Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # mar/21/2017 15:17:56 by RouterOS 6.38.4
- # software id = U05N-G90F
- #
- /interface bridge
- add name=bridge1
- /interface ethernet
- set [ find default-name=ether1 ] name=WAN1
- set [ find default-name=ether2 ] name=WAN2
- /interface pppoe-client
- add add-default-route=yes disabled=no interface=WAN1 name=pppoe-out1 \
- password=pass use-peer-dns=yes user=user
- add add-default-route=yes disabled=no interface=WAN2 name=pppoe-out2 \
- password=pass use-peer-dns=yes user=user
- /interface l2tp-client
- add connect-to=mtvpn.gotdns.com name=l2tp-to-hq password=Branch-l2tp user=\
- branch1-l2p
- /interface pptp-server
- add name=pptp-in1 user=""
- /interface wireless security-profiles
- set [ find default=yes ] supplicant-identity=MikroTik
- /ip pool
- add name=dhcp_pool1 ranges=192.168.21.50-192.168.21.254
- /ip dhcp-server
- add address-pool=dhcp_pool1 disabled=no interface=bridge1 lease-time=1d10m \
- name=dhcp1
- /ppp profile
- add change-tcp-mss=yes dns-server=8.8.8.8 local-address=192.168.20.1 name=\
- profile1 remote-address=192.168.21.49 use-encryption=yes
- add change-tcp-mss=yes dns-server=8.8.8.8 local-address=192.168.21.1 name=\
- pptp-server remote-address=192.168.21.49 use-encryption=yes
- /interface bridge port
- add bridge=bridge1 interface=ether3
- add bridge=bridge1 interface=ether4
- add bridge=bridge1 interface=ether5
- /interface pptp-server server
- set authentication=pap,chap,mschap1,mschap2 default-profile=profile1 enabled=\
- yes
- /ip address
- add address=192.168.21.1/24 interface=bridge1 network=192.168.21.0
- /ip cloud
- set ddns-enabled=yes
- /ip dhcp-client
- add default-route-distance=0 dhcp-options=hostname,clientid disabled=no \
- interface=WAN2
- /ip dhcp-server network
- add address=192.168.20.0/24 gateway=192.168.20.1
- add address=192.168.21.0/24 dns-server=110.164.252.222,110.164.252.223 \
- gateway=192.168.21.1
- /ip dns
- set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
- /ip firewall address-list
- add address=192.168.21.0/24 list=LAN
- /ip firewall mangle
- add action=accept chain=prerouting in-interface=pppoe-out1
- add action=accept chain=prerouting in-interface=pppoe-out2
- add action=mark-connection chain=prerouting comment=3bb-wan2 \
- dst-address-type=!local new-connection-mark=wan1_conn passthrough=yes \
- per-connection-classifier=both-addresses-and-ports:2/0 src-address=\
- 192.168.21.0/24
- add action=mark-connection chain=prerouting comment=3bb-wan1 \
- dst-address-type=!local new-connection-mark=wan2_conn passthrough=yes \
- per-connection-classifier=both-addresses-and-ports:2/1 src-address=\
- 192.168.21.0/24
- add action=mark-routing chain=prerouting comment=wan1 connection-mark=\
- wan1_conn new-routing-mark=to_wan1 passthrough=yes src-address=\
- 192.168.21.0/24
- add action=mark-routing chain=prerouting comment=wan2 connection-mark=\
- wan2_conn new-routing-mark=to_wan2 passthrough=yes src-address=\
- 192.168.21.0/24
- /ip firewall nat
- add action=masquerade chain=srcnat comment=HairpinNAT out-interface=bridge1 \
- src-address-list=LAN
- add action=dst-nat chain=dstnat dst-address-type=local dst-port=88 protocol=\
- tcp src-address-list=LAN to-addresses=192.168.21.21 to-ports=88
- add action=dst-nat chain=dstnat dst-address-type=local dst-port=37777 \
- protocol=tcp src-address-list=LAN to-addresses=192.168.21.20 to-ports=\
- 37777
- add action=dst-nat chain=dstnat dst-address-type=local dst-port=8000 \
- protocol=tcp src-address-list=LAN to-addresses=192.168.21.20 to-ports=\
- 8000
- add action=dst-nat chain=dstnat dst-address-type=local dst-port=6036 \
- protocol=tcp src-address-list=LAN to-addresses=192.168.21.21 to-ports=\
- 6036
- add action=dst-nat chain=dstnat comment=Normal dst-port=88 in-interface=\
- pppoe-out1 protocol=tcp to-addresses=192.168.21.21 to-ports=88
- add action=dst-nat chain=dstnat dst-port=37777 in-interface=pppoe-out1 \
- protocol=tcp to-addresses=192.168.21.20 to-ports=37777
- add action=dst-nat chain=dstnat dst-port=8000 in-interface=pppoe-out1 \
- protocol=tcp to-addresses=192.168.21.20 to-ports=8000
- add action=dst-nat chain=dstnat dst-port=6036 in-interface=pppoe-out1 \
- protocol=tcp to-addresses=192.168.21.21 to-ports=6036
- add action=masquerade chain=srcnat comment="nat pppoE wan2" out-interface=\
- pppoe-out1
- add action=masquerade chain=srcnat comment="nat pppoEwan1" out-interface=\
- pppoe-out2
- /ip route
- add check-gateway=ping comment=route1 distance=1 gateway=pppoe-out1 \
- routing-mark=to_wan1
- add check-gateway=ping comment=route2 distance=1 gateway=pppoe-out2 \
- routing-mark=to_wan2
- add check-gateway=ping comment=router11 distance=1 gateway=pppoe-out1
- add check-gateway=ping comment=router22 distance=1 gateway=pppoe-out2
- add distance=1 dst-address=192.168.0.0/24 gateway=l2tp-to-hq
- /ip service
- set telnet disabled=yes
- set www disabled=yes
- set ssh disabled=yes
- set api disabled=yes
- set api-ssl disabled=yes
- /ppp secret
- add local-address=192.168.21.1 name=vvee421245 password=gtHy221y55 profile=\
- profile1 remote-address=192.168.21.49 service=pptp
- add local-address=192.168.21.1 name=pptp-server password=pptp-server profile=\
- pptp-server remote-address=192.168.21.49 service=pptp
- /system clock
- set time-zone-name=Asia/Bangkok
- /system identity
- set name=Jasmin
- /system scheduler
- add interval=1d name=system-reboot on-event=system-reboot policy=\
- reboot,read,write start-date=nov/06/2012 start-time=03:00:00
- add disabled=yes interval=1m name=dyn on-event="/system script run dyn" \
- policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
- start-date=feb/02/2017 start-time=04:17:34
- /system script
- add name=system-reboot owner=tzmt policy=reboot source="/system reboot"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement