Commands for Mikrotik

We enter the Mikrotik console.

And if it is from Windows, we go to start, in, run and we typetelnet://192.168.0.1o
you can also click heretelnet://192.168.0.1
it asks us for a username and password

The console will open in this way and there we will execute our commands.

Press the TAB key twice, we can see the list of main options:

ip address
To see the IPs on our Mikrotik

From this, we rescue the PRINT command, which displays data, lists
settings, in this case the IP settings.
We can see in the command result under the # sign column the numbers that are
are called IDs and are used to identify each entry, next to the '1' we see an 'X' that
It means that this IP is configured but Disabled: Flags: X - disabled, I - invalid,
D - dynamic.

]> ip proxy to configure the proxy, to see the options press the Tab key

Then we press the tab key, it will give us:

accounting dhcp-client dns ipsec pool service traffic-flow
address dhcp-relay firewall neighbor proxy socks upnp
arp dhcp-server hotspot packing route tftp export

It gives us the available options.

print shows what there is

pr equal to print

exit the login

returns to its origin or root

To go back a directory

The redo command is used to reverse a change.

Undo to view the history

system shutdown turns off the system

system reboot restarts the system

interface to see the installed interfaces

ping to make a network query

Setup to make a basic system configuration, configure IP, gateway, among others
others,

password to change the password

To add a user, (full) total administrative permissions,

read-only permissions

Change to the users directory, to view the users we type print

System name
Here is the example of system name configuration:
UGEL Acomayo - Acomayo -
Cusco

WPA/2 Security
Here is the example of WPA/2 security configuration:

[admin@MikroTik] /interface wireless security-profiles> add

willay
passthrough group-ciphers=aes-ccm mode=dynamic-keys
aes-ccm
XXXXXXXXXXXX

At each point of the network, security is configured at the link layer WPA and WPA2.
Since TLS certifications are not used for authentication, the eap-method is
configure as passthrough, which means that the process is trusted
identification on the RADIUS server if it exists. Both the unicast data and
broadcast uses the aes-ccm protocol for encryption, which is much more secure than
tkip. The mode in dynamic-

] /interface wireless> set wlan1 acktimeout=

dynamic antenna-mode=ant-a band=5ghz basic-ratesa/
6Mbps
mode=station rate-set=configured security-profile=willay
WILLAY15
25 tx-power-mode=card-rates

To see graphically, just click on

192.168.0.1/graphs/

]> log
log>pr to see log
real-time follow log
to exit Ctrl + C

system resource

to see every second

]system resource>pr interval=1s
press 'Q' to exit

]> ip firewall filter

To see several options, we press the Tab key:
Firewall rule, let's assume now that we need to block TCP port 23 for
all hosts except for the network 10.10.128.0/24 on the LAN inbound interface:
We write add and see all the options we have for a firewall rule, let's go
to use only a few.
An example from the pageThe provided text is a URL and does not contain translatable content.
Code: Select all
[admin@Tests] ip firewall filter> add chain=forward
protocol=tcp dst-port=23 src-address=!10.10.128.0/24 in-
lan [admin@Tests] ip firewall filter>
print Flags: X - disabled, I - invalid, D -
dynamic 0 chain=forward in-interface=lan src-
!10.10.128.0/24
action=accept [admin@Tests] ip firewall filter>

PPP active
To see the connected pppoe clients

] > ip firewall filter print count-only

> ip firewall connection print count-only

pinging a host
to exit we press Ctrl + C

ssh 192.168.0.1 To SSH into a device

] > system telnet 192.168.0.1

tool mac-telnet 00:15:F9:36:C2:XX access another RouterOS on the network by MAC:

add adds users or IP to the interface

Example
>user
]user> add
provider
Site Administrator
Mensajes:71
Registered: Sat, Nov 20, 2010, 09:04

System Resets used to delete all the router's configuration. Before doing this,
It can be useful to create a backup file for the configuration.
let's create a backup in our system with the manual of
http://wiki.mikrotik.com/wiki/Configuration_Management_Spanish
[admin@MikroTik] system backup save name=test
Configuration backup saved
[admin@MikroTik] system backup

to see that the backup was made with the name test.backup
[admin@MikroTik] file
[admin@MikroTik] file>pr

