Microsoft and Internet Explorer are registered trademarks of Microsoft Corporation. Mikrotik and RouterOS are
trademarks of Mikrotikls SIA. All other product names, company names, logos or other designations mentioned herein
ntained in this document
without prior written notice. The information provided herein is subject to change without notice. In no event shall
ng but not
limited to lost profits, arising out of or related to this manual or the information contained herein, even if Allied Telesis,
RouterOS v3 Configuration and User Guide
All rights reserved. No part of this publication may be reproduced without prior written permission from Allied Teles
International.
are trademarks or registered trademarks of their respective owners.
Parts of this manual reproduced with Mikrotik permission from Mikrotik RouterOS v3.0 Reference Manual.
Allied Telesis, Inc. reserves the right to make changes in specifications and other information co
Allied Telesis, Inc. be liable for any incidental, special, indirect, or consequential damages whatsoever, includi
Inc. has been advised of, known, or should have known, the possibility of such damages.
AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers 3
LIMITATION
OF
LIABILITY
AND
DAMAGES
THE PRODUCT AND THE SOFTWARES WITHIN ARE PROVIDED "AS IS," BASIS. THE
MANUFACTURER AND MANUFACTURER’S RESELLERS (COLLECTIVELY REFERRED TO AS
“THE SELLERS”) DISCLAIM ALL WARRANTIES, EXPRESS, IMPLIED OR STATUTORY,
INFRINGEMENT,
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, OR ANY WARRANTIES
ARISING FROM COURSE OF DEALING, COURSE OF PERFORMANCE, OR USAGE OF TRADE.
AMAGES OR LOSS, INCLUDING BUT
NOT LIMITED TO DIRECT, INDIRECT, SPECIAL WILFUL, PUNITIVE, INCIDENTAL,
EXEMPLARY, OR CONSEQUENTIAL, DAMAGES, DAMAGES FOR LOSS OF BUSINESS
PROFITS, OR DAMAGES FOR LOSS OF BUSINESS OF ANY CUSTOMER OR ANY THIRD
OF THE USE OR THE INABILITY TO USE THE PRODUCT OR THE
SOFTWARES, INCLUDING BUT NOT LIMITED TO THOSE RESULTING FROM DEFECTS IN
THE PRODUCT OR SOFTWARE OR DOCUMENTATION, OR LOSS OR INACCURACY OF
LEGAL
THEORY, EVEN IF THE PARTIES HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH
DAMAGES. THE ENTIRE RISK AS TO THE RESULTS AND PERFORMANCE OF THE PRODUCT
OR ITS SOFTWARE IS ASSUMED BY CUSTOMER. BECAUSE SOME STATES DO NOT ALLOW
OF LIABILITY FOR DAMAGES, THE ABOVE LIMITATION
MAY NOT APPLY TO THE PARTIES. IN NO EVENT WILL THE SELLERS’ TOTAL CUMULATIVE
LIABILITY OF EACH AND EVERY KIND IN RELATION TO THE PRODUCT OR ITS
RouterOS v3 Configuration and User Guide
INCLUDING WITHOUT LIMITATION THE IMPLIED WARRANTIES OF NON-
IN NO EVENT WILL THE SELLERS BE LIABLE FOR D
PARTY ARISING OUT
DATA OF ANY KIND, WHETHER BASED ON CONTRACT, TORT OR ANY OTHER
THE EXCLUSION OR LIMITATION
SOFTWARE EXCEED THE AMOUNT PAID BY CUSTOMER FOR THE PRODUCT.
4 AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers
RouterOS v3 Configuration and User Guide
1.1 Features ............................................................................................................................................................13
2.1 Logging in the AT-WR4500 Router..........................................................................................................14
2.2 Accessing the WR4500 through WinBox ...............................................................................................14
2.3 Accessing the CLI...........................................................................................................................................15
3 Configuration and Software Management........................................................................................................18
3.1 General Information......................................................................................................................................18
3.1.1
System Backup ...............................................................................................................................18
3.1.2
The Export Command .................................................................................................................19
3.1.3
The Import Command .................................................................................................................19
4.1 General Interface Settings............................................................................................................................30
4.1.1
General Information .....................................................................................................................30
4.1.2
Interface Status ..............................................................................................................................30
5 IP and Routing .........................................................................................................................................................87
5.1 IP Addresses and ARP...................................................................................................................................87
5.1.1
General Information .....................................................................................................................87
5.1.2
IP Addressing ..................................................................................................................................87
6 DHCP and DNS................................................................................................................................................... 116
6.1 DHCP Client and Server........................................................................................................................... 116
6.1.1
General Information .................................................................................................................. 116
6 AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers
RouterOS v3 Configuration and User Guide
6.2 DNS Client and Cache ...............................................................................................................................129
6.2.1
General Information ...................................................................................................................129
6.3 DNS Cache Setup ........................................................................................................................................129
Static DNS Entries ......................................................................................................................130
6.4 All DNS Entries ............................................................................................................................................130
6.5 Static DNS Entries .......................................................................................................................................130
6.6 Flushing DNS cache.....................................................................................................................................131
7.2 PPP User AAA ..............................................................................................................................................141
7.2.1
General Information ...................................................................................................................141
7.2.2
Local PPP User Profiles..............................................................................................................141
7.2.3
Local PPP User Database ..........................................................................................................143
7.2.4
Monitoring Active PPP Users ...................................................................................................144
7.2.5
PPP User Remote AAA .............................................................................................................145
7.3 Router User AAA........................................................................................................................................145
7.3.1
General Information ...................................................................................................................145
7.3.2
Router User Groups ..................................................................................................................146
8 VPNs and Tunneling ............................................................................................................................................150
