I think they can't be a true "zero touch" config because the default
config on most models has a firewall on ether1 which prevents outside
access.
You'll have to login once and load a config file, or have a config that
you paste into the terminal. Both methods are pretty fast though.
After that you could use Unimus or similar. I'd be tempted to disable
the reset button. I don't remember a situation where I actually fixed a
Mikrotik issue by resetting to defaults. I think it's more likely to be
used to break the Internet and force a truck roll.
It seems like Netinstall ought to be the way to get your initial config
done, but I seem to have issues with it. I don't remember what my issue
was, and I'm sure it was fixable if I really wanted to. If you get that
working reliably for you, then replacing the default config would be a
wise choice.
My biggest issue with Mikrotik as a customer prem router is you can't
turn over any control to the customer. I mean, of course, you could
give them a login but there are too many knobs there. They only really
need to do port forwards and change their WiFi SSID and WPA2 Key. The
NAT settings are hard for regular people to grasp, and everything else
just has so many buttons and menus that they're almost guaranteed to
mess something up. I gave two different customers access to a Mikrotik
on their customer prem, and maybe it's just random coincidence, but they
both broke things by playing with the "hotspot" menu.
Where I saw Mikrotik being used a customer prem router, they were
pre-provisioning with a copy+paste script. They had a customer login
set on each one, but they avoided handing it out. No real mass
management in their case. When one of those remote-access bugs forced
updates they just did them onsey-twosey.
On 10/23/2020 10:08 PM, Jesse Dupont wrote:
I don’t disagree, but I was hoping...
Sent from my iPhone
On Oct 23, 2020, at 6:59 PM, Adam Moffett <dmmoff...@gmail.com> wrote:
This is the path to the dark side.
On 10/23/2020 7:34 PM, Jesse DuPont wrote:
Question for anyone using Mikrotik routers in customers' homes:
Anyone doing any kind of zero-touch provisioning with them? If so,
what method? Unimus? Minim? Something home grown?
Are you doing a NetInstall with an included configuration so they
have some kind of baseline config after a default? Just disabling
the reset button?
How are you managing them after they're installed, Dude? Something
TR-069? Something SNMP?
*Jesse DuPont*
Owner / Network Architect
email: jesse.dup...@celeritycorp.net
Celerity Networks LLC / Celerity Broadband LLC
Like us! facebook.com/celeritynetworksllc
Like us! facebook.com/celeritybroadband
<celeritynetworks-GIF.gif>
--
AF mailing list
AF@af.afmug.com
http://af.afmug.com/mailman/listinfo/af_af.afmug.com
--
AF mailing list
AF@af.afmug.com
http://af.afmug.com/mailman/listinfo/af_af.afmug.com
