Here you can find the required configuration for a MikroTik hEX S to replace an eir provided router. The details about what led to this decision can be found here.


The most important part is setting VLAN ID to 10. The DNS and DHCP configuration are my personal choices, also Port Forwarding and DynDNS might not be relevant to you.

 

Initial Screen

 

Quick Set

 

Internet Interface Configuration

Interfaces > VLAN > +

 

Internet Access Configuration

IP > Firewall > NAT > +

 

Remove the now obsolete NAT Rule #0.

 

DHCP Configuration

IP > DHCP Server

Edit the preconfigured DHCP Server details.

 

DNS

IP > DNS

 

DynDNS

System > Scripts > +

###############################################

:local NoIPUser "your username"
:local NoIPPass "your password"
:local NoIPDomain "your domain name.ddns.net"
:local WANInterface "vlan1"

###############################################

# Get the Current IP on the Interface
:local CurrentIP [/ip address get [find interface="$WANInterface" disabled=no] address]

# Strip the Net Mask off the IP Address
  :for i from=( [:len $CurrentIP] - 1) to=0 do={
    :if ( [:pick $CurrentIP $i] = "/") do={ 
      :set CurrentIP [:pick $CurrentIP 0 $i]
    } 
  }

:if ([:resolve $NoIPDomain] != $CurrentIP) do={
/tool fetch mode=http user=$NoIPUser password=$NoIPPass url="http://dynupdate.no-ip.com/nic/update\3Fhostname=$NoIPDomain&myip=$CurrentIP" keep-result=no
  :log info "No-IP: Update $NoIPDomain - $CurrentIP"
} else={
  :log info "No-IP: No update needed. $CurrentIP"
}

 

System > Scheduler > +

 

Port Forwarding incl. Hairpin NAT

IP > Firewall > Address List > +

IP > Firewall > NAT > +

Make “Hairpin NAT” rule #0 by moving it to the top.

 

IP > Firewall > NAT > +

Leave a Reply

Your email address will not be published. Required fields are marked *