Home Network Basic Setup Using MikroTik hAP router

Written by - November 15, 2024
Home Network Setup on a hAP router

Basic Steps for Setting Up your Home Network

  1. Prepare your hardware
  2. Configure your LAN settings
  3. Configure your WAN settings
  4. Setup your Wi-Fi
  5. Provision DHCP and DNS settings
  6. Finally configure the NAT and Firewall Settings

Step 1: Reset the Router to Remove Default Configuration

  1. Connect to the router using Winbox.
  2. Go to System > Reset Configuration.
  3. Check No Default Configuration to remove the preloaded configuration, then click Reset Configuration.
  4. The router will reboot with a clean configuration.

Step 2: Set up the LAN Bridge

  1. Go to Bridge > Bridge.
  2. Click Add New to create a new bridge.
  3. Set the Name to bridge-local and click OK.

Add Ports to the Bridge

  1. Go to Bridge > Ports.
  2. Click Add New and add each of the ports you want to include in the bridge (ether2, ether3, ether4, ether5).
  3. For each port, set Interface to ether2 (then repeat for ether3, ether4, and ether5) and Bridge to bridge-local.
  4. Click OK after adding each port.

Step 3: Configure the LAN IP Address

  1. Go to IP > Addresses.
  2. Click Add New.
  3. Set the Address to 192.168.0.1/24.
  4. Set the Interface to bridge-local.
  5. Click OK.

Step 4: Set up the WAN Interface

  1. Go to IP > DHCP Client.
  2. Click Add New.
  3. Set the Interface to ether1 (or whatever port you want as the WAN).
  4. Check Use Peer DNS and Use Peer NTP if you want to use the provider’s DNS and time settings.
  5. Click OK.

Step 5: Configure the WiFi Interfaces

  1. Go to Wireless > WiFi Interfaces.
  2. Select wlan1 (2.4 GHz interface) and Enable it.
  3. Set the SSID to helloworld-wifi.
  4. Go to Security Profiles, add a new security profile (e.g., WPA2), and configure it with your preferred security settings (such as WPA2-PSK and a strong password).
  5. Return to wlan1, set the Security Profile to the one you created, and configure other basic settings as needed.
  6. Repeat these steps for wlan2 (5 GHz interface).

Add WiFi Interfaces to the LAN Bridge

  1. Go to Bridge > Ports.
  2. Click Add New.
  3. Set the Interface to wlan1, and Bridge to bridge-local.
  4. Click OK.
  5. Repeat the steps to add wlan2 to the bridge-local.

Step 6: Set up the DHCP Server for the LAN

  1. Go to IP > DHCP Server.
  2. Click DHCP Setup and select bridge-local as the interface.
  3. Follow the setup wizard to set the DHCP pool range and DNS servers.
    • DHCP Address Space: 192.168.0.0/24
    • Gateway for DHCP Network: 192.168.0.1
    • Address to Give Out: Set the range as 192.168.0.10-192.168.0.250
    • DNS Servers: Set to 8.8.8.8 and 8.8.4.4
  4. Complete the wizard to activate the DHCP server.

Step 7: Set up DNS Server

  1. Go to IP > DNS.
  2. Enable Allow Remote Requests.
  3. In the Servers field, enter 8.8.8.8 and 8.8.4.4.
  4. Click OK.

Step 8: Configure NAT (Source NAT) for WAN Interface

  1. Go to IP > Firewall.
  2. Select the NAT tab.
  3. Click Add New to create a new NAT rule.
  4. Set Chain to srcnat.
  5. Set Out Interface to ether1 (or the WAN interface).
  6. Set Action to masquerade.
  7. Click OK.

This rule will ensure that traffic from the LAN going out to the internet is NATed properly.

Step 9: Configure Firewall Filter Rules

Allow Input Traffic from the LAN

  1. In IP > Firewall, go to the Filter Rules tab.
  2. Click Add New.
  3. Set Chain to input.
  4. Set Src. Address to 192.168.0.0/24.
  5. Set Action to accept.
  6. Click OK.

This rule allows any incoming traffic from the LAN network (192.168.0.0/24) to access the router.

Drop All Other Input Traffic Except Established Connections

  1. In the Filter Rules tab, click Add New again.
  2. Set Chain to input.
  3. Set Connection State to established, related.
  4. Set Action to accept.

This final setup ensures that only traffic from the LAN and established connections are accepted by the router, while other incoming traffic on the input chain is dropped.

Final Checks

  1. Save Configuration: Go to Files, create a backup by clicking Backup.
  2. Reboot the router to ensure all settings take effect.

This setup configures your MikroTik hAP router with a LAN bridge (192.168.0.1/24), a WAN on ether1, and a DHCP server providing IPs from 192.168.0.10 to 192.168.0.250. Both wlan1 and wlan2 are configured under the SSID helloworld-wifi and included in the bridge with LAN ports.

Recommended hardware for a home network are the hAP ac or the hAP ax.

Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *


Ask a question
Ask a question