BILLYSOFTACADEMY

Menu
Twitter Youtube Facebook

The Definitive Guide to Setting up a MikroTik CHR VPS with DigitalOcean

Introduction

If you’re looking to set up a MikroTik CHR VPS with DigitalOcean, then you’ve come to the right place. This guide will walk you through the process of setting up your MikroTik CHR VPS with DigitalOcean, from start to finish. It will cover all the basics, including what you need to know before getting started, how to set up your server and configure it for use, and some tips and tricks for getting the most out of your new setup. So let’s get started!

What is a MikroTik Cloud Hosted Router (CHR) and Why Use it with DigitalOcean?

MikroTik Cloud Hosted Router (CHR) is a powerful and cost-effective solution for businesses looking to manage their network and internet traffic. It is an ideal way to connect to DigitalOcean, a cloud hosting provider, and take advantage of its scalability, performance, and security features. With CHR, businesses can easily configure their networks in minutes with a few simple clicks. Furthermore, they can access the full range of DigitalOcean services such as storage and load balancing. With CHR’s flexibility and ease of use, businesses can quickly connect private networks to public clouds without the need for expensive hardware or complicated configurations. This makes it an attractive choice for businesses looking to save time and money while ensuring reliable network performance.

Requirements

Consider the list below which shows the items you may need to complete this setup successfully:
1) The WinBox network configuration utility
2) A web browser, Google Chrome, Firefox, Internet Explorer, or Safari
3) The Mikrotik cloud-hosted router
4) A digital ocean cloud account
5) An SSH client such as Putty for Windows or the macOS / Linux terminal app

Overview

Below is a brief overview of the steps outlined in this tutorial:
1) Go to mikrotik.com and download the Cloud Hosted Router RAW disk image file.
2) Extract the RAW file to get the IMG file and upload it to Digital Ocean
3) Start a new droplet, select a region, an authentication method, and more
4) Open an SSH connection to the IP address assigned to the CHR and set an admin password
5) Create a new user account, configure brute-force login protection and purchase a CHR license.

1. Go to mikrotik.com and download the Cloud Hosted Router RAW disk image file

Open a new browser tab and go to mikrotik.com. Click the Software tab, scroll down, and expand the Cloud Hosted Router section. Click the Download icon for Raw disk image on the 7.8 Stable column to start the download process.

2. Extract the RAW file to get the IMG file and upload it to Digital Ocean

When the download completes, go into your downloads folder, right-click on the Mikrotik RAW image file and click Extract. You may need to install a file extraction program such as unzip or WinRAR. Sign into your digital ocean account and click Images and click the Custom Images tab. Click Upload Image, select the Mikrotik IMG file, and click Open. 

An Upload Image popup window will be displayed with additional settings that need configuring. Set Distribution to Unknown and choose a data center region from the available options. Click Upload to add the image to your Digital Ocean Images library. Click More on the image, and click Start a droplet. 

3. Start a new droplet, select a region, an authentication method, and more

Choose a region to deploy the droplet and select a data center from the chosen region. Verify that the CHR custom image is selected and select a droplet type. For the complete beginner, you can choose the Basic type and set CPU options to Regular. Select a pricing plan from the available options.

On the Choose Authentication method section, select SSH key and click the New SSH Key button. If you are using a Windows or MacOS device execute the command below to generate a new SSH key.

Enter a name for the SSH key file and press enter. A new public and private key pair file will be created in the/Users/your-username/.ssh/id_rsa directory. Open the file and copy its contents to your clipboard. Paste the contents on the Add public SSH key field and click Create Droplet.

4. Open an SSH connection to the IP address assigned to the CHR and set an admin password

Copy the public IP address for the newly created CHR droplet and run the command below to open an SSH connection
The first time you attempt to connect, RouterOS will prompt you to enter a password for the admin user. Enter a secure password on the Change password prompts

5. Create a new user account, configure brute-force login protection and purchase a CHR license.

We recommend that you create a new user account, configure brute-force login protection and purchase a CHR license. Run the command below to create a new user account on the Mikrotik Cloud Hosted Router:

Enter full on the group prompt and enter a password. Open a new SSH connection using the new username and password that you have configured. Delete the admin user account by running the command:

To increase the security of your CHR and block brute-force attacks on service ports such as FTP, disable all un-necessary IP services by running commands:

brute-force login protection

To further protect the Cloud Hosted Router from brute-force attacks, run the commands below to prevent FTP attacks. The brute-forcing IP address will be added to a block list to prevent it from ever accessing the router:

To prevent SSH brute forcers, execute the commands below. When an SSH brute forcer is detected, their IP address will be added to a 10-day block list:

Conclusion

You have successfully installed the Mikrotik Cloud Hosted Router on the Digital Ocean cloud computing platform. You can now start using the router for this such as bridging your private network to a public cloud and more. We hope that this tutorial have been informative and would like to thank you for reading it.