Better ISP Management

Easy Setup, Intuitive Interface, Affordable Subscription

Discover More



Recently Activated
  • From India a day ago
  • From Lebanon 2 days ago
  • From Nepal 3 days ago
  • From Kenya 4 days ago
  • From Pakistan 6 days ago
Latest Forum Posts
  • Add Hotspot and payment gateway integration
    Speaking of payment getaway integration, there is an informative article by [Cleveroad]( about that.
    24 days ago by Mary
  • Basic ISP configuration using Mikrotik Routerboard
    Below is a simple scenario of how a basic ISP works and the minimum requirements: ![image|684x461](upload://8pn2LsOIlpyycKziuL6trPhiUWr.png) What you need: - A Mikrotik router. - A backbone network that provides Layer 2 connectivity. It consists of cables, switches, wireless point-to-point, fiber, etc... In this setup, the subscribers are connected via 2 switches to **ether2** and **ether3** on the router, and they use PPPoE to authenticate with their unique username and password. # Router Configuration: ## 1. **IP > DHCP Client:** - Create new DHCP Client for **ether1**: ![image|326x363](upload://qyMctHprXvZ7eM1BZz652VBJ2j6.png) ## 2. **PPP > PPPoE Servers:** - Create PPPoE server for **ether2** and **ether3**: ![image|379x342](upload://lJdrNBtftVC0BKHSvK2x4sAU7Rx.png) ## 3. **IP > Routes:** - Verify default route: ![image|365x153](upload://jELflljCINQwOlRTmNYMd5f82Ml.png) ## 4. **IP > DNS:** - Check **Allow Remote Requests**: ![image|386x396](upload://xXitbskG955yrfNvTAWdmpxSwcJ.png) ## 5. IP > Pool: - Create IP Pool to be used for pppoe clients: ![image|317x238](upload://6RuMm2r9flcaqioIuka1SoVtmhK.png) ## 6. IP > Firewall > NAT: - Add a **masquerade** rule for your IP Pool: ![image|690x203](upload://1rUwcSvS2rQpoIya09B09Waahh3.png) ## 7. PPP > Profiles: - Create a PPP profile. Select your **IP Pool** as remote address. Use **an IP outside the selected pool** for local address: ![image|382x191](upload://8I1RdHsVb7RQmTQBJxAPvgLHBUe.png) ## 8. PPP > Secrets: - Create a PPP secret with the previously created profile: ![image|387x163](upload://jBHfYotvsMqMFZoJABN90kILbqF.png) # Client Configuration: - On client router, select PPPoE as the WAN connection and enter the ppp username and password. ![image|690x242](upload://nUSEgsX4r3d9twXTZMwX3LCrOm4.png)
    21 days ago by
  • What is the Local Address in IP Pool config?
    The Local Address serves as **gateway address** on client-side. Since PPP is a one-to-one communication, the local address doesn't have to belong to any range. ![image|531x227](upload://pRktapsXDPIxmuUuDIYTeczAuac.png) The default local address ( works in most cases and doesn't need to be changed. Here's an example: - **IP Range:** - **Local Address:** ### PPPoE connection details: ![image|333x167](upload://qY75JgV5XfAksbf0FTeotY6crlF.png) ### Routes: ![image|635x75](upload://u26Qf0dfTHx7JHddw3u5GoaohLd.png) ### Conclusion As we can see, the example above with the gateway works despite that it does not belong to the same range.
    2 months ago by
  • Clean up unnecessary IP Pools
    Our previous default config created 4 IP pools. For a simpler management experience, we have narrowed the default IP pools config to just two: online-pool and offline-pool. If you happen to have 4 IP pools, no worries. This guide shows you how you can clean the unnecessary pools to simplify your configuration. # Two Steps ## 1. Edit the service plans - Log in as admin and go to Settings > Service Plans: ![image|234x137](upload://m5lpQnEK1nLN5et1yPVvSccSiQl.png) - Select a service plan: ![image|690x151](upload://9BJQHJOWJ0TfRwEHyeg8LK4RN7Q.png) - Instead of having default-blocked, default-ruleBlocked as separate pools, we will set them all to **default-expired** as displayed in the screenshot below: ![image|690x98](upload://524SGAHltEnQPGYxmKDndwdHFSF.png) **Repeat the steps for ALL your service plans.** ## 2. Delete the unused pools After that you have edited the IP pools section of all your service plans. - Go to Settings > IP Pools ![image|241x139](upload://ePwo9xtBLsi0SGcEXsXlVn49dkH.png) - Now we can delete **default-blocked** and **default-ruleBlocked** as shown in the screenshot below: ![image|618x309](upload://1J4rqYARA5C0AXzUT2bIlzz0m0V.png) ## Optional: Rename the expired pool to **offline-pool** - Select **default-expired** and click the edit button: ![image|614x340](upload://7Kj6lUBVUq1ugdPBERTEvhSoc4R.png) - Rename it to **offline-pool** and click Save Changes: ![image|690x275](upload://dCRoeGDOWpnEcvekOVOSrBLgkxe.png) Congratulations, you have cleaned up the unnecessary IP pools for a simpler management experience.
    21 days ago by
  • Rules ExplanationTom.2014
    Thanks for the explanation. I had an issue that was all my customers was masquerade behind the WAN IP of the router for all outbound traffic and not the WAN IP normaly assigned by Zima. I had to create a scrnat rules before the NAT rule to get back in the correct way. Now I disabled it and through zima disable NAT also and everything woks fine. Thanks Best Regards
    3 months ago by
  • Rules ExplanationTom.2014
    The Online pool has the option of NAT. If selected it takes care of updating the router with a masquerade rule that gives internet access for the online pool. If not selected, it will not be updated. Let us know if this was clear, and of you got any other questions.
    3 months ago by Support
  • Rules ExplanationTom.2014
    Thanks for your answer. But before to remove it, I would like to understand the purpose/role of this rules ? Thanks Best Regards
    3 months ago by
  • Rules ExplanationTom.2014
    Yes, in order to remove it: Go to /settings/IP Pools choose the active pool and edit it. Unselect the NAT option then save. Now this rule will not be synchronized to your router. Let us know if this answered your question.
    3 months ago by Support
  • Rules ExplanationTom.2014
    Hi there, I have a question about a firewall rules on a Mikrotik that is created automatically by zima :slight_smile: Chain : scrnat src address : ( the subnet of pppoe IP we assign to our customer) Action : masquerade Does it comes from zima cause when I try to delete it it comes automatically within 1 min ? What is it made for ? Thanks for your help Best Regards
    3 months ago by
  • FAQ: How to protect my router from API attacks?
    As a general rule, to protect your router from attacks, you simply need to block all the services that you are are not currently using. Here are the steps: ### 1. Go to **IP > Services**: ![image|445x320](upload://si2CpRVgHvvJOmWK80AFin4GIY6.png) ### 2. Disable any services that you are not using: ![image|443x316](upload://lon8EFW9Q5npYWgoKguEU4GDmY8.png) ### 3. API service config For the API section, you can block all access except for the local Zima VPN range so that Zima can still access the API safely. Here's how: Edit API service field Available From: as shown in the screenshot below: ![image|443x317](upload://y7VQODE0Bkc5wdH8TiEAnFcevpe.png) Congrats, you are done. Now your router is safe from unsolicited access and attacks.
    3 months ago by Documentation

