Setting OSPF Mikrotik

SETTING OSPF MAINROUTER

Setting Interface

[admin@MainRouter] > in pr

Flags: X – disabled, D – dynamic, R – running

# NAME TYPE RX-RATE TX-RATE MTU

0 R ether1=ToClient ether 0 0 1500

1 R ether2=ToInternet ether 0 0 1500

Setting IP

[admin@MainRouter] > ip add pr

Flags: X – disabled, I – invalid, D – dynamic

# ADDRESS NETWORK BROADCAST INTERFACE

0 192.168.10.18/27 192.168.10.0 192.168.10.31 ether2=ToInternet

1 10.10.10.1/24 10.10.10.0 10.10.10.255 ether1=ToClient

2 10.10.20.1/24 10.10.20.0 10.10.20.255 ether1=ToClient

Setting Gateway (ROUTE)

[admin@MainRouter] > ip rou pr

Flags: X – disabled, A – active, D – dynamic,

C – connect, S – static, r – rip, b – bgp, o – ospf

# DST-ADDRESS PREF-SRC G GATEWAY DIS

0 ADC 192.168.10.0/27 192.168.10.18

1 A S 0.0.0.0/0 r 192.168.10.1

Setting NAT

[admin@MainRouter] > ip fire nat pr

Flags: X – disabled, I – invalid, D – dynamic

0 chain=srcnat out-interface=ether2=ToInternet action=masquerade

Setting DNS

[admin@MainRouter] > ip dns pr

primary-dns: 222.124.180.40

secondary-dns: 0.0.0.0

allow-remote-requests: yes

cache-size: 2048KiB

cache-max-ttl: 1w

cache-used: 20KiB

SETTING OSPF

[admin@MainRouter] > routing ospf pr

router-id: 0.0.0.0

distribute-default: if-installed-as-type-2

redistribute-connected: as-type-1

redistribute-static: as-type-2

redistribute-rip: no

redistribute-bgp: no

metric-default: 1

metric-connected: 0

metric-static: 0

metric-rip: 0

metric-bgp: 0

Setting OSPF AREA

[admin@MainRouter] > routing ospf area print

Flags: X – disabled

# NAME AREA-ID TYPE DEFAULT-COST AUTHENTICATION

0 backbone 0.0.0.0 default none

1 Local 0.0.0.1 default 1 none

Setting OSPF NETWORK

[admin@MainRouter] > routing ospf network print

Flags: X – disabled, I – invalid

# NETWORK AREA

0 10.10.10.0/24 Local

1 10.10.20.0/24 Local

Final Setting in OSPF Neighbors

[admin@MainRouter] > routing ospf neighbor print

router-id=192.168.101.1 address=10.10.20.2 priority=1 state=”Full”

state-changes=4 ls-retransmits=0 ls-requests=0 db-summaries=0

dr-id=10.10.20.1 backup-dr-id=10.10.20.2

router-id=192.168.200.1 address=10.10.10.2 priority=1 state=”Full”

state-changes=8 ls-retransmits=0 ls-requests=0 db-summaries=0

dr-id=10.10.10.1 backup-dr-id=10.10.10.2

router-id=192.168.10.18 address=10.10.20.1 priority=1 state=”2-Way”

