Manual Allied Telesis AT-WR4500

264 pages 4.42 mb
Download

Go to site of 264

Summary
  • Allied Telesis AT-WR4500 - page 1

    PN 613-0 00813 Rev. B AT-WR4500 Series IEEE 802.11abgh O utdoor Wireles s Rou ters RouterOS v3 Configu ration and U ser Gu ide ...

  • Allied Telesis AT-WR4500 - page 2

    2 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Copyright © 2009 Allied Telesis International All rights r eserved. No part of this pu blication m ay be reproduce d without pr ior written permission from Allied Teles is International. Microsoft and Internet Explorer are registered t rade ...

  • Allied Telesis AT-WR4500 - page 3

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 3 RouterOS v3 Con figuration a nd User Gui de LIMITATION OF LIABILITY AND DAMAGES THE PRODUCT AND THE SOFTWARES WITHIN ARE PROVIDED "AS IS," BASIS. THE MANUFACTURER AND MANUFAC TURER’S RESE LLERS (C OLLECTIVELY REFERRED TO A S “THE SELLERS”) DISC LAIM ALL WARR ANTIES, EX ...

  • Allied Telesis AT-WR4500 - page 4

    4 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de C ONTENTS 1 Introduction ........... ............ ............. ................ ............. ............ .................. ............ ............. ............ .................. ....... 12 1.1 Features ..................... ......... ...

  • Allied Telesis AT-WR4500 - page 5

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 5 RouterOS v3 Con figuration a nd User Gui de 4.3.15 Network Scan .............. ............ ................. ............ ............. ............ .................. ............. ............ ...... 55 4.3.16 Security Profiles ................... ............ ................ .... ...

  • Allied Telesis AT-WR4500 - page 6

    6 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 6.1.2 DHCP Client Setu p................ ............ ................. ............ ............ ............. .................. ............ ..... 117 6.1.3 DHCP Server Set up ................. ............. ................ ............ ...

  • Allied Telesis AT-WR4500 - page 7

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 7 RouterOS v3 Con figuration a nd User Gui de 8.5.3 Monitoring L2 TP Client ................... ............... ............. ............ ............. .................. ............ ...... 163 8.5.4 L2TP Server Setup .............. ............ ................ ............. ........ ...

  • Allied Telesis AT-WR4500 - page 8

    8 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 10.1.5 HotSpot User Profiles ...................... ............... ............. ............ ............ .................. ............. .......2 29 10.2 HotSpot Users .................... ............. ............ .................. .. ...

  • Allied Telesis AT-WR4500 - page 9

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 9 RouterOS v3 Con figuration a nd User Gui de F IGURES Figure 1: AT-WR4 500 Ser ies typical application ............. ............. ............ ............. ................. ............. ............ ............. ........12 Figure 2: WinBo x Loader dis covering ......... .......... ...

  • Allied Telesis AT-WR4500 - page 10

    10 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de P REFACE Purpose of Th is Guid e This guide describes the AT-WR450 0 Series Outdoor Wi reless Rou ters Rout erOS command structure and configuratio n for allowin g users or networ k managers to corr ectly configure t he router getting th e ...

  • Allied Telesis AT-WR4500 - page 11

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 11 RouterOS v3 Con figuration a nd User Gui de C ONTACTING A LLIED T ELESIS This section provides Allied Telesis contact information for technical supp ort as well as sales and corporate infor mation. Online Sup port You can requ est technical supp ort online by accessing the Allied Tel ...

  • Allied Telesis AT-WR4500 - page 12

    12 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 1 Intr oduc tion Thank you for p urchasing an AT-WR450 0 series Wireless Router .     Please refer to th e ATWR45xx Quick Installation Guid e for infor mation on how t o install connec t and initially setup each rou ter model. T ...

  • Allied Telesis AT-WR4500 - page 13

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 13 RouterOS v3 Con figuration a nd User Gui de 1.1 F eatur es The AT-WR450 0 series Rout erOS firmware is very rich of features and very flexible. Among oth ers: • Real IP routing fu nctionalities • 2.4 GHz and 5 GHz dual band operation s • IEEE 802 .11a/b/g/h compliant • Certif ...

  • Allied Telesis AT-WR4500 - page 14

    14 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 2 Conf iguring RouterOS 2.1 Logging in the A T -WR4500 Rout er There are m any options for a ccessing your AT-WR450 0 Router command f acility: • Accessing t he router Co mmand Lin e Interface e ither via T elnet or SSH using any t ext-mo ...

  • Allied Telesis AT-WR4500 - page 15

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 15 RouterOS v3 Con figuration a nd User Gui de Figure 3: Win Box main wi ndow Select f rom t he menu bar located in th e left most part of the window the comman d or menu that you want to access and st art con figuring th e equip ment. For instance you can click on th e “New Termin al ...

  • Allied Telesis AT-WR4500 - page 16

    16 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de After log ging int o th e rou ter you will be present ed with the Router OS™ Welco me Scre en an d command prompt, fo r example: AA TTTTTTTTT TTTTTTTTT oo ooo AA AAA TTTTTTTT TTTTTTT oooo oooo AAAA AAAA TTTTT TTT I ooo ooo AAAAAA AAAAA TT ...

  • Allied Telesis AT-WR4500 - page 17

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 17 RouterOS v3 Con figuration a nd User Gui de A comm and or an argument does not need to be completed, if it is not ambiguou s. Fo r e xample, instead of typing interf ace you can t ype just in or int . To complete a command use the [Tab] ke y.     The completion is optiona ...

  • Allied Telesis AT-WR4500 - page 18

    18 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 3 Conf iguration and Softwar e Mana g em ent Document revisi on: 1.6 (Mon Sep 19 12:55: 52 GMT 2005) Applies to: V2.9 3.1 General In formation Summar y This chapter intr oduces you with comman ds which are used to perfo rm the followin g fu ...

  • Allied Telesis AT-WR4500 - page 19

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 19 RouterOS v3 Con figuration a nd User Gui de To see the files st ored on th e router: [admin@AT-WR 4562] > file print # NAME TYP E SIZE CREATI ON-TIME 0 test.bac kup bac kup 1256 7 sep/08 /2004 21:07:5 0 [admin@AT-WR 4562] > To load the sa ved backup file test : [admin@AT-WR 456 ...

  • Allied Telesis AT-WR4500 - page 20

    20 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de     It is impossible to i mport the wh ole router confi guration using thi s feature. It can only be used to import a part of configura tion (for exa mple, firewall rules) in order to spare you som e typing. Command Description ...

  • Allied Telesis AT-WR4500 - page 21

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 21 RouterOS v3 Con figuration a nd User Gui de Standards and Te chnologies: None Hardware usage : Not signifi cant 3.2.2 System Upgr ade Submenu level: /system u pgrade Description This s ubmenu gives you t he ability to download RouterO S so ftware packages f rom a remot e Ro uterOS ro ...

  • Allied Telesis AT-WR4500 - page 22

    22 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 3.2.3 Adding P ackage Source Submenu level: /system u pgrade upgra de-package- source Description In this su bmenu you can add remote r outers fro m which to download RouterOS soft ware packages. Property Description address ( IP addre ss ) ...

  • Allied Telesis AT-WR4500 - page 23

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 23 RouterOS v3 Con figuration a nd User Gui de • The package dep endency is checked befo re installing a soft ware package. The package will not b e installed, if the r equired softw are package is m issing • The version of th e feature p ackage should be t he same as t hat of the s ...

  • Allied Telesis AT-WR4500 - page 24

    24 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de     If a package is marked for unins tallation, but it is required for an other (depend ent) package, th en the marked package ca nnot be unin stalled. You should un install the dependent pack age too. For th e list of package d ...

  • Allied Telesis AT-WR4500 - page 25

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 25 RouterOS v3 Con figuration a nd User Gui de Example To downgrade th e RouterOS (assuming that all needed pac kages are already uploade d): [admin@AT-WR 4562] system package> down grade Router will be rebooted. Continue? [y/ N]: y system will reboot shortl y 3.3.5 Disabling and Ena ...

  • Allied Telesis AT-WR4500 - page 26

    26 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Example Suppose we need to cancel security pack age uninst allation action schedule d on reb oot: [admin@AT-WR 4562] system package> prin t Flags: X – d isabled # NAME VERSION SCHEDULED 0 routeros -rb500 3.0 1 system 3.0 2 X ipv6 3.0 3 ...

  • Allied Telesis AT-WR4500 - page 27

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 27 RouterOS v3 Con figuration a nd User Gui de Example See the available p ackages: [admin@AT-WR 4562] system upgrade> refr esh [admin@AT-WR 4562] system upgrade> prin t # SOURCE NAME VER SION STAT US COMPL ETED 0 192.168.2 5.8 router os-x86 2. 9.44 ava ilable 1 192.168.2 5.8 rout ...

  • Allied Telesis AT-WR4500 - page 28

    28 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de • Ethern et interface supp ort • IP over IP tun nel interf ace support • Ethern et over IP tunnel in terface support • driver management for Eth ernet ISA cards • serial port mana gement • local user man agement • export and i ...

  • Allied Telesis AT-WR4500 - page 29

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 29 RouterOS v3 Con figuration a nd User Gui de Package name Contents Prerequisite s Additional Li cense wireless Support for wireless interfaces with updated Countr y Re gulatory Dom ain settings none None ...

  • Allied Telesis AT-WR4500 - page 30

    30 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 4 Conf iguring Interfaces 4.1 General In terface Set tings Document revisi on: 1.1 (Fri Mar 05 08:08:52 GMT 200 4) Applies to: V2.9 4.1.1 Gener a l Information Summar y AT-WR4500 Rou terOS supports a variety of physical and virtual interfac ...

  • Allied Telesis AT-WR4500 - page 31

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 31 RouterOS v3 Con figuration a nd User Gui de     One or more inter faces can be monitored at t he same time. To see overall traff ic passing thr ough all interfac es at time, use aggregate instead of interface name. Example Multiple inte rface monitoring: /interface m onit ...

  • Allied Telesis AT-WR4500 - page 32

    32 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de default - sup ort long cables short - suppo rt short cables standard - same as default disable-running-c heck (yes | no; defau lt: yes ) - disable ru nnin g check. If this value is set to 'n o', the router aut omatically detects w ...

  • Allied Telesis AT-WR4500 - page 33

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 33 RouterOS v3 Con figuration a nd User Gui de full-duplex (yes | no) - wh ether tran smission of data o ccurs in tw o directions simu ltaneou sly rate (10 Mb ps | 100 Mbps | 1 Gbps) - th e actual data r ate of the con nection status (link-ok | n o-link | un known ) - status of t he int ...

  • Allied Telesis AT-WR4500 - page 34

    34 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de • No implied pro tocol limits on link distan ce • No implied pro tocol speed de gradation for lon g link distan ces • Dynamic protoco l adjustment depending on tr affic type an d resour ce usage Quick Setup Guide Let's consider t ...

  • Allied Telesis AT-WR4500 - page 35

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 35 RouterOS v3 Con figuration a nd User Gui de ack-tim eout range 5GHz 5GHz-turbo 2.4GHz-G 30km 249 137 368 35km 298 168 320 40km 350 190 375 45km 405 - -     These are not the pr ecise value s. Depending on hardware used and many other f actors they may vary up to +/- 15 mi ...

  • Allied Telesis AT-WR4500 - page 36

    36 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de band - operatin g band 2.4ghz-b - IEEE 802. 11b 2.4ghz-b/g - IEE E 802 .11g (support s also legacy IEEE 802.11b p rotocol) 2.4ghz-g-turbo - IEEE 802.11g using double channel, provi ding air rate of u p to 10 8 Mbit 2.4ghz-onlyg - on ly IEEE ...

