While doing my CCIE studying I configured an old 2509 I had to act as a frame relay switch. This is more or less just a quick dump of my config for posterity 
IOS version c2500-i-l.121-27b.bin
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 | frame-relay switching ! interface Serial0 description *DCE serial connection to 1 no ip address encapsulation frame-relay clockrate 56000 frame-relay intf-type dce frame-relay route 101 interface Serial1 102 frame-relay route 103 interface Serial1 104 ! interface Serial1 description *DCE serial connection to 2 no ip address encapsulation frame-relay clockrate 56000 frame-relay intf-type dce frame-relay route 102 interface Serial0 101 frame-relay route 104 interface Serial0 103 |
To use a USB drive with your Mikrotik you need to: insert it, format it…and that’s about it.
/system store - drive inserted.
Highlight it and click format...this is getting difficult.
Done.
There it is in the files menu.
As of ROS V 5.12 SMB support was added to Mikrotik.
By default you now have a /pub folder in your file list. In the SMB settings there is now a default share of /pub.
[admin@MikroTik] /ip smb> print
enabled: no
domain: MSHOME
comment: MikrotikSMB
allow-guests: yes
interfaces: all[admin@MikroTik] /ip smb> .. -- go up to ip edit -- export -- Print or save an export script that can be used to restore configuration get -- Gets value of item's property print -- Print values of item properties set -- Change item properties shares -- users --
As you can see by default the service is disabled, guests are allowed to connect, and all interfaces have sharing access.
/IP SMB - Default settings enabled.
Users - Adding new users and or disabling the guest user.
Share - This allows you to share specific folders. You can see how it corresponds in the file listing.
Connect via windows
Well well well, lookie there =)
SMB Firewall Rules:
SMB uses a combination of TCP and UPD ports. Here are a few firewall rules that will protect access:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 | /ip firewall filter
# Allow winbox in for sure ;)
add action=accept chain=input disabled=no dst-port=8291 protocol=tcp
# Allow established and related into your router
add action=accept chain=input connection-state=established disabled=no
add action=accept chain=input connection-state=related disabled=no
# Here are the TCP/UDP ports necessary for SMB. Using address-list smb-allow to grant access.
add action=accept chain=input disabled=no dst-port=137-138 protocol=udp \
src-address-list=smb-allow
add action=accept chain=input disabled=no dst-port=137,139 protocol=tcp \
src-address-list=smb-allow
# Block everything else.
add action=drop chain=input disabled=no
# The address list for access to the SMB.
/ip firewall address-list
add address=1.1.1.1 disabled=no list=smb-allow |
Now, map your USB hard drive or USB thumb drive. This could be used as a great little file share system. Perhaps I’ll test throughput via an X86 with an extra HD installed. See if I can stream video 
. I think this could also be used as an alternate method to backup your configs/update hotspot files. What do you guys think?
What’s new in 5.12 (2012-Jan-19 14:31):
*) console – allow to specify blank interval on x86 screens;
*) console – changed ‘password’ command, now can be used from scripts and api;
*) winbox – reorganized window layout to match console better;
*) ssh – fixed interoperability problem with psftp based clients;
*) implemented simple SMB (windows file sharing) server;
Wait wait wait…SMB server?!?!?! Does this mean we can use a USB HD and dump to the Mikrotik? Can I script SMB operations? I LOVE THIS UPDATEEEEEEEE!!!!!!!!!!
*) fixed ovpn-client – client stopped working if it was enabled/disabled at wrong time;
*) fixed ipv6 – ipv6 neighbor discovery stopped working when
interface arp setting wasn’t set to enabled;
*) console – minor fixes and improvements;
*) console – added support for compact export;
*) hotspot – added login redirect through http status 302;
*) leds – added default configuration for R5SHPn wireless card;
*) ppp – fixed problem were remote-ipv6-prefix was not given to user if remote-ipv6-pool was
provided;
*) winbox, webfig – sort ethernet interfaces properly when more than 10 exist;
*) added QuickSet to RBSXT, RB411, RB711;
*) user manager – command to create and assign user profile from console;
*) added support for LTE modems (cdc ethernet type);
*) fix gre tunnels on x86 and other little endian machines;
I’ve just noticed a bug. On my 751U when you reset and click the “remove default config” button, it doesn’t seem to remove it…hehe. Not toooooo big an issue, but annoying none the less.
I keep a VMWare server at the house to mock up configs on. I love being able to ramp up and down to test as many routers at once as I like. While working on an VRRP implementation recently I hit a small problem…it wouldn’t work! I made a little video outlining the problem and the solution:
More information on VMWare Promiscuous mode is here.
Thanks and happy virtualizing!
I CAN’T belive how easy this was…Just crazy.
Basically, you enter vSphere and expand the HD.
Enter the server’s disk management and refresh.
Click expand on the drive you want to expand, click next a couple of times…and you are DONE!
Just follow these quick and easy steps here on petri.co.il.
First things first, enable SSH access on your device.
Some of the basic configs are easy to understand like the bridge connection and hostname…others not so much. The best thing to do is that if you can only gain SSH access to a remote device and aren’t able to connect via the web, then:
The config file is located at “/tmp/system.cfg”. To edit the file, use VI.
vi /tmp/system.cfg
Once you have edited your config file, you must save it to flash:
cfgmtd -f /tmp/system.cfg -w
Once you have saved it you can reboot by issuing the “reboot” command or you can do a soft apply:
/usr/etc/rc.d/rc.softrestart save
