Mikrotik – PTP Link

We are often asked how to make building to building or ‘point to point’ wireless links. As the MikroTik interface does not change between models this ‘How To’ can apply to any MikroTik Wireless based device. For this How To I will be using a pair of the new MikroTik SXT AC’s, to create a L2 transparent wireless bridge in a simple point to point mode (PtP).  This How To can also apply to point to multi point scenarios (PtMP). One SXT will be set up in ‘Bridge’ mode (effectively an AP) and the other as ‘Station Bridge’ (i.e. the ‘client’), to ensure best performance the link will be created and secured using the Mikrotik NV2 TDMA based protocol.

Step 1 – The first port of call for configuring any Mikrotik device is to manually change your systems IP address in order to communicate with the Mikrotik equipment effectively, in this How To I will be using 192.168.88.2 as my system IP initially and then swapping back to DHCP once the link is established. (note that Mikrotik devices are configured on 192.168.88.1 for Ether 1 from the manufacturer by default).

CaptureMT
linuxIPMT
OSX-IP-confMT

Step 2 – Once a static IP has been set on your computer you will be able to log in and configure the Mikrotik Wireless device using the free Winbox tool provided by Mikrotik HERE, there is also a web gui tool (WebFig) but we will not be using that for this How To. Once Winbox is downloaded and launched you will be able to see your first Mikrotik Wireless device under the neighbours tab (only plug in one device directly into your system at a time for initial configuration).  If the device does not immediately appear, press the ‘Refresh’ button.

Winbox

Step 3 – Connect to the first wireless device using its default IP of 192.168.88.1  default username will be admin with no password set. Once connected a new window will appear with many options, see image below for reference.

winboxblank

Step 4 – Now that we are logged into the Mikrotik we can begin configuring it for use in our PTP link, the first one we are going to configure is the access point which might be plugged directly into a switch in the main office, or a broadband router at home. To enable us to transparently bridge Layer 2 traffic across the link, we are going to bridge the ethernet and the wireless interfaces together.  Doing this will also allow a DHCP server to assign the Mikrotik a unique Network IP which will allow for easy configuration in the future on your internal network, which may not be on the same 192.168.88.0/24 network. To create a bridge simply select bridge from the left menu, a new window will appear within Winbox. Select the + symbol to create a new bridge and give it a meaning full name e.g. “Wireless bridge”.

wireless bridge

Step 5 – Now that we have a bridge we have to assign the interfaces to it, on a Mikrotik SXT or Netmetal you normally have 2 interfaces, namely wlan1 and Ether1-local. An OmniTik for example will have more ethernet interfaces. To assign interfaces to the bridge simply select the ports tab under the ‘Bridge’ window and use the + to add the required interfaces, for this SXT I have assigned both ‘ether1-local’ and ‘wlan1’ to the new bridge.

bridge ports

Step 6 –  Now that we have a working bridge we need to instruct that bridge to receive an IP address from the DHCP server/router, to do this select ‘IP’ from the left hand menu followed by DHCP Client then + to add a new client interface, next select the bridge interface that we created earlier. Nothing will happen at this stage providing the Mikrotik is directly connected to your system.  (Once we’re finished, we will remove the static IP currently on ether1-local).

DHCP Client

Step 7 – Now its time to configure the Wireless interface on our Mikrotik to broadcast a secure wireless signal for our station side to connect to. This can be done by selecting Wireless from the left hand menu followed by double clicking ‘wlan1-gateway’ from the interface list (normally only 1 Wlan interface is listed but it’s actual name may change depending on the type of MikroTik RouterBoard). This will bring up a new window with many options, select the wireless tab within the new window and then click on ‘Advanced mode’. More options will now appear but don’t panic! First thing we should configure is the frequency mode which will automatically bring the Mikrotik into Compliance with local regulatory guidelines (set by Ofcom in the UK), ensure that Frequency Mode is set to ‘regulatory-domain’ and the county is set to the country that the Mikrotik will be operating in. In this case, I have selected United Kingdom. Once this is done ‘simple mode’ can be re-selected or you can continue to work in Advanced mode.