  • Allied Telesis AT-WR4500 - page 37

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 37 RouterOS v3 Con figuration a nd User Gui de radar-detect - A P scans ch annel list fr om "scan-list" and chooses t he frequen cy which is with the lowest amount of ot her net works detected, if no radar is detected in this channe l for 60 secon ds, the AP st arts to operate ...

  • Allied Telesis AT-WR4500 - page 38

    38 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de address to the one of a differ ent device. In case no address is set in th e station-bridge- clone-m ac propert y, the station p ostpones connecting to an AP until so me packet, with t he source MAC address different fro m any of the rou te ...

  • Allied Telesis AT-WR4500 - page 39

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 39 RouterOS v3 Con figuration a nd User Gui de wds-cost-range ( integer ; def ault: 50-150 ) - r ange, within which the b ridge port cost of the WDS link s are adjusted. Th e calculations are based o n the p-throug hput value of t he respective WDS interf ace, which repre sents estimate ...

  • Allied Telesis AT-WR4500 - page 40

    40 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de To see current interface sett ings: [admin@AT-WR 4562] interfa ce wireless> print Flags: X - d isabled, R - running Flags: X - disabled, R - running 0 name=" wlan1" mtu=15 00 mac-addres s=00:0C:42:18: 5C:3D arp=ena bled interf ...

  • Allied Telesis AT-WR4500 - page 41

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 41 RouterOS v3 Con figuration a nd User Gui de overhead (and th us increase s peed). The card is not w aiting for frames, bu t in case a n umber of packets are queue d for transmitting, t hey can be co mbined. There are several methods of fra ming: none - do not hing special, do not com ...

  • Allied Telesis AT-WR4500 - page 42

    42 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de mtu ( integer : 0 ..1600; default : 1500 ) - Maximum Tr ansmissi on Unit name ( name ) - refe rence name of the int erface rates-a/g ( mul tiple choice: 6M bps, 9 Mbps, 12 Mbps, 18Mbps, 24 Mbps, 36 Mbps, 48Mbps, 54Mbp s) - rates to be supp ...

  • Allied Telesis AT-WR4500 - page 43

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 43 RouterOS v3 Con figuration a nd User Gui de [admin@AT-WR 4562] interfa ce wireless> print Flags: X - d isabled, R - running 0 R name=" wlan1" mtu=15 00 mac-addres s=00:0C:42:05: 00:14 arp=ena bled interf ace-type=Athe ros AR5413 mo de=station ssi d="AT-WR4560" ...

  • Allied Telesis AT-WR4500 - page 44

    44 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de client- tx-limit ( read-only: integer ) - t ransmit rate limit on the AP, in bits pe r second compression ( re ad-only: yes | no) - wh ether data compress on is us ed for this peer encryption ( read-onl y: aes-cc m | tkip) - u nicast encryp ...

  • Allied Telesis AT-WR4500 - page 45

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 45 RouterOS v3 Con figuration a nd User Gui de To get additional statistics: [admin@AT-WR 4562] interfa ce wireless> registration-t able print st ats 0 interface= wlan1 radio-n ame="000C4218 5C3D" mac-addr ess=00:0C:42: 18:5C:3D ap=no wds =no rx-rate=" 1Mbps" tx-r ...

  • Allied Telesis AT-WR4500 - page 46

    46 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de The association p rocedure is as follows: w hen a new client w ants to associate t o the AP that is confi gured on interface wlanN , an e ntry with client's MAC address and inte rface wl anN is look ed up sequ entially from top to bo t ...

  • Allied Telesis AT-WR4500 - page 47

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 47 RouterOS v3 Con figuration a nd User Gui de 2512 , 2532, 2552, 2572 , 2592, 2612, 2 632, 2652, 2672 , 2692, 2712, 2 732) - the list of 2GHz IEEE 802.11b channels (freq uencies are give n in MHz ) 2ghz-g-chan nels ( multipl e choice, read-only : 2312, 2317, 23 22, 232 7, 2332, 2337, 2 ...

  • Allied Telesis AT-WR4500 - page 48

    48 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de     There is a special ar gument for t he print command - p rint count- only. It forces th e print comman d to print only the coun t of informati on topics. /interface wirele ss info pri nt command sho ws only chann els supporte ...

  • Allied Telesis AT-WR4500 - page 49

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 49 RouterOS v3 Con figuration a nd User Gui de Example [admin@AT-WR 4562] interfa ce wireless i nfo> print 0 interface -type=Atheros AR5413 chip-info ="mac:0xa/0x5 , phy:0x61, a 5:0x63, a2:0x0 , eeprom:0x50 02" tx-power- control=yes a ck-timeout-co ntrol=yes alig nment-mode ...

  • Allied Telesis AT-WR4500 - page 50

    50 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 59 60:0,5965:0,5 970:0,5975:0,5 980:0,5985:0, 5990:0,5995:0 , 60 00:0,6005:0,6 010:0,6015:0,6 020:0,6025:0, 6030:0,6035:0 , 60 40:0,6045:0,6 050:0,6055:0,6 060:0,6065:0, 6070:0,6075:0 , 60 80:0,6085:0,6 090:0,6095:0,6 100:0 2ghz-g-ch annels ...

  • Allied Telesis AT-WR4500 - page 51

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 51 RouterOS v3 Con figuration a nd User Gui de max-station-c ount ( integer ; default: 2007 ) - numb er of clien ts that can conne ct to this AP simultaneously mtu ( integer : 6 8..1600 ; default: 1500 ) - Maximum Transmiss ion Unit name ( name ; def ault: wlanN ) - interface name propr ...

  • Allied Telesis AT-WR4500 - page 52

    52 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Property Description arp (disabled | en abled | pro xy-arp | reply-on ly; default: en abled ) - Ad dress Resolut ion Protocol disabled - the in terface will no t use ARP enabled - the int erface will us e ARP proxy-arp - the interface will ...

  • Allied Telesis AT-WR4500 - page 53

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 53 RouterOS v3 Con figuration a nd User Gui de audio-min ( i nteger ; default: - 100 ) - signal-st rength at wh ich audio (beep er) frequ ency will be the low est audio-monitor ( MAC addres s ; default: 00:00:00:00: 00:00 ) - MAC address of th e remote h ost which will be 'listened ...

  • Allied Telesis AT-WR4500 - page 54

    54 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Example [admin@AT-WR 4562] interfa ce wireless a lign> monitor wlan2 # ADDRESS SSID RXQ AVG-RXQ LAST- RX TXQ LAST-T X CORRECT 0 00:01:24: 70:4B:FC wire lesa -60 -60 0.01 -67 0.01 100 % [admin@AT-WR 4562] interfa ce wireless a lign> 4. ...

  • Allied Telesis AT-WR4500 - page 55

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 55 RouterOS v3 Con figuration a nd User Gui de Example To set t he followin g transmit po wers at e ach rates: 1Mbp s@10dBm, 2 Mbps@1 0dBm, 5.5M bps@9dBm, 11Mbp s@7dBm, do the f ollowing: [admin@AT-WR 4562] interfa ce wireless m anual-tx-power -table> print 0 name="wla n1" ...

  • Allied Telesis AT-WR4500 - page 56

    56 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 4.3.16 Security Pr ofiles Submenu level: /interface wi reless security- profile s Description This section pro vides WEP (Wired Equivalent Privacy) and W PA/WPA2 (Wi-Fi Pr otected A ccess) functions t o wireless inte rfaces. WPA The Wi-Fi P ...

  • Allied Telesis AT-WR4500 - page 57

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 57 RouterOS v3 Con figuration a nd User Gui de radius-mac-m ode (as-usern ame | as-userna me-and-passw ord; default: a s-username ) - whethe r to use MAC address as username on ly or ad both u sername and passwo rd for RADIU S auth entication static-al go-0 (none | 40bit-wep | 10 4bit-w ...

  • Allied Telesis AT-WR4500 - page 58

    58 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de tls-mode (no-cer tificates | d ont-verify-certific ate | verify-c ertificate; def ault: no-certi ficates ) - TLS certificate mode no-certific ates - certificates are negotiate d dynamically u sing anonymou s Diffie-He llman MODP 20 48 bit a ...

  • Allied Telesis AT-WR4500 - page 59

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 59 RouterOS v3 Con figuration a nd User Gui de file-size ( read-onl y: integer ) - c urrent file size (kB) memory-over-l imit- packets ( read-onl y: integer ) - numb er of packets t hat are drop ped be cause of exceeding memo ry-limit memory-save d-packets ( re ad-only: integer ) - h ow ...

  • Allied Telesis AT-WR4500 - page 60

    60 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Property Description channel-ti me ( time ; default: 200ms ) - how long to snoop each chann el, if multiple-chan nels is set to yes multiple- channels (yes | no ; default: no ) - wh ether t o snoop mu ltiple channels or a single chann el no ...

  • Allied Telesis AT-WR4500 - page 61

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 61 RouterOS v3 Con figuration a nd User Gui de • disabled=no • On client (station): • mode=station • band=5ghz • ssid=test • disabled=no Configure th e Access Point a nd add an IP address (10.1.0.1 ) to it: [admin@Acces sPoint] inter face wireless > set wlan1 mo de=ap-bri ...

  • Allied Telesis AT-WR4500 - page 62

    62 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Configure th e station and add an IP address (1 0.1.0.2) to it: [admin@Stati on] interface wireless> se t wlan1 name=T o-AP mode=sta tion ssid=test band=5ghz di sabled=no [admin@Stati on] interface wireless> pr int Flags: X - d isab ...

  • Allied Telesis AT-WR4500 - page 63

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 63 RouterOS v3 Con figuration a nd User Gui de • Configure AP to sup port W DS connection s • Set wds-defa ult-bridge to b ridge1 • On WDS station : • Configure it as a WDS Statio n, using mode= station-wds • Configure t he WDS Access Point. Co nfigure th e w ireless interf ac ...

  • Allied Telesis AT-WR4500 - page 64

    64 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Now configure the WD S st ation and put th e wire less ( wl an1 ) an d eth ernet ( Local ) i nterfaces into a bridge: [admin@WDS_S tation] > int erface bridge [admin@WDS_S tation] inter face bridge> add [admin@WDS_S tation] inter face ...

  • Allied Telesis AT-WR4500 - page 65

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 65 RouterOS v3 Con figuration a nd User Gui de This example wil l show you h ow to create a VAP: [admin@VAP] interface wir eless> print Flags: X - d isabled, R - running 0 name=" wlan1" mtu=15 00 mac-addres s=00:0C:42:05: 00:22 arp=ena bled disabl e-running-che ck=no interf ...

  • Allied Telesis AT-WR4500 - page 66

    66 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Nstr eme This example sho ws you how to configure a point-to-p oint Nstrem e link. Nstreme 2 Nstreme 1 Figure 7: Nstrem e networ k example The set up of Nst reme is similar to u sual wireless configurat ion, ex cept t hat you have to do som ...

  • Allied Telesis AT-WR4500 - page 67

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 67 RouterOS v3 Con figuration a nd User Gui de Configure Nstreme -Client wireless sett ings and enable N streme on it: [admin@Nstre me-Client] in terface wirel ess> set wlan1 mode=station ssid=nstreme band=5ghz frequency=58 05 disabled=n o [admin@Nstre me-Client] in terface wirel e ...

  • Allied Telesis AT-WR4500 - page 68

    68 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 5180 MHz [DualNS - 2] [DualNS - 1] 5805 MHz Figure 8: Nstrem e dual ne twork exam ple Configure Dual NS-1 : [admin@DualN S-1] interfac e wireless> s et wlan1,wlan2 mode=nstreme -dual-slave [admin@DualN S-1] interfac e wireless> p rint ...