8.3 General Information....................................................................................................................................154
8.8 IP Security...................................................................................................................................................... 187
8.8.1
General Information .................................................................................................................. 187
10 Hot Spot Service.................................................................................................................................................. 222
10.3 HotSpot Active Users.................................................................................................................................229
10.3.8 Service Port ..................................................................................................................................232
10.4 HotSpot User AAA .....................................................................................................................................244
10.4.1 General Information ...................................................................................................................244
10.4.2 HotSpot User Profiles................................................................................................................244
11.1.3 Virtual IP addresses.....................................................................................................................251
11.1.4 A simple example of VRRP fail over .......................................................................................251
11.2 System Watchdog ........................................................................................................................................253
11.2.1 General Information ...................................................................................................................253
Figure 3: WinBox main window................................................................................................................................................15
Figure 4: WinBox with terminal window open.....................................................................................................................15
Figure 5: Station and AP mode example .................................................................................................................................60
Figure 6: WDS Network example ............................................................................................................................................62
Figure 7: Nstreme network example .......................................................................................................................................66
Figure 16: Static Equal Cost Multi-Path Routing example ...............................................................................................113
Figure 17: Standard Policy-Based Routing with Failover.................................................................................................. 114
Figure 24: Secure Remote office connection through L2TP tunnel..............................................................................167
Figure 25: Client to Office secure connection via L2TP tunnel.....................................................................................169
Figure 26: PPPoE Example .......................................................................................................................................................176
Figure 27: Network Setup without PPTP enabled.............................................................................................................183
Figure 28: Network Setup with encrypted PPTP Tunnel ................................................................................................ 184
Figure 29: Connecting a Remote Client via and Encrypted PPTP Tunnel...................................................................186
Figure 30: transport mode example using ESP with automatic keying.........................................................................195
Figure 31: Add accept and masquerading rules in SRC-NAT......................................................................................... 196
Figure 34: HotSpot example network .................................................................................................................................. 223
Figure 35: Simple VRRP fail over example........................................................................................................................... 251
Figure 36: Host Information ....................................................................................................................................................260
Figure 38: Network load profile by time ............................................................................................................................. 261
Figure 39: Traffic Load by protocol....................................................................................................................................... 261
10 AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers
RouterOS v3 Configuration and User Guide
PREFACE
Purpose of This Guide
This guide describes the AT-WR4500 Series Outdoor Wireless Routers RouterOS command structure
and configuration for allowing users or network managers to correctly configure the router getting the
most of it.
How This Guide is organized
This guide contains the following chapters and appendices:
Chapter 1Introduction describes the features, functions, LEDs, and ports on the equipment.
Please refer to the relevant Quick Installation guides for information on how to
install and setup each router.
Chapter 2 Configuring RouterOS describes how to access the router’s command facility and
perform the basic configuration tasts through the Command Line Interface, The
Web GUI and the WinBox application.
Chapter 3 Configuration and Software Management describes how to backup, export, and
restore the router’s configuration.
Chapters from 4 on describe all the available commands and parameters with some
configuration examples.
Document Conventions
This guide uses several conventions that you should become familiar with before you begin to install the
product:
Note
A note provides additional information. Please go to the Allied Telesis website
http://www.alliedtelesis.com for the translated safety statement in your language.
Warning
A warning indicates that performing or omitting a specific action may result in bodily injury.
Caution
A caution indicates that performing or omitting a specific action may result in equipment damage
or loss of data.
AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers 11
RouterOS v3 Configuration and User Guide
CONTACTING ALLIED TELESIS
This section provides Allied Telesis contact information for technical support as well as sales and
corporate information.
Online Support
You can request technical support online by accessing the Allied Telesis Knowledge Base:
http://www.alliedtelesis.com/kb/. You can use the Knowledge Base to submit questions to our
technical support staff and review answers to previously asked questions.
Email and Telephone Support
For Technical Support via email or telephone, refer to the Support & Services section of the Allied Telesis
web site: http://www.alliedtelesis.com/support/.
Warranty
For product registration and warranty conditions please visit Allied Telesis website:
http://www.alliedtelesis.com/support/warranty/
Where to Find Web-based Guides
The installation and user guides for all Allied Telesis products are available in portable document format
(PDF) on our web site at www.alliedtelesis.com. You can view the documents online or download
them onto a local workstation or server.
Returning Products
Products for return or repair must first be assigned a return materials authorization (RMA) number. A
product sent to Allied Telesis without an RMA number will be returned to the sender at the sender’s
expense.
To obtain an RMA number, contact Allied Telesis Technical Support through our web site:
http://www.alliedtelesis.com/support/.
Sales or Corporate Information
You can contact Allied Telesis for sales or corporate information through our web site:
http://www.alliedtelesis.com/. To find the contact information for your country, select Contact Us ->
Worldwide Contacts.
