To follow this guide, your system must be running OneView software version 4.4.1-177 or newer, you must be using a supported router, and your router license must have already been applied to your system.
1. Create a backup before proceeding. Go to System > Config (left-hand side), scroll down to the Backup / Restore section, and click on the Backup button to download a copy of your system's current configuration.
2. Confirm that your chosen router is set to factory default settings. If you're not sure, reset it as per the router manufacturer's instructions and then power it down. Make sure your router is OFF. Do NOT connect it to your Optigo Connect™ Aggregation Switch just yet.
3. Log into the MikroTik router using the username and password located on a sticker on the side of the router. Change the router password to be blank / empty (nothing in the password box). Without this step the system can not log into the router.
4. Connect your MikroTik router's port 2 to the designated Router Discovery Port on your Optigo Connect™ Aggregation Switch, which will vary depending on which one you are using. The router discovery port's VLAN Mode must be configured as Access (any usable VLAN ID will work).
Solution | Aggregation Switch | Router Discovery Port |
Spectra | ONS-S8 | D7 |
Hybrid | ONS-C401i | 3 |
Hybrid | ONS-CD0840GP | 7 |
Hybrid | ONS-C801pi | 7 |
Hybrid | ONS-C810p |
8 |
Hybrid | ONS-CR2420GT | 23 |
Hybrid | ONS-CR2440XP | 23 |
Hybrid | ONS-C2401p | 23 |
Hybrid | ONS-C4801p | 47 |
NOTE:
After the router has been discovered, the router discovery port's 'VLAN Mode' will change from 'Access' (marked by an 'A' in the centre of a yellow circle) to 'Reserved' (marked with an 'R'in the centre of a blue circle).
- Apply power to the router.
-
In OneView, go to System > Unit Status (left-hand side) and watch for the Router Status and WAN & DNS widgets to both appear, marked as 'Online' and 'Disabled', respectively.
The discovery process should look something like the animation below.
NOTE:
Upon discovery of a supported router, the titles of the sidebar menu items 'Edge Switches' and 'VLANs' will change to 'Switches & Routers' and 'VLANs & Subnets', respectively. A new menu item, 'WAN & DNS', is also added.
- If you don't see these widgets appear within approximately 5 minutes of powering on the router, go to System > Config (left-hand side) and click the Attempt Discovery button in the Router Discovery section.
NOTE:
The 'Attempt Discovery' button will be disabled if the router has already been discovered.
-
If you plan to allow WAN access (e.g. access to the Internet) for specific VLANs, you first need to go to System > WAN & DNS (left-hand side) and make sure that one of the router ports is enabled for WAN access.
In the example below, WAN access is enabled on router port 'ether3', using a dynamic WAN IP.
For the DNS settings, leaving them at the default values should be fine. If IT says to use different values, then edit the values as necessary.
- Go to VLANs & Subnets (left-hand side) to set up VLANs (if this hasn't been done already) and to configure your router (e.g. create subnets, set up DHCP reservations, enable WAN access, etc). You can create up to 128 VLANs in version 4.4.2 or later.
The header shows the number of subnets.
- To create a new VLAN and Subnet click the Create New button.
To edit an existing VLAN (e.g. to add subnet information), click the Edit button for that VLAN.
- If you are creating a new VLAN, enter these settings first (see example below).
- In the Subnet Settings section, select the # of Addresses to allocate.
The choices available in the dropdown box are 256, 1024, and 65536.
Please choose carefully.
For instance, if you intend to connect 200 devices, but there's a reasonable chance that you will be adding more, select 1024. On the other hand, if you only intend to connect 20 devices and it's unlikely more will be added, then choose 256.
- Whereas the number of addresses (see previous step) defines the size of the subnet, the Sample IP Address value defines what the individual IP addresses will be.
Although it is recommended that users simply allow OneView to automatically generate the subnet based on the number of addresses needed, there are times when a specific IP address range is required.
For instance, retrofitting an OT network that is full of devices with static IP addresses would be very cumbersome, if one had to reconfigure every single device with a new static IP address.
Fortunately, in this case all you need to do is change the Sample IP Address value to any IP address that would fit within the IP address range you require.
For example, let's say you wanted to create a subnet large enough to accommodate 1024 devices, but most of these devices already exist and are configured with static IP addresses.
You happen to know that one of these devices has the IP address 192.168.1.130, so you would enter that into the 'Sample IP Address' field.
After changing the sample IP address to 192.168.1.130, a new subnet would be generated that can accommodate the devices you wish to connect.
NOTE:
After generating the new subnet, the subnet mask is applied to whatever you entered for the 'Sample IP Address' field. So, 192.168.1.130, with a subnet mask of 255.255.252.0, becomes 192.168.0.0.
- By default, when a subnet is first created, the DHCP Range is the same as the range of Usable Addresses.
However, you can configure it so that connected DHCP devices can only obtain IP addresses from a subset of the entire usable range.
For example, rather than use the entire range in the subnet above, you could set aside IP addresses 10.5.0.100 to 10.5.0.200 for DHCP devices.
That would allow you to safely connect non-DHCP devices with static IP addresses ranging from 10.5.0.1 to 10.5.0.99 and from 10.5.0.201 to 10.5.0.254.
- If you would like to reserve an IP address for a specific device (i.e. DHCP reservation by MAC address), enter the device's MAC address and the IP address in the Reserved IP Addresses section.
For example, to reserve the IP address 10.1.0.120 for a device with MAC address B8:27:EB:A8:11:72, just enter these values and then click the Reserve button.
The new reservation will appear in a list above the 'MAC' and 'IP' fields.
Repeat this until all of your reservations have been made.
NOTE:
Any IP address from the usable address range can be reserved for a specific DHCP device, not just addresses from within the DHCP range. This is not the case for 'dynamic' (non-reserved) DHCP devices, which are only assigned IP addresses from within the DHCP range. - If you have finished creating your first new VLAN and subnet, but intend to create several more, make sure to check the Create another checkbox before clicking the Save button.
Otherwise, if you're all finished, just leave it unchecked and the Create Named VLAN and Subnet dialog will automatically close after you click the Save button.
- Review the VLANs & Subnets section to confirm that you've set everything up correctly.
Please note that the subnet in the Address Range column is represented using CIDR notation (e.g. subnet mask 255.255.255.0 = /24, subnet mask 255.255.0.0 = /16, etc).
Also, the ratio in the Used Addresses column refers to the number of DHCP addresses that have been reserved or dynamically assigned out of the total number of addresses in the DHCP Range.
- If you wish to allow devices on different VLANs to communicate with one another, this can be configured in the Inter-VLAN Routing section.
By default, no VLANs are allowed to communicate with each other. As an example, if the "CCTV" VLAN should communicate with the "Alarms" and "Access" VLANs, the following steps should be taken:
Click on the "Edit" button sign to the right of the "CCTV" row.
Then in the edit screen, add "Alarms" and "Access". Since HVAC and Lighting should remain unconnected, they will be left as-is.
The resulting table shows the relationship between VLANs, with each VLAN on the left and the VLAN(s) it can communicate with on the right.
- If you would like to grant WAN access to individual VLANs, first confirm that this has been enabled (see step 7), and then toggle the appropriate switches in the WAN Access for VLANs section.
In the example below, the 'CCTV' and 'Alarms' VLANs have WAN access, but the 'HVAC', 'Access', and 'Lighting' VLANs have no WAN access at all.
- The table in the DHCP Leases section displays the details for every device in the network that has been assigned a DHCP address by the router.
In addition to providing information on each DHCP device (e.g. Status, Lease Duration, Last Seen, etc), users can also ping a device by clicking on the Ping button by its IP address.
If you don't see an expected device in the table, click the Refresh button.
All IP addresses marked as 'dynamic' in the Type column, can be reserved by checking the box on the far left and then clicking the OneClick Reserve button.
- The list of reserved IP addresses can be exported to and imported from a .CSV file.
To export your list of reserved IP addresses to a .CSV file, simply click the Export button and the file will be downloaded to your browser's default download folder.
To import a list of reserved IP addresses from a .CSV file, click the Import button, choose the file, and then select your preferred import mode, Append or Replace.
If you choose Replace, the existing IP reservation list will be overwritten with the contents of the .CSV file. Any reservations that existed in OneView before the import, but are not present in the .CSV file, will be deleted from the system.
If you choose Append, any new reservations will be added, but existing reservations, even if they are not in the .CSV file, will remain unchanged.
However, if there is a conflict (i.e. you're trying to reserve a different IP address for the exact same device on the same VLAN and subnet), you will be prompted to Confirm or Cancel the import.
NOTE:
Although you may manually enter all of the IP reservation data into a .CSV file using a spreadsheet application (e.g. Microsoft Excel), all of the VLANs and subnets referenced in the .CSV file must already be created in OneView, or it will be rejected when you attempt to import the file. In addition, if you do decide to create and edit the .CSV file manually, it is highly recommended that you reserve at least one IP address in OneView first. Then export that to a .CSV file to use as your base, and edit accordingly.
- To view your connected router's hardware version information, go to System > Version (left-hand side) and scroll down to the Hardware Version Info section.
- To access more detailed information about your router and features, go to Switches & Routers (left-hand side) and click on the Routers tab.
Clicking on the 'More' button (far right) will bring you to a dialog with two tabs.
On the Summary tab you will find additional router info and a Reboot Router button that will allow you to manually restart the router.
On the Ping tab you will find a Ping button that, when pressed, will ping the IP address specified in the Address field, to confirm whether or not the device with that IP address is connected and/or 'pingable' (e.g. some devices are configured to ignore ping requests). This is similar to the ping feature in the DHCP Leases table on the VLANs & Subnets page.
- To get information about your router's individual ports, go to Ports (left-hand side) and click on the Routers tab.
Clicking on the 'More' button (far right) for a specific router port will display detailed statistics for that port.
- Go to Devices (left-hand side).
A new column, Hostname, should be displayed in the 'Devices' table. Also, if there are any IP addresses listed in the table, then a Ping button should also be displayed in the 'Options' column for that device.
Hostname
Device hostnames are gathered from DHCP lease information and displayed alongside the 'IP address' of the device. If a device does not request a DHCP lease, then its hostname will not be known and will not appear in the list.
Ping
A 'Ping' button appears in the 'Options' column for rows containing device IP addresses. Click the button to ping the device listed.
Need some help?
If so, please start an online chat session at optigo.net/support or email us at support@optigo.net.
Comments
0 comments
Please sign in to leave a comment.