database save name = [filename].

Automatically created a file with extension * .umb. For example we will name the 'dbase-R1.umb'. Well, this is the file we are going to "export" database to a second router.

Second, we will export this file to the user database-manager on Router 2. Previously, we will enter the first file into the localhost (menu Files) on Router 2. We can use FTP (for Linux, Mac OS) or "drag- drop '(for Windows).

After work we put into the file menu Router 2, then we are going to export into databse Router 2 using the New Terminal. For exports we use the command / tool user-manager database load name = [filename].

When it appears a confirmation, press "Y" and the process of export / restore will run. When successful there will be a notice "User-Manager Database Restored".

Final Check

To determine whether the data has been entered into the Router 2 we can check directly to the user-manager features. Keep in mind, when we are already logged in user-manager Router 2 to be able to see the results we need to first log out and log back in to update the current session.

Display Data Router 1

Display Data Router 2

Bandwidth Management VPN Users

Bandwidth Management VPN Users

Management bandwidth usage is an important thing. With this we can avoid the monopoly of the use of bandwidth. So that we can set the bandwidth usage evenly or can we use to give priorities to the specific user.

Then, what if the user is a VPN connection users of our network. There are several ways that can be applied, that is Dynamic and Static. For dynamic methods we have discussed in previous articles here .
With this dynamic method when there is a VPN user login will be given allotments of bandwidth as we specify. This may be quite easy if the VPN user is not too much and tend to be static.

If the VPN user the many and are mobile will be very hard for us to divide how much bandwidth is fitted to each of the user. Moreover, if the VPN user is divided into multiple accounts and each account has a different network.

As an example the case with the VPN user account A walk in the network 1.1.1.0/24, with the network 2.2.2.0/24 account B, and C account with the network 3.3.3.0/24. And each account will have different bandwidth allocation. To account A -> 128kbps, account B -> 256kbps, account C -> 512kbps. The bandwidth allocation will be divided evenly on each network. When there is addition or subtraction automatically User VPN router bandwidth will be split evenly and can also maximize the use of existing bandwidth.

VPN configuration

The first configuration we will make 'IP Pool' for allocation of IP addresses for each account from the VPN. Go to the menu I P -> Pool -> click the Add [+].

After we make our next IP Pool activate the VPN service. This time the VPN service to be used is PPTP. To enable entry to the PPP menu -> Interface -> click the command button 'PPTP Serve r'. Then uncheck 'Enabled'.

Then we create a new profile for the VPN account A, B, and C. In the same menu select Tab 'Profiles'. The profile settings will be used to define the parameter 'Remote Address' in secret. So that the allocation of IP addresses to the user can be automatically according to the network that we set.

Well, eventually we memeliki 3 new profile for each VPN account.

The next step we create a user account for VPN. Pembuatannya on Tab 'Secret'.

So that there will be 3 to konkesi PPTP VPN account, namely A, B, and C.

Queue Configuration for Bandwidth Management

After we configure the VPN server, then we will make use of simple queue bandwidth management.

Tested

We will do the testing if the configuration we can run well. For this test using the bandwidth test from the PC / Laptop connected to a VPN network that we created earlier.

When a user VPN using account A and in trying to do a bandwidth test, then if the configuration goes well, limitation queue will use VPN-A-limitation bandwidth allocation in accordance with the previous provisions.

A limitation Test Account

It also will be the same when the VPN user is connected primarily to account B and C. Each will get a bandwidth limitation in accordance with which we set earlier.

Limitations Test Account B



Test Account Limitations C

Upgrading RouterOS with The Dude

Upgrading RouterOS with The Dude

A network monitoring application developed by MikroTik which is 'The Dude'. With the system update on the dude that currently consists of two versions, the dude dude server and the client. Unlike the old version where the dude can run on a local PC into a server at the same client, but for this new version we have to install the server on the device routerboard dude kind TILE (CCR), x86, ARM. And to the dude client is installed on the local PC.

Regarding the installation can be seen in a previous article here . And this time we will discuss a function of the dude in addition to monitoring that we can upgrade the version of routerboard of the dude. This is a function that has long been available in the app dude. However, the old version of this feature still can not be used because there is some problem with the system the dude. And at this time the new version MikroTik has made some improvements on the dude including upgraded features RouterOS. Well, with this function we make it easier to upgrade the system centrally.

Upgrading RouterOS

The first step, we will upload the file system of routerboard to the dude server. To upload menu select Files -> Packages -> Add [+].

Once successfully uploaded, we will upgrade routerboard that we have set. Perhaps for large networks will be many kinds of devices listed on the application dude. Well, to facilitate the search device from the application MikroTik dude already created a special list for MikroTik devices.

So for the second step, we select the Device -> RouterOS. There will appear a list of existing Mikrotik devices on the network. We just select the device which we will upgrade version.

Force can also use the Upgrade option if there are multiple routerboard with the architecture and the same version which in this case will assume perngakt the dude has been updated with a version that we choose.