20:04 - you specify the eth1 source port in these two rules for 0.17 so even if you put the wifi guest rule below these two rules, the wifi guest will not access the 0.17.
Trying to decide between a full on pfsense box with a WiFi Router or Access Point or just one of these MikroTik Routers for my home. Normally 3 wired connections and 1 or 2 wireless unless I'm working on other computers which increases that. What would you recommend? I have a four port Intel Gigabit card that I can install in a computer I have available so the pfsense box would be cheaper to some extent. I would have to get the Wireless access point or the Wireless Router either way tho as the ones I have do not support DD-WRT and are rather old with older protocols.
in order of increasing price: * hAP ac² - gigabit networking with ac wifi, excellent value router * hEX s + cAP ac - same as above, but you can connect AP to PoE port on hEX S and move AP to more central point of your home for better coverage + you have an SFP port if you ever need that * RB4011iGS+5HacQ2HnD-IN - if you need a lot of performance, like VPN tunneling or connect 10GbE switch
I used mikrotik hap ac2, it's an excellent all in one and cheap router. However, I moved to pfsense pc with mikrotik acting as access point for WiFi recently. Mainly due to 2 reasons, mdns reflector to iot stuff don't exist on mikrotik to my knowledge and mikrotik doesn't have dps/dpi built-in to it. Please correct me if I'm wrong. There are if course alternatives as you could setup a reflector on the network and use a server for IPS/IDS but these things are built-in to pfsense add-ons. Another minor gripe is that there is no wireless mesh solution on mikrotik APs like to what you see on ubiquiti.
Thank you for all information, question for you, is there a way to use mikrotik on an exisiting setup in between the ISP modem and access points have the same control of features over those 3rd party access points wifi?
Video released May 29, 2020. Any guesses? :) We're getting there, but not quite recovered from the pandemic yet. Finding our footing, and doing what we can to get on track. Sub and keep watching for it: We haven't forgotten and can't wait to pick up where we left off!
Hi, and thank you for these great tutorials. i recently bought a mikrotik router, coming from a dd-wrt one. these are great, but, without a vlan tutorial.....are not so great. i would love to see one that JUST WORKS. the router is a hap ac2, and the switch is a dell powerconnect 2716 managed. thank you again for your great job!!
I realize this is an older video but I hoping someone see this. Following the video I'm not able to get internet connectivity on my guest wifi. If i move the guest wlan over to my root bridge (bridge1) then I get internet but I'm not using the new subnet. I figured this would be fine and I could just filter by in interface but this doesnt seem to work because I can only filter using bridge. I do have a slightly different setup as I've got a mikrotik ethernet only router and a switch and then a Mikrotik wAP that has the guest wifi. I'm pretty sure my VLAN may be the issue but I'm wondering if someone might have an idea to try.
you should add doing this via CAPsMAN using wAPs. if you're using a box without onboard wifi, the config is very different with managed CAPs. regardless, well done. nice and clear.
I agree! Yes please! I am very much interested in this. Trying to figure this out, but no success yet. Lot of tutorials how to configure this on a AP itself, but not how do do this through CAPs.
Technically you didn't have to make the guest-bridge. You could have applied all the settings afterwards to the virtual wlan interface instead of the bridge. But the bridge would be helpful if you wanted a 2.4 and 5 GHz guest signals. Bridge is helpful to do because you never know how your network might change in the future. MikroTik makes moving settings IPs, DHCP, etc... very easy. Other brands you have to delete the settings and recreate them, you don't technically "move" it. And they throw validation errors if you try to do it any other way. MikroTik will even allow you to add the same IP address twice if you want.
@@LinuxTechShow Why do we need to bridge the guest network? Why can't we just assign a block of addresses to 'guest-wifi' interface, and assign a dhcp to guest-wfi? Why does have to go through the bridge?
My MikroTik came in the mail yesterday. I tried to name my wifi "This is not the wifi you're looking for." but it wouldn't let me. Maybe there's a character limit or maybe it doesn't like spaces or punctuation? Not sure. So instead I named the 5Ghz "NotYours" and the 2Ghz "DEA_Surveillance_Van" :-)
I would like to have the 2ghz wifi (DEA_Surveillance_Van) activate and deactivate at random times to mimic a van cruising the area (to freak out my crack head neighbors). Is there a way to do that?
Indeed, the tutorial is specific to MikroTik routers, so you must have one of their routers to do this. Please see the series at cat5.tv/mikrotik to learn more, noting in particular that what we show is not hardware specific, but you can have any of the compatible MikroTik routers to do this (whether it's a cheap $40 one or a big fancy $600 enterprise one). The one we're using for the demo is about $100.
Your explanation deserves an international award. Thanks
I really wish this series didn't stall out. Please start this series again.
Simple, accurate and effective. Thank you for this series!
Excellent video! Thank you covering this nontrivial use case. It’s exactly what I was looking for.
20:04 - you specify the eth1 source port in these two rules for 0.17 so even if you put the wifi guest rule below these two rules, the wifi guest will not access the 0.17.
Trying to decide between a full on pfsense box with a WiFi Router or Access Point or just one of these MikroTik Routers for my home. Normally 3 wired connections and 1 or 2 wireless unless I'm working on other computers which increases that.
