PPPoE Server–Client Configuration Using MikroTik - Developed further as a reference for building a simple RT-RW Net business

hi kids, this is your dad, huahuanjayy wkwkwk, Nuenomaru the handsome is back in action.
In this third article of 2026, I will share a simple tutorial aimed at helping beginners like myself.
This article can also be developed further as a reference for building a simple RT/RW Net business zuahahaha #manajanji19jutalapangankerja!!!

Wishing you smooth sales! Once you reach 100 homes connected (100 active users), treat me, future young Boush #CI-i-O 

1. Configure IP Toward ISP / Gateway

Assign the interface to the UPLINK port 

2. Configure NAT
Click the IP menu, choose the Firewall submenu, then click the NAT tab.
In the Rules table that appears, fill in the following settings (yes, sweet kid):
Chain: srcnat
Out. Interface: select the port that leads to the downlink / ISP direction.
Action: masquerade 

3. Create an IP Pool (for PPPoE Clients)
Click the IP menu, select the IP Pool submenu, then click the + button.
After that, fill in the fields as follows:
Name: enter any name you like
Addresses: allocate the IP address range as you prefer

4. Create a PPP Profile
Click the PPP menu, go to the Profiles tab, then click the + button.
Fill in the following fields:
Name: enter any PPPoE profile name you like
Local Address: adjust this according to the IP address pool you created earlier
Remote Address: select the PPPoE IP Pool name that you created earlier
DNS Servers: 8.8.8.8, 1.1.1.1 (example only)

apply~>OK

 

5. Create a PPPoE User Account (Authentication)
Still in the PPP menu, select the Secrets tab, then click the + button.
Fill in the following fields:
Name: enter any name you want to use as the username
Password: enter any password you want to use
Profile: select the PPP profile that you created earlier

6. Enable the PPPoE Server
Click the PPP menu, select the PPPoE Servers tab, then click the + button.
Fill in the following settings:
Interface: select the downlink port (the port connected to an L2 device such as an OLT or switch)
Service Name: enter any name you like
Default Profile: select the PPP profile that you created earlier
✓ One Session Per Host: check this option so that one PPPoE account can only be used by one client
Disabled: X

Well done, Now you can start by handing out sales brochures to your neighbors or your closest family members. #GGWP
Your PPPoE account is all set and ready to be dialed on your customers’ devices.
If you want to set usage limits or tweak it a bit, check out this article too, Pak. Boush: GREPE AKUH!!

Hahaha alright, that’s a wrap for today’s article—my coffee’s gone, so that’s my cue to stop typing.

Let’s end this with a Bismillah at the start and an Alhamdulillah at the finish. Catch you next time, tech gembelers!.
 

./Nuenomaru

Read More

TACACS Setup on Grandstream Layer 2 and Layer 3 Switches (GUI Mode)

 

hi kids, this is your dad, huahuanjayy wkwkwk, Nuenomaru the handsome is back in action.
In this second article of 2026, I want to share a simple tutorial, just like the title suggests.
Before we jump in, let’s talk a bit about what TACACS actually is: TACACS (Terminal Access Controller Access-Control System) is a network security protocol that provides centralized Authentication, Authorization, and Accounting (AAA) services.

1 Log in to the Grandstream switch, then go to the Security menu and click the TACACS+ submenu

 

2 Click Add, and the TACACS server form will appear. Fill in your server address, protocol port, priority, password (Q), and timeout. Once everything is set, click OK and then Save

 

3 Click the AAA menu, then click Add. A form will appear—fill in the AAA name, Method 1, Method 2, and so on. Once you’re done, click OK and then Save

4 Next, in the Login Via section, choose which access method you want to authenticate using your TACACS server.
For example, in this case I set HTTPS to use the TACACS method. This means that when accessing the switch via web login, only accounts registered on the TACACS server will be allowed to log in. Any other accounts will be denied.
***If it is set to Default, then only accounts configured locally on the switch will be able to log in.

 

Next, adjust the configuration according to your needs, This article is meant solely to help beginners like me. :)) #imsosorry

Hahaha alright, that’s a wrap for today’s article—my coffee’s gone, so that’s my cue to stop typing.  

 

Let’s end this with a Bismillah at the start and an Alhamdulillah at the finish. Catch you next time, tech gembelers!.

./Nuenomaru

 

Read More

Preconfiguration of Bridge VLAN for NMS & Services on Mikrotik RouterBoard (GUI Mode)

hi kids, this is your dad, huahuanjayy wkwkwk, Nuenomaru the handsome is back in action.
This is the first article of 2026. I’m starting with a simple article to help beginners like me ^_^
For the case in this article, I will allow the NMS VLAN and service VLAN from both the uplink port and the ports that connect to users (adjust according to your needs). Of course, I will also cover the configuration needed so your Mikrotik can be remotely accessed from your monitoring system.

1 Create VLANs on the interfaces (uplink and downlink)
Go to the Interfaces menu, First, choose which interface you want to allow the VLAN on. Simply click the interface/port -> click +, then choose VLAN.

Here, I use ether1 as the uplink port, and sfp1 as the port that connects to the downlink device.
For the Name field, you can name it whatever you like. Set the VLAN ID to the NMS VLAN (and later do the same to create the service VLAN), and select the interface according to your needs.

 

(vlan nms)apply -> OK GAS OK GAS

 

(vlan service)apply -> ok gas ok gas

2 Create a Bridge to encapsulate the VLANs within the ports
Click the Bridge menu, click the + icon, then name it as you like. Once done, click Apply and then OK (Repeat the same steps to create the NMS and service bridges).

Click the Ports submenu, click the + icon, adjust it according to your needs, and assign it to the VLAN on the port that you created in the first step (Repeat the same steps to create the NMS and service bridges).

apply-> ok gas ok gas

 

Up to this point, the view in your Interfaces menu will look like this (VLANs appear under the ports, and the bridges you created are also visible). 

3 Configure IP Address and Subnet
To allow the Mikrotik to be remotely accessed from your network system, we need to configure its IP address and subnet.
Click the IP menu, select Addresses, enter the IP address and subnet ( / ), also enter the network address, then assign it to the uplink VLAN interface.

4 Configure Gateway
Click the IP menu, select the Routes submenu, and enter your gateway and destination address.
Once done, click Apply and then OK

 

5 Assign a Name to the Device/Hostname Device
Click the System menu, select the Identity submenu, and set the name as you like.

 

6 User Account Creation and Privilege Assignment
Go to System → Users, click +, then create the user account and assign the appropriate privileges (e.g., Read, Read/Write, or Full Access).

7 IP Services List
Click the IP menu, select the Services submenu, and then enable or disable the services you want to allow for remotely accessing this Mikrotik.

Okay, to make sure your Mikrotik can be remotely accessed and the settings worked, just ping the NMS IP. And gotchaaa ^_^
Next, adjust the configuration according to your needs. Sorry that the first article of 2026 is this simple ^_^

Hahaha alright, that’s a wrap for today’s article—my coffee’s gone, so that’s my cue to stop typing. 

Let’s end this with a Bismillah at the start and an Alhamdulillah at the finish. Catch you next time, tech gembelers!.

./Nuenomaru  

Read More