  • Allied Telesis AT-WR4500 - page 69

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 69 RouterOS v3 Con figuration a nd User Gui de     As we have not c onfigured the DualNS-2 rou ter, we cann ot define the remo te-mac param eter on DualNS-1 . We wil l do it after c onfiguring DualN S-2 ! The configuration o f DualNS -2 : [admin@DualN S-2] interfac e wireles ...

  • Allied Telesis AT-WR4500 - page 70

    70 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de WEP Security This example shows h ow to configure WEP (Wired Eq uivalent Privacy) on Access Point and Clients . In example w e will configure an Ac cess Point which will use 104bit-wep for on e station and 40bit-w ep for other clients. Th e ...

  • Allied Telesis AT-WR4500 - page 71

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 71 RouterOS v3 Con figuration a nd User Gui de Configure th e Access Point: [admin@WEP_A P] interface wireless secu rity-profiles> add name=Sta tionX ... mode=st atic-keys-req uired static- algo-1=40bit-w ep static-key -1=1234567890 ... static- transmit-key= key-1 [admin@WEP_A ...

  • Allied Telesis AT-WR4500 - page 72

    72 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Configure WEP_St ation1: [admin@WEP_S tation1] inte rface wireles s security-pro files> add na me=Station1 ... mode=st atic-keys-req uired static- sta-private-al go=104bit-wep ... static- sta-private-k ey=6543210987 65432109876543 ...

  • Allied Telesis AT-WR4500 - page 73

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 73 RouterOS v3 Con figuration a nd User Gui de Config of WE P_StationX: [admin@WEP_S tationX] inte rface wireles s security-pro files> add na me=StationX ... mode=st atic-keys-req uired static- algo-1=40bit-w ep static-key -1=1234567890 ... static- transmit-key= key-1 [admin@WE ...

  • Allied Telesis AT-WR4500 - page 74

    74 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de On t he AP in default or in your own made profile as an e ncryption algorithm choose w pa-psk . Sp ecify the pre-share d-key , wpa-uni cast-cipher s and wpa-group-c ipher [admin@WPA_A P] interface wireless secu rity-profiles> set default ...

  • Allied Telesis AT-WR4500 - page 75

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 75 RouterOS v3 Con figuration a nd User Gui de 4.4 VLAN Int erfaces Document revisi on: 1.2 (Mon Sep 19 13:46: 34 GMT 2005) Applies to: V2.9 4.4.1 Gener a l Information Summar y VLAN is an implementation o f the 802.1 Q VLAN protocol for RouterOS. It allows you to h ave multiple Virtual ...

  • Allied Telesis AT-WR4500 - page 76

    76 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de reply-only - the interface wil l only reply t o the req uests for to its ow n IP addresses , but ne ighbor MAC addresses will b e gathered fr om /ip arp statical ly set table o nly interface ( name ) - physical in terface to t he netw ork w ...

  • Allied Telesis AT-WR4500 - page 77

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 77 RouterOS v3 Con figuration a nd User Gui de On Router 1 : [admin@AT-WR 4562] ip addr ess> add addr ess=10.10.10.1 /24 interface =test [admin@AT-WR 4562] ip addr ess> print Flags: X - d isabled, I - invalid, D - dynamic # ADDRES S NETWORK BROADCAST INTERFAC E 0 10.0.0 .204/24 10 ...

  • Allied Telesis AT-WR4500 - page 78

    78 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Quick Setup Guide To put int erface ether1 and ether2 in a brid ge. Add a bridge int erface, called MyBridge : /interface b ridge add nam e="MyBridge" disabled=no Add ether1 and ether2 to MyB ridge inte rface: /interface b ridge p ...

  • Allied Telesis AT-WR4500 - page 79

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 79 RouterOS v3 Con figuration a nd User Gui de Property Description admin-mac: (MAC address) - MAC address ass igned to t he bridge if aut o-mac = no ageing-tim e ( time ; default: 5 m ) - how lon g a host informa tion will be kep t in the b ridge database arp (disabled | en abled | pro ...

  • Allied Telesis AT-WR4500 - page 80

    80 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Example To group ether1 and ether2 in the already created bridg e1 bridge (ver sions from 2.9 .9): [admin@AT-WR 4562] interfa ce bridge por t> add interfa ce=ether1 bri dge=bridge1 [admin@AT-WR 4562] interfa ce bridge por t> add inter ...

  • Allied Telesis AT-WR4500 - page 81

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 81 RouterOS v3 Con figuration a nd User Gui de Example To monitor a bri dge port: [admin@AT-WR 4562] interfa ce bridge por t> mo 0 status: in -bridge po rt-number: 1 role: de signated-port edge-port: no edge-port- discovery: ye s point-to-p oint-port: no ext ernal-fdb: no sen ding-rs ...

  • Allied Telesis AT-WR4500 - page 82

    82 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de There are thr ee bridge filter tables: • filter - bridge firew all with th ree predefin ed chains: • input - filters packets, which destination is th e bridge ( including those packets that will be routed, as they are anyway destined to ...

  • Allied Telesis AT-WR4500 - page 83

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 83 RouterOS v3 Con figuration a nd User Gui de dst-address ( IP ad dress ; defa ult: 0.0.0 .0/0 ) - destination IP address (only if M AC prot ocol is set to IP v4) dst-mac-addre ss ( MAC addr ess ; default: 00:00: 00:00:00:00 ) - destination MAC address dst-port ( integer : 0. .6553 5) ...

  • Allied Telesis AT-WR4500 - page 84

    84 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de stp-forward-dela y ( time : 0.. 655 35) - forward delay time r stp-hello-tim e ( time : 0..655 35) - stp hello packets time stp-max-age ( time : 0..6553 5) - maximal STP message age stp-msg-age ( tim e : 0..65535 ) - STP messa ge age stp-po ...

  • Allied Telesis AT-WR4500 - page 85

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 85 RouterOS v3 Con figuration a nd User Gui de Property Description action (accept | arp-reply | dr op | dst-nat | jump | log | mark | passthrou gh | redirect | r eturn | src-nat; default: accept ) - action to u ndertake if t he packet m atches the ru le, one of th e: accept - accep t t ...

  • Allied Telesis AT-WR4500 - page 86

    86 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 4.5.11 T roubl eshooting Description Router shows that my rule i s invali d • in-interface, in-b ridge (or in-br idge-port) is spec ified, but such an interf ace does not e xist • there is an action =mark-pack et, but n o new-packet-mar ...

  • Allied Telesis AT-WR4500 - page 87

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 87 RouterOS v3 Con figuration a nd User Gui de 5 IP and Routing 5.1 IP Addr esses an d ARP Document revisi on: 1.3 (Tue Sep 20 19:02: 32 GMT 2005) Applies to: V2.9 5.1.1 Gener a l Information Summar y The following Manual discuss es IP address management and the Address Resolution Pr ot ...

  • Allied Telesis AT-WR4500 - page 88

    88 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Property Description actual-interface (re ad-only: name) - only applicable to log ical interf aces like bridges o r tun nels. Holds the name of t he actual hardw are interface th e logical one is boun d to. address (IP addres s) - IP addr e ...

  • Allied Telesis AT-WR4500 - page 89

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 89 RouterOS v3 Con figuration a nd User Gui de If ARP fe ature is t urned of f on the interface, i.e., arp=di sabled is use d, ARP requ ests from clients are not answered b y the rou ter. There fore, st atic ARP entry should be added to t he clients as well. For example, the route r&apo ...

  • Allied Telesis AT-WR4500 - page 90

    90 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Network A 192 .168.0.0/24 198 .168.0.130/25 Network B 192.168.0 .128/25 ether2 198.168.0 .129/25 198.168.0.20/2 4 198 .168.0.30/24 198 .168.0.1/25 ethe r1 A B C Figure 11: Prox y ARP Suppose the host A n eeds to commun icate to ho st C. To ...

  • Allied Telesis AT-WR4500 - page 91

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 91 RouterOS v3 Con figuration a nd User Gui de Example Consider the following conf iguration: Reserved for dial in 10.0.0.230 ..240 Pppoe - inX addresses 10.0.0.217 /32 10.0.0.217/24 ether1 10.0.0.1/24 Internet Laptop 10.0.0.231 /24 Server 10.0.0.2/24 WS 10.0.0.230/24 Figure 12: Prox y ...

  • Allied Telesis AT-WR4500 - page 92

    92 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de interface with th e networ k being th e same as the a ddress o n the r outer on the ot her side of t he p2p link (there may be n o IP on that in terface, bu t there is an IP fo r that ro uter). Example [admin@AT-WR 4562] ip addr ess> add ...

  • Allied Telesis AT-WR4500 - page 93

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 93 RouterOS v3 Con figuration a nd User Gui de Related T opic s IP Addresses and ARP Routes, Eq ual Cost Multip ath Routing, Polic y Routing Description Routing In formation Proto col (RIP) is o ne pro tocol in a s eries o f routin g p rotocols ba sed on B ellman- Ford (or distance vect ...

  • Allied Telesis AT-WR4500 - page 94

    94 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Example To enable RIP p rotocol to re distribute the rou tes to the conne cted network s: [admin@AT-WR 4562] routing rip> set red istribute-conn ected=yes [admin@AT-WR 4562] routing rip> print distri bute-default: never redistr ibute- ...

  • Allied Telesis AT-WR4500 - page 95

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 95 RouterOS v3 Con figuration a nd User Gui de 5.2.4 Networks Submenu level: /routing rip network Description To start the RIP p rotocol, yo u have to define t he netw orks on wh ich RIP will run. Property Description network ( IP addr ess mask ; de fault: 0.0. 0.0/0 ) - specifies t he ...

  • Allied Telesis AT-WR4500 - page 96

    96 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de     This list shows rout es learned by all dynamic rou ting protocols ( RIP, OSPF and BGP) Example To view the list of t he route s: [admin@AT-WR 4562] routing rip route> p rint Flags: S - s tatic, R - ri p, O - ospf, C - con ...

  • Allied Telesis AT-WR4500 - page 97

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 97 RouterOS v3 Con figuration a nd User Gui de The necessary con figuration o f the RIP general settings is as follows: [admin@AT-WR 4562] routing rip> set red istribute-conn ected=yes [admin@AT-WR 4562] routing rip> print dist ribute-defaul t: never redis tribute-stati c: no redi ...

  • Allied Telesis AT-WR4500 - page 98

    98 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Alliedware+ Route r Configur ation ... interface Et hernet0 ip address 10.0.0.26 255 .255.255.0 no ip direc ted-broadcast ! interface Se rial1 ip address 192.168.1.1 2 55.255.255.25 2 ip directed -broadcast ! router rip version 2 redistribu ...

  • Allied Telesis AT-WR4500 - page 99

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 99 RouterOS v3 Con figuration a nd User Gui de Related T opic s • IP Addresses and ARP • Routes, Equ al Cost Multipath Routing, Polic y Routing • Log Management Description Open Shortest Pat h Fir st p rotocol is a link-state routin g pr otocol. It's uses a lin k-state algori ...

  • Allied Telesis AT-WR4500 - page 100

    100 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de     Within one area, only the rou ter that is conn ected to an other a rea (i.e. Area bord er rou ter) or to another AS (i.e. Autonomou s System bou ndary router) shoul d have the pr opagation of th e default rout e enabled. OS ...

  • Allied Telesis AT-WR4500 - page 101

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 101 RouterOS v3 Con figuration a nd User Gui de However, are as do not need t o be ph ysical connected to ba ckbone. It can be done with virtual link. The name and are a-id for this area can not be change d authenticat ion (none | simp le | md5; defau lt: none ) - spe cifies authe ntica ...

  • Allied Telesis AT-WR4500 - page 102

    102 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 5.3.5 Interfac es Submenu level: /routing ospf interface Description This fac ility pro vides tool s f or ad ditional in -depth configuration of OSPF interface sp ecific p arameters. You do not h ave to configure interf aces in order to ru ...