Step 8 – Still in the wireless tab under the wireless interface configuration window change the Mode to ‘ap bridge’  and the SSID to something appropriate, I used ‘Mikrotik PTP’. If the SXT only has a Level 3 license, then the mode ‘ap bridge’ is not available, so select ‘bridge’ instead.  For a point to point system, there is no difference between ‘ap bridge’ and ‘bridge’ wireless modes.  For point to multi-point, you will need a MikroTik RouterBoard wireless product with a Level 4 license. Wireless protocol should now be changed to ‘nv2’, by doing this simple change we have added a substantial layer of reliability to the wireless signal we are producing compared to using 802.11 WiFi mode. No conventional wireless client such as laptop or phone can communicate on the NV2 protocol as they don’t understand it only Mikrotik devices can use NV2.  (Note that there are also no device drivers available for Windows, Linux or Mac OSX as the NV2 mode is a proprietary TDMA based system).

Wirelessconf

Step 9 – To add a significant amount of extra security to the link we are creating, navigate to the NV2 tab under the wireless interface configuration window, tick the security box and enter in a Preshared key of your choosing, click apply when done.  NV2 will then switch to encrypting the wireless data using AES.

Nv2

Step 10 – The first Mikrotik is now ready and can be plugged in to the main network (it’s wise to delay actually mounting this unit, until the second unit is connected and tested).  Plug in the second Mikrotik direct to your computer (this will be the Station device for the remote end we are connecting to) and repeat steps 1-7 on this second device.

Step 11 – The mode for this Mikrotik shoudl be set to ‘station bridge’ with all other settings remaining the same as last time with the SSID set to the same as before and Wireless protocol set to nv2. Select the NV2 tab and enter the same AES preshared key as you did on the last device, Select apply.

wirelessst

Step 12 (Testing) – If everything has gone to plan with the previous steps we should now have a wireless link between the 2 Mikrotik devices, therefore we will now test this link. Ensure that the AP end configured earlier is plugged into your main network and leave the station end device plugged into your computer. Do not connect the station client end into the same network as your AP device, otherwise when the wireless connects, it will create a broadcast storm! To see if the devices have connected open a winbox connection to the device you have plugged in and select Wireless from the left hand menu, select the ‘Registration’ table and you will see the connection in this window, if nothing is displayed please go over the previous steps.

wirelessreg

Next remove the static IPs set on each of the two devices’ ether1 interfaces and also the fixed IP on your computer (see step 1). Your computer should now be served an IP address over the wireless link from your own DHCP server. Providing the AP is connected to your main network which also serves the internet you will now have full internet access subject to any network access restrictions and policies already in affect. Both Mikrotik devices will also have received an IP address from the DHCP Server with means that you will be able to winbox to either device once they connected to the same network and the wireless link is connected.

Step 13 –  Mount both devices in the respective locations and angle them towards each other ensuring full radio line of site (remember – just because YOU can see the other end with your eyes, does not mean the same thing as the radios being able to ‘see’ each other. Read up on Fresnel Zone!) For the best connection, there are LEDs on the rear of Mikrotik PTP devices with can aid in precise positioning by indicating signal strength.

Quota Management in Windows Server 2019

To set quotas in the Windows Server, you’ll need to use a tool called File Server Resource Manager (FSRM). This tool assists in managing and organising data kept on file servers.

The File Server Resource Manager tool consists of the following five features.

  • File classification infrastructure—this feature allows you to organise files and implement policies.
  • File management tasks—it enables you to implement conditional policies or tasks.
  • Quota management—it assists you to restrict the space available on shared folders.
  • File screening management—it allows you to limit the type of files that users can keep. For example, you can set a file screen to prevent users from creating MP3 files on the files server.
  • Storage reports—with this feature, you can generate reports to understand trends in disk utilisation and how data is organised, which enables you to spot unauthorised activities.

In this article, we are going to talk about the quota management feature in FSRM.

Setting up File Server Resource Manager

We need to install the File Server Resource Manager tool before using it for quota management.

A quick way to complete its setup is through the GUI server manager. Here are the steps for installing the tool.

1. Start by logging into the Windows Server 2016. Then, on the Server Manager’s dashboard, click on “Manage” and select “Add Roles and Features”.

















​Report ​NTFS Permissions on Windows Folders in Under 60 Seconds!

​Discover the security leaks in your Windows fileserver environment now! ​Get Your Free Trial

2. On the “Before you begin” screen click “Next”.

3. Select “Role-based or feature-based installation” and click “Next”.

4. Select your destination server and click “Next”.

5. On the “Select Server roles” dashboard, expand “File and Storage Services” and “File and iSCSI Services”. Th

en, select “File Server Resource Manager”.

