Network and Hotspot Login Configuration

with Mikrotik Routerboard

Clara Regina Caeli Lilianth Sandinata

Computer and Network Engineering
SMK Telkom Bandung
Bandung, Indonesia
[email protected]

Abstract Technology Transfer. Vocational schools that prepare the

students to be ready to compete inside the industrial
world through a Competency Test or also known as the
Skill Competency Test or often reffered to Uji Expertise Competency or often reffered to UKK.
Kompetensi Keahlian (UKK) is part of the Government’s
intervention is ensuring the quality of education in The study period for students at the SMK level is
Vacational High School education units or often reffered carried out for three to four years. Vocational High
to Sekolah Menengah Kejuruan (SMK). The School that applies a four-year study period, which is
implementation of UKK aims to mesure the achievement divided into three years of study at school and one year
of student competencies at certain level according to the in the industry of the related majors.
Expertise Comptencies taken during the learning period
in SMK. UKK is implemented by the education unit in Education providers are divided into two, namely
the form of practical exam that tests aspects of public and private. There are several majors that are
knowledge, skills, and attitudes in one event. usually of interest to prospective vocational students,
including the Department of Multimedia, Animation,
There are 3 categories of tests that students take for Administration, Accounting, Pharmacy, Tourism,
UKK namely written test, spoken test, and practice test. Shipping, Mechanical Engineering, Catering, Electrical,
For spoken test, students will be asked about what they etc.
did during the practice test. For written test is containing
the theories about the material taught during the practice
for the practical test. For practice test, students must do
A. Problem Identification
the assignments given by the examiner. The assignments
The problem is to configure Wifi Routerboard
is talk about network and login hotspot configuration,
(MikroTik RB-941 Series) as an internet gateway,
blocking site, DHCP, Static DNS, Firewall and blocking
DHCP server, Web Proxy and firewall. The internet
file. Hopefully, through this Competency Test, all
distributed to clients via cable and wireless (hotspot
students will be able to demonstrate their abilities and
login).
knowledge in the major Computer and Network
Engineering.
B. Goal and Purpose
Keywords :
 The goal of this test is to configure Wifi
Network and login hotspot configuration, blocking site, Routerboard (MikroTik RB-941 Series) as an
DHCP, Static DNS, Firewall and blocking file. internet gateway, DHCP server, Web Proxy
and firewall. The internet distributed to clients
via cable and wireless (hotspot login).
I. INTRODUCTION
 The purpose of this test is to be able to measure
The internet is currently very closely related in
students who have completed their education.
everyday life. Starting from young people to adults, the
Facilitate participants with complete
majority use the internet as a media to assist in carrying
certification to help them develop their
out and connecting various human activities effectively.
education in the world of work.
Internet make many things easier so internet is becoming
a necessity for people nowadays.
II. LITERATURE REVIEW
Vocational school have an important role in
regional economic development is to provide SMK 1. UKK (Ujian Kompetensi Keahlian)
graduates who act as suppliers of skilled and quality
Part of the government's efforts to ensure the
human resources at the middle level for the industrial quality of education in order to become an
world. As skilled Entrepreneurs and Agents in
 indicator of the achievement of graduate DNS server, hotspot server, proxy server, and
competency standards. network router.
2. Vocational High School 13. IP Address
Special education programs that can be An IP address is a unique address that
selected for anyone who is interested in identifies a device on the internet or a local
preparing for work. network. 

3. Computer and Network Engineering 14. Firewall

A science that studies the intricacies of the A Firewall is a network security device that
world of computers and computer networks. monitors and filters incoming and outgoing
network traffic based on an organization's
4. UTP Cable previously established security policies. 

UTP (Unshielded Twisted Pair) cable is a 15. NAT

cable used to connect computer devices to a
local LAN network. NAT (Network Address Translation) is a
process of changing the source and destination
5. MikroTik IP addresses and ports.

MikroTik is Operating system and software 16. WLAN

used to turn a computer device into a network
router. A wireless LAN is a wireless computer
network that links two or more devices using
wireless communication to form a local area
6. Router network within a limited area.
Router is an hardware device that serves to
transmit data packets from the internet network 17. DHCP
to other devices through the routing process.
DHCP or Dynamic Host Configuration
Protocol is a network management protocol
7. Switch used on Internet Protocol networks for
Switch is a type of computer network automatically assigning IP addresses.
component that is used to connect several hubs
to form a larger computer network or connect 18. Filter Rules
computers that have a large enough bandwidth Filter rules purpose is to create criteria for
requirement. incoming or outgoing packets/data and then
execute them with different actions.
8. RJ45
RJ45 is an Ethernet cable connectors, most of 19. Web Proxy
which have a function as a connector on a A proxy server is a web server that acts as a
computer network topology LAN (Local Area gateway between a client application, for
Network) and other network topologies. example, a browser, and the real server. 

