API tools faq
paste
Advertisement
a_ozhegov

hAP1-test-issues

a_ozhegov
Feb 21st, 2019
439
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.56 KB | None | 0 0
raw download clone embed print report
  1. # feb/21/2019 10:35:32 by RouterOS 6.43.12
  2. # software id = 637D-459X
  3. #
  4. # model = 951Ui-2nD
  5. # serial number = 71A3066E9DAC
  6. /caps-man channel
  7. add band=2ghz-onlyn control-channel-width=20mhz extension-channel=XX \
  8. frequency=2422,2457,2467 name=channel3-10-12 tx-power=10
  9. /interface bridge
  10. add admin-mac=6C:3B:6B:A2:FA:7A auto-mac=no comment=defconf name=bridge
  11. /interface wireless
  12. # managed by CAPsMAN
  13. # channel: 2422/20-Ce/gn(10dBm), SSID: Test-1, CAPsMAN forwarding
  14. set [ find default-name=wlan1 ] band=2ghz-onlyn channel-width=20/40mhz-XX \
  15. country=russia distance=indoors frequency=auto ssid="" wireless-protocol=\
  16. 802.11
  17. /caps-man interface
  18. add disabled=no mac-address=00:00:00:00:00:00 master-interface=none name=cap1 \
  19. radio-mac=00:00:00:00:00:00
  20. /caps-man datapath
  21. add bridge=bridge client-to-client-forwarding=yes name=datapath1
  22. /caps-man security
  23. add authentication-types=wpa2-psk encryption=aes-ccm,tkip group-encryption=\
  24. aes-ccm name=security1 passphrase=tCUDtUJkWd
  25. /caps-man configuration
  26. add channel=channel3-10-12 datapath=datapath1 mode=ap name=cfg1 rx-chains=\
  27. 0,1,2 security=security1 ssid=Test-1 tx-chains=0,1,2
  28. /interface list
  29. add comment=defconf name=WAN
  30. add comment=defconf name=LAN
  31. /interface wireless security-profiles
  32. set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk mode=\
  33. dynamic-keys supplicant-identity=MikroTik wpa-pre-shared-key=tCUDtUJkWd \
  34. wpa2-pre-shared-key=tCUDtUJkWd
  35. /ip hotspot profile
  36. set [ find default=yes ] html-directory=flash/hotspot
  37. /ip pool
  38. add name=dhcp ranges=192.168.10.10-192.168.10.254
  39. /ip dhcp-server
  40. add address-pool=dhcp disabled=no interface=bridge name=defconf
  41. /caps-man manager
  42. set enabled=yes
  43. /caps-man provisioning
  44. add action=create-dynamic-enabled master-configuration=cfg1
  45. /interface bridge port
  46. add bridge=bridge comment=defconf interface=ether2
  47. add bridge=bridge comment=defconf interface=ether3
  48. add bridge=bridge comment=defconf interface=ether4
  49. add bridge=bridge comment=defconf interface=ether5
  50. add bridge=bridge comment=defconf interface=wlan1
  51. /ip neighbor discovery-settings
  52. set discover-interface-list=LAN
  53. /interface list member
  54. add interface=wlan1 list=WAN
  55. add interface=ether1 list=LAN
  56. add interface=ether2 list=LAN
  57. add interface=ether3 list=LAN
  58. add interface=ether4 list=LAN
  59. add interface=ether5 list=LAN
  60. /interface wireless cap
  61. #
  62. set bridge=bridge caps-man-addresses=127.0.0.1 discovery-interfaces=bridge \
  63. enabled=yes interfaces=wlan1
  64. /ip address
  65. add address=192.168.10.1/24 comment=defconf interface=bridge network=\
  66. 192.168.10.0
  67. /ip dhcp-client
  68. add comment=defconf dhcp-options=hostname,clientid disabled=no interface=\
  69. ether1
  70. /ip dhcp-server network
  71. add address=192.168.10.0/24 comment=defconf dns-server=192.168.10.1,1.1.1.1 \
  72. gateway=192.168.10.1 netmask=24
  73. /ip dns
  74. set allow-remote-requests=yes
  75. /ip dns static
  76. add address=192.168.10.1 name=router.lan
  77. /ip firewall filter
  78. add action=accept chain=input comment=\
  79. "defconf: accept established,related,untracked" connection-state=\
  80. established,related,untracked
  81. add action=drop chain=input comment="defconf: drop invalid" connection-state=\
  82. invalid disabled=yes
  83. add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
  84. add action=drop chain=input comment="defconf: drop all not coming from LAN" \
  85. disabled=yes in-interface-list=!LAN
  86. add action=accept chain=forward comment="defconf: accept in ipsec policy" \
  87. ipsec-policy=in,ipsec
  88. add action=accept chain=forward comment="defconf: accept out ipsec policy" \
  89. ipsec-policy=out,ipsec
  90. add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
  91. connection-state=established,related
  92. add action=accept chain=forward comment=\
  93. "defconf: accept established,related, untracked" connection-state=\
  94. established,related,untracked
  95. add action=drop chain=forward comment="defconf: drop invalid" \
  96. connection-state=invalid disabled=yes
  97. add action=drop chain=forward comment=\
  98. "defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
  99. connection-state=new in-interface-list=WAN
  100. /ip firewall nat
  101. add action=masquerade chain=srcnat comment="defconf: masquerade" \
  102. ipsec-policy=out,none out-interface-list=WAN
  103. /ip upnp
  104. set enabled=yes
  105. /ip upnp interfaces
  106. add interface=bridge type=internal
  107. add interface=ether1 type=external
  108. /system clock
  109. set time-zone-autodetect=no time-zone-name=Europe/Moscow
  110. /system identity
  111. set name=hAP1
  112. /tool mac-server
  113. set allowed-interface-list=LAN
  114. /tool mac-server mac-winbox
  115. set allowed-interface-list=LAN
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!