Management Software Updates
New releases of management software for our managed products are available from either of the
following Internet sites:
• Allied Telesis web site: http://www.alliedtelesis.com/support/software/
If you prefer to download new software from the Allied Telesis FTP server from your workstation’s
command prompt, you will need FTP client software and you must log in to the server. Enter
“anonymous” for the user name and your email address for the password.
Tell Us What You Think
If you have any comments or suggestions on how we might improve this or other Allied Telesis
documents, please contact us at http://www.alliedtelesis.com.
12 AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers
Landline
Network
Network
RouterOS v3 Configuration and User Guide
1 Introduction
Thank you for purchasing an AT-WR4500 series Wireless Router.
The WR4500 family of dual band outdoor wireless base routers and routing CPEs allow the building of
wireless only or hybrid IP networks that are scalable, reliable and fully controllable.
Wireless ISPs can easily and quickly provide homes in rural areas with broadband Internet access and
VoIP telephony and, at the same time, can set-up WiFi hot spots for nomadic users.
Enterprises can connect remote buildings without the need for expensive leased lines and can extend
WiFi coverage to outdoor yards providing users with mobile intranet and Internet access everywhere.
Municipalities can build wireless IP networks for connecting remote offices and for increasing public safety
with real time monitored surveillance cameras and continuous communication with local police patrols.
Local utilities can easily control their remote equipments and read, in real time, gas, water and electricity
meters without any need for expensive fiber cabling.
Hot spot services can be provided to hotel guests and hospital patients ‘illuminating’ rooms from outside
the building with a reduced impact on medical equipments because no transmit radio will be installed
inside the hospital.
The single radio AT-WR4561 model can be used as either a base router, a hot spot or a wireless CPE
while the dual radio AT-WR4562 can be deployed at the same time as both a wireless only base router
and hot spot or base station in a Point to Multipoint configuration.
The AT-WR4542 with its embedded high gain antenna is best suited for being used as a wireless CPE
connecting to an AT-WR4561 or AT-WR4562 base router or can be deployed in couples for realizing
long reach high performances Point to Point links.
Flexibility is the primary advantage of the WR4500 family of wireless base routers. All products share the
same software and features and differ only in the number of radio interfaces.
Please refer to the ATWR45xx Quick Installation Guide for information on how to install connect and
initially setup each router model.
Access
5GHz
2.4GHz
2.4 / 5GHz
2.4GHz
Figure 1: AT-WR4500 Series typical application
Backbone
5GHz
IP Net
5GHz
AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers 13
RouterOS v3 Configuration and User Guide
1.1 Features
The AT-WR4500 series RouterOS firmware is very rich of features and very flexible. Among others:
• Real IP routing functionalities
• 2.4 GHz and 5 GHz dual band operations
• IEEE 802.11a/b/g/h compliant
• Certified for HiperLAN bands operation in Europe with DFS and TPC
• IEEE 802.3af compliant PoE powering
• IP66/67 rated outdoor robust construction
• Professional look suitable for indoor installation too
• Embedded IP firewalling functionalities
• Highly configurable QoS management for multimedia applications
• High sensitivity radio interface for longer reach and higher throughput on wireless links
• Wide choice of omnidirectional, directional and sector antennas
• RoHS compliant
1.2 Software License
RouterOS licensing scheme is based on software IDs. To license the software, you must know the
software ID that is displayed during installation process or can be read from the CLI system console or
WinBox. In order to get the software ID from system console, first log in (the default user is “admin”
with no password) and type: “/system license print”.
14 AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers
RouterOS v3 Configuration and User Guide
2 Configuring RouterOS
2.1 Logging in the AT-WR4500 Router
There are many options for accessing your AT-WR4500 Router command facility:
• Accessing the router Command Line Interface either via Telnet or SSH using any text-mode Telnet
or SSH client software
• Accessing the Web based Graphical User Interface via HTTP using a Web browser
• Running the MS Windows based WinBox graphical menu based configuration utility.
Every AT-WR4500 Wireless Router is factory configured with the static IP address 192.168.1.1/24 (net
mask 255.255.255.0) and both CLI and Web GUI can be accessed through this IP address.
2.2 Accessing the WR4500 through WinBox
Should the router come with a different IP address or if you do not want to change the IP address of
your PC or Workstation then it is possible to access the Router using the discovery facility of the
WinBox utility. Since WinBox can open a Layer 2 connection to the equipments, no change to the PC IP
address is needed. Please refer to the following section for instructions on how to get and use WinBox.
Downloading WinBox loader
The MS Windows based utility WinBox can be downloaded from the Allied Telesis web site accessing
http://www.alliedtelesis.com/. Select you country; access the “Software and Documentation” section
under the “Service/Support” menu; select “Wireless” in the “Product Category” drop down menu and
“AT-WR45421” in the “Product” drop down menu.
Scroll down the page and select the “AT-WR4500 WinBox loader” from the list of available Software.
Using WinBox
Connect the AT-WR4500 router with a LAN cable to your PC and launch the WinBox loader utility that
you have just downloaded.
Please make sure that the only LAN port enabled on your PC is the one connected to the WR4500
Router. Any other LAN port, either wired or wireless, shall be disabled.