6. On the window that pops up, Click the “Add Features” button to incorporate the required features. Click “Next”.

7. If you do not need to add any extra features, just leave the default settings and click “Next”.

8. Confirm the installation selections and Click “Install” to start the process.

9. After the installation process is complete, click the “Close” button.

10. You can now access the File Server Resource Manager from the administrative interface and use it to create quotas.

Creating Quotas Using FSRM

As earlier mentioned, quota management enables you to set restrictions and define the extent of space available for users in the server. For example, you can limit all users to a maximum of 5GB on a shared folder. As such, the users cannot add data to the folder that exceeds 5GB.

You can also configure the File Server Resource Manager tool to be sending notifications whenever the specified usage limit is reached. For example, you can specify that an email is to be sent if 85% of the space has been consumed.

Creating quotas using the FSRM tool is a two-step process:

  • Create a template
  • Create a quota

a) Create a template

Before setting quotas, you need to either create a quota template or choose a default template already available on the File Server Resource Manager tool.

It is recommended that you create quotas solely from templates. This way, you can easily manage your quotas by making changes to the templates rather than the individual quotas. The one central location for managing quotas eases the enactment of storage policy rules.

Here are the steps for creating a quota template.

1. Under the “Quota Management” Section, right-click the “Quota Templates” button and go for “Create Quota Template”.

2. On the window that pops up, enter the Template name and the space limit. If you choose the “Hard quota” option, users will be unable to surpass the specified limit. A hard quota is good for controlling the amount of data allowed on a folder or a disk.

On the other hand, if you select the “Soft quota” option, users will be able to exceed the allocated limit. A soft quota is mostly used for monitoring space usage and producing notifications.

3. Lastly, to set notification thresholds, press the “Add” button. On the window that pops up, input your notification specifications.

You can specify that an email is to be sent, an entry is to be made to the event log, a command is to be run, or a report is to be generated. For example, you can state the whenever usage reaches 85%, send an email message to the administrator.

Thereafter, click “OK” to complete creating the quota template.

b) Create a quota

After setting up the quota template or using a default quota template, you need to create the quota.

Here are the steps for creating a quota.

1. On the File Server Resource Manager’s dashboard, right-click on “Quotas” and go for “Create Quota”.

2. On the “Create Quota” window, in the “Quota path” section, browse the path to the volume or folder that the storage capacity restriction will be applied.

Then, choose either the “Create quota on path” or the “Auto apply template and create quota…” option.

If you select the first option, quota will only be applied to the primary folder. For example, if you limit the parent folder to only 5GB, then the other subfolders will share the space specified in the main folder.

On the other hand, if you choose the second option, then the quota will also be applied to the subfolders. For example, if you restrict the main folder to 5GB, then the subfolders will also have individual quotas of 5GB each.

Subsequently, on the “Derive properties from this quota template” option, choose the template you created previously.

If satisfied with the quota properties, click “Create”.

After you’ve created the quota, you can see it on the File Server Resource Manager’s dashboard. Thereafter, you’ll be able to limit the amount of space allowed on your shared resources.

I hope these clear things up.

WordPress

#Turvalisusega seotud pluginad mis vaja wordpressi lisada

1) Akismet Anti-Spam
2) All In One WP Security
3) EWWW Image Optimizer
4) iThemes Security
5) Limit Login Attempts Reloaded
6) Sucuri Security - Auditing, Malware Scanner and Hardening
7) Wordfence Security
8) WP fail2ban


#Wordpressi mälu limiidi määramine

To increase the WordPress allowed memory size for your website:
1) Open wp-config.php, which by default is located in the root WordPress directory. 
Find the following line near the end of the file:
/* That's all, stop editing! Happy blogging. */
Just above that line, add the following line:

define('WP_MEMORY_LIMIT', '64M');

Save your changes. 
You can also increase memory to a higher number, and you can also increase the memory limit for admin tasks, as described in the WordPress codex.
If you’re still receiving the error after this fix, contact your web host provider or server administrator for their help. 

MySQL andmebaas

#mysql andmebaasi importimine käsurealt

mysql -u kasutajanimi -p andmebaas < /home/koopiad/file.sql

Check MySQL Options.
Note-1: It is better to use the full path of the SQL file file.sql.
Note-2: Use -R and --triggers to keep the routines and triggers of original database. They are not copied by default.
Note-3 You may have to create the (empty) database from mysql if it doesn't exist already and the exported SQL don't contain CREATE DATABASE (exported with --no-create-db or -n option), before you can import it.