9. Handphone 20. Ethernet

Handphone is a portable telephone that can Ethernet is a family of wired computer
make and receive calls over a radio frequency networking technologies commonly used in
link while the user is moving within a local area networks, metropolitan area
telephone service area. networks and wide area networks.

10. DNS 21. Crimping Tool

The Domain Name System (DNS) turns A crimping tool is the tool used to deform the
domain names into IP addresses, which material and create the connection.
browsers use to load internet pages.
22. Hotspot
11. Static DNS
Hotspot is a physical location where people
Static DNS means the resources that it points can access the Internet, typically using Wi-Fi,
to are assigned constant, non-changeable IP (as via a wireless local area network (WLAN) with
in opposition to Dynamic DNS system). a router connected to an Internet service
provider.
12. RouterBoard
23. Winbox
A network hardware in which the Mikrotik
RouterOS operating system is installed which
functions as bandwidth management, DHCP,
 Winbox is a small utility that allows The tools used for this test are :
administration of MikroTik RouterOS using a
fast and simple GUI. 1. Software
 Winbox
 MikroTik Router OS
24. Ping
Ping is a basic Internet program that allows a
user to test and verify if a particular destination
IP address exists and can accept requests in
computer network administration.

25. Bandwith
Bandwith is the maximum amount of data
transmitted over an internet connection in a
given amount of time.

III. METHODOLOGY Fig. 3.1 Winbox Software

A. Things Tested
2. Hardware
In this test there are some things that are tested
as:  Router
 Switch
1. Internet Connection  UTP cable
 PC
The client must be able to connect to the  Handphone
internet without any problems and be able to  RJ45
use the internet smoothly.  Crimping tool
 Cable tester
2. Static DNS
Static DNS make filtering access to a website
address. IV. IMPLEMENTATION
1. Crimping
3. Firewall
 Peel the skin of the cable about 2 cm
Make firewall block sites, files and can not
wide.
ping to the router.
 Arrange the eight wires neatly inside in
the order of the colors White Orange –
4. DHCP Pool Orange – White Green – Blue – White
To determine the IP range that can limit the Blue – Green – White Brown – Brown.
client connected wirelessly and used for DHCP  Straighten any tangled cables.
Server.  Flatten the ends of the cable using a
crimping tool.
5. Filter Rules  After making sure the color sequence is
correct and the cable ends are even, insert
There must be a filter rule when the client the cable into the RJ-45 connector, make
accesses the internet, which allows the client to sure the cable end touches the RJ-45 end,
open any site either HTTP or HTTPS protocol and clamp it using the crimping tool.
sites with ports 80 and 443.  After completing both ends of the cable,
test using a cable tester, if all the lights are
6. Blocking linux site on, it means the cable has been crimped
correctly and can be used.
Client Can not open and access linux site.

7. Blocking mp3
Client Can not download .mp3 file.

8. Hotspot Login
Before accessing the internet using a hotspot,
the client must login first.

B. Tools and Materials

 Fig. 4.3 WLAN ip address

 Set DNS
Open IP menu > DNS > setting server
“192.168.1.1” and “8.8.8.8” > click apply

Fig. 4.1 UTP Cable Straight

2. Router Configuration >OK.

Fig. 4.4 DNS Server
Author must read the rules first before
configuring the router.  After that, ping in the new terminal winbox.
 Set up VLAN
 First of all, plug the cable that connects to the
internet into the main router on port 1. Plug the Open interface menu > VLAN > “+”. Create it
cable from cpu to router on port 2 to connect twice with :
the router to pc.
a. VLAN 10
 Open winbox application. Click mac address - Name : Lab Admin
on the first page. If the IP does not appear,
click refresh until it appears. If the IP already - VLAN ID : 10
appears, click connect. b. VLAN 20
- Name : Lab Jaringan
 Then reset router configuration to start a new
configuration. - VLAN ID : 20
And then apply > OK.
 Open IP menu > address, and then setting IP
*Eth1 = 192.168.66.107/24
WLAN = 192.168.30.1/24