Figure 2: WinBox Loader discovering
When the WinBox loader startup window appears click on the button placed besides the “Connect
To:” field and wait for some seconds. A list of AT-WR4500 connected equipments (at least one) will
appear (see Figure 2). Select the one you want to access and then click on the “Connect” button. Every
AT-WR4500 router is configured in factory with “admin” as the login user with no password set.
The first time that you use it, the WinBox Loader will start downloading the rest of the WinBox
application from the WR4500 router. Wait up to one minute until the entire application has been
downloaded and the WinBox main window will appear.
AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers 15
RouterOS v3 Configuration and User Guide
Figure 3: WinBox main window
Select from the menu bar located in the leftmost part of the window the command or menu that you
want to access and start configuring the equipment. For instance you can click on the “New Terminal”
button for opening a Telnet terminal window connected and logged into your router as shown in Figure
4.
Figure 4: WinBox with terminal window open
You can keep open as many WinBox internal windows as you need at the same time.
2.3 Accessing the CLI
When logging into the router via terminal console in telnet or SSH, you will be presented with the
RouterOS login prompt. Use 'admin' and no password (hit [Enter]) for logging into the router for the first
time
AT-WR4500 v3.0
Login: admin
Password:
The password can be changed with the /password command.
[admin@AT-WR4562] > password
old password:
new password: ************
retype new password: ************
[admin@AT-WR4562] >
16 AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers
RouterOS v3 Configuration and User Guide
After logging into the router you will be presented with the RouterOS™ Welcome Screen and command
prompt, for example:
AA TTTTTTTTTTTTTTTTTT ooooo
AAAAA TTTTTTTTTTTTTTT oooooooo
AAAAAAAA TTTTTTTT I oooooo
AAAAAAAAAAA TTTTTTT IIIIIIIIII
AAAAAAA AAAAA TTTT IIIIIIIIII
AAAAAAA AAAAA T IIIIIIIIII
AT-WR4500 RouterOS 3.10 (c) 1999-2008 http://www.alliedtelesis.com/
[admin@AT-WR4562] >
The command prompt shows the identity name of the router and the current menu level, for example:
[admin@AT-WR4562] >interface
[admin@AT-WR4562] interface>
[admin@AT-WR4562] >ip address
[admin@AT-WR4562] ip address>
The list of available commands at any menu level can be obtained by entering the question mark '?',
[admin@AT-WR4541g] > ?
blink --
certificate -- Certificate management
driver -- Driver management
file -- Local router file storage.
import --
interface -- Interface configuration
ip --
log -- System logs
password -- Change password
ping -- Send ICMP Echo packets
port -- Serial ports
ppp -- Point to Point Protocol
queue -- Bandwidth management
quit -- Quit console
radius -- Radius client settings
redo -- Redo previously undone action
routing --
setup -- Do basic setup of system
snmp -- SNMP settings
special-login -- Special login users
system -- System information and utilities
tool -- Diagnostics tools
undo -- Undo previous action
user --
export -- Print or save an export script that can be used to restore configuration
[admin@AT-WR4541g] >
The list of available commands and menus has short descriptions next to the items. You can move to the
desired menu level by typing its name and hitting the [Enter] key, for example:
[admin@AT-WR4562] > | Base level menu
[admin@AT-WR4562] > driver | Enter 'driver' to move to the driver
| level menu
[admin@AT-WR4562] driver> / | Enter '/' to move to the base level menu
| from any level
[admin@AT-WR4562] > interface | Enter 'interface' to move to the
| interface level menu
[admin@AT-WR4562] interface> /ip | Enter '/ip' to move to the IP level menu
| from any level
[admin@AT-WR4562] ip> |
AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers 17
RouterOS v3 Configuration and User Guide
A command or an argument does not need to be completed, if it is not ambiguous. For example, instead
of typing interface you can type just in or int. To complete a command use the [Tab] key.
The commands may be invoked from the menu level, where they are located, by typing its name. If the
command is in a different menu level than the current one, then the command should be invoked using its
full (absolute) or relative path, for example:
[admin@AT-WR4562] ip route> print | Prints the routing table
[admin@AT-WR4562] ip route> .. address print | Prints the IP address table
[admin@AT-WR4562] ip route> /ip address print | Prints the IP address table
The commands may have arguments. The arguments have their names and values. Some commands, may
have a required argument that has no name.
Command Action
command [Enter] Executes the command
[?] Shows the list of all available commands
command [?] Displays help on the command and the list of arguments
The completion is optional and you can just use short command and parameter names
command argument
[?]
[Tab]
/ Moves up to the base level
/command Executes the base level command
.. Moves up one level
"" Specifies an empty string
"word1 word2" Specifies a string of 2 words that contain a space
You can abbreviate names of levels, commands and arguments.
For the IP address configuration, instead of using the address and netmask arguments, in most cases you
can specify the address together with the number of true bits in the network mask, i.e., there is no need
to specify the netmask separately. Thus, the following two entries would be equivalent:
/ip address add address 10.0.0.1/24 interface ether1
You must specify the size of the network mask in the address argument, even if it is the 32-bit subnet,
i.e., use 10.0.0.1/32 for address=10.0.0.1 netmask=255.255.255.255.
