top of page

Mikrotik OS

 

CONFIGURE FILTER ON MIKROTIK ROUTEROS DEVICES
 

IMPORTANT: access Mikrotik with Winbox or Web access
Log into your routerboard (through Winbox or Web access – do not use SSH terminal).


NB: we will explain the procedure with Winbox example.

cc_guide_mikrotik_eng_01.png
cc_guide_mikrotik_eng_02.png
cc_guide_mikrotik_eng_03.png

1. CREATE THE SCRIPT


First of all you need to create a Script in this way:


» Go to [System] and click on [Scripts].
» In the window that opens click on symbol [+], under the [Scripts] button.
» Insert a name for the script, for example FlashStartScript.
» Leave the default policy.
» On the field Source copy and paste the following instruction:

:tool fetch url=”https://ddns.flashstart.com/nic/update\?username=USER&password=PASS”

Replace the credential as follow:
USER – Registration’s email.
PASS – Registration’s password.
IMPORTANT: if your password contains special characters such as $ or “, you must insert the symbol \ before each of those characters. For example if you have the password password123$ you have to change it in this way: password123\$\$. This is necessary otherwise the Mikrotik would see those characters as special.

» Click [OK] to save the changes.

Mikrotik_Guide2.png

2. SCHEDULE THE SCRIPT


After that you have to set a scheluder so that the script will run automatically. To do that proceed in this way:
 

  • Go to [System] and click on [Scheduler].

  • In the window that opens click on symbol [+], under the [Scheduler] button.

  • Insert a name for the scheduler, for example FlashStartScheduler.

  • Choose an interval to run the script, for example 5 minutes (time format must be hh:mm:ss, in this case it’s 00:05:00).

  • On the field On Event insert the same name of script you created before.

  • Click [OK] to apply the changes.

Mikrotik_Guide4.png

3. SET THE CLOUD FILTER DNS


At this point you need to set the following DNS with DHCP or manually in your computers and devices:
Primary DNS: 185.236.104.104
Secondary DNS: 185.236.105.105

Alternatively you can change the Content Filter DNSs on your Mikrotik and set the Mikrotik IP on the internal devices as the only DNS. To do that proceed in this way:
 

 

  • Go to [IP] and click on [DNS].

  • In the window that opens add respectively these IPs in the field Servers:

  • Primary DNS: 185.236.104.104

  • Secondary DNS: 185.236.105.105

  • Click on the [OK] button to save.

Mikrotik_DNS.png

IMPORTANT: If you see a private IP in the field Dynamic DNS of the DNS Settings, this means that the Mikrotik is taking DNS addresses in DHCP from another device (usually the router). To avoid this you need to open the [IP] menu and then click on [DHCP Client]. Double click on your DHCP configutation to open the propeties and uncheck the Use Peer DNS entry.
 

» Click then on the [OK] button to apply the changes.

Mikrotik_PeerDNSX.png

OPTIONAL: REDIRECTING DNS TO OUR SERVERS


You can create some rules with the goal of redirecting all DNS traffic to our Servers.


In this way you don’t need to change DNSs on internal devices or activate the DHCP Server.


To do that open the [IP] menu and then click on [Firewall] button. Then click to [NAT] tab and on [Add new] button, to create a new rule.

Mikrotik_Guide5.png

Configure the fields in this way:


» Enabled: Check the box.
» Chain: Select the dstnat voice.
» Protocol: Choose udp.
» Dst. Port: Type 53.
» In. Interface: Choose your internal interface. By default is bridge1.

Mikrotik_Guide6.png

» Action: Select dst-nat.
» To Address: Insert the address 185.236.104.104.
» To Port: Type the number of port choose before. By default is 53.
» Click OK to apply the new configuration.

Mikrotik_guide7XX.png

Now create another rule equal to the previous except for the field Protocol that must be tcp instead of udp.

Mikrotik_Guide8.png
bottom of page