Versions Compared

Old Version 30

changes.mady.by.user Deniss M.

Saved on

compared with

New Version Current

changes.mady.by.user Deniss M.

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Introduction

One of the many cloud services that you can use to monitor information that is sent by an MQTT publisher is Thingsboard. This article will demonstrate how to configure both Thingsboard and RouterOS to publish the data using the MQTT protocol. RouterOS, in this scenario, is going to act as a gateway and publish the data from the RouterBoard to the Thingsboard's server. Thingsboard, in this scenario, will act as an MQTT broker (server, where data will be posted).

...

Warning

Please consider using SSL MQTT (TCP port 8883 and certificates), instead of non-SSL MQTT (TCP port 1883). If you use non-SSL MQTT, the communication between the client (MQTT publisher) and the server (MQTT broker) can be easily sniffed/packet captured, and the that will compromise authentication data (such as client ID-ids, username, usernames and passwordpasswords) will be compromised.

Thingsboard configuration

note
Info
title

In this guide, we will showcase local instance/server installation configuration, but the same principles apply to the cloud option.

...

The only difference, in this case, is the communication between the device and the server (you will only have to slightly change the MQTT broker configuration in RouterOS settings which will be shown later on).

When using this scenario, the communication is going to be encrypted (using SSL).

X.509

...

(two-way SSL communication) scenario

Info

This type of authentication requires you to use a server certificate and a client certificate for SSL communication. A server certificate must be generated and uploaded to the ThingsBoard instance.

To generate a server certificate, use this guide as a reference → generate the certificate (for example, using OPENSSL tool), install/upload it into the correct folder, and enable MQTT SSL in the ThingsBoard configuration file.

To generate a client certificate, use this guide as a reference.

...

Code Block
languageros
/certificate/import file-name=mqttserver.pem passphrase=""

When using SSL one-way communication and an access token scenario, add an MQTT broker as shown below:

...

  • Change the "address" to the actual IP/domain address of your ThingsBoard server;
  • Change the "username", "password" and "client-id" to the actual values access token that you've used in the ThingsBoard settings;
  • Make sure to use "port=8883" this time (the MQTT SSL port that the server is listening to);
  • Make sure to enable "ssl=yes" to encrypt the connection.

When using SSL one-way communication and an MQTT Basic scenario, add an MQTT broker as shown below:

...

  • Change the "address" to the actual IP/domain address of your ThingsBoard server;
  • Change the "username", "password" and "client-id" to the access token actual values that you've used in the ThingsBoard settings;
  • Make sure to use "port=8883" this time (the MQTT SSL port that the server is listening to);
  • Make sure to enable "ssl=yes" to encrypt the connection.

X.509

...

(two-way SSL communication) scenario

Before we configure the MQTT broker, we need to import the certificates generated for this scenario.

Check the Thingsboard guide for more information.

Drag-and-drop the certificates into the router's "Files/File List" menu →  server certificate, client certificate, and its private key (you will need a chain when using the cloud option).

Import certificates one by one:

Code Block
languageros
/certificate/import file-name=mqttserver.pem passphrase=""
/certificate/import file-name=cert.pem passphrase=""
/certificate/import file-name=key.pem

Go to System>Certificates and import all 3 files (via the "Import" button - one by one):

Make sure that the certificate is trusted (T) and that the private key (K) was added.

Navigate to IoT>MQTT and add a new broker ("+" button):

Image Removed

  • Name the broker in the "Name" field.
  • Type in/paste Thingsboard server's hostname address into the "Address" field.
  • Configure the port used by the broker in the "Port" field (for SSL connection, the "8883" port should be used).
  • Enable the "SSL" checkbox.
  • Select the certificate in the "Certificate" field.

Click on "Apply" and "OK" to finish setting up the broker.

MQTT Publish

 passphrase=""

Add an MQTT broker as shown below:

Code Block
languageros
/iot/mqtt/brokers/add name=tb address=x.x.x.x port=8883 certificate=cert.pem_0 ssl=yes
  • Change the "address" to the actual IP/domain address of your ThingsBoard server;
  • Change the "certificate" selected to the actual client certificate name that you've imported;
  • Make sure to use "port=8883" (the MQTT SSL port that the server is listening to);
  • Make sure to enable "ssl=yes".

MQTT Publish

a) A quick MQTT publish test with a static value:

Code Block
languageros
/iot/mqtt/publish broker="tb" topic="v1/devices/me/telemetry" message="{\"cpu\":\"7\"}"

b) In order to publish relevant In order to publish the data from the RouterOS to the Thingsboard, we will be using you can use the script shown below as a reference. The script collects the data from the RouterOS device (model name, serial number, RouterOS version, current CPU, used memory, free memory, and uptime) and publishes the message (the data) to the broker in the JSON format:

...

2 script lines should be taken into account.

:local broker "mqtt.thingsboard.cloudtb"

line, where you should specify the broker's name within the quotation marks "".

...

Copy and paste the above script into a notepad, and re-copy it again. Navigate to System>Scripts menu, add a new script there, and paste the script that is shown above (name . Name it, for example, script1).

To run the script, you can use the command line:

Code Block
languageros
/system script run script1

Verification

You can check the received/published data for the device under the "Latest telemetry" section:

...