  • Allied Telesis AT-WR4500 - page 103

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 103 RouterOS v3 Con figuration a nd User Gui de Property Description neighbor-id ( IP addr ess ; def ault: 0.0. 0.0 ) - spe cifies router-id of th e neighbor transit-area ( na me ; default: (unknown) ) - a non-backbon e area the two r outers have i n common     Virtual links ...

  • Allied Telesis AT-WR4500 - page 104

    104 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Example The following tex t can be obs erved just after adding an O SPF net work: admin@AT-WR4 562] routing ospf> neighbo r print router-id=1 0.0.0.204 add ress=10.0.0.2 04 priority=1 state="2-Way" state-ch anges=0 ls-re trans ...

  • Allied Telesis AT-WR4500 - page 105

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 105 RouterOS v3 Con figuration a nd User Gui de Now let's set up th e OSPF_MAIN router . The route r should have 3 NI Cs: [admin@OSPF_ MAIN] interfa ce> print Flags: X - d isabled, D - dynamic, R - running # NAME TYPE RX-RATE TX- RATE MT U 0 R main_gw ether 0 0 1500 1 R to_peer_ ...

  • Allied Telesis AT-WR4500 - page 106

    106 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Assign IP addre sses to the se interfaces: [admin@OSPF_ peer_1] ip ad dress> print Flags: X - d isabled, I - invalid, D - dynamic # ADDRE SS NETWOR K BROADCAST INTERFA CE 0 10.1. 0.1/24 10.1.0 .0 10.1.0.255 to_main 1 10.3. 0.1/24 10.3.0 ...

  • Allied Telesis AT-WR4500 - page 107

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 107 RouterOS v3 Con figuration a nd User Gui de Add the same area as in pr evious rou ters: [admin@OSPF_ peer_2] routi ng ospf area> print Flags: X - d isabled, I - invalid # NAME AREA-ID STUB DEFAULT-COST AUTHENTICATI ON 0 backbone 0.0.0.0 none 1 local_10 0.0.0.1 no 1 none Add conne ...

  • Allied Telesis AT-WR4500 - page 108

    108 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Routing tables with Revised Link Cost This example sho ws how to set u p link cost. L et us assume, that th e link between the rou ters OSPF_peer_1 and OSPF_ peer_2 has a h igher cost (might b e slower, we have to pay more f or the traffic ...

  • Allied Telesis AT-WR4500 - page 109

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 109 RouterOS v3 Con figuration a nd User Gui de On OSPF_peer _1: [admin@OSPF_ peer_1] > ip route pr Flags: X - d isabled, I - invalid, D - dynamic, J - r ejected, C - connect, S - static, r - rip, o - ospf, b - bgp # DST -ADDRESS G GATE WAY DISTANCE IN TERFACE 0 Do 192.1 68.0.0/24 r ...

  • Allied Telesis AT-WR4500 - page 110

    110 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de The OSPF rout ing changes as follows: Routes on OSPF_MAIN rou ter: [admin@OSPF_ MAIN] ip rout e> print Flags: X - d isabled, I - invalid, D - dynamic, J - r ejected, C - connect, S - static, r - rip, o - ospf, b - bgp # DST -ADDRESS G G ...

  • Allied Telesis AT-WR4500 - page 111

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 111 RouterOS v3 Con figuration a nd User Gui de Filter NAT Description RouterOS has follow ing types of rout es: dynamic ro utes - aut omatically created route s for ne tworks, wh ich are directl y accesse d through an interface. They appear autom atically, whe n addin g a new IP a ddre ...

  • Allied Telesis AT-WR4500 - page 112

    112 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de bgp-origin (inco mplete | igp | egp) - th e origin of the route prefix bgp-prepend ( in teger : 0..16) - numb er which indicates how many time s to prep end AS_NAME t o AS_PATH check-gate way (arp | ping; d efault: ping ) - which proto col ...

  • Allied Telesis AT-WR4500 - page 113

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 113 RouterOS v3 Con figuration a nd User Gui de     You can use policy r outing even i f you use masquerading on y our private n etworks. The sour ce address will be the same a s it is in the lo cal network. In p revious ver sions of Router OS the source addr ess changed to ...

  • Allied Telesis AT-WR4500 - page 114

    114 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de     ISP1 gives us 2 Mbps and ISP2 - 4Mbps so w e want a traff ic ratio 1:2 (1/3 of the source/d estination IP pairs from 192.168. 0.0/24 go es through ISP1 , and 2/3 throu gh ISP2). IP addresses of th e router: [admin@ECMP- Rou ...

  • Allied Telesis AT-WR4500 - page 115

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 115 RouterOS v3 Con figuration a nd User Gui de Configuration o f the IP addres ses: [admin@PB-Ro uter] ip addr ess> print Flags: X - d isabled, I - invalid, D - dynamic # ADDRESS N ETWORK BROADCAST INTERFACE 0 192.168 .0.1/24 1 92.168.0.0 192.168.0.25 5 Local1 1 192.168 .1.1/24 1 92 ...

  • Allied Telesis AT-WR4500 - page 116

    116 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 6 DHCP and DNS 6.1 DHCP Client and Ser ver Document revisi on: 2.7 (Mon Apr 18 22:24: 18 GMT 2005) Applies to: V2.9 6.1.1 Gener a l Information Summar y The DHCP (Dynami c Host Conf iguration Protoco l) is needed for easy distribu tion of ...

  • Allied Telesis AT-WR4500 - page 117

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 117 RouterOS v3 Con figuration a nd User Gui de 68 po rt. The initial negotiati on involves commu nication b etween broadcast addresses (on some ph ases sender will u se source address o f 0. 0.0.0 and/or destinati on address o f 255.255. 255.255 ). You shou ld be aware of this w hen bu ...

  • Allied Telesis AT-WR4500 - page 118

    118 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de     If host-name pr operty is not specified, client's sy stem identity wi ll be sent in th e respective f ield of DHCP request. If client-i d property is not speci fied, client's MAC address will be sent in the re spe ...

  • Allied Telesis AT-WR4500 - page 119

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 119 RouterOS v3 Con figuration a nd User Gui de • specified, rx -rate is as tx- rate too. Same goes for tx- burst-rate an d tx -burst- threshold and tx -burst- time. • If b oth rx-bu rst-thresho ld and tx- burst-thre shold are n ot spe cified (bu t burst -rate is specified), r x- ra ...

  • Allied Telesis AT-WR4500 - page 120

    120 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de the sour ce-address is left as 0 .0.0 .0 , then the static address will be u sed. If there are multiple ad dresses on the in terface, an address in the same sub net as the range of given ad dresses should be used use-radius (yes | no; defa ...

  • Allied Telesis AT-WR4500 - page 121

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 121 RouterOS v3 Con figuration a nd User Gui de Property Description store-leases-dis k (time-interv al | immediate ly | never; defau lt: 5min ) - ho w freque ntly lease changes should be sto red on disk 6.1.5 DHCP Networks Submenu level: /ip dhcp-ser ver netw ork Property Description a ...

  • Allied Telesis AT-WR4500 - page 122

    122 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Note that the IP addresses as signed static ally are not pr obed. Property Description active-addres s ( read-only: IP address ) - actual IP address f or th is lease active-c lient-id ( read-only: text ) - actual clien t-id of the clie nt ...

  • Allied Telesis AT-WR4500 - page 123

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 123 RouterOS v3 Con figuration a nd User Gui de Example To assign 10.5 .2.100 st atic IP address for th e existing DHC P client (sh own in th e lease table as item #0) : [admin@AT-WR 4562] ip dhcp -server lease > print Flags: X - d isabled, R - radius, D - d ynamic, B - bl ocked # AD ...

  • Allied Telesis AT-WR4500 - page 124

    124 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Property Description code ( integer : 1..25 4) - dhcp o ption code. A ll codes are available at http://www.iana.or g/assignme nts/boo tp-dhcp-p arameters name ( name ) - des criptive name of the op tion value ( text ) - p arameter's v ...

  • Allied Telesis AT-WR4500 - page 125

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 125 RouterOS v3 Con figuration a nd User Gui de Example To add a DH CP relay named relay on ether1 interface resendin g all rece ived requests to the 10.0.0.1 DHCP server: [admin@AT-WR 4562] ip dhcp -relay> add n ame=relay inte rface=ether1 ... dhcp-se rver=10.0.0.1 disabled=no [a ...

  • Allied Telesis AT-WR4500 - page 126

    126 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de The wizard h as made the follo wing configur ation based on t he answe rs above: [admin@AT-WR 4562] ip dhcp -server> prin t Flags: X - d isabled, I - invalid # NAME INT ERFACE RELAY ADDR ESS-POOL LEAS E-TIME ADD-AR P 0 dhcp1 eth er1 0.0 ...

  • Allied Telesis AT-WR4500 - page 127

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 127 RouterOS v3 Con figuration a nd User Gui de IP addresses of D HCP-Rela y : [admin@DHCP- Relay] ip add ress> print Flags: X - d isabled, I - invalid, D - dynamic # ADDRESS N ETWORK BROADCAST INTERFACE 0 192.168 .0.1/24 1 92.168.0.0 192.168.0.25 5 To-DHCP-S erver 1 192.168 .1.1/24 ...

  • Allied Telesis AT-WR4500 - page 128

    128 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de [DHCP-Server] Local 192.168.0.1/24 Public 10.1.0.2/24 Internet RADIUS Server 172.16.0.2/24 To - Radius 172.16.0.1/24 Local Network Address Range : 19 2.168.0.0/24 Figure 19: DHC P with RA DIUS We assume th at you already have installed Fre ...

  • Allied Telesis AT-WR4500 - page 129

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 129 RouterOS v3 Con figuration a nd User Gui de 6.2 DNS Client a nd Ca che Document revisi on: 1.2 (Fri Apr 15 17:37: 43 GMT 2005) Applies to: V2.9 6.2.1 Gener a l Information Summar y DNS cache is u sed to minimize DNS requ ests to an e xternal DNS server as we ll as to minimize DNS re ...

  • Allied Telesis AT-WR4500 - page 130

    130 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Example To set 159.1 48.60.2 as the pr imary DNS server and allow the rout er to be used as a DN S server, do the following: [admin@AT-WR 4562] ip dns> set primary- dns=159.148.60 .2 ... allow-r emote-request s=yes [admin@AT-WR 4562] ...

  • Allied Telesis AT-WR4500 - page 131

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 131 RouterOS v3 Con figuration a nd User Gui de Description The Router OS has an embed ded DNS ser ver feature in DNS cache. It a llows you t o link the particular dom ain names with the resp ective IP addresses an d advertize th ese links to t he DNS client s using the rou ter as their ...

  • Allied Telesis AT-WR4500 - page 132

    132 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 7 AAA Conf ig uration 7.1 RADIUS cli ent Document revisi on: 1.6 (February 14, 200 7, 12:00 GMT) Applies to: V2.9 7.1.1 Gener a l Information Summar y This document provides info rmation abou t Route rOS built-in RADIUS client configurat i ...

  • Allied Telesis AT-WR4500 - page 133

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 133 RouterOS v3 Con figuration a nd User Gui de domain ( text ; defau lt: "" ) - M icrosoft Win dows doma in of client passed to RADIUS ser vers t hat require domain validation realm ( text ) - exp licitly stated real m (user dom ain), so the users do not have to prov ide prop ...

  • Allied Telesis AT-WR4500 - page 134

    134 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de port ( integer ; defau lt: 1700 ) - The p ort numb er to listen f or the reque sts on     RouterOS doesn't support POD ( Packet of Disconnect) the other RADIUS a ccess reques t packet t hat performs a simil ar function as ...

