API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 10th, 2021
446
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.76 KB | None | 0 0
raw download clone embed print report
  1. # mar/11/2021 02:10:48 by RouterOS 6.48.1
  2. # software id = R3KG-R4TR
  3. #
  4. # model = CRS328-24P-4S+
  5. # serial number = D7610CBB0426
  6. /interface ethernet
  7. set [ find default-name=ether8 ] comment=ap3
  8. set [ find default-name=ether10 ] comment=3.2
  9. set [ find default-name=ether12 ] comment=4.1
  10. set [ find default-name=ether21 ] comment=ap4
  11. set [ find default-name=ether22 ] comment=ap1
  12. set [ find default-name=ether23 ] comment=sw2
  13. set [ find default-name=ether24 ] comment=router
  14. /interface bridge
  15. add admin-mac=48:8F:5A:6D:D0:AA auto-mac=no name=bridge pvid=70 vlan-filtering=yes
  16. /interface vlan
  17. add comment=voip interface=bridge loop-protect=on name=vlan50.bridge vlan-id=50
  18. add comment="mgmt vlan" interface=bridge loop-protect=on name=vlan70.bridge vlan-id=70
  19. /interface list add name=discovery
  20. /interface wireless security-profiles
  21. set [ find default=yes ] supplicant-identity=MikroTik
  22. /system logging action set 0 memory-lines=10001
  23. /user group
  24. set full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,pas\
  25. sword,web,sniff,sensitive,api,romon,dude,tikapp"
  26. /interface bridge port
  27. add bridge=bridge comment=defconf interface=ether1
  28. add bridge=bridge comment=defconf interface=ether2
  29. add bridge=bridge comment=defconf interface=ether3
  30. add bridge=bridge comment=defconf interface=ether4
  31. add bridge=bridge comment=defconf interface=ether5
  32. add bridge=bridge comment=defconf interface=ether6
  33. add bridge=bridge comment=defconf interface=ether7
  34. add bridge=bridge comment=defconf interface=ether8
  35. add bridge=bridge comment=defconf interface=ether9
  36. add bridge=bridge comment=defconf hw=no interface=ether10 #disabled to view traffic
  37. add bridge=bridge comment=defconf interface=ether11
  38. add bridge=bridge comment=defconf interface=ether12
  39. add bridge=bridge comment=defconf interface=ether13
  40. add bridge=bridge comment=defconf interface=ether14
  41. add bridge=bridge comment=defconf interface=ether15
  42. add bridge=bridge comment=defconf interface=ether16
  43. add bridge=bridge comment=defconf interface=ether17
  44. add bridge=bridge comment=defconf interface=ether18
  45. add bridge=bridge comment=defconf interface=ether19
  46. add bridge=bridge comment=defconf interface=ether20
  47. add bridge=bridge comment=defconf interface=ether21
  48. add bridge=bridge comment=defconf interface=ether22
  49. add bridge=bridge comment=defconf interface=ether23
  50. add bridge=bridge comment=defconf interface=ether24
  51. add bridge=bridge comment=defconf interface=sfp-sfpplus1
  52. add bridge=bridge comment=defconf interface=sfp-sfpplus2
  53. add bridge=bridge comment=defconf interface=sfp-sfpplus3
  54. add bridge=bridge comment=defconf interface=sfp-sfpplus4
  55.  
  56. /ip neighbor discovery-settings set discover-interface-list=discovery
  57. /interface bridge vlan
  58. add bridge=bridge tagged=bridge,ether24,ether23,ether22,ether21,ether8 \
  59. vlan-ids=70
  60. add bridge=bridge tagged="ether1,ether2,ether3,ether4,ether5,ether6,ether7,eth\
  61. er8,ether9,ether10,ether11,ether12,ether13,ether14,ether15,ether16,ether17\
  62. ,ether18,ether19,ether20,ether21,ether22,ether23,ether24,bridge" \
  63. vlan-ids=50
  64. /interface list member
  65. add interface=vlan70.bridge list=discovery
  66. add disabled=yes interface=bridge list=discovery
  67. /ip address
  68. add address=192.168.70.2/27 interface=vlan70.bridge network=192.168.70.0
  69. add address=192.168.50.11/26 interface=vlan50.bridge network=192.168.50.0
  70. /ip dhcp-client
  71. add interface=bridge
  72. add interface=vlan50.bridge
  73. /ip dns set servers=192.168.10.1
  74.  
  75. /ip firewall address-list
  76. add address=192.168.90.1 list=trusted
  77. add address=192.168.80.1 list=trusted
  78. add address=192.168.70.0/27 list=trusted
  79. add address=192.168.10.0/25 list=trusted
  80. add address=192.168.30.128/25 list=trusted
  81. /ip firewall filter
  82. add action=passthrough chain=input
  83. add action=accept chain=input disabled=yes src-address-list=trusted
  84. add action=accept chain=input connection-state=established,related disabled=yes
  85. add action=accept chain=input disabled=yes dst-port=5678 in-interface=vlan70.bridge protocol=udp src-port=5678
  86. add action=passthrough chain=forward disabled=yes
  87. add action=accept chain=output disabled=yes dst-port=5678 out-interface=vlan70.bridge protocol=udp src-port=5678
  88. add action=drop chain=output disabled=yes dst-port=5678 protocol=udp src-port=5678
  89. add action=drop chain=input disabled=yes
  90. /ip route add distance=1 gateway=192.168.70.1
  91. /ip service
  92. set telnet disabled=yes
  93. set ftp disabled=yes
  94. set www disabled=yes
  95. set ssh disabled=yes
  96. set api disabled=yes
  97. set winbox port=7680
  98. set api-ssl disabled=yes
  99. /snmp set enabled=yes trap-generators="" trap-target=192.168.90.1 trap-version=2
  100. /system clock set time-zone-name=Europe/Moscow
  101. /system identity set name=switch_upper
  102. /system ntp client set enabled=yes primary-ntp=5.39.184.12 secondary-ntp=64.99.80.121 server-dns-names=pool.ntp.org
  103. /system routerboard settings set boot-os=router-os
  104.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!