Load the saved reservation file test:

[admin@MikroTik] system backup> load name=test
Restore and reboot? [y/N]: y

To see the Drivers supported by our version of Mikrotik

[admin@MikroTik]system resource pci>

[admin@MikroTik]system resource pci>show

To upload a script in the directory

[admin@MikroTik]system script>

To make a file export

[admin@MikroTik] ip address> export file=address
[admin@MikroTik] ip address>

HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH
BASIC CONSOLE COMMANDS GUIDE
Well, as I promised you, a mini guide with the most important commands and combinations.
common for the console.
What importance does it have? For example: our RB died and we cannot access it via Winbox, neither by IP nor
through MAC, then we connect a serial cable and we can gain access via command line
to try to solve the problem, or in a less extreme case we could meet with
a PC with RouterOS and no working port with Windows or Linux where we can run
a Winbox to access its configuration, then we would have to use the console to be able to
do it. It is also good to know that there are commands or options in the console that are not
reflected in the Winbox interface, so to configure them we must use the console for sure.

When we talk about a console, we refer to a command interpreter; it is an interface in mode

text that is waiting for orders to be entered through the keyboard (forget about the mouse,
many colors and 3D), those who have ever used any Unix-based system know very well about
What I talk about, some hate it, others are fanatics, in my case, I always use Winbox whenever I can.
but when it comes to using the console I do it without problems and that is what I am going to try to
demonstrate to them in this guide.

For this example, we are going to use a program called PuTTY (Open Source, free) that is
available for all operating systems, or at least most of them.
PuTTY functions as a client that connects to a server that can be TELNET or SSH (in
our case). The first is an old service that is still being used to perform
remote connections and obtain a 'virtual' or 'emulated' console in such a way that it would be the same
What typing the data while sitting in front of the PC is that we are connecting. The disadvantage of
this service means that no type of encryption is applied to the transmitted data
security, meaning that any kid who is watching the traffic on our network could see everything
what we entered. To confront this issue, SSH (Secure Shell) emerged, whose objective
it's the same but with advanced encryption techniques, so we can be sure
making a connection of this type. So we are going to use PuTTY for our example and
SSH connections (PuTTY allows you to choose the type of connection you want)

They download it from here:http://www.chiark.greenend.org.uk/~sgta ... nload.html

What data do we need to access via console?

The IP of the device we want to access
A user
A password

So we download PuTTY and run it:

In this case, my test RouterOS is the one at IP 10.10.128.128, there you enter the
IP of your server.
In connection type, we use SSH and the default port for this type of connection is TCP port 22.
If we want to save that data so we don't have to enter it again, we assign a
name in "Saved sessions" and then a click on "Save".
We click on 'Open' to establish the connection.

The first time we log in, a message pops up that we click 'Yes'.

Then a window opens with a black background (by default) with a message that says 'login as: '
here where we need to enter the username (It's the same data we use for Winbox),
we confirm with an enter and then we enter a password which will not be displayed in
screen nor the number of characters entered. We confirm again with an enter.
Finally we get our beloved console : )
There it is, waiting for us to enter something... think that the most sophisticated systems and
world complexes such as routers, servers, telephone exchanges, production robots in
series, etc, etc, use a simple command line for their programming.

Now let's go with the most used and necessary commands (we always use lowercase in the
console):
This means that we are at the top level of the tree or the
menu. If the TAB key is pressed twice in a row, we can see the list of main options:

Code:

certificate file ip password ppp radius setup

system user
driver import isdn-channels ping queue redo snmp
tool
export interface log port quit routing special-
login undo
[admin@Tests] >
As you can see, it's almost the same as the button column we have in Winbox.

For example, we want to see the IP addresses that we have configured:

Code:
ip address print
Flags: X - disabled, I - invalid, D - dynamic
ADDRESS NETWORK BROADCAST INTERFACE
0 10.10.128.128/24 10.10.128.0 10.10.128.255 lan
1 X 192.168.100.120/23 192.168.100.0 192.168.101.255 lan
[admin@Tests] >
From this, we rescue the PRINT command, which displays the data, lists
configurations, in this case the IP configurations.
We can see in the command result under the # sign column the numbers that are
They are called IDs and serve to identify each entry, next to the '1' we see an 'X' which means
saying that this IP is configured but Disabled: Flags: X - disabled, I - invalid, D - dynamic.