At the factory an IP address (192.168.1.1/24) is pre-configured to allow to use application such us
Telnet, WinBox or HTTP Web GUI, from the Ethernet interface ether1 connecting a PC configured with
an IP Address on the same IP subnet, i.e. 192.168.1.100/24. Whenever the AT-WR4500 will be reset
back the default setting, via the command /system reset-configuration, this IP address will not be
restored into the router running configuration. Connecting the console cable is possible to configure the IP
address using the commands reported here above.
Displays help on the command's argument
Completes the command/word. If the input is ambiguous, a second [Tab] gives
possible options
18 AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers
RouterOS v3 Configuration and User Guide
This chapter introduces you with commands which are used to perform the following functions:
• system backup
• system restore from a backup
• configuration export
• configuration import
• system configuration reset
Description
The configuration backup can be used for backing up RouterOS configuration to a binary file, which can
be stored on the router or downloaded from it using FTP for future use. The configuration restore can
be used for restoring the router's configuration, exactly as it was at the backup creation moment, from a
backup file. The restoration procedure (/system backup load) assumes the cofiguration is restored on
the same router, where the backup file was originally created (/system backup save), so it will create
partially broken configuration if the hardware has been changed.
The configuration export can be used for dumping out complete or partial RouterOS configuration to the
console screen or to a text (script) file, which can be downloaded from the router using FTP protocol.
The configuration dumped is actually a batch of commands that add (without removing the existing
configuration) the selected configuration to a router. The configuration import facility executes a batch of
console commands from a script file.
System reset command is used to erase all configuration on the router. Before doing that, it might be
useful to backup the router's configuration.
In order to be sure that the backup will not fail, system backup load command must be used on the
same computer with the same hardware where system backup save was done.
3.1.1 System Backup
Submenu level: /system backup
Description
The save command is used to store the entire router configuration in a backup file. The file is shown in
the /file submenu. It can be downloaded via ftp to keep it as a backup for your configuration.
To restore the system configuration, for example, after a /system reset, it is possible to upload that file
via ftp and load that backup file using load command in /system backup submenu.
Command Description
load name=[filename] - Load configuration backup from a file
save name=[filename] - Save configuration backup to a file
Example
To save the router configuration to file test:
[admin@AT-WR4562] system backup> save name=test
Configuration backup saved
[admin@AT-WR4562] system backup>
AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers 19
RouterOS v3 Configuration and User Guide
To see the files stored on the router:
[admin@AT-WR4562] > file print
# NAME TYPE SIZE CREATION-TIME
0 test.backup backup 12567 sep/08/2004 21:07:50
[admin@AT-WR4562] >
To load the saved backup file test:
[admin@AT-WR4562] system backup> load name=test
Restore and reboot? [y/N]:
Y
Restoring system configuration
System configuration restored, rebooting now
3.1.2 The Export Command
Command name: /export
Description
The export command prints a script that can be used to restore configuration. The command can be
invoked at any menu level, and it acts for that menu level and all menu levels below it. The output can be
saved into a file, available for download using FTP.
Command Description
file=[filename] - saves the export to a file
Example
[admin@AT-WR4562] > ip address print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 10.1.0.172/24 10.1.0.0 10.1.0.255 bridge1
1 10.5.1.1/24 10.5.1.0 10.5.1.255 ether1
[admin@AT-WR4562] >
To make an export file:
[admin@AT-WR4562] ip address> export file=address
[admin@AT-WR4562] ip address>
To see the files stored on the router:
[admin@AT-WR4562] > file print
# NAME TYPE SIZE CREATION-TIME
0 address.rsc script 315 dec/23/2003 13:21:48
[admin@AT-WR4562] >
3.1.3 The Import Command
Command name: /import
Description
The root level command /import [file_name] executes a script, stored in the specified file adds the
configuration from the specified file to the existing setup. This file may contain any console comands,
including scripts. is used to restore configuration or part of it after a /system reset event or anything
that causes configuration data loss.
20 AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers
RouterOS v3 Configuration and User Guide
It is impossible to import the whole router configuration using this feature. It can only be used to import
a part of configuration (for example, firewall rules) in order to spare you some typing.
Command Description
file=[filename] - loads the exported configuration from a file to router
Example
To load the saved export file use the following command:
The command clears all configuration of the router and sets it to the default including the login name and
password ('admin' and no password), IP addresses and other configuration is erased, interfaces will
become disabled. After the reset command router will reboot.
Command Description
reset - erases router's configuration
Example
If the router has been installed using netinstall and had a script specified as the initial configuration, the
reset command executes this script after purging the configuration. To stop it doing so, you will have to
reinstall the router.
[admin@AT-WR4562] > system reset
Dangerous! Reset anyway? [y/N]: n
action cancelled
[admin@AT-WR4562] >
3.2 Software Version Management
Document revision: 1.4 (Tue Oct 18 12:24:57 GMT 2005)
Applies to: V2.9
3.2.1 General Information
Summary
To upgrade RouterOS to a more recent version, you can simply transfer the packages to router via ftp,
using the binary transfer mode, and then just rebooting the router.
This manual discusses a more advanced method how to upgrade a router automatically. If you have more
than one router then this can be useful.
Specifications
Packages required: system
License required: Level1
Submenu level: /system upgrade
AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers 21
RouterOS v3 Configuration and User Guide
Standards and Technologies: None
Hardware usage: Not significant
3.2.2 System Upgrade
Submenu level: /system upgrade
Description
This submenu gives you the ability to download RouterOS software packages from a remote RouterOS
router.
