Untitled

# mar/21/2017 15:17:56 by RouterOS 6.38.4
# software id = U05N-G90F
#
/interface bridge
add name=bridge1
/interface ethernet
set [ find default-name=ether1 ] name=WAN1
set [ find default-name=ether2 ] name=WAN2
/interface pppoe-client
add add-default-route=yes disabled=no interface=WAN1 name=pppoe-out1 \
    password=pass use-peer-dns=yes user=user
add add-default-route=yes disabled=no interface=WAN2 name=pppoe-out2 \
    password=pass use-peer-dns=yes user=user
/interface l2tp-client
add connect-to=mtvpn.gotdns.com name=l2tp-to-hq password=Branch-l2tp user=\
    branch1-l2p
/interface pptp-server
add name=pptp-in1 user=""
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_pool1 ranges=192.168.21.50-192.168.21.254
/ip dhcp-server
add address-pool=dhcp_pool1 disabled=no interface=bridge1 lease-time=1d10m \
    name=dhcp1
/ppp profile
add change-tcp-mss=yes dns-server=8.8.8.8 local-address=192.168.20.1 name=\
    profile1 remote-address=192.168.21.49 use-encryption=yes
add change-tcp-mss=yes dns-server=8.8.8.8 local-address=192.168.21.1 name=\
    pptp-server remote-address=192.168.21.49 use-encryption=yes
/interface bridge port
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ether5
/interface pptp-server server
set authentication=pap,chap,mschap1,mschap2 default-profile=profile1 enabled=\
    yes
/ip address
add address=192.168.21.1/24 interface=bridge1 network=192.168.21.0
/ip cloud
set ddns-enabled=yes
/ip dhcp-client
add default-route-distance=0 dhcp-options=hostname,clientid disabled=no \
    interface=WAN2
/ip dhcp-server network
add address=192.168.20.0/24 gateway=192.168.20.1
add address=192.168.21.0/24 dns-server=110.164.252.222,110.164.252.223 \
    gateway=192.168.21.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip firewall address-list
add address=192.168.21.0/24 list=LAN
/ip firewall mangle
add action=accept chain=prerouting in-interface=pppoe-out1
add action=accept chain=prerouting in-interface=pppoe-out2
add action=mark-connection chain=prerouting comment=3bb-wan2 \
    dst-address-type=!local new-connection-mark=wan1_conn passthrough=yes \
    per-connection-classifier=both-addresses-and-ports:2/0 src-address=\
    192.168.21.0/24
add action=mark-connection chain=prerouting comment=3bb-wan1 \
    dst-address-type=!local new-connection-mark=wan2_conn passthrough=yes \
    per-connection-classifier=both-addresses-and-ports:2/1 src-address=\
    192.168.21.0/24
add action=mark-routing chain=prerouting comment=wan1 connection-mark=\
    wan1_conn new-routing-mark=to_wan1 passthrough=yes src-address=\
    192.168.21.0/24
add action=mark-routing chain=prerouting comment=wan2 connection-mark=\
    wan2_conn new-routing-mark=to_wan2 passthrough=yes src-address=\
    192.168.21.0/24
/ip firewall nat
add action=masquerade chain=srcnat comment=HairpinNAT out-interface=bridge1 \
    src-address-list=LAN
add action=dst-nat chain=dstnat dst-address-type=local dst-port=88 protocol=\
    tcp src-address-list=LAN to-addresses=192.168.21.21 to-ports=88
add action=dst-nat chain=dstnat dst-address-type=local dst-port=37777 \
    protocol=tcp src-address-list=LAN to-addresses=192.168.21.20 to-ports=\
    37777
add action=dst-nat chain=dstnat dst-address-type=local dst-port=8000 \
    protocol=tcp src-address-list=LAN to-addresses=192.168.21.20 to-ports=\
    8000
add action=dst-nat chain=dstnat dst-address-type=local dst-port=6036 \
    protocol=tcp src-address-list=LAN to-addresses=192.168.21.21 to-ports=\
    6036
add action=dst-nat chain=dstnat comment=Normal dst-port=88 in-interface=\
    pppoe-out1 protocol=tcp to-addresses=192.168.21.21 to-ports=88
add action=dst-nat chain=dstnat dst-port=37777 in-interface=pppoe-out1 \
    protocol=tcp to-addresses=192.168.21.20 to-ports=37777
add action=dst-nat chain=dstnat dst-port=8000 in-interface=pppoe-out1 \
    protocol=tcp to-addresses=192.168.21.20 to-ports=8000
add action=dst-nat chain=dstnat dst-port=6036 in-interface=pppoe-out1 \
    protocol=tcp to-addresses=192.168.21.21 to-ports=6036
add action=masquerade chain=srcnat comment="nat pppoE wan2" out-interface=\
    pppoe-out1
add action=masquerade chain=srcnat comment="nat pppoEwan1" out-interface=\
    pppoe-out2
/ip route
add check-gateway=ping comment=route1 distance=1 gateway=pppoe-out1 \
    routing-mark=to_wan1
add check-gateway=ping comment=route2 distance=1 gateway=pppoe-out2 \
    routing-mark=to_wan2
add check-gateway=ping comment=router11 distance=1 gateway=pppoe-out1
add check-gateway=ping comment=router22 distance=1 gateway=pppoe-out2
add distance=1 dst-address=192.168.0.0/24 gateway=l2tp-to-hq
/ip service
set telnet disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/ppp secret
add local-address=192.168.21.1 name=vvee421245 password=gtHy221y55 profile=\
    profile1 remote-address=192.168.21.49 service=pptp
add local-address=192.168.21.1 name=pptp-server password=pptp-server profile=\
    pptp-server remote-address=192.168.21.49 service=pptp
/system clock
set time-zone-name=Asia/Bangkok
/system identity
set name=Jasmin
/system scheduler
add interval=1d name=system-reboot on-event=system-reboot policy=\
    reboot,read,write start-date=nov/06/2012 start-time=03:00:00
add disabled=yes interval=1m name=dyn on-event="/system script run dyn" \
    policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
    start-date=feb/02/2017 start-time=04:17:34
/system script
add name=system-reboot owner=tzmt policy=reboot source="/system reboot"