Let's assume that now we want to see what the IP menu offers us:

Code:

[admin@Tests] > ip
[admin@Tests] ip>(press TAB twice in a row)
accounting dhcp-client dns hotspot packing route telephony
vrrp
address dhcp-relay export ipsec pool service traffic
flow
arp dhcp-server firewall neighbor proxy socks upnp
[admin@Tests] ip>
So what we get would be what we see when we expand the options we see in Winbox.
When we click the IP button in the menu. Is it making sense?
Now we will enter the proxy configuration:

Code:
[admin@Tests] ip> proxy
[admin@Tests] ip proxy> print
no
0.0.0.0
port: 8080
0.0.0.0:0
cache-drive: (unknown)
webmaster
none
unlimited
no
 maximal-client-connections: 1000
maximal-server-connections: 1000
4096KiB
3d
[admin@Tests] ip proxy>
And now let's see what options we have in the proxy menu:

[/code][admin@Pruebas] ip proxy>(TAB TAB)

access check-drive connections edit format-drive inserts monitor set
clear cache direct export get lookups print
[admin@Tests] ip proxy>[/code]

Come? It's the same as we would see graphically in Winbox.

At this point we are at [admin@Tests] ip proxy>

Let's assume we want to return to the root or main menu:

Code:

/
[admin@Tests] >
So with the '/' we go back to the root

Another way:

Code:

admin@Tests] ip proxy> ..
..
[admin@Tests] >
NOTE: We can use the TAB key while typing the name of the menus or options to
complete the word, for example: if we write in the main menu:

Code:

[admin@Tests] > syst(TAB)

We obtain:
[admin@Tests] > system
With this, we conclude that by entering ".." we go back one by one in the menus.
options.

Well, so far we already know how to navigate the menus and list configurations.

Let's now look at the options we have or what we can do with a rule that is already in place.
created:
We use a firewall filter, for that we have to go there:

Code:
[admin@Tests] > ip firewall filter
[admin@Tests] ip firewall filter> print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=input protocol=icmp action=accept
[admin@Tests] ip firewall filter>
There we see the rule with ID 0 that blocks the incoming ping on the input chain.
Let's suppose we want to ask a friend about this rule and he asks us to pass it to him.
code for you to see, then we do the following:

Code:

[admin@Tests] ip firewall filter> export from=0

Jul/16/2010 10:11:07 by RouterOS 2.9.27
9X0H-PLT
#
/ ip firewall filter
add chain=input protocol=icmp action=accept comment="" disabled=no
[admin@Tests] ip firewall filter>
So the export command returns all the configuration of the Firewall Filter in mode of
code, if our friend copies this code and pastes it into their console, the rule will automatically be
configure on your equipment, as well as a script, the rule in code would be this:

Code:
/ ip firewall filter
add chain=input protocol=icmp action=accept comment="" disabled=no
The command modifier 'from=' selects 'What to export', in this case
we export the rule with ID 0, the export command alone returns ALL the configuration, which means that
If we have 50 rules, it will be quite an extensive code.

Now our friend tells us that to block ping in the input chain we should change the
value action=accept for action=drop, we would do it like this:

Code:

ip firewall filter> print

Flags: X - disabled, I - invalid, D - dynamic
0 chain=input protocol=icmp action=accept
set 0 action=
accept add-dst-to-address-list add-src-to-address-list drop jump log
passthrough reject return tarpit
[admin@Tests] ip firewall filter> set 0 action=accept
First we use PRINT to know which rule number corresponds to it, then with the command
We say that we are going to set a value for the ACTION field of rule 0, so
we write:
[admin@Tests] ip firewall filter> set 0 action=
And we press TAB twice to see what options can be configured for the ACTION field, to
doing it returns us:
accept add-dst-to-address-list add-src-to-address-list drop jump log passthrough reject return
tarpit
What we are interested in is blocking it, so we write 'dr' after the equal sign and press TAB to
complete the word drop or we write it all by hand:

Code:

set 0 action=drop
We confirm with enter and view the new configuration:

Code:

[admin@Tests] ip firewall filter> print

Flags: X - disabled, I - invalid, D - dynamic
0 chain=input protocol=icmp action=drop
[admin@Tests] ip firewall filter>
We can see that it indeed remained as action=drop.