Step-by-Step
Upload desired RouterOS packages to a router (not the one that you will upgrade).
Add this router's IP address, user name and password to /system upgrade upgrade-package-source
on the router(s) you will be upgrading. This step will only be needed once, and you may continue using
the same package source in future to upgrade the router(s) again. See the next section for details.
Refresh available software package list /system upgrade refresh
See available packages, using /system upgrade print command
Download selected or all packages from the remote router, using the download or download-all
command
Property Description
name (read-only: name) - package name
source (read-only: IP address) - source IP address of the router from which the package list entry is
retrieved
status (read-only: available | scheduled | downloading | downloaded | installed) - package status
version (read-only: text) - version of the package
Command Description
download - download packages from list by specifying their numbers
download-all - download all packages that are needed for the upgrade (packages which are listed in the
/system package print command output)
refresh - updates currently available package list
Example
See the available packages:
[admin@AT-WR4562] system upgrade> refresh
[admin@AT-WR4562] system upgrade> print
# SOURCE NAME VERSION STATUS COMPLETED
0 192.168.25.8 routeros-x86 2.9.44 available
1 192.168.25.8 routeros-rb500 3.0 available
[admin@AT-WR4562] system upgrade>
To upgrade chosen packages:
[admin@AT-WR4562] system upgrade> download 1
[admin@AT-WR4562] system upgrade> print
# SOURCE NAME VERSION STATUS COMPLETED
0 192.168.25.8 routeros-x86 2.9.44 available
1 192.168.25.8 routeros-rb500 3.0 available
[admin@AT-WR4562] system upgrade>
22 AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers
RouterOS v3 Configuration and User Guide
In this submenu you can add remote routers from which to download RouterOS software packages.
Property Description
address (IP address) - source IP address of the router from which the package list entry will be retrieved
password (text) - password of the remote router
user (text) - username of the remote router
Example
To add a router, with username admin and no password, from which the packages will be retrieved:
[admin@AT-WR4562] system upgrade upgrade-package-source> add \
\... address=192.168.25.8 user=admin
password:
[admin@AT-WR4562] ystem upgrade upgrade-package-source> print
# ADDRESS USER
0 192.168.25.8 admin
[admin@AT-WR4562] system upgrade upgrade-package-source>
After specifying a remote router in '/system upgrade upgrade-package-source', you can type '/system
upgrade refresh' to refresh the package list and '/system upgrade print' to see all available packages.
The RouterOS is distributed in the form of software packages. The basic functionality of the router and
the operating system itself is provided by the system software package. Other packages contain
additional software features as well as support to various network interface cards.
Specifications
License required: Level1
Submenu level: /system package
Standards and Technologies: FTP
Hardware usage: Not significant
Description
Features
The modular software package system of RouterOS has the following features:
• Ability to extend RouterOS functions by installing additional software packages
• Optimal usage of the storage space by employing modular/compressed system
• Unused software packages can be uninstalled
• The RouterOS functions and the system itself can be easily upgraded
• Multiple packages can be installed at once
AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers 23
RouterOS v3 Configuration and User Guide
• The package dependency is checked before installing a software package. The package will not be
installed, if the required software package is missing
• The version of the feature package should be the same as that of the system package
• The packages can be uploaded on the router using ftp and installed only when the router is going for
shutdown during the reboot process
• If the software package file can be uploaded to the router, then the disk space is sufficient for the
installation of the package
• The system can be downgraded to an older version by uploading the needed packages to router via
FTP binary mode. After that, execute command /system package downgrade
3.3.2 Installation (Upgrade)
Description
Installation or upgrade of the RouterOS software packages can be done by uploading the newer version
of the software package to the router and rebooting it.
The software package files are compressed binary files, which can be downloaded from Allied Telesis web
site in th support section http://www.alliedtelesis.com/support/. The full name of the software package
consists of a descriptive name, version number and extension .npk, e.g. system-3.2.npk, routerboard-
3.2.npk. Package routeros-x86 contains all necessary packages for RouterOS installation and upgrading
for AT-WR456x Wireless Routers.
You should check the available hard disk space prior to downloading the package file by issuing /system resource print command. If there is not enough free disk space for storing the upgrade packages, it can
be freed up by uninstalling some software packages, which provide functionality not required for your
needs. If you have a sufficient amount of free space for storing the upgrade packages, connect to the
router using ftp. Use user name and password of a user with full access privileges.
Step-by-Step
• Connect to the router using ftp client
• Select the BINARY mode file transfer
• Upload the software package files to the router
• Check the information about the uploaded software packages using the /file print command
• Reboot the router by issuing the /system reboot command or by pressing Ctrl+Alt+Del keys at the
router's console
• After reboot, verify that the packages were installed correctly by issuing /system package print
command
The packages uploaded to the router should retain the original name and also be in lowercase.
The installation/upgrade process is shown on the console screen (monitor) attached to the router.
Before upgrading the router, please check the current version of the system package and the additional
software packages. The versions of additional packages should match the version number of the system
software package.
The version of the RouterOS system software (and the build number) are shown before the console login
prompt. Information about the version numbers and build time of the installed RouterOS software
packages can be obtained using the /system package print command.
