The Lab

Connect two offices with IPsec VPN. Step-by-step configuration covering two-phase negotiation, peer setup, pre-shared keys, proposals, and policies. Includes required firewall rules, NAT considerations, testing procedures, and troubleshooting decision trees for common issues.

Compare VPN protocols: WireGuard (modern, fast, simple), IPsec (industry standard, interoperable), L2TP/IPsec (built-in OS support), and why to avoid PPTP. Includes decision matrix for choosing the right protocol based on your scenario and performance needs.

Set up VPNs that work: site-to-site and remote user access. Learn WireGuard, IPsec, and L2TP protocols in 77 minutes. Choose the right protocol, configure connections, troubleshoot systematically, and deploy working VPNs in 30 minutes with copy-paste templates.

Perform a 28-point firewall security audit covering input/forward chains, NAT configuration, rule ordering, and services. Includes scoring system, testing procedures, and documentation templates. Your Quick Win ensures professional-grade network protection and identifies security gaps.

Protect against port scans, brute force attacks, SYN floods, ping floods, and DNS amplification. Use address lists for dynamic blocking, connection limits for attack detection, and learn hardened firewall rule ordering that stops real-world network threats.

Build, edit, and reorder firewall rules with confidence. Learn the anatomy of rules (where, what, do), add custom protections step-by-step, and test safely with Safe Mode. Includes practical examples like blocking IPs, allowing SSH selectively, and logging traffic.

Learn what default firewall rules do and why they exist. Understand proper rule structure for input and forward chains, identify common configuration mistakes, and use the good-enough firewall checklist to verify your router is properly secured against basic threats.

Understand MikroTik firewall architecture: chains (input, forward, output), connection tracking states, and the three firewall tables (Filter, NAT, Mangle). Learn how rules process top-down and make the mental shift from Cisco ACLs to MikroTik's chain-based system.

Master MikroTik firewall in 59 minutes. Understand chains and connection tracking, analyze default rules, build custom protections, and block common attacks. Learn to audit your firewall systematically and close security gaps with professional-grade configuration.

Essential security hardening steps for MikroTik routers. Create backups, change default passwords, create personal admin accounts, disable dangerous services like telnet and ftp, restrict service access by IP, and secure MAC server access. Includes both GUI and CLI instructions.