Skip to main content

MikroTik hAP ax³ Setup Guide

This guide will walk you through setting up a MikroTik hAP ax³ router with the following features:

  • Two SSIDs: Home and Guest
  • Three VLANs: Home, Guest, and IoT
  • PPSK (Private Pre-Shared Key): Different keys for Home and IoT networks
  • Firewall Rules: Optimized for streaming and gaming

Prerequisites

  1. MikroTik hAP ax³: Ensure your router is powered on and connected to your network.
  2. Winbox or Web Interface: Use Winbox or a web browser to access the router's management interface.
  3. Basic Network Setup: Have an existing internet connection.

Step-by-Step Setup

Step 1: Access MikroTik Router

  1. Open Winbox: Connect to your MikroTik router using Winbox or the web interface at http://192.168.88.1.
  2. Log in: Use the default username admin and no password (change this immediately after login for security).

Step 2: Update RouterOS

  1. Navigate to: System > Packages.
  2. Check for updates: Click on Check for Updates and apply any available updates to ensure you have the latest RouterOS version.

Step 3: Create VLANs

  1. Navigate to: Interfaces > VLANs.
  2. Create VLANs for Home, Guest, and IoT.

Home VLAN

  • Name: Home
  • VLAN ID: 10
  • Interface: Select the interface connected to your network.

Guest VLAN

  • Name: Guest
  • VLAN ID: 20
  • Interface: Select the interface connected to your network.

IoT VLAN

  • Name: IoT
  • VLAN ID: 30
  • Interface: Select the interface connected to your network.

Step 4: Configure Bridge and VLAN Filtering

  1. Navigate to: Bridge > Add a new bridge.

Bridge Settings

  • Name: bridge1
  1. Add VLANs to the Bridge:
    • Go to Bridge > VLANs.
    • Add each VLAN to the bridge with the respective VLAN ID and ports.

Step 5: Set Up Wireless Networks (SSIDs)

  1. Navigate to: Wireless > Add new.

Home SSID

  • Name: Home
  • SSID: Home
  • Security Profile: Create a new profile with WPA2-PSK.
  • VLAN ID: 10

Guest SSID

  • Name: Guest
  • SSID: Guest
  • Security Profile: Create a new profile with WPA2-PSK.
  • VLAN ID: 20
  1. Configure PPSK for Home Network:
    • Navigate to Wireless > Security Profiles.
    • Create separate security profiles for each key associated with VLAN 10 and VLAN 30.

Step 6: Configure DHCP Servers

  1. Navigate to: IP > DHCP Server.
  2. Create DHCP servers for each VLAN:

Home VLAN DHCP

  • Interface: VLAN10
  • Address Pool: Create an address pool for VLAN 10.

Guest VLAN DHCP

  • Interface: VLAN20
  • Address Pool: Create an address pool for VLAN 20.

IoT VLAN DHCP

  • Interface: VLAN30
  • Address Pool: Create an address pool for VLAN 30.

Step 7: Configure Firewall Rules

  1. Navigate to: IP > Firewall > Filter Rules.
  2. Create firewall rules to optimize streaming and gaming:

Allow Streaming Services

  • Chain: forward
  • Action: accept
  • Src. Address List: Create an address list for streaming services.

Allow Gaming Services

  • Chain: forward
  • Action: accept
  • Src. Address List: Create an address list for gaming services.

Deny Other Traffic

  • Chain: forward
  • Action: drop
  • Log: enabled (for troubleshooting purposes).
  1. Prioritize Traffic:
    • Use Mangle rules to mark packets from specific devices and apply Queue Trees to prioritize gaming and streaming traffic.

Step 8: Test the Configuration

  1. Connect devices to the Home and Guest SSIDs.
  2. Test connectivity to ensure devices are assigned to the correct VLANs.
  3. Verify streaming and gaming performance to ensure traffic is prioritized correctly.

Additional Tips

  • Secure Access: Change the default admin password and secure management access.
  • Regular Backups: Save your configuration regularly to avoid data loss.
  • Firmware Updates: Keep your RouterOS and firmware up-to-date for security and performance.

 

https://mikrotik.com/product/hap_ax3

 

Back to top