  • Allied Telesis AT-WR4500 - page 135

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 135 RouterOS v3 Con figuration a nd User Gui de • NAS-Port-Id - async PPP - serial port name; PPPoE - ethernet interface name on which se rver is running; HotSpot - name of th e physical HotSpot interface (if b ridged, th e b ridge port name is showed here ); not pre sent for ISDN, PP ...

  • Allied Telesis AT-WR4500 - page 136

    136 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de you should firs t cre ate a ppp chain and make jum p r ules that would put actual traffic to this chain). The same app lies for HotSp ot, but t he rules will be create d in hotspot cha in • Mikrotik-Mark- Id - f irewall mangle chain n am ...

  • Allied Telesis AT-WR4500 - page 137

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 137 RouterOS v3 Con figuration a nd User Gui de instances may b e send by RADIUS ser ver to sp ecify add itional URLs wh ich are choo sen in r ound robin fashion . • Mikrotik-Ad vertise-Inter val - Time interval between tw o adjacent advertisement s. Mu ltiple attribute inst ances ma ...

  • Allied Telesis AT-WR4500 - page 138

    138 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Change of Autho rization RADIUS d isconnect and Change of Auth orization ( according to RFC3576) are supported as well. These attributes may be changed b y a CoA req uest from t he RADIUS server: • Mikrotik-Group • Mikrotik-Recv-Limit ...

  • Allied Telesis AT-WR4500 - page 139

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 139 RouterOS v3 Con figuration a nd User Gui de Name VendorID Value RFC where it i s defined Called-Station-Id 30 RFC2865 Calling-Station-Id 31 RFC2865 CHAP-Challen ge 60 RFC2866 CHAP-Password 3 RFC2865 Class 25 RFC2865 Filter-Id 11 RFC2865 Framed-IP-Address 8 RFC2865 Framed-IP-Net mask ...

  • Allied Telesis AT-WR4500 - page 140

    140 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Name VendorID Value RFC where it i s defined MS-CHAP2-Succes s 31 1 26 RFC2548 MS-MPPE-Encrypt ion-Policy 311 7 RFC25 48 MS-MPPE-Encrypt ion-Types 311 8 RFC2548 MS-MPPE-Recv- Key 311 1 7 RFC25 48 MS-MPPE-Send- Key 311 16 RFC2548 NAS-Identi ...

  • Allied Telesis AT-WR4500 - page 141

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 141 RouterOS v3 Con figuration a nd User Gui de 7.2 PPP User A AA Document revisi on: 2.5 (Fri Jul 07 14:52:59 GMT 2006) Applies to: V2.9 7.2.1 Gener a l Information Summar y This document provides summary, conf iguration ref erence and examples on PPP user mana gement. Th is includes a ...

  • Allied Telesis AT-WR4500 - page 142

    142 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de default - derive this value fro m the inte rface default profile; same as no if t his is the int erface default profile dns-server ( IP addr ess {1,2} ) - IP address o f the DNS server to sup ply to clients idle-ti meout ( time ) - specifi ...

  • Allied Telesis AT-WR4500 - page 143

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 143 RouterOS v3 Con figuration a nd User Gui de     There are two defaul t profil es that cannot be remo ved: [admin@rb13] ppp profile> print Flags: * - d efault 0 * name="default" use-compression =default use-vj-compression=defa ult use- encryption=d efault onl ...

  • Allied Telesis AT-WR4500 - page 144

    144 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de routes ( text ) - rou tes that ap pear on t he server wh en the client is con nected. The rou te format is: d st- address [[gat eway] [metr ic]] (for example , 10.1.0.0/24 10.0.0.1 1 ). Several routes may be specified separated with co mma ...

  • Allied Telesis AT-WR4500 - page 145

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 145 RouterOS v3 Con figuration a nd User Gui de 7.2.5 PPP User Remote AA A Submenu level: /ppp aaa Property Description accounting (yes | no; default : yes ) - enable R ADIUS accou nting interim-updat e ( time ; defaul t: 0s ) - Inte rim-Update time inte rval use-radius (yes | no; defau ...

  • Allied Telesis AT-WR4500 - page 146

    146 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 7.3.2 Router User Gr oups Submenu level: /user group Description The rout er u ser grou ps provide a convenien t way to assign different pe rmissions and access right s to different u ser classes. Property Description name ( name ) - th e ...

  • Allied Telesis AT-WR4500 - page 147

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 147 RouterOS v3 Con figuration a nd User Gui de Example To add rebo ot group t hat is allowed to reboot the ro uter locally or using t elnet, as well as rea d the router' s configuration, ent er the follow ing command: [admin@rb13] user group> add name=rebo ot policy=teln et,reb ...

  • Allied Telesis AT-WR4500 - page 148

    148 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Example To add user joe w ith passwor d j1o2e3 belongin g to write grou p, enter t he following co mmand: [admin@AT-WR 4562] user> a dd name=joe p assword=j1o2e3 group=write [admin@AT-WR 4562] user> p rint Flags: X - d isabled 0 ;;; ...

  • Allied Telesis AT-WR4500 - page 149

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 149 RouterOS v3 Con figuration a nd User Gui de use-radius (yes | no; default: no ) - specifies wh ether a use r database on a R ADIUS serve r shou ld be consulted     The RADIUS user da tabase is q ueried only if the required us ername is no t found in the local u ser datab ...

  • Allied Telesis AT-WR4500 - page 150

    150 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 8 VPNs and T u nneling 8.1 EoIP Document revisi on: 1.4 (Fri Nov 04 20: 53:13 GMT 2005) Applies to: V2.9 8.1.1 Gener a l Information Summar y Ethern et over IP (EoIP) Tu nneling is a RouterOS protocol that creates an Ethern et tunnel betwe ...

  • Allied Telesis AT-WR4500 - page 151

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 151 RouterOS v3 Con figuration a nd User Gui de The EoIP inte rface appears as an Ether net interface under t he interf ace list. This interf ace support s all fe atures of an Eth ernet inte rface. IP addresses and other tunnels may b e run over the int erface. The EoIP prot ocol e ncap ...

  • Allied Telesis AT-WR4500 - page 152

    152 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 8.1.3 EoIP Application Ex ample Description Let us assume we want to bridge tw o networks: 'Office LAN' and 'Remot e LAN'. The network s are connected to an I P net work th rough th e rout ers [Our_GW] and [Rem ote]. Th ...

  • Allied Telesis AT-WR4500 - page 153

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 153 RouterOS v3 Con figuration a nd User Gui de Configure the E oIP tunnel b y adding the eoip t unnel interfaces at b oth rout ers. Use the ip addresses of the pp tp tunnel interf aces when spe cifying the argument values f or the Eo IP tunnel: [admin@Our_G W] interface eoip> add na ...

  • Allied Telesis AT-WR4500 - page 154

    154 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 8.2 Interface Bond ing Document revisi on: 1.1 (oct-26-2004) Applies to: V2.9 8.3 General In formation 8.3.1 Summar y Bonding is a technolo gy that allows to aggregate multiple e therne t-like int erfaces into a single virtual link, thus g ...

  • Allied Telesis AT-WR4500 - page 155

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 155 RouterOS v3 Con figuration a nd User Gui de Description To provide a prop er failover, you should specify link-moni toring paramet er. It can be : • MII (Media Indepe ndent Interface) type 1 or type2 - Me dia In dependen t Int erface is an ab stract layer between the op erating sy ...

  • Allied Telesis AT-WR4500 - page 156

    156 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de name ( name ) - descriptive na me of bon ding interface primary ( name ; default: non e ) - Int erface is used as prim ary outp ut media. If prim ary interface fa ils, only then ot hers slaves will be use d. This v alue works only with mod ...

  • Allied Telesis AT-WR4500 - page 157

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 157 RouterOS v3 Con figuration a nd User Gui de Office2 configu ration: [admin@offic e2] interface > print Flags: X - d isabled, D - dynamic, R - running # NAME TYP E RX-RATE TX -RATE MTU 0 R isp2 eth er 0 0 1500 1 R isp1 eth er 0 0 1500 [admin@offic e2] interface > /ip add pri nt ...

  • Allied Telesis AT-WR4500 - page 158

    158 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Bonding co nfiguratio n for Office1 [admin@offic e1] interface bonding> add slaves=eoip-t unnel1,eoip-t unnel2 [admin@offic e1] interface bonding> pri nt Flags: X - d isabled, R - running 0 R name=" bonding1" mtu =1500 mac- ...

  • Allied Telesis AT-WR4500 - page 159

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 159 RouterOS v3 Con figuration a nd User Gui de Add an IPIP inter face (by def ault, its name w ill be ipip1 ): [admin@10.5. 8.104] interf ace ipip> add local-address =10.5.8.104 remote-addre ss=10.1.0.172 disabled=no Add an IP address to create d ipip1 inter face: [admin@10.5. 8.1 ...

  • Allied Telesis AT-WR4500 - page 160

    160 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de     Use /ip address ad d command to assign an IP add ress to the IPIP interface. There is no authentica tion or 'st ate' for this int erface. The band width usage of th e interface ma y be monitored with the monitor f ...

  • Allied Telesis AT-WR4500 - page 161

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 161 RouterOS v3 Con figuration a nd User Gui de Now both routers can p ing each other: [admin@AT-WR 4562] interfa ce ipip> /pin g 1.1.1.2 1.1.1.2 64 b yte ping: ttl =64 time=24 m s 1.1.1.2 64 b yte ping: ttl =64 time=19 m s 1.1.1.2 64 b yte ping: ttl =64 time=20 m s 3 packets tr ansm ...

  • Allied Telesis AT-WR4500 - page 162

    162 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Related T opic s IP Addresses and ARP AAA Configur ation EoIP IP Security Additional Resour ces http://www.linu xguide.it/docs.p hp?Ne tworking:VPN:IPSec% 2FL2TP http://en.wikip edia.org/wiki/L2 tp Description L2TP is a secure tunn el p ro ...

  • Allied Telesis AT-WR4500 - page 163

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 163 RouterOS v3 Con figuration a nd User Gui de mrru ( integer : 512 ..65535 ; default: disabled ) - maximum p acket size t hat can be rece ived on the link. If a packet is bigger th an tunn el MTU, it will be sp lit into multip le packets, allowing full size I P or Eth ernet packets to ...

  • Allied Telesis AT-WR4500 - page 164

    164 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 8.5.4 L2TP Ser ver Setup Submenu level: /interface l 2tp-server ser ver Description The L2 TP server creates a dy namic in terface for each connected L2TP client. Th e L2 TP conn ection count from clients depends on the license level you h ...

  • Allied Telesis AT-WR4500 - page 165

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 165 RouterOS v3 Con figuration a nd User Gui de so if you need a persiste nt rules fo r that u ser, create a static entry for him/her . Otherwise it is safe t o use dynamic configur ation.     In both cases PPP u sers must be configured pr operly. Property Description client ...

  • Allied Telesis AT-WR4500 - page 166

    166 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 8.5.6 L2TP Application E xamples Router -to-Router Secure T unnel Example W ISP#1 192.168.8 0.0/24 W ISP# 2 192.168.8 1.0/24 Home Office To Intern et 192.168.8 0.1/24 LAN 10.150.2. 254/24 Remote Offic e To Intern et 192.168.8 1.1/24 LAN 10 ...

  • Allied Telesis AT-WR4500 - page 167

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 167 RouterOS v3 Con figuration a nd User Gui de And finally, the server must b e enabled: [admin@HomeO ffice] interf ace l2tp-serv er server> set enabled=yes [admin@HomeO ffice] interf ace l2tp-serv er server> pri nt enabled: yes mtu: 1460 mru: 1460 authent ication: msch ap2 defau ...

