This guide is old and outdated due to changes in how the MikroTik RouterOS handles bridge and ports. No more master and slave.

See new guide here --> https://forum.lowyat.net/topic/5295840

This was getting lost in the Mikrotik thread so I'll post this as a new topic.

I also noticed that many people are still following outdated guides on blogs or other forums that leaves a Mikrotik vulnerable to amplification attacks. Follow this guide and you won't be a DNS zombie. If you used QuickSet, you should be OK but check anyway.

For those who followed other guides, please check that you have this rule somewhere in your firewall.


Setting up a Mikrotik router for UniFi is now a lot easier with Quick Set. So here's a little step-by-step.

Also available on Mikrotik's Wiki: Mikrotik_and_Telekom_Malaysia_UniFi_Setup_Using_QuickSet

Mikrotik UniFi Setup Guide

Connect to the router
First, connect to the router using either a web browser or winbox.exe (http://www.mikrotik.com/download)
*winbox is a Windows app to configure your Mikrotik router.
**The screenshots here are from winbox. Web browser looks similar. You'll figure it out.
***This assumes a router with default configuration. This is very important. It it's not, you can reset the router to defaults before starting.
****Do not reset to defaults if your RouterOS is version 6.33.5. http://forum.mikrotik.com/viewtopic.php?p=516366

(Imagine a screenshot of your browser's address bar or the winbox login screen)
Connect to the router
Default IP address: 192.168.88.1
Username: admin
Password: (no password) <-- I mean there's no password defined and not that the password is (no password).


Quick Set
1) Click on Quick Set


Set as Home AP and enter UniFi username & password
1) Select Home AP
2) Select PPPoE
3) Enter UniFi username and password
4) OK
*Once everything is working, come back here to set your wifi to a cooler name and give it a password.


VLAN
1) Click Interfaces
2) Click VLAN
3) Create a new VLAN
4) Give it a name e.g.: vlan500 (I like daytona500)
5) Set VLAN ID: 500
6) Ensure Interface is: ether1-gateway
7) OK


PPPoE
1) Click PPP
2) Double-click pppoe-out1
3) Set Interfaces to vlan500 (or the name you gave it in VLAN Step 4)
4) Check use-peer-dns
5) OK

That's it.

Internet should be be working now.

Next we'll setup HyppTV.
For HyppTV we'll be using Ethernet Port 5. So plug your HyppTV Set Top Box (STB) into this port.


Ethernet Port 5
1) Click Interfaces
2) Double click ether5-slave-local
3) Change Master Port to: none
4) OK


VLAN
1) Click Interfaces
2) Click VLAN
3) Create a new VLAN
4) Give it a name e.g.: vlan600iptv
5) Set VLAN ID: 600
6) Ensure Interface is: ether1-gateway
7) OK

Bridge
1) Click Bridge
2) Create a new Bridge
3) Give it a name e.g.: unifi.iptv
4) OK

Ports
1) Click Bridge
2) Click Ports
3) Add a port
4) Set Interface to: ether5-slave-local
5) Set Bridge to: unifi.iptv (that's the bridge that you just created above)
6) Add another port
7) Set Interface to: vlan600iptv
8) Set Bridge to: unifi.iptv
9) OK

And that's it. Remember that to plug your HyppTV Set Top Box (STB) into port 5. Switch on your HyppTV STB and enjoy.

This post has been edited by soonwai: Jul 31 2022, 06:50 PM

but make sure it is not disabled.

This post has been edited by jio: Feb 21 2017, 05:10 AM

LOL, thanks for that. Corrected.

What about setup IPv6?

Can, can, ipv6 setup also very easy. Let me go get some SS first.

hi. i know this thread is super old but



should i put this if i'm using l2tp?

Yes you should put it as default rules in mikrotik is allow all. You may need to create an explicit rule to allow l2tp connection to your router. Refer to any tutorials to allow l2tp udp port and ipsec protocol.

should i put the entry on very top or bottom?

Put it just above the input chain drop all not coming from LAN if you are on mikrotik home devices.