How it works

Step 1: Connect Mikrotik

Step 2: Add Subscribers

Step 3: Manage

Quota Control

  • Specify daily, weekly, monthly quota consumption for clients
  • Multi-level bandwidth shaping to help prevent consumption abuse
  • Create FUP rules for peak time (Fair Usage Policy)
  • Specify higher rate limits at off-peak time (i.e. double, or triple speed after midnight)
  • Exclude traffic accounting during a certain time of day (i.e. free quota after midnight)
  • Specify speed on based on week day (i.e. faster speed on the weekend)
  • Create special service plans that are active during business hours only (i.e. blocked on weekends, and after 6PM on business days)

Consumption Graphs

  • Detailed consumptions graphs of your subscribers
  • Fitler using custom time ranges

Central Monitoring Page

  • Seemless control of your ISP from a single page
  • Block/unblock, and renew subscriptions
  • Quick search, and filtering by status (Active users, Expired, Expires-soon, Online, Offline)
  • Color codes (Online, Offline, Blocked, Expired)
  • Customize column visibility

More great features


Customize your company name, logo, currency, and sub-domain.

Role Based Access

Admin, reseller, sub-Resellers, and subscribers. Each reseller/sub-reseller manages their own list of subscribers, admin manages all.

MAC Auto Detect & Lock

Automatic binding of MAC address to subscriber on first connection. Reset MAC binding when a device is changed.

Accounting & Reports

Easy credits transactions. Customize your accounting reports. Export reports to CSV or Excel.

Cloud Based

No need for a server anymore. All you need is a Mikrotik router. Access your ISP from anywhere using your subdomain

Data Safety

Your data is stored safely, and kept private. No need to worry about data backup anymore.

Pricing Plans














Made For Mikrotik

Zima is fully compatible with Mikrotik (RouterOs). We are also enlisted among MFM (Made For Mikrotik)

Frequently Asked Questions

How can I install Zima?

Do I need any technical skills to setup Zima?

Do I need a public IP to use Zima?

Can I import my subscribers from other RADIUS systems to Zima?

How much time do I need to setup Zima, migrate my subscribers, and connect my routers?

Is there a limit for the number of subscribers I can add?

One of my routers has been damaged, and I need to replace it. How can I restore?

I manage 2 remote locations, with 2 separate networks. Do I need 2 licenses?

To Top