homework stuffz

JOURNAL.md

@@ -15,7 +15,7 @@ Summary :
 
 Took testing Mikrotik Router RB2011UiAS-2HnD-IN to School with me to do basics of testing due to actual router going missing for some reason.
 
-### Work done on MT RouterOS
+### Work done on MT RouterOS on testing board RB2011
 Only changed values from default are listed to save on documentation work having to be done.
 
 - Router was Reset to default config
@@ -119,4 +119,91 @@ Only changed values from default are listed to save on documentation work having
     - Goals next lesson :
         - Wireguard Site to Site VPN working
         - Firewall rules to block Guest to other Nets
-        - (Optional, maybe later) Captive Portal for Guest wifi
+        - (Optional, maybe later) Captive Portal for Guest wifi
+
+## 2025-03-08 to 2025-03-09
+Summary : 
+
+Work was done outside of school but was interupted by a taking wrong routerboard with me from home and water pipe bursting and flooding the basement of my grandpas workshop lol.
+
+Due to some mistakes with my original planing new MikroTik Hardware was ordered with next day shipping.
+
+README was changed to reflect hardware changes.
+
+### Work done on MT RouterOS on RB2011 board
+Summary :
+
+Ethernet ports 6-10 were removed from bridge.
+Wifi Configs deleted (new router doesnt have one built in)
+Exported to backup file.
+
+
+
+### Work done on MT RouterOS on mAP lite
+Summary :
+Connected to its default SSID that it Broadcasts (sometimes takes a few tries on MacOS machines)
+Updates were installed from RouterOS 6.43 to 7.18.1.
+Set a Password for admin user
+
+Detailed work :
+    - System -> Reset Configuration
+        - Keep users : X
+        - CAPS Mode : X
+
+
+### Work done on MT RouterOS on hEX S board.
+Summary :
+
+Connection to the board was established.
+Config was reset to defconf.
+Updates were installed from RouterOS 6.43 to 7.18.1.
+Config from RB2011 was imported.
+
+Detailed work :
+- Enabling CAPsMAN (something like a CloudKey but for Mikrotik APs built into MT Routers) and forbidding it broadcasting onto the WAN link.
+    - Wireless -> CAPsMAN -> Manager
+        - Enabled : X
+    - Interfaces
+    - new
+        - Interface : ether1
+        - Forbid : X
+- Making a default config
+    - Wireless -> CAPsMAN
+    - New
+        - Name : default-config
+        - Mode : ap
+        - SSID : teleco-admin
+        - Country : Switzerland
+        - Auth. Type : WPA2 PSK
+        - Passprhase : PasswordYouWontGet123
+- Making profisioning profile for APs
+    - Wireless -> CAPsMAN
+    - New
+        - Action : create dynamic enabled
+        - Master Configuration : default-config
+- Add new dynamic cap1 interface to bridge
+(Same as above shown in first wifi configs on 2025-03-07)
+- Make the other VLANs show up through their respective wifi
+    - Wireless -> CAPsMAN -> Datapaths
+    - New
+        - Bridge : bridge
+        - VLAN mode : no tag for admin, use tag for others
+        - VLAN ID : none for admin, respective ID for others
+        - Interface List : LAN for all
+    - Wireless -> CAPsMAN -> Configurations
+    - default-config
+    - clone
+        - Change SSID and Password
+    - rinse and repeat for guest
+    - Provisioning Tab
+    - default-config
+        - slave configurations : user-config, guest-config
+
+unformatted gabble gooble that will be properly formated later i am too tiered :
+
+sign into the ap and reboot it
+enabled save channel selection to save time when ap reboots
+aksi ebavke bridge management of vlans setting thingy 
+if the ssids dont show immediatly thats okay btw, the mAP lite is a tiny device and it does frequency scanning for all ssids which takes quiete a while. had to wait like 5-10 minutes until all were there consistently
+
+test if it works and stuff

README.md

@@ -14,10 +14,12 @@ Dieses Projekt zeigt die Planung sowie die Implementierung eines segregierten, e
 ## Disclaimer
 - Anpassungen an der Projekt Übersicht können möglich sein da noch nicht alles in Stein gemeisselt ist und noch einiges offen ist.
 
-## Hardware 
-- **MikroTik RouterBoard 260S** (Router verantwortlich für VLANs, routing, firewall and VPN)
-- **MikroTik RouterBoard hAP ac** (Access Point verantwortlich für halt WLAN und test Punkt für VLANs auf ETH Schnittstellen)
+## Hardware
+- **MikroTik Routerboard hEX s** (Router verantwortlich für VLANs, routing, firewall and VPN)
+- **MikroTik mAP lite** (Access Point verantwortlich für halt WLAN und test Punkt für VLANs auf ETH Schnittstellen)
 - **Zotac Mini PC** (Proxmox VE Host für SNMP Monitoring Lösing)
+Optional :
+- **MikroTik RouterBoard 260S** (optionale Switch um zu demonstrieren das ich auch auf Switch Hardware weiss wie man VLANS konfiguriert aber nur wenn Zeit da ist.)
 
 ## VLAN Übersich
 Das Netwerk wird soweit in 4 VLANs unterteilt welche wie folgt aussehen :