  • Allied Telesis AT-WR4500 - page 168

    168 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de On the L2 TP server it can alt ernatively b e done using r outes paramete r of the u ser configuration: [admin@HomeO ffice] ppp se cret> print d etail Flags: X - d isabled 0 name=" ex" service=l 2tp caller-id ="" pas ...

  • Allied Telesis AT-WR4500 - page 169

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 169 RouterOS v3 Con figuration a nd User Gui de ISP#1 192 .168.80.0/24 W ISP# 2 192 .168.81.0/2 4 Remote Off ice To Int ernet 192 .168.81.1/2 4 LAN 10.15 0.1.254/2 4 192.168.80 .111/24 1 0 .1 50 . 1 . 1 /24 Big Internet Encrypted L2T P tun nel To Office 10.150 .1.2/32 From Laptop 10.150 ...

  • Allied Telesis AT-WR4500 - page 170

    170 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Finally, the pro xy APR must b e enabled on the 'Office' in terface: [admin@Remot eOffice] inte rface etherne t> set Office arp=proxy-arp [admin@Remot eOffice] inte rface etherne t> print Flags: X - d isabled, R - running # ...

  • Allied Telesis AT-WR4500 - page 171

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 171 RouterOS v3 Con figuration a nd User Gui de Generally sp eaking, PPPoE is used t o hand out IP addresses to clients based on the user (and workst ation, if desired) authen tication as opp osed to workstation only authe ntication, when static IP a ddresses or DHCP are used. It is adv ...

  • Allied Telesis AT-WR4500 - page 172

    172 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Related T opic s IP Addresses and ARP RADIUS client PPP User AA A Log Management Additional Resour ces Links for PPPoE documentati on: http://www.f aqs.org/rfcs/rfc2 516.ht ml PPPoE Clients: RASPPPoE for Windows 95 , 98, 98SE , ME, NT4, 20 ...

  • Allied Telesis AT-WR4500 - page 173

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 173 RouterOS v3 Con figuration a nd User Gui de Example To add and enable PPPoE clie nt on the gig interf ace connecting to the AC that p rovides testSN ser vice using user name j ohn with the password pa ssword : [admin@Remot eOffice] inte rface pppoe-c lient> add int erface=gig ...

  • Allied Telesis AT-WR4500 - page 174

    174 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de     If no service name is specified i n WindowsXP, it will use only servi ce with no name . So if you want to serve WindowsXP cli ents, leave your service na me empty. Property Description authenticat ion ( multiple choi ce: ms ...

  • Allied Telesis AT-WR4500 - page 175

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 175 RouterOS v3 Con figuration a nd User Gui de 8.6.5 PPPoE Users Description The PPPoE users are auth enticated th rough a RADIUS server (if conf igured), and if RADI US fails, th en the local PPP user databese is use d. See the r espective manu al section s for more inf ormation: • ...

  • Allied Telesis AT-WR4500 - page 176

    176 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 8.6.7 Application Exampl es PPPoE in a multipoint wireles s 802.11g network In a wireless n etwork, the PPPoE s erver may be attached to an Ac cess Point (as well as to a re gular station of wireless inf rastructure) . E ither our RouterOS ...

  • Allied Telesis AT-WR4500 - page 177

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 177 RouterOS v3 Con figuration a nd User Gui de Now, configure th e Ethe rnet interface, add the IP address and set th e default rout e: [admin@PPPoE -Server] ip a ddress> add a ddress=10.1.0. 3/24 interfac e=Local [admin@PPPoE -Server] ip a ddress> print Flags: X - d isabled, I - ...

  • Allied Telesis AT-WR4500 - page 178

    178 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 8.6.8 T roubleshooting Description I can connect to my PPPo E server. Th e ping go es even through it, bu t I still ca nnot open w eb pages Make sure that you have spe cified a valid DNS s erver in the r outer ( in /ip dns or in /ppp p rof ...

  • Allied Telesis AT-WR4500 - page 179

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 179 RouterOS v3 Con figuration a nd User Gui de Quick Setup Guide To make a P PTP tunne l between 2 RouterOS routers with IP addresses 10.5 .8.104 (PPTP se rver) and 10.1.0.172 (PPTP client), follo w the next steps. Configuratio n on PPTP serv er router: Add a user: [admin@PPTP- Server] ...

  • Allied Telesis AT-WR4500 - page 180

    180 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Additional Resour ces http://msdn.mi crosoft.com/lib rary/backgrnd/ht ml/underst anding_ppt p.htm http://sup port.microsoft.com/ suppo rt/kb/articles/q162/8 /47.asp http://sup port.microsoft.com/ kb/154 062/en-us http://www.iet f.org/rfc/r ...

  • Allied Telesis AT-WR4500 - page 181

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 181 RouterOS v3 Con figuration a nd User Gui de 8.7.3 Monitoring PPTP C lient Command name: /interface pptp-cli ent monitor Property Description encoding ( text ) - e ncryption and encoding (if asymmetric , separated with '/') being use d in t his connection idle-ti me ( read- ...

  • Allied Telesis AT-WR4500 - page 182

    182 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de     Specifying MRRU means enabling MP ( Multilink PPP) over singl e link. This prot ocol is us ed to split big packets into smaller on es. Under Windows it can be e nabled in Networ king tag, Settin gs button, "Negotiate m ...

  • Allied Telesis AT-WR4500 - page 183

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 183 RouterOS v3 Con figuration a nd User Gui de Example To add a static en try for ex1 us er: [admin@AT-WR 4562] interfa ce pptp-serve r> add user=ex 1 [admin@AT-WR 4562] interfa ce pptp-serve r> print Flags: X - d isabled, D - dynamic, R - running # NAME USER MTU CLIE NT-ADDRESS ...

  • Allied Telesis AT-WR4500 - page 184

    184 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Then the user shou ld be added in the PP TP server list: [admin@HomeO ffice] interf ace pptp-serv er> add user=e x [admin@HomeO ffice] interf ace pptp-serv er> print Flags: X - d isabled, D - dynamic, R - running # NAME USER MTU CLIE ...

  • Allied Telesis AT-WR4500 - page 185

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 185 RouterOS v3 Con figuration a nd User Gui de On the PPTP server it can alt ernatively be don e using rout es parameter of the user configuration: [admin@HomeO ffice] ppp se cret> print d etail Flags: X - d isabled 0 name=" ex" service=p ptp caller-id ="" passwo ...

  • Allied Telesis AT-WR4500 - page 186

    186 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de [ Remote Office ] 192.168.81.1/24 Internet ISP #2 192.168.81.0/ 24 ISP #1 192.168.80.0/ 24 192 .1 68 . 80 . 111 / 24 10.150.1.1 /24 10.150.1.25 4/24 To RemoteOffice 10.150.1.1/32 Tunnel_To_Home Office 10.150.1.25 4/32 Encrypted PPTP Tunnel ...

  • Allied Telesis AT-WR4500 - page 187

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 187 RouterOS v3 Con figuration a nd User Gui de Finally, the pro xy APR must b e enabled on the 'Office' in terface: [admin@Remot eOffice] inte rface etherne t> set Office arp=proxy-arp [admin@Remot eOffice] inte rface etherne t> print Flags: X - d isabled, R - running # ...

  • Allied Telesis AT-WR4500 - page 188

    188 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Description IPsec (IP Security) su pports se cure (encrypte d) communicati ons over IP net works. Encryption After packet is sr c-natted (if n eeded), but befo re puttin g it into interf ace queue , IPsec p olicy d atabase is consulted to ...

  • Allied Telesis AT-WR4500 - page 189

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 189 RouterOS v3 Con figuration a nd User Gui de • Phase 2 - The peers establish one or more SAs that will b e used by IPsec to encr ypt data. All S As established by IKE daemon w ill have lifetime value s (either limitin g time, after which S A will become invalid, or amount of data t ...

  • Allied Telesis AT-WR4500 - page 190

    190 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de large packets with don't fragm ent flag will no t be able to pass the r outer inherit - do not change the f ield set - set the f ield, so that eac h packet matchin g the rule wil l not be f ragmented. Not re commen ded dst-address ( I ...

  • Allied Telesis AT-WR4500 - page 191

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 191 RouterOS v3 Con figuration a nd User Gui de Example To ad d a policy to encrypt all th e traffic bet ween t wo hosts (1 0.0.0.147 and 1 0.0.0.14 8), we n eed do the following: [admin@WiFi] ip ipsec pol icy> add sa-s rc-address=10. 0.0.147 ... sa-dst- address=10.0. 0.148 action ...

  • Allied Telesis AT-WR4500 - page 192

    192 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de lifeti me ( time ; default: 1d ) - phase 1 lifet ime: specifies how long the SA wi ll be valid; S A will be disc arded after this time nat-traversal (yes | no; defa ult: no ) - use Linux NAT-T m echanism to sol ve IPsec incomp atibility wi ...

  • Allied Telesis AT-WR4500 - page 193

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 193 RouterOS v3 Con figuration a nd User Gui de remote-addre ss ( read-only: I P address ) - p eer's IP address side ( multiple choic e, read-only: in itiator | respo nder) - show s which side init iated the conn ection initiator - ph ase 1 negotiatio n was started b y this rout er ...

  • Allied Telesis AT-WR4500 - page 194

    194 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Example Sample printou t looks as follo ws: [admin@WiFi] ip ipsec> in stalled-sa pr int Flags: A - A H, E - ESP, P - pfs 0 E spi= E727605 src-a ddress=10.0.0 .148 dst-addre ss=10.0.0.147 auth -algorithm=sh a1 enc-algori thm=3des repla y ...

  • Allied Telesis AT-WR4500 - page 195

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 195 RouterOS v3 Con figuration a nd User Gui de Example To flush all the S As installed: [admin@AT-WR 4562] ip ipse c installed-s a> flush [admin@AT-WR 4562] ip ipse c installed-s a> print [admin@AT-WR 4562] ip ipse c installed-s a> 8.8.7 Application Exampl es RouterOS Router t ...

  • Allied Telesis AT-WR4500 - page 196

    196 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de for Router1 [admin@Route r1] > ip ipse c manual-sa a dd name=ah-sa1 ... ah-spi= 0x101/0x100 a h-key=abcfed [admin@Route r1] > ip ipse c policy add src-address=10 .1.0.0/24 ... dst-add ress=10.2.0.0 /24 action=en crypt ipsec-pr ...

  • Allied Telesis AT-WR4500 - page 197

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 197 RouterOS v3 Con figuration a nd User Gui de configure IPsec for Router1 [admin@Route r1] > ip ipse c policy add src-address=10 .1.0.0/24 ... dst-add ress=10.2.0.0 /24 action=en crypt tunnel=y es ... sa-src- address=1.0.0 .1 sa-dst-add ress=1.0.0.2 [admin@Route r1] > ip i ...

  • Allied Telesis AT-WR4500 - page 198

    198 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 9 Fir ewall and QoS 9.1 Filter Document revisi on: 2.7 (Fri Nov 04 16: 04:37 GMT 2005) Applies to: V2.9 9.1.1 Gener a l Information Summar y The firewall implements p acket filtering and thereby provides security fun ctions that are used t ...

  • Allied Telesis AT-WR4500 - page 199

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 199 RouterOS v3 Con figuration a nd User Gui de RouterOS has very powerfu l firewall implement ation with fe atures including: • stateful packet filte ring • peer-to-p eer protocols filterin g • traffic classification by: source MAC ad dress IP addresses (net work or list) and add ...

  • Allied Telesis AT-WR4500 - page 200

    200 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Property Description action (accept | add-dst-to -address-list | add-src-t o-addres s-list | drop | jump | log | pa ssth rough | reject | return | tarpit; default: acc ept ) - action to un dertake if the packet mat ches the ru le accept - ...