Another way to do it is with the EDIT command, as follows:

We visualize the ID: (even though we already know it)

Code:

print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=input protocol=icmp action=accept
And we edit the ACTION value of rule 0

Code:

[admin@Tests] ip firewall filter> edit 0

We press enter and it says:
value-name
We entered:
action
A simple editor opens with the assigned value, we delete, write the new command and
we save with Ctrl+O or exit with Ctrl+C
Let's print it out to see how it turned out:

Code:

[admin@Tests] ip firewall filter> print

Flags: X - disabled, I - invalid, D - dynamic
0 chain=input protocol=icmp action=drop
[admin@Tests] ip firewall filter>
To disable a rule:
We do a print, we get the ID and write:

Code:
[admin@Tests] ip firewall filter> set 0 disabled=yes
To enable it:

Code:

[admin@Tests] ip firewall filter> set 0 disabled=no

To delete it:

Code:

[admin@Tests] ip firewall filter> remove 0

To move rules: (Always list the rules first with print, it is necessary for the system)

Code:

[admin@Tests] ip firewall filter> move 5 0

That tells it to move the rule with ID 5 to position 0, so rule 0 will then shift down.
to leave the one who was 5 in her place.

Perfect, we add edit, set, enable, disable, delete, and move to what has been learned.
rules.

HOW TO ADD RULES:

The ADD command comes into play.

For example, we want to add an IP to an interface that does not have one:
Let's go to IP ADDRESS:

Code:

admin@Tests] ip address>
[admin@Tests] ip address> print
Flags: X - disabled, I - invalid, D - dynamic
ADDRESS NETWORK BROADCAST INTERFACE
[admin@Tests] ip address>
We see that it has no ID, therefore there is nothing configured, we are going to add the IP.
10.10.128.128 with mask 255.255.255.0:

Code:

[admin@Tests] ip address> add address=10.10.128.128/24 interface=lan

If we press TAB TAB after interface=, we will see the available interfaces, in this case it's lan.
We accept the rule with one enter.
and we visualize with print:
Code:

[admin@Tests] ip address> print

Flags: X - disabled, I - invalid, D - dynamic
ADDRESS NETWORK BROADCAST INTERFACE
0 10.10.128.128/24 10.10.128.0 10.10.128.255 lan
[admin@Tests] ip address>
We see that by default the IP is already enabled and the broadcast and network are completed solely based on it.
to the mask (/24) and the IP (10.10.128.128)
We already have an IP assigned in the system!

Let's take a more complex example with some firewall rules, let's assume now that
we need to block TCP port 23 for all hosts except for the network 10.10.128.0/24
in the LAN input interface:
We write add and see all the options we have for a firewall rule, let's go to
use only a few, so:

Code:

add chain=forward protocol=tcp dst-

port=23 src-address!=10.10.128.0/24 in-interface=lan
[admin@Tests] ip firewall filter> print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=forward in-interface=lan src-address=!10.10.128.0/24
protocol=tcp dst-port=23 action=accept
[admin@Tests] ip firewall filter>
In each value, we can press TAB to see the options and complete words.

OTHER USEFUL COMMANDS

To see the log:

Code:

[admin@Tests] > log print

Jul/02 09:07:38 system,info disabled web-proxy-2.9.27
Jul/02 09:07:39 system,info enabled webproxy-test-2.9.27
Jul/02 09:07:39 system,info router rebooted
Jul/02 09:07:56 system,info,account user admin logged in from
10.10.128.194 via winbox
Jul/02 09:07:56 system,info,account user admin logged in from
10.10.128.194 via telnet
Jul/02 09:09:08 system,info,account user admin logged out from
10.10.128.194 via telnet
Jul/02 09:10:42 system,info the proxy access rule added by admin
Jul/02 09:10:50 system,info the proxy access rule removed by admin
Jul/02 09:32:02 system,info,account user admin logged out from
10.10.128.194 via winbox
Jul/08 13:56:11 system,info,account user admin logged in from
10.10.128.194 via winbox
Jul/08 13:56:17 system,info,account user admin logged out from
10.10.128.194 via winbox
Jul/11 09:18:31 system,info,account user admin logged in from
10.10.128.194 via winbox
Jul/11 09:37:44 system,info,account user admin logged out from
10.10.128.194 via winbox
09:12:29 system,info,account user admin logged in from 10.10.128.194 via
ssh
10:05:07 system,info filter rule added by admin
10:22:06 system,info filter rule changed by admin
10:41:04 system,info filter rule removed by admin
10:56:11 system,info filter rule added by admin
[admin@Tests] >
To view the log and follow it in real time:

Code:

[admin@Tests] > log print follow

To visualize the resources every second:

Code:

[admin@Tests] > system resource print interval=1s

interval=1s makes the print execute every 1 second, we exit with Ctrl+C

To see the connected PPPoE clients

Code:

[admin@Tests] > ppp active print

To count the pppoe clients or count rules:

Code:

Print the count of active PPP connections.

[admin@Tests] > ip firewall filter print count-only
[admin@Tests] > ip firewall connection print count-only
etc...

To ping a host:

Code:

[admin@Tests] > ping 10.10.128.1

10.10.128.1 64 byte ping: ttl=64 time=2 ms
10.10.128.1 64 byte ping: ttl=64 time=1 ms
10.10.128.1 64 byte ping: ttl=64 time=1 ms
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 1/1.3/2 ms

To SSH into a machine on the network or the internet:

Code:

[admin@Tests] > system ssh 10.10.128.1

(It can only be done with the admin user, it does not allow changing the login to root, for example)

To Telnet to a device on the network or the internet:

Code:

[admin@Tests] > system telnet 10.10.128.1

Here we can specify the user, remember that it is not a secure connection.

To access another RouterOS on the network via MAC:

Code:

[admin@Tests] > tool mac-telnet 00:15:F9:36:C2:XX

(If we press TAB TAB when entering the MAC, we see which ones we can access)

With that, you can now set up a RouterOS from the console without any problems, I hope it's helpful.
very useful, anything else you want to know that is not covered ask it here
same. Greetings!

JJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJ

2. [Console Mode] Learning to use the SCRIPTS - General Commands

(shortcut keys)
As we saw in the previous post, if we have logged in correctly, Mikrotik will give you a
welcome message

Code:
MikroTik v5.18
Login

MMM MMM KKK TTTTTTTTTTT KKK

MMMM MMMM KKK TTTTTTTTTTT KKK
MMM MMMM MMM III KKK KKK RRRRRR OOOOOO TTT III KKK
KKK
MMM MM MMM III KKKKK RRR RRR OOO OOO TTT III KKKKK
MMM MMM III KKK KKK RRRRRR OOO OOO TTT III KKK
KKK
MMM MMM III KKK KKK RRR RRR OOOOOO TTT III KKK
KKK
 MikroTik RouterOS 5.18 (c) 1999-2012 http://www.mikrotik.com/

Hierarchy

In terminal mode (prompt) it allows us to configure the router using text commands.
These commands are set within each selected level. Generally, it is better to
explain with an example:

Normally one enters the ARP table via winbox this way:

but through the console or terminal we can also enter in the same way,
we simply write IP-->ARP-->:

Code:

[admin@MikroTik] >
[admin@MikroTik] >ip
[admin@MikroTik]/ip>arp
[admin@MikroTik]/ip arp>
But you will ask, where is the ARP little box?
Well, that's why this post is called 'general commands', to be able to know which commands are
They can write only we have to type the symbol '?' (question mark)
This symbol will be a very helpful element since if we don't know something while writing, it will tell us.
What options exist at the level we are at.

Code:

admin@MikroTik]/ip arp> ?
Once we have typed that letter, the options will appear.

Code:
[admin@MikroTik]/ip arp>
Address Resolution Protocol is used to map IP address to MAC layer
address. Router has a table of
currently used ARP entries. Normally the table is built dynamically, but to
increase network security, s
c entries can be added.

