AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers
143
RouterOS v3 Configuration and User Guide
There are two default profiles that cannot be removed:
[admin@rb13] ppp profile> print
Flags: * - default
0 * name="default" use-compression=default use-vj-compression=default use-
encryption=default only-one=default change-tcp-mss=yes
1
*
name="default-encryption"
use-compression=default
use-vj-
compression=default use-encryption=yes
only-one=default change-tcp-mss=yes
[admin@rb13] ppp profile>
Use Van Jacobson compression only if you have to because it may slow down the communications on
bad or congested channels.
incoming-filter
and
outgoing-filter
arguments add dynamic
jump
rules to chain
ppp
, where the
jump-target
argument will be equal to
incoming-filter
or
outgoing-filter
argument in
/ppp
profile
. Therefore, chain
ppp
should be manually added before changing these arguments.
only-one
parameter is ignored if RADIUS authentication is used.
If there are more that 10 simultaneous PPP connections planned, it is recommended to turn the
change-mss
property off, and use one general MSS changing rule in mangle table instead, to reduce
CPU utilization.
Example
To add the profile
ex
that assigns the router itself the
10.0.0.1
address, and the addresses from the
ex
pool to the clients, filtering traffic coming from clients through
mypppclients
chain:
[admin@rb13] ppp profile> add name=ex local-address=10.0.0.1 remote-address=ex incoming-
filter=mypppclients
[admin@rb13] ppp profile> print
Flags: * - default
0 * name="default" use-compression=default use-vj-compression=default
use-encryption=default only-one=default change-tcp-mss=yes
1 * name="default-encryption" use-compression=default
use-vj-compression=default use-encryption=yes only-one=default
change-tcp-mss=yes
2 name="ex" local-address=10.0.0.1 remote-address=ex use-compression=default
use-vj-compression=default use-encryption=default only-one=default
change-tcp-mss=default incoming-filter=mypppclients
[admin@rb13] ppp profile>
7.2.3
Local PPP User Database
Submenu level:
/ppp secret
Description
PPP User Database stores PPP user access records with PPP user profile assigned to each user.
Property Description
caller-id
(
text
; default:
""
) - for
PPTP
and
L2TP
it is the IP address a client must connect from. For
PPPoE
it is the MAC address (written in CAPITAL letters) a client must connect from. For
ISDN
it is
the caller's number (that may or may not be provided by the operator) the client may dial-in from
""
- no restrictions on where clients may connect from
limit-bytes-in
(
integer
; default:
0
) - maximal amount a client can upload, in bytes, for a session
limit-bytes-out
(
integer
; default:
0
) - maximal amount a client can download, in bytes, for a session
local-address
(
IP address
|
name
) - IP address or IP address pool name for PPP server
name
(
name
) - user's name used for authentication
password
(
text
; default:
""
) - user's password used for authentication
profile
(
name
; default:
default
) - profile name to use together with this access record for user
authentication
remote-address
(
IP address
|
name
) - IP address or IP address pool name for PPP clients