3.3.3 Uninstallation
Command name: /system package uninstall
Description
Usually, you do not need to uninstall software packages. However, if you have installed a wrong package,
or you need additional free space to install a new one, you have to uninstall some unused packages.
24 AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers
RouterOS v3 Configuration and User Guide
If a package is marked for uninstallation, but it is required for another (dependent) package, then the
marked package cannot be uninstalled. You should uninstall the dependent package too. For the list of
package dependencies see the 'Software Package List; section below. The system package will not be
uninstalled even if marked for uninstallation.
Example
Suppose we need to uninstall security package from the router:
[admin@AT-WR4562] system package> print
Flags: X - disabled
# NAME VERSION SCHEDULED
0 routeros-rb500 3.0
1 system 3.0
2 X ipv6 3.0
3 ntp 3.0
4 wireless 3.0
5 dhcp 3.0
6 routing 3.0
7 routerboard 3.0
8 advanced-tools 3.0
9 hotspot 3.0
10 ppp 3.0
11 security 3.0
[admin@AT-WR4562] system package> uninstall security
[admin@AT-WR4562] > .. reboot
3.3.4 Downgrading
Command name: /system package downgrade
Description
Downgrade option allows you to downgrade the software via FTP without losing your license key or
reinstalling the router. It is not recommended to use older versions, however, if the newest version
introduced some unwanted behavior, you may try to downgrade. If you send a support question, you will
probably be asked to upgrade to the latest version.
Step-by-Step
• Connect to the router using ftp client
• Select the BINARY mode file transfer
• Upload the software package files to the router
• Check the information about the uploaded software packages using the /file print command
• Execute command /system package downgrade. The router will downgrade and reboot.
• After reboot, verify that the packages were installed correctly by issuing /system package print
command
Command Description
downgrade - this command asks your confirmation and reboots the router. After reboot the software is
downgraded (if all needed packages were uploaded to the router)
AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers 25
RouterOS v3 Configuration and User Guide
Example
To downgrade the RouterOS (assuming that all needed packages are already uploaded):
[admin@AT-WR4562] system package> downgrade
Router will be rebooted. Continue? [y/N]:
y
system will reboot shortly
You can disable packages making them invisible for the system and later enable them, bringing the system
back to the previous state. It is useful if you don't want to uninstall a package, but just turn off its
functionality. This will save the RAM and processor resources for other applications, but will not free the
diskspace used by the package files.
If a package is marked for disabling, but it is required for another (dependent) package, then the
marked package cannot be disabled. You should disable or uninstall the dependent package too. For the
list of package dependencies see the 'Software Package List; section below.
If any of the test packages will be enabled (for example wireless-test and routing-test packages, that are
included in routeros-x86.npk) system automaticly will disable regular packages that conflict with them.
Example
Suppose we need to test ipv6 package features:
[admin@AT-WR4562] system package> print
Flags: X – disabled
# NAME VERSION SCHEDULED
0 routeros-rb500 3.0
1 system 3.0
2 X ipv6 3.0
3 ntp 3.0
4 wireless 3.0
5 dhcp 3.0
6 routing 3.0
7 routerboard 3.0
8 advanced-tools 3.0
9 hotspot 3.0
10 ppp 3.0
11 security 3.0
[admin@AT-WR4562] system package> enable ipv6
[admin@AT-WR4562] system package> .. reboot
3.3.6 Unscheduling
Command name: /system package unschedule
Description
Unschedule option allows to cancel pending uninstall, disable or enable actions for listed packages.
Packages marked for uninstallation, disabling or enabling on reboot in column "schedule" will have a
note, warning about changes.
26 AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers
RouterOS v3 Configuration and User Guide
Example
Suppose we need to cancel security package uninstallation action scheduled on reboot:
[admin@AT-WR4562] system package> print
Flags: X – disabled
# NAME VERSION SCHEDULED
0 routeros-rb500 3.0
1 system 3.0
2 X ipv6 3.0
3 ntp 3.0
4 wireless 3.0
5 dhcp 3.0
6 routing 3.0
7 routerboard 3.0
8 advanced-tools 3.0
9 hotspot 3.0
10 ppp 3.0
11 security 3.0 scheduled for uninstall
[admin@AT-WR4562] system package> unschedule security
[admin@AT-WR4562] system package>
3.3.7 System Upgrade
Submenu level: /system upgrade
Description
This submenu gives you the ability to download RouterOS software packages from a remote RouterOS
router.
Step-by-Step
• Upload desired RouterOS packages to a router (not the one that you will upgrade).
• Add this router's IP address, user name and password to /system upgrade upgrade-package-
source on the router(s) you will be upgrading. This step will only be needed once, and you may
continue using the same package source in future to upgrade the router(s) again. See the next section
for details.