  • Allied Telesis AT-WR4500 - page 201

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 201 RouterOS v3 Con figuration a nd User Gui de unicast - IP addres ses used f or one p oint to anot her point transmission. There is only o ne sender and one receiver in th is case local - matches a ddresses ass igned to route r's interfaces broadcast - th e IP packet is sent fr o ...

  • Allied Telesis AT-WR4500 - page 202

    202 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de time - sp ecifies the time in terval over which t he packe t rate is measur ed burst - number of packets to match in a bu rst log-prefix ( tex t ) - all messa ges writte n to logs will cont ain the prefix spe cified herein. Used in conjunc ...

  • Allied Telesis AT-WR4500 - page 203

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 203 RouterOS v3 Con figuration a nd User Gui de tcp-flags (ack | cwr | ece | f in | psh | rst | syn | ur g) - tcp flags to match ack - acknowled ging data cwr - congestion w indow re duced ece - ECN- echo flag (explicit congestion n otification) fin - close conn ection psh - push fu nct ...

  • Allied Telesis AT-WR4500 - page 204

    204 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Make jumps to n ew chains: add chain=fo rward protoco l=tcp action= jump jump-targ et=tcp add chain=fo rward protoco l=udp action= jump jump-targ et=udp add chain=fo rward protoco l=icmp action =jump jump-tar get=icmp Create tcp chain and ...

  • Allied Telesis AT-WR4500 - page 205

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 205 RouterOS v3 Con figuration a nd User Gui de Submenu level: /ip firewall mangle Standards and Te chnologies: IP Hardware usage : Increases wi th count of man gle rules Related T opic s • IP Addresses and ARP • Routes, Equ al Cost Multipath Routing, Polic y Routing • NAT • Fil ...

  • Allied Telesis AT-WR4500 - page 206

    206 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de chain (forwar d | input | output | p ostrouting | pr erouting) - specify the cha in to pu t a particular rule in to. As the differen t traffic is passe d through different chains, always be carefu l in choosin g the right chain for a new r ...

  • Allied Telesis AT-WR4500 - page 207

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 207 RouterOS v3 Con figuration a nd User Gui de that particular clien t local-dst - tru e, if a packet h as local destin ation IP a ddress to-clie nt - true, if a packet is sent to a client icmp-option s ( integer : integ er ) - match ICM P Type:Code f ields in-bridge-port ( na me ) - a ...

  • Allied Telesis AT-WR4500 - page 208

    208 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de every - match e very every +1 th p acket. For example, if every=1 th en the r ule matches every 2n d packet counter - specifies w hich co unter t o use. A counte r increments each time the rule con taining nth match matches packet - match ...

  • Allied Telesis AT-WR4500 - page 209

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 209 RouterOS v3 Con figuration a nd User Gui de rst - drop conn ection syn - new conne ction urg - urgent dat a tcp-mss ( integ er : 0..65535 ) - matches TCP MSS value of an IP packet time ( time - time ,s at | fri | thu | wed | tue | mo n | sun{ +}) - allows to create f ilter based on ...

  • Allied Telesis AT-WR4500 - page 210

    210 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Change MSS It is a well kn own fact t hat VPN links h ave smaller pack et s ize due to incapsulation o verhead. A large packet with MSS that e xceeds the MSS of th e V PN link should be fragmented prior to sending it via that kind of conne ...

  • Allied Telesis AT-WR4500 - page 211

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 211 RouterOS v3 Con figuration a nd User Gui de The packet flow t hrough th e route r is depicted in the follo wing diagram : Figure 32: Pac ket Flow Di agram As c an b e seen on the diagram, there are five chains in the processin g pip eline. These are prerouting , input , forward , ou ...

  • Allied Telesis AT-WR4500 - page 212

    212 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Routed traffi c The traffic re ceived for the rou ter's M AC address on th e respe ctive port, is passed to the routing procedures and can be of one of th ese four t ypes: • the traffic which is destined to the route r it self. The ...

  • Allied Telesis AT-WR4500 - page 213

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 213 RouterOS v3 Con figuration a nd User Gui de Property Description assured ( read-onl y: true | false ) - shows wh ether re play was seen fo r the last packet mat ching this ent ry connection-mar k ( read-only: t ext ) - Conn ection mark set in mangle dst-address ( read-onl y: IP addr ...

  • Allied Telesis AT-WR4500 - page 214

    214 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de max-entries ( re ad-only: integ er ) - the maximu m number o f conn ections the connection state table can contain, depends on an amou nt of to tal memory tcp-close-t imeout ( time ; def ault: 10s ) - maxim al amount o f time conn ection t ...

  • Allied Telesis AT-WR4500 - page 215

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 215 RouterOS v3 Con figuration a nd User Gui de 9.3.6 Gener a l Fir ew all Information Description ICMP TYPE:CO DE values In or der to protect your rout er and atta ched pri vate netw orks, you n eed to con figure firew all to drop o r reject most of ICMP tr affic. However, some I CMP p ...

  • Allied Telesis AT-WR4500 - page 216

    216 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de widely ab used f or u nlicensed software and media destribution . Even wh en it is use d for legal p urposes, p2p may he avily di sturb oth er net work traffic, su ch as ht tp and e-m ail. RouterOS is able to recognize connections o f the ...

  • Allied Telesis AT-WR4500 - page 217

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 217 RouterOS v3 Con figuration a nd User Gui de 9.4.2 NA T Description Network Address Translation is an Int ernet standard that allow s host s on local are a net works to u se one set of IP addresses for in tern al commun ications and another set of IP a ddresses for external communica ...

  • Allied Telesis AT-WR4500 - page 218

    218 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de address-list p arameter add-src-to-addre ss-li st - adds source ad dress of an IP p acket to the address list sp ecified by add ress- list parameter dst-nat - repla ces destination address of an IP packet to values sp ecified by to-addre s ...

  • Allied Telesis AT-WR4500 - page 219

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 219 RouterOS v3 Con figuration a nd User Gui de dst-limit ( integer / time {0,1} , integer ,dst-address | dst-port | sr c-address{ +}, time {0,1}) - limits the packet per second (pps) rate on a per destination IP or p er destination port base. As opp osed to the lim it match, every dest ...

  • Allied Telesis AT-WR4500 - page 220

    220 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de every - match e very every +1 th p acket. For example, if every=1 th en the r ule matches every 2n d packet counter - specifies w hich co unter t o use. A counte r increments each time the rule con taining nth match matches packet - match ...

  • Allied Telesis AT-WR4500 - page 221

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 221 RouterOS v3 Con figuration a nd User Gui de 9.4.3 NA T Applications Description In this section some NAT app lications and ex amples of them are discussed. Basic NAT confi guration Assume we want t o create ro uter that: "hides" the p rivate LAN "behi nd" one a d ...

  • Allied Telesis AT-WR4500 - page 222

    222 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 10 Hot Spot Ser vice 10.1 HotSpot Gatewa y Document revisi on: 4.2 (Tue Jul 04 14:49:38 GMT 2006) Applies to: V2.9 10.1.1 Gener al Information Summar y The Rou terOS Hot Spot Gatew ay enables p roviding of public network acces s for client ...

  • Allied Telesis AT-WR4500 - page 223

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 223 RouterOS v3 Con figuration a nd User Gui de [HotSpot Gat eway] WAN/LAN Interf ace Internet RADIUS HotSpot Interf ace Figure 34: HotS pot exam ple network The Hot Spot int erface shou ld have an IP address ass igned to it. Physic al network connection has to be established betw een t ...

  • Allied Telesis AT-WR4500 - page 224

    224 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Before the au thentication When enablin g H otSpot on an int erface, the s ystem auto matically set s up ever ything needed to sh ow login pa ge fo r all clients that are not lo gged in. Th is is d one by adding dynamic dest ination NAT ru ...

  • Allied Telesis AT-WR4500 - page 225

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 225 RouterOS v3 Con figuration a nd User Gui de amount of time pe r MAC address to be freely used with some limitations imp osed by the provided u ser profile. In case the M AC address still has som e trial time unu sed, the login pa ge will con tain th e link for trial login. The time ...

  • Allied Telesis AT-WR4500 - page 226

    226 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de • /ip hotspot ser vice-port - a ddress translation helpers fo r the one-to- one NAT • /ip hotspot walled-garden - Walled G arden rules at HTTP level ( DNS names, HTTP reque st substrin gs) • /ip hotspot wal led-garden ip - Walled Gar ...

  • Allied Telesis AT-WR4500 - page 227

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 227 RouterOS v3 Con figuration a nd User Gui de 10.1.3 HotSpot In terfac e Setup Submenu level: /ip hotspot Description HotSpot system is put on in dividual interfa ces. You can ru n comp letely diff erent HotSpot con figurations on different interfaces Property Description HTTPS ( read ...

  • Allied Telesis AT-WR4500 - page 228

    228 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 10.1.4 HotSpot S er ver Pr ofiles Submenu level: /ip hotspot p rofile Property Description dns-name ( text ) - DNS name of the HotSpot server. This is th e DNS name used as the n ame of the HotSpot server (i.e., it appe ars as the location ...

  • Allied Telesis AT-WR4500 - page 229

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 229 RouterOS v3 Con figuration a nd User Gui de smtp-server ( IP addr ess ; def ault: 0.0. 0.0 ) - default SM TP server to b e used to redire ct uncondition ally all user SMTP requ ests to split-user-domai n (yes | no; default: no ) - wh ether to split us ername from dom ain name wh en ...

  • Allied Telesis AT-WR4500 - page 230

    230 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de     There can be mul tiple cookies w ith the same M AC address. For example, there will be a separate cookie for each web brows er on the same c omputer. Cookies can expire - that's the w ay how it is supp osed to be. Defa ...

  • Allied Telesis AT-WR4500 - page 231

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 231 RouterOS v3 Con figuration a nd User Gui de Example To allow unaut horized req uests to t he www.e xample.com domain 's /paynow.html page: [admin@AT-WR 4562] ip hots pot walled-ga rden> add path ="/paynow.htm l" ... dst-hos t="www.exampl e.com" [admin@ ...

  • Allied Telesis AT-WR4500 - page 232

    232 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de     This is an ordered lis t, so you can put more specifi c entries on th e top of th e list for them to o verride more common rule s that appear lower. You can even put an en try with 0.0.0. 0/0 addres s at the end of the list ...

  • Allied Telesis AT-WR4500 - page 233

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 233 RouterOS v3 Con figuration a nd User Gui de Property Description name ( read-only : name ) - prot ocol name ports ( read-only: int eger ) - list of the ports on w hich the protocol is workin g Example To set the FTP pr otocol uses both 2 0 and 21 TCP port : [admin@AT-WR 4562] ip hot ...

  • Allied Telesis AT-WR4500 - page 234

    234 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de All o ther packets ex cept DNS and lo gin requests fr om unauthorized clients sho uld pass thro ugh the hs- unauth chain 7 D chain=ho tspot action= jump jump-tar get=hs-auth ho tspot=auth pr otocol=tcp And packets fro m the auth orized cli ...

  • Allied Telesis AT-WR4500 - page 235

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 235 RouterOS v3 Con figuration a nd User Gui de Packet filter rule s From /ip firewal l filt er print dynamic command, you can get so mething like this (commen ts follow after each of the rules): 0 D chain=fo rward action= jump jump-tar get=hs-unauth hotspot=from- client,!auth Any packe ...

  • Allied Telesis AT-WR4500 - page 236

    236 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 10.3.10 Customi zing HotSpot: HTTP Serv let P ages Description You can create a complet ely different set of servlet pa ges for each HotSpo t s erver you have, specifyin g the directory it will be sto red in html-direc tory propert y of a ...