Fig. 4.2 eth1 ip address

Fig. 4.5 set up VLAN 10

Fig. 4.6 set up VLAN 20

 Open IP Menu again > address and then setting

ip for vlan :
 *VLAN 10 = 192.168.10.1/28 Fig. 4.10 DHCP Server 2
VLAN 20 = 192.168.20.1/28

 Ip menu > firewall > NAT > Action =

Masquired.
 Wireless menu > double click on the gray text
> mode = ap bridge > wireless menu > SSID =
author name > enable.
 Ip menu > hotspot > hotspot setup > next until
DNS name (DNS Name = smktelkom-
bdg.sch.id) > next ( fill in the username and
Fig. 4.7 VLAN 10 IP Address password that has been determined by the
examiner).
*Username = tamu
Password = guest

 Check the hotspot on the mobile phone or hand

phone. If it is connected, it will automatically
proceed to the login page. Fill in the username
and password then click OK.

Fig. 4.8 VLAN 20 IP Address

 Set DHCP Server. IP menu > DHCP Server >

DHCP Setup. Do it for interface VLAN10,
VLAN20, and WLAN. Then click next till end.

Fig. 4.11 Hotspot login

Fig. 4.9 DHCP Server

Fig. 4.12 Hotspot login succes

  Bridge menu > click “+” > rename with
author's name > click apply > ok.
 Firewall menu > NAT > double click on the
words "masquerade hotspot network" > general Fig. 4.15 Bridge
> out in = eth1 > apply (select the one with
I[ and no IP, then fill in both > apply > ok.  Bridge menu > ports > click “+” > general >
interface = eth1, bridge = according to each
 Firewall menu > filter rules > click “+” > author's, ceklist hardware offload. Make also
general > chain = forward > protocol = tcp > for ether 2 and 3.
dst port = 80,443 (HTTP and HTTPS ports) >
in interface = wlan 1 > out interface = eth1 >
advance > content = ( linux.org and .mp3 >
action > action = drop > apply > ok.

Fig. 4.16 Bridge eth1

Fig. 4.13 Filter Rules

 Check whether linux site is accessible or not.

Make sure you can't access it.

Fig. 4.17 Bridge eth2

Fig. 4.18 Bridge eth3

Fig. 4.14 Blocking linux

 Move the pc cable connected to router 1, move

it to router 2 on port 4 to be used as a switch.
 Switch menu > make sure the type is "Atheros 3. https://aws.amazon.com/route53/what-is-dns/.
8227" Accessed on 23 April 2022.
4. https://wiki.mikrotik.com/wiki/
Manual:Winbox#:~:text=Winbox%20is%20a
%20small%20utility,MacOS%20(OSX)
%20using%20Wine. Accessed on 23 April
2022.
5. https://www.maunindustries.com/blogs/what-
is-a-crimping-tool-and-how-are-they-used/
#:~:text=Crimping%20is%20a%20way
%20of,material%20and%20create%20the
%20connection. Accessed on 23 April 2022.
6. https://help.mikrotik.com/docs/pages/
viewpage.action?
Fig. 4.19 Atheros switch pageId=328136#:~:text=Winbox%20is%20a
%20small%20utility,Winbox%20sections
%20in%20the%20manual. Accessed on 23
April 2022.
 Switch menu > VLAN > click “+”
7. https://en.wikipedia.org/wiki/
*Switch = switch1
Dynamic_Host_Configuration_Protocol#:~:tex
VLAN ID = 10
t=The%20Dynamic%20Host%20Configuration
Port = eth1
%20Protocol,using%20a%20client
%E2%80%93server%20architecture. Accessed
Click the down arrow, type eth2 as a place to on 23 April 2022.
save the vlan id. Also make it for vlan 20, for a 8.
place to store vlan using port 3.

Fig. 4.20 Switch VLAN

 Switch menu > ports > Click :

- Eth1
VLAN mode = secure
VLAN header = add if missing
- Eth2
VLAN mode = secure
VLAN header = always strip
- Eth3
VLAN mode = secure
VLAN header = always strip

REFERENCES
1. https://ditekno.id/artikels/160-tips-cara-
crimping-kabel-lan. Accessed on 23 April
2022.
2. https://www.verizon.com/info/definitions/
bandwidth/. Accessed on 23 April 2022.