..-- go up to ip
add-- Create a new item
comment-- Set comment for items
disable-- Disable static ARP entry
edit--
enable-- Enable static ARP entry
Export-- Print or save an export script that can be used to restore
configuration
Find items by value
get-- Gets value of item's property
print-- Print values of item properties
Remove item
set-- Change item properties

[admin@MikroTik]/ip arp>
As you can see, there is an option called print. With this option we can 'print'.
say show in text the ARP table that appeared in winbox

Code:
[admin@MikroTik]/ip arp>print
Flags: X - disabled, I - invalid, H - DHCP, D - dynamic
ADDRESS MAC ADDRESS INTERFACE
0 192.168.1.55 B0:48:7A:AA:67:EFLAN
1 192.168.1.169 00:1D:0F:F7:48:A2 LAN
2 192.168.1.54 B0:48:7A:0F:F7:48LAN
3 192.168.1.71 00:23:CD:F4:EC:D3LAN
4 192.168.1.8 00:11:5B:00:23:CDLAN
192.168.1.198
192.168.1.181
7 192.168.1.180 00:23:CD:D8:94:CF LAN
8 192.168.1.89 D8:94:CF:F7:42:65LAN
9 192.168.1.205 C0:D5:21:F4:EC:D3 LAN
192.168.1.206
192.168.1.182
12 192.168.1.1 00:06:5B:96:DD:FC LAN
13 192.168.1.7 74:EA:3A:FF:38:D9LAN
14 192.168.1.2 F4:EC:D3:C0:D5:21LAN
-- [Q quit|D dump|down]
Well then, let's move forward by explaining some 'shortcuts' (hotkeys) and then explain
the general commands that are associated with Mikrotik

We have reduced the number of commands so we don't get lost, let's first observe the most...
The purpose of this forum is aimed at being able to use Mikrotik with few
knowledge in networks so we hope for your understanding

Shortcut keys

F1 or the letter?
It shows us the help in the context in which it may be working (whether in interfaces or in the area
of the IP, etc.). It is placed after the command to query.
Example:

Code:

[admin@MikroTik] > ?

driver-- Driver management

file-- Local router file storage.
import-- Run exported configuration script
interface-- Interface configuration
ip-- IP options
System logs
password-- Change password
ping-- Send ICMP Echo packets
port-- Serial ports
queue-- Bandwidth management
quit-- Quit console
Radius client settings
Redo previously undone action
routing-- Various routing protocol settings
system-- System information and utilities
tool-- Diagnostics tools
Undo previous action
user-- User management
while-- executes command while condition is true
export-- Print or save an export script that can be used to restore
configuration
Control-C
Interrupt the command we are trying to execute.

Two points '..'

This serves to be able to lower the level at which one is working, an example of this could be that
we are configuring the mangle and we need to exit the IP-->ARP-->MANGLE level to be able to go to the
global level.
Code:
[admin@MikroTik]/ip firewall mangle>..
..
..
[admin@MikroTik] >
It is very helpful when we want to move from one level to another level but a bit cumbersome if
we want to go to the most general level. For this we use the key '/'

Key '/'

We use it in two ways, the first to exit a level. Using the previous example, we had
I needed to write three times '..' to go back to the base level, but thanks to the key / it is enough.
with writing it so I can go straight to the point.

Code:
[admin@MikroTik]/ip firewall mangle>/

The other way to use it is by jumping from one level to another level.
Normally we would do this if we want to go from one level to another, (helping ourselves with the letters '..')

Code:
[admin@MikroTik]/ip firewall>mangle
[admin@MikroTik]/ip firewall mangle>..
[admin@MikroTik]/ip firewall>..
[admin@MikroTik]/ip>..
[admin@MikroTik] >
[admin@MikroTik] >interface
[admin@MikroTik]/interface>
[admin@MikroTik]/interface>ethernet
[admin@MikroTik]/interface ethernet>
But thanks to the letter '/', it becomes easier.

Code:
[admin@MikroTik]/ip firewall mangle>/interface ethernet
[admin@MikroTik]/interface ethernet>
The TAB key
This letter will help us complete the syntax in the commands while typing.
word you will see changes from a black color to either a blue, green, or fuchsia color and this is
because Mikrotik recognizes some commands automatically and to avoid typing
we just have to press TAB
It will continue...