MikroTik Certified User Managment Engineer

schem_mtcume.jpg

Training Description:

MTCUME is second - engineering lever course from MikroTik In this training course students will learn how to use MikroTik features to manage user authentication in protocols like: PPPoE, PPTP or HotSpot. Information learned during this course may help ISP to authenticate own users to give access to network or to authenticate HotSpot Users on Captive Portal HotSpot Pages

Target audience:

  • Internet service providers
  • HotSpot Integrators
  • VPN system admins

Course prerequisites:

  • The student must have MTCNA certificate (expired ones are also acceptable)

Examination

  • After training student can attempt official MikroTik Exam and get MikroTik certificate

 

Training agenda:

PPP

  • PPP Profile detail by detail
    • Local and remote addresses
    • Incoming and outgoing filters
    • Address list
    • Change TCP-MSS
    • Use encryption
    • Session timeout
    • Rate-limit configuration
    • Only-one setting
  • PPP Secret
    • Service and Profile
    • Local and Remote address
    • Routes configuration
    • Limit Bytes In/Limit Bytes Out configuration
  • IP Pool
    • Set addresses ranges
    • Next pool options

PPTP, LT2P

  • PPTP and L2TP
    • Theory
    • Comparison
  • PPTP Client configuration
    • Client setup
    • Set profile
    • Dial on demand
    • Add default route and static routes
  • PPTP Server configuration
    • Enable server
    • Setup profiles
    • Add clients to PPP secret
    • Set static interfaces for clients
  • L2TP Client configuration
    • Client setup
    • Configure profile
    • Dial on demand
    • Add default route and static routes
  • L2TP Server configuration
    • Enable server
    • Set profiles
    • Add clients to PPP secret
    • Set Static interfaces for clients

PPPoE

  • PPPoE server and client
    • Theory
    • Usage environment
      • Comparison to other PPP protocols
  • PPPoE client configuration
    • Client setup
    • Select interface
    • Service name
    • Configure profile
  • PPPoE Server configuration
    • Enable PPPoE server
    • Set profiles
    • Add clients to PPP secret
    • Add Static interfaces for clients
    • Secure server by removing any IP address from PPPoE server interface
  • Encryption
    • Set profile without encryption
    • Set profile with encryption
    • Configure PPPoE client without encryption
  • Interface ECMP
    • Set ECMP routes for PPP interfaces

IPsec

  • Introduction
    • Theory and concepts
    • Comparison to other VPN protocols
  • IPsec Peer
    • Use different authentication methods
    • IPsec exchange modes
    • Encryption and hash algorithms
    • NAT-Traversal
    • Lifetime and lifebytes
    • DPD protocol
  • Policy
    • IPsec protocol and action
    • Tunnels
    • Generate dynamic Policy
  • Proposal
    • Encryption and authentication algorithms
    • Lifetime
    • PFS
  • Installed-SA
    • Flush SA
  • Create IPsec between two routers with NAT
    • Set peer
    • Set policy
    • Set NAT rules
    • Confirm the secure link is established

HotSpot

  • Introduction
    • Concepts
    • Usage environments
    • Setup HotSpot with default settings
  • HotSpot Login Methods
    • HTTP CHAP/PAP
    • MAC
    • Cookie
    • HTTPS
    • Trial
    • RADIUS
  • Users
    • Add users
    • Set MAC-address for user
    • Set MAC-address for username
    • Limit Uptime and Limit Bytes In/Out
    • Reset limits for user
  • Monitor Users
    • Host Table
    • Active Table
    • SNMP for users
  • Profile
    • Keepalive timeout
    • Shared users
    • Rate-Limit
    • Address-list
    • Incoming/Outgoing filter
    • Incoming/Outgoing Packet Mark
  • Bypass HotSpot
    • Walled garden
    • Walled garden IP
    • IP binding
  • Customize HotSpot
    • Advertisement
    • Customize pages

RADIUS

  • RADIUS client
    • Add radius client
    • Set service
    • Use RADIUS for the specific service
  • RADIUS server
  • User manager
    • Install the latest user-manager
    • Add routers
    • Add users
    • Set profile
  • RADIUS incoming