Mikrotik: Basics enable Static WAN + Add DHCPserver

Sometimes there is no possibility for minor offices to buy a ring service of LAN, and therefore they will not be assigned a VLAN from the company’s IT-infrastructure. Still we would like to give’em a good router/firewall with IPsec features. Miktorik RB450G will make the job! In this 6-step guide i will first of all just show how to config a static IP address and let it hand out DHCP to clients. This setup require static ip-address from ISP.

Add IP to interface Ether1:

/ip address
add address= interface=Ether1

Add LAN address on interface Ether2:

add address= interface=Ether2

Add your ISP’s DNS:

/ip dns
/ip dns
set servers=, allow-remote-requests=yes

Add DHCP-server and DHCP-Pool:

/ip pool
add name=dhcp-pool ranges=
/ip dhcp-server
add name=dhcp interface=LAN address-pool=dhcp-pool
/ip dhcp-server network
add address= gateway= dns-server=

Add Deafult Route:

/ip route
add dst-address= gateway=

Add Firewall NAT-rule:

/ip firewall nat
add action=masquerade chain=srcnat comment=”” disabled=no out-interface=ether1

And we are done! If you are assigned dynamic ip addresses from your ISP just make Ether1 “DHCP client” /ip dhcp-client add Ether1

Next up will be how to config ipsec fw to fw


2 thoughts on “Mikrotik: Basics enable Static WAN + Add DHCPserver

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s