  • Allied Telesis AT-WR4500 - page 237

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 237 RouterOS v3 Con figuration a nd User Gui de if user is logged in, rstatus.htm l is displayed; if rstatus.htm l is not fo und, redirect.html is used to redirect to the status page if user is not logged in , rlogin.html is displayed; if rlogin. html is not found, re direct.html is use ...

  • Allied Telesis AT-WR4500 - page 238

    238 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de server-name - Hot Spot serv er name (set in the /ip hotsp ot menu, as th e name pro perty) Links: link-logi n - link to login page including ori ginal URL requ ested ("http://10.5 .50.1/login?dst=htt p://www.example. com/") link- ...

  • Allied Telesis AT-WR4500 - page 239

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 239 RouterOS v3 Con figuration a nd User Gui de radius<id>u - show the attri bute iden tified with <id> in unsigned integer f orm (in case RADIUS authent ication was used; "0" o therwise ) radius<id>-<v nd-id> - show the attrib ute identified wit h < ...

  • Allied Telesis AT-WR4500 - page 240

    240 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de     If you want to us e HTTP-CHAP authentication me thod it is supp osed that you incl ude the doLog in() function (which r eferences to th e md5.js which m ust be already loaded) before th e Submit ac tion of the login form. O ...

  • Allied Telesis AT-WR4500 - page 241

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 241 RouterOS v3 Con figuration a nd User Gui de (you should corre ct the link to point t o your server) • To erase the cook ie on logof f, in the page con taining link t o the logout (fo r example, in statu s.html) change: open('$(link -logout)', 'h otspot_logout ' ...

  • Allied Telesis AT-WR4500 - page 242

    242 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de • Hotspot will ask RADIUS ser ver whethe r to allow the login or not. If n ot allowed, alogin .html page will be displaye d (it can be modified to do an ything!). If not allowed, flog in.html (or login.html) page will be displayed, wh ic ...

  • Allied Telesis AT-WR4500 - page 243

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 243 RouterOS v3 Con figuration a nd User Gui de RADIUS client non-fatal error s: • invalid username o r pa sswor d - RADIU S server has rejected th e username and pas sword sent to it wit hout specifying a r eason. Cause : either wro ng us ername and/or password, or ot her error. Solu ...

  • Allied Telesis AT-WR4500 - page 244

    244 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de If all fields has been filled in th e ip-b inding table and type h as been set to bypas sed , th en the IP a ddress of this ent ry will be accessible from pub lic interfaces immed iately: [admin@AT-WR 4562] ip hots pot ip-bindin g> prin ...

  • Allied Telesis AT-WR4500 - page 245

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 245 RouterOS v3 Con figuration a nd User Gui de advertise-url ( multiple choice: t ext ; default: htt p://www.all iedtelesis.c om/ ) - list of URL s to show as advertisement popup s. The list is cyclic, so w hen the last item reached, ne xt time th e first is shown idle-ti meout ( time ...

  • Allied Telesis AT-WR4500 - page 246

    246 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 10.4.3 HotSpot U ser s Submenu level: /ip hotspot u ser Property Description address ( IP addre ss ; default: 0 .0. 0.0 ) - static IP address. If not 0. 0.0.0 , client w ill always get th e same IP address. A confi gured address implies, t ...

  • Allied Telesis AT-WR4500 - page 247

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 247 RouterOS v3 Con figuration a nd User Gui de Example To add user ex with password ex that is allowed to log in on ly with 01:23:45:67 :89:AB MAC address and is limited to 1 hour of work: [admin@AT-WR 4562] ip hots pot user> add name=ex passw ord=ex ... mac-add ress=01:23:45 :67 ...

  • Allied Telesis AT-WR4500 - page 248

    248 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Example To get the list of active user s: [admin@AT-WR 4562] ip hots pot active> p rint Flags: R - r adius, B - bl ocked # USER ADD RESS UPTIME S ESSION-TIMEOU T IDLE-TIMEOU T 0 ex 10. 0.0.144 4m17s 5 5m43s [admin@AT-WR 4562] ip hots po ...

  • Allied Telesis AT-WR4500 - page 249

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 249 RouterOS v3 Con figuration a nd User Gui de 11 High A vailability pr otocols and techniqu es 11.1 VRRP Document revisi on: 1.5 (Mon Jul 10 16:51:20 GMT 2006) Applies to: V2.9 11.1.1 Gener al Information Summar y Virtual Router Redun dancy Prot ocol (VRR P) imple mentation in the Rou ...

  • Allied Telesis AT-WR4500 - page 250

    250 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de other configuration) active. A backup instance is no t 'ru nning', so all the settings attached to t hat inte rface is inactive. Property Description arp (disabled | en abled | pro xy-arp | reply-on ly; default: en abled ) - Ad d ...

  • Allied Telesis AT-WR4500 - page 251

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 251 RouterOS v3 Con figuration a nd User Gui de 11.1.3 Vir tual IP addr esses Submenu level: /ip vrrp ad dress Property Description address ( IP addre ss ) - IP addr ess belon gs to the virtu al router broadcast ( IP add ress ) - broadc asting IP address interface ( name ; default: def ...

  • Allied Telesis AT-WR4500 - page 252

    252 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de This example sh ows how to configure VRRP on the tw o rou ters sho wn on the diagram. The rou ters must have initial configuration : inte rfaces are enabled, e ach interface have approp riate IP address, and routing table is set correctl y ...

  • Allied Telesis AT-WR4500 - page 253

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 253 RouterOS v3 Con figuration a nd User Gui de Testing fail over Now, when we will disconne ct the master router, t he backup on e will switch to th e master s tate: [admin@AT-WR 4562] ip vrrp > print Flags: X - d isabled, I - invalid, R - running, M - m aster, B - ba ckup 0 RM name ...

  • Allied Telesis AT-WR4500 - page 254

    254 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Example To make s ystem gen erate a supp ort outp ut file and sen t it auto matically to support@ex ample.com through t he 192.0.2. 1 smtp server in case of a software cr ash: [admin@AT-WR 4562] system watchdog> set auto-send-sup out=ye ...

  • Allied Telesis AT-WR4500 - page 255

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 255 RouterOS v3 Con figuration a nd User Gui de 12 Monitoring and Mana gement 12.1 Log Manag e ment Document revisi on: 2.3 (Mon Jul 19 07:23:35 GMT 2004) Applies to: V2.9 12.1.1 Gener al Information Summar y Various syste m e vents and s tatus information can be logged. L ogs can b e s ...

  • Allied Telesis AT-WR4500 - page 256

    256 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 12.1.3 Actions Submenu level: /system logg ing acti on Property Description disk-lines ( int eger ; default: 10 0 ) - numb er of records in lo g file saved on the disk (onl y if action target is set to disk ) disk-stop-on-full (yes | no; d ...

  • Allied Telesis AT-WR4500 - page 257

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 257 RouterOS v3 Con figuration a nd User Gui de Command Description print - shows lo g messages buffer - prints lo g messages t hat were save d in specified lo cal buffer follow - monitor system logs without-paging - p rints logs withou t paging file - saves the log informatio n on loca ...

  • Allied Telesis AT-WR4500 - page 258

    258 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Specifications Packages requ ired: system , p pp (optional) License requ ired: Level1 Submenu level: /snmp Standards and Te chnologies: SNMP (RFC 11 57) Hardware usage : Not signifi cant Related T opic s Software Package M anagemen t IP Ad ...

  • Allied Telesis AT-WR4500 - page 259

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 259 RouterOS v3 Con figuration a nd User Gui de Property Description active-fl ow-timeout ( time ; def ault: 30m ) - maximu m life-time of a flow cache-entries (1 k | 2k | 4 k | 8k | 1 6k | 32k | 64k | 128k | 256 k | 512k; default: 1k ) - number o f flows which can reside in the rout er ...

  • Allied Telesis AT-WR4500 - page 260

    260 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Some screensh ots from NTop program, which has gather ed Traffic-Flo w information from our router and displays it in ni ce graphs a nd statistics. For example, wh ere what kin d of traffic has flo wn: Figure 36: Host I nformati on Top thr ...

  • Allied Telesis AT-WR4500 - page 261

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 261 RouterOS v3 Con figuration a nd User Gui de Figure 38: Netw ork load profile by ti me Figure 39: Tra ffic Load by protocol ...

  • Allied Telesis AT-WR4500 - page 262

    262 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de 12.4 Graphin g Document revisi on: 1.1 (Wed Mar 15 09:46: 17 GMT 2006) Applies to: V2.9 12.4.1 Gener al Information Summar y Graphing is a t ool which is us ed for monitor ing various Ro uterOS p arameters over a period of time. Specificat ...

  • Allied Telesis AT-WR4500 - page 263

    AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers 263 RouterOS v3 Con figuration a nd User Gui de 12.4.3 Health Gr aphing Submenu level: /tool graphing health Description This submenu p rovides information about Rout erBoard's 'health' - voltage and t emperature . For this option, you h ave to install th e routerboard pa ...

  • Allied Telesis AT-WR4500 - page 264

    264 AT-WR4500 Series - IEE E 802.11abgh Ou tdoor Wireless R outers RouterOS v3 Con figuration a nd User Gui de Example Add a simple qu eue to Graph er list with simple-queue name queue1 , allow limit ed clients to access Grapher from web , store info rmation abou t traffic on disk: [admin@AT-WR 4562] tool gr aphing queue> add simple-qu eue=queue ...

Manufacturer Allied Telesis Category Network Router

Documents that we receive from a manufacturer of a Allied Telesis AT-WR4500 can be divided into several groups. They are, among others:
- Allied Telesis technical drawings
- AT-WR4500 manuals
- Allied Telesis product data sheets
- information booklets
- or energy labels Allied Telesis AT-WR4500
All of them are important, but the most important information from the point of view of use of the device are in the user manual Allied Telesis AT-WR4500.

A group of documents referred to as user manuals is also divided into more specific types, such as: Installation manuals Allied Telesis AT-WR4500, service manual, brief instructions and user manuals Allied Telesis AT-WR4500. Depending on your needs, you should look for the document you need. In our website you can view the most popular manual of the product Allied Telesis AT-WR4500.

A complete manual for the device Allied Telesis AT-WR4500, how should it look like?
A manual, also referred to as a user manual, or simply "instructions" is a technical document designed to assist in the use Allied Telesis AT-WR4500 by users. Manuals are usually written by a technical writer, but in a language understandable to all users of Allied Telesis AT-WR4500.

A complete Allied Telesis manual, should contain several basic components. Some of them are less important, such as: cover / title page or copyright page. However, the remaining part should provide us with information that is important from the point of view of the user.

1. Preface and tips on how to use the manual Allied Telesis AT-WR4500 - At the beginning of each manual we should find clues about how to use the guidelines. It should include information about the location of the Contents of the Allied Telesis AT-WR4500, FAQ or common problems, i.e. places that are most often searched by users in each manual
2. Contents - index of all tips concerning the Allied Telesis AT-WR4500, that we can find in the current document
3. Tips how to use the basic functions of the device Allied Telesis AT-WR4500 - which should help us in our first steps of using Allied Telesis AT-WR4500
4. Troubleshooting - systematic sequence of activities that will help us diagnose and subsequently solve the most important problems with Allied Telesis AT-WR4500
5. FAQ - Frequently Asked Questions
6. Contact detailsInformation about where to look for contact to the manufacturer/service of Allied Telesis AT-WR4500 in a specific country, if it was not possible to solve the problem on our own.

Do you have a question concerning Allied Telesis AT-WR4500?

Use the form below

If you did not solve your problem by using a manual Allied Telesis AT-WR4500, ask a question using the form below. If a user had a similar problem with Allied Telesis AT-WR4500 it is likely that he will want to share the way to solve it.

Copy the text from the picture

Comments (0)