Hotspot Authentication Using Active Directory

Active Directory (AD) is a service that is owned by the windows operating system for networks such as Windows 2000 Server, Windows Server 2003, Windows Server 2008, and Windows Server 2012. Active Directory consists of databases and directory services. The database is owned by Active Directory to store all the resources available in the network, such as computers that have been joined to a domain, a list of user accounts and user groups, shared folders, and others.As already known, AAA Mikrotik not only be done on the device itself, but can also use an external database of the RADIUS Server. This time, we will experiment with combining MikroTik with Active Directory on Windows 2003.

Service that can be used to be able to create a centralized AAA server is a component in Windows Internet Authentication Service (IAS). In addition, this service will act as a liaison between MikroTik Router with existing user database in Active Directory using standard RADIUS protocol.

Settings in Windows Server

Usually the IAS service is not yet active component in Windows Server, so it needs to be added and activated first. Click Start -> Control Panel -> Add / Remove Programs -> Networking services

Register components / IAS service in Active Directory so user-friendly in it can later be inserted and

Test Throughput Mode Wireless in MikroTik

In the wireless properties, there are many modes that can be used as needed. Wireless mode function to determine whether to enable the access point (transmitter), repeater, or enable the station (receiver). There are several modes that have almost the same function, call it eg station-bridge mode with station-pseudobridge. Now we will try to do testing mode selection effect on the throughput of data that is passed. Testing using standard band 802.11 B / G / N.

Access Point

There are only two modes that make interface works as a wireless access point. AP-Bridge topology PTMP (point to multi-point) where there are many clients are connected, and topology Bridge mode to PTP (point to point) where there is only one client is served. At this testing time, same station side - the same uses station-bridge mode.

From the results of testing there was no significant difference in throughput. When used to handle one client, throughput both still balanced, between 150Mbs up to 200Mbps up and

Limitations Bandwidth Over Time

Simple queue is a bandwidth management method is the simplest. How easy configuration and results are quite effective. But sometimes we as a network administrator wants custom flexible bandwidth management. For example do bandwidth limitations based on time. If imaginable seems to require the configuration is complex, but it turns out the configuration that must be made quite simple.

Examples of such cases we will do the limitation of bandwidth with the following conditions:

• Working hours are 8:00 to 17:00 with 512Mbps bandwidth allocation.

• After working hours increased to 1Mbps bandwidth allocation, for example employee bonus overtime.

• Saturday - Sunday given bandwidth of 2 Mbps.

For those of us who rarely pay attention to small features may be thinking of the above requirements we would need a scheduler. But actually we do not need the features scheduler, there are parameters in simple queue time. This parameter is used to determine when the rule will be active. For the needs already mentioned above, then we can make the configuration as follows.

First, create a rule to bandwidth limitations on working hours, which is allocated bandwidth of 512kbps, assume for example ip address client will limited is 192 168 230 254. In the bottom of the window there is a simple queue configuration parameter Time. Here we specify when the rule will run queue.

Next create a rule to limitations on weekdays, after

MikroTik With Eternal Proxy

Proxy not a stranger in the world of Mikrotik. Mikrotik itself has proxy feature that can be quite simple. Many users Mikrotik then add external proxy in order to use features that are more complex than internal features of proxy. The question is, whether they have a significant performance difference? In this article we will try to do test the performance of internal and external proxy.

Configuring External Proxy with MikroTik

To test this, we will use an external application proxy that is commonly used, namely Squid. Step-by-step installation and configuration of the application of this squid can we get references on the internet. And do not worry a lot of references that have been using the Indonesian language for this application many users even in Indonesia.

After installation and configuration of Squid is complete, then we will do the setting transparent proxy. This works for all traffic accessing the HTTP (TCP Protocol, Port 80) is deflected into the Proxy server. Configuration of the transparent proxy this we will do in the MikroTik Router using NAT Firewall feature. The steps are as follows:

Go to the menu IP -> Firewall -> Nat -> click the

Setting Bridge and Switch mode

Today many products that have additional Mikrotik Router switch chipset components. This chipset is connected to multiple ethernet ports, which in turn can make some of the works more like a port switch, where the client can use the underlying IP in the same segment. Ethernet connected and the number of switches chipset on each product is different. To find out, should be viewed in detail the device data sheet. This condition can affect the future use and how to configure each device.

For example, the product Cloud Router Switch (CRS) series. The product is a product of the switch can also be configured as a router. All ethernet and SFP (if any) connected on a switch the same chipset. So if you want to really function as a switch, a configuration that can be done is to direct all ether1 ethernet to use as the master port.

There are several products RouterBoard where ether1 regarded as WAN interfaces so