jeans/home-assistant.io
jeans/home-assistant.io
1
0
Fork 0
mirror of https://github.com/home-assistant/home-assistant.io.git synced 2025-04-25 13:57:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
home-assistant.io/source/_integrations/mikrotik.markdown
Maghiel Dijksman ba4b498108
Update mikrotik.markdown - clarification about setting user password (#35993) 
Co-authored-by: Franck Nijhof <frenck@frenck.nl>
2024-11-26 20:07:23 +01:00

2.5 KiB
Raw Blame History

title description ha_category ha_release ha_codeowners ha_config_flow ha_domain ha_iot_class ha_platforms ha_integration_type
Mikrotik Instructions on how to integrate MikroTik/RouterOS based devices into Home Assistant.
Hub
Presence detection
0.44
@engrbm87
true mikrotik Local Polling
device_tracker
integration

The mikrotik platform offers presence detection by looking at connected devices to a MikroTik RouterOS based router.

There is currently support for the following device types within Home Assistant:

  • Presence detection

Prerequisites

You have to enable accessing the RouterOS API on your router to use this platform.

RouterOS uses a ping test to determine client presence, make sure you are not blocking this on the client (Windows firewall default behavior), as this will result in the provided device_tracker having the state not_home.

Terminal:

/ip service
set api disabled=no port=8728

Web Frontend:

Go to IP -> Services -> API and enable it.

Make sure that port 8728 or the port you choose is accessible from your network.

{% include integrations/config_flow.md %}

Use a certificate

To use SSL to connect to the API (via api-ssl instead of api service) further configuration is required at RouterOS side. You have to upload or generate a certificate and configure api-ssl service to use it. Here is an example of a self-signed certificate:

/certificate add common-name="Self signed demo certificate for API" days-valid=3650 name="Self signed demo certificate for API" key-usage=digital-signature,key-encipherment,tls-server,key-cert-sign,crl-sign
/certificate sign "Self signed demo certificate for API"
/ip service set api-ssl certificate="Self signed demo certificate for API"
/ip service enable api-ssl

If everything is working fine you can disable the pure api service in RouterOS:

/ip service disable api

The user privileges in RouterOS

To use this device tracker, you only need limited privileges. To enhance the security of your MikroTik device, create a "read only" group with solely API and ping test permissions and add a user to that group:

/user
group add name=homeassistant policy=read,api,test
add group=homeassistant name=homeassistant

You will be prompted to set a password for the newly created user. Depending on your RouterOS version and configuration, you might need to set a password yourself:

/user set [find username=homeassistant] password=PASSWORD