• Refresh available software package list /system upgrade refresh
• See available packages, using /system upgrade print command
• Download selected or all packages from the remote router, using the download or download-all
• command
Property Description
name (read-only: name) - package name
source (read-only: IP address) - source IP address of the router from which the package list entry is
retrieved
status (read-only: available | scheduled | downloading | downloaded | installed) - package status
version (read-only: text) - version of the package
Command Description
download - download packages from list by specifying their numbers
download-all - download all packages that are needed for the upgrade (packages which are listed in the
/system package print command output)
refresh - updates currently available package list
AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers 27
RouterOS v3 Configuration and User Guide
Example
See the available packages:
[admin@AT-WR4562] system upgrade> refresh
[admin@AT-WR4562] system upgrade> print
# SOURCE NAME VERSION STATUS COMPLETED
0 192.168.25.8 routeros-x86 2.9.44 available
1 192.168.25.8 routeros-rb500 3.0 available
[admin@AT-WR4562] system upgrade>
To upgrade selected packages:
[admin@AT-WR4562] system upgrade> download 1
[admin@AT-WR4562] system upgrade> print
# SOURCE NAME VERSION STATUS COMPLETED
0 192.168.25.8 routeros-x86 2.9.44 available
1 192.168.25.8 routeros-rb500 3.0 downloading 16 %
[admin@AT-WR4562] system upgrade>
In this submenu you can add remote routers from which to download the RouterOS software packages.
Property Description
address (IP address) - source IP address of the router from which the package list entry will be retrieved
password (text) - password of the remote router
user (text) - username of the remote router
After specifying a remote router in /system upgrade upgrade-package-source, you can type
/system upgrade refresh to refresh the package list and /system upgrade print to see all available
packages.
Example
To add a router with IP address 192.168.25.8, username admin and no password:
[admin@AT-WR4562] system upgrade upgrade-package-source> add \
\... address=192.168.25.8 user=admin
password:
[admin@-WR4500] system upgrade upgrade-package-source> print
# ADDRESS USER
0 192.168.25.8 admin
[admin@AT-WR4562] system upgrade upgrade-package-source>
3.3.9 Software Package List
Description
System Software Package
The system software package provides the basic functionality of the RouterOS, namely:
• IP address management, ARP, static IP routing, policy routing, firewall (packet filtering, content
• filtering,masquerading, and static NAT), traffic shaping (queues), IP traffic accounting, Neighbour
• Discovery, IP Packet Packing, DNS client settings, IP service (servers)
28 AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers
RouterOS v3 Configuration and User Guide
• Ethernet interface support
• IP over IP tunnel interface support
• Ethernet over IP tunnel interface support
• driver management for Ethernet ISA cards
• serial port management
• local user management
• export and import of router configuration scripts
• backup and restore of the router's configuration
• winbox server as well as winbox executable with some plugins
Additional Software Feature Packages
The table below shows additional software feature packages, extended functionality provided by them,
the required prerequisites and additional licenses, if any.
Allied Telesis distributes and supports the following packages only.
Package name Contents Prerequisites
advanced-tools
email client, pingers,
netwatch and other utilities
none none
Additional License
Call Content Connection
calea
(CCC) data retention server
for CALEA compliance
(Communications Assistance
none
none
for Law Enforcement Act)
dhcp
DHCP server and client
support
none
none
hotspot HotSpot gateway none any additional license
ntp
ppp
routerboard
network time protocol
support
support for PPP, PPTP,
L2TP, PPPoE and ISDN PPP
support for RouterBoardspecific functions and utilities
none none
none none
none none
routing support for RIP and OSPF none none
security
user-manager embedded RADIUS server
support for IPSEC, SSH and
secure WinBox connections
none none
none none
with web interface
AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers 29
RouterOS v3 Configuration and User Guide
Package name Contents Prerequisites Additional License
Support for wireless
wireless
interfaces with updated
Country Regulatory Domain
settings
none None
30 AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers
RouterOS v3 Configuration and User Guide
4 Configuring Interfaces
4.1 General Interface Settings
Document revision: 1.1 (Fri Mar 05 08:08:52 GMT 2004)
Applies to: V2.9
4.1.1 General Information
Summary
AT-WR4500 RouterOS supports a variety of physical and virtual interfaces (like Bonding, Bridge, VLAN
etc.). Each of them has its own submenu, but there is also a list of all interfaces where some common
properties can be configured.
Description
The Manual describes general settings of RouterOS interfaces.
4.1.2 Interface Status
Submenu level: /interface
Property Description
mtu (integer) - maximum transmission unit for the interface (in bytes)
name (text) - the name of the interface
type (read-only: arlan | bonding | bridge | cyclades | eoip | ethernet | farsync | ipip | isdn-client |
[admin@AT-WR4562] interface> print
Flags: X - disabled, D - dynamic, R - running
# NAME TYPE RX-RATE TX-RATE MTU
0 R ether1 ether 0 0 1500
1 R bridge1 bridge 0 0 1500
2 R ether2 ether 0 0 1500
3 R wlan1 wlan 0 0 1500
[admin@AT-WR4562] interface>
4.1.3 Traffic Monitoring
Command name: /interface monitor-traffic
Description
The traffic passing through any interface can be monitored.
Property Description
received-bits-per-second (read-only: integer) - number of bits that interface has received in one
second
received-packets-per-second (read-only: integer) - number of packets that interface has received
in one second
sent-bits-per-second (read-only: integer) - number of bits that interface has sent in one second
sent-packets-per-second (read-only: integer) - number of packets that interface has sent in one second
Loading...
+ 234 hidden pages
You need points to download manuals.
1 point = 1 manual.
You can buy points or you can get point for every manual you upload.