state-changes=0 ls-retransmits=0 ls-requests=0 db-summaries=0

dr-id=10.10.20.1 backup-dr-id=10.10.20.2

Final Setting in IP ROUTE

[admin@MainRouter] > ip rou pr

Flags: X – disabled, A – active, D – dynamic,

C – connect, S – static, r – rip, b – bgp, o – ospf

# DST-ADDRESS PREF-SRC G GATEWAY DIS

0 ADC 10.10.10.0/24 10.10.10.1

1 Do 10.10.10.0/24

2 ADC 10.10.20.0/24 10.10.20.1

3 Do 10.10.20.0/24

4 ADC 192.168.10.0/27 192.168.10.18

5 ADo 192.168.100.0/30 r 10.10.10.2

6 ADo 192.168.101.0/24 r 10.10.20.2

7 ADo 192.168.200.0/30 r 10.10.10.2

8 A S 0.0.0.0/0 r 192.168.10.1

SETTING OSPF CLIENT1

[admin@Client1=RouterBoard] > in pr

Flags: X – disabled, D – dynamic, R – running

# NAME TYPE RX-RATE TX-RATE MTU

0 R ether1=ToMainRouter ether 0 0 1500

1 R ether2=ToLocal ether 0 0 1500

2 R ether3 ether 0 0 1500

3 wlan1 wlan 0 0 1500

4 X wlan2 wlan 0 0 1500

[admin@Client1=RouterBoard] > ip add pr

Flags: X – disabled, I – invalid, D – dynamic

# ADDRESS NETWORK BROADCAST INTERFACE

0 10.10.10.2/24 10.10.10.0 10.10.10.255 ether1=ToMainRouter

1 192.168.100.1/30 192.168.100.0 192.168.100.3 ether2=ToLocal

2 192.168.200.1/30 192.168.200.0 192.168.200.3 wlan1

[admin@Client1=RouterBoard] > ip dns pr

primary-dns: 0.0.0.0

secondary-dns: 0.0.0.0

allow-remote-requests: no

cache-size: 2048KiB

cache-max-ttl: 1w

cache-used: 17KiB

[admin@Client1=RouterBoard] > rou ospf pr

router-id: 0.0.0.0

distribute-default: never

redistribute-connected: as-type-1

redistribute-static: no

redistribute-rip: no

redistribute-bgp: no

metric-default: 1

metric-connected: 0

metric-static: 0

metric-rip: 0

metric-bgp: 0

[admin@Client1=RouterBoard] > rou ospf area pr

Flags: X – disabled

# NAME AREA-ID TYPE DEFAULT-COST AUTHENTICATION

0 backbone 0.0.0.0 default none

1 Local 0.0.0.1 default 1 none

[admin@Client1=RouterBoard] > rou ospf network pr

Flags: X – disabled, I – invalid

# NETWORK AREA

0 10.10.10.0/24 Local

1 10.10.20.0/24 Local

[admin@Client1=RouterBoard] > ip route pr

Flags: X – disabled, A – active, D – dynamic,

C – connect, S – static, r – rip, b – bgp, o – ospf

# DST-ADDRESS PREF-SRC G GATEWAY DIS

0 ADC 10.10.10.0/24 10.10.10.2

1 Do 10.10.10.0/24

2 ADC 192.168.100.0/30 192.168.100.1

3 ADC 192.168.200.0/30 192.168.200.1

NOTE: IP adjusted with IP allocation each place.

Basic Wireless LAN (WLAN) connection with Cisco Aironet Access Point (AP)

Here is the configuration example using multiple VLANs with multiple SSIDs

Components used:-

· Any MLS switch which runs IOS

· Aironet Access Points

Assumption:-

· I assume that you have configured the DHCP pool on the IOS switch or the Router or on the dedicated DHCP server.

Design:-

· Assuming we have 3 VLANs (1,2 and 3) with native as 1 and mapping to 3 different SSIDs (one , two and three) on any Aironet Access Points.

• SSID ONE uses WEP encryption
• SSID TWO uses WPA-PSK
• SSID THREE uses WPA-2-PSK
• Assuming the AP Ethernet port is connected to fa 2/1 port of the switch.
• Broadcasting all the 3 SSIDs.

Configuration on the AP:-

Step 1>> Configure the SSID and Map it to respective VLANS.

Enable

Conf t

Dot11 ssid one

Vlan 1

Authentication open

Mbssid Guest-mode

End

Enable

Conf t

Dot11 ssid two

Vlan 2

authentication open

authentication key-management wpa

wpa-psk ascii 7

Mbssid Guest-mode

End

Enable

Conf t

Dot11 ssid three

Vlan 3

authentication key-management wpa version 2

wpa-psk ascii 7

Mbssid Guest-mode

End

Step 2 >> Assigning the Encryption to different SSIDs with respective VLANs.

Enable

Int dot11 0

Mbssid

ssid one

ssid two

ssid three

encryption vlan 1 mode wep mandatory

encryption vlan 1 key 1 size 40bit <10bit key>

encryption vlan 2 mode ciphers tkip

encryption vlan 3 mode ciphers aes-ccm

Step 3 >> Configuring the sub interface for Dot11 radio 0 and Ethernet.

AP# configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

AP(config)# interface Dot11Radio0.1

AP(config-subif)# encapsulation dot1Q 1 native

AP(config-subif)#bridge group 1

AP(config-subif)# interface FastEthernet0.1

AP(config-subif)#bridge group 1

AP(config-subif)# encapsulation dot1Q 1 native

AP(config-subif)# end

AP# write memory

AP(config)# interface Dot11Radio0.2

AP(config-subif)# encapsulation dot1Q 2

AP(config-subif)#bridge group 2

AP(config-subif)# interface FastEthernet0.2

AP(config-subif)#bridge group 2

AP(config-subif)# encapsulation dot1Q 2

AP(config-subif)# end

AP# write memory

AP(config)# interface Dot11Radio0.3

AP(config-subif)# encapsulation dot1Q 3

AP(config-subif)#bridge group 3

AP(config-subif)# interface FastEthernet0.3

AP(config-subif)#bridge group 3

AP(config-subif)# encapsulation dot1Q 3

AP(config-subif)# end

AP# write memory

AP(config)#bridge irb

Ap(config)# bridge 1 route ip

Ap(config)# end

Ap#wr

Configuration on the Switch:-

en

conf t

int fa 2/1

switchport mode trunk

switchport trunk encapsulation dot1q

switchport trunk native vlan 1

switchport trunk allowed vlan 1,2,3

end

Step 4>> Verification

On the AP issue the command “show dot11 associations” and you need to see all the 3 SSIDs

ap#show dot11 associations

802.11 Client Stations on Dot11Radio0:

SSID [one] :

SSID [two] :

SSID [three] :

2. Try pinging from the AP to the Switch VLAN interface, you should be able to ping.

MANAGING THE AP WITH MANAGEMENT IP ADDRESS

This is done by assigning the IP address to the BVI interface of the AP, that is.

Enable

Conf t

Int bvi 1

Ip address

No shut

End

Verify:-

Issue the command “show ip int br” on the AP and check if all the interfaces are up and running.

This is it!!

PS :

Here is the Video as well on the same!!

> Click Video