What would you recommend? I have a four port Intel Gigabit card that I can install in a computer I have available so the pfsense box would be cheaper to some extent. I would have to get the Wireless access point or the Wireless Router either way tho as the ones I have do not support DD-WRT and are rather old with older protocols.
in order of increasing price:
* hAP ac² - gigabit networking with ac wifi, excellent value router
* hEX s + cAP ac - same as above, but you can connect AP to PoE port on hEX S and move AP to more central point of your home for better coverage + you have an SFP port if you ever need that
* RB4011iGS+5HacQ2HnD-IN - if you need a lot of performance, like VPN tunneling or connect 10GbE switch
I used mikrotik hap ac2, it's an excellent all in one and cheap router.
However, I moved to pfsense pc with mikrotik acting as access point for WiFi recently. Mainly due to 2 reasons, mdns reflector to iot stuff don't exist on mikrotik to my knowledge and mikrotik doesn't have dps/dpi built-in to it.
Please correct me if I'm wrong.
There are if course alternatives as you could setup a reflector on the network and use a server for IPS/IDS but these things are built-in to pfsense add-ons.
Another minor gripe is that there is no wireless mesh solution on mikrotik APs like to what you see on ubiquiti.
I Would like to see this updated, there is a routerOS7 that now carries a WireGuard.
What’s the bridge guest bridging if it has only one port?
I can't get my guest-wifi interface to show up when I try to select it in ports. :/
Thank you for all information, question for you, is there a way to use mikrotik on an exisiting setup in between the ISP modem and access points have the same control of features over those 3rd party access points wifi?
Is it not possible to use vlan for seperating networks?
What happened to the tutorial on the bandwidth limit for the guest network?
Video released May 29, 2020. Any guesses? :) We're getting there, but not quite recovered from the pandemic yet. Finding our footing, and doing what we can to get on track. Sub and keep watching for it: We haven't forgotten and can't wait to pick up where we left off!
Is it possible to set up guest virtual AP SSID the same as Main SSID and differentiate vlan networks by entering different passwords?
thank you for the video. can you do a wifi video with access points for people that don't have built-in wifi to there router? thank you
Hi, and thank you for these great tutorials. i recently bought a mikrotik router, coming from a dd-wrt one. these are great, but, without a vlan tutorial.....are not so great. i would love to see one that JUST WORKS. the router is a hap ac2, and the switch is a dell powerconnect 2716 managed. thank you again for your great job!!
I realize this is an older video but I hoping someone see this. Following the video I'm not able to get internet connectivity on my guest wifi. If i move the guest wlan over to my root bridge (bridge1) then I get internet but I'm not using the new subnet. I figured this would be fine and I could just filter by in interface but this doesnt seem to work because I can only filter using bridge. I do have a slightly different setup as I've got a mikrotik ethernet only router and a switch and then a Mikrotik wAP that has the guest wifi.
I'm pretty sure my VLAN may be the issue but I'm wondering if someone might have an idea to try.
You forgot to mention what happens when you try to use the guest bridge IP as DNS server, and further more when you use DoH on the WAN. Fun times.
Great video, thanks. When will you have the throttling, bandwidth limiting video. Looking forward to it. Thanks.
you should add doing this via CAPsMAN using wAPs. if you're using a box without onboard wifi, the config is very different with managed CAPs. regardless, well done. nice and clear.
I agree! Yes please! I am very much interested in this. Trying to figure this out, but no success yet. Lot of tutorials how to configure this on a AP itself, but not how do do this through CAPs.
I use CAPsMAN on my home network with 3 APs. It's the best thing ever.
Yo mista white!!, thanks for the explanation.
No problem, Jesse.
Great video. Do you have same about capsmans guest network?
THANKS YOU ARE A GOOD TEACHER IN MIKKRO TIK IEARN A LOTS FROM YOU
Thanks Henry. I appreciate that very much.
can you please start making videos like this again? it trully is helpful
Another great tutorial. Many thanks
Technically you didn't have to make the guest-bridge. You could have applied all the settings afterwards to the virtual wlan interface instead of the bridge. But the bridge would be helpful if you wanted a 2.4 and 5 GHz guest signals. Bridge is helpful to do because you never know how your network might change in the future. MikroTik makes moving settings IPs, DHCP, etc... very easy. Other brands you have to delete the settings and recreate them, you don't technically "move" it. And they throw validation errors if you try to do it any other way. MikroTik will even allow you to add the same IP address twice if you want.
Very good video. Massive thanks!
Glad you liked it! Thanks for watching.
@@LinuxTechShow Why do we need to bridge the guest network? Why can't we just assign a block of addresses to 'guest-wifi' interface, and assign a dhcp to guest-wfi? Why does have to go through the bridge?
Copy that.. Nice and Clear Thank you so much Bro💓💓💓👌
why aren't you not fan of winbox?
Really surprised that webfig still in use.
My MikroTik came in the mail yesterday. I tried to name my wifi "This is not the wifi you're looking for." but it wouldn't let me. Maybe there's a character limit or maybe it doesn't like spaces or punctuation? Not sure. So instead I named the 5Ghz "NotYours" and the 2Ghz "DEA_Surveillance_Van" :-)
I would like to have the 2ghz wifi (DEA_Surveillance_Van) activate and deactivate at random times to mimic a van cruising the area (to freak out my crack head neighbors). Is there a way to do that?
doi just login to my router or do i have to have the mikro router???
Indeed, the tutorial is specific to MikroTik routers, so you must have one of their routers to do this. Please see the series at cat5.tv/mikrotik to learn more, noting in particular that what we show is not hardware specific, but you can have any of the compatible MikroTik routers to do this (whether it's a cheap $40 one or a big fancy $600 enterprise one). The one we're using for the demo is about $100.
great video
Tks!
Great, thanks!
15:48 Firewalling