Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # jun/06/2018 22:09:48 by RouterOS 6.42.3
- # software id = ***********
- #
- # model = CRS109-8G-1S-2HnD
- # serial number = ***********
- /interface bridge
- add admin-mac=64:D1:54:02:3F:38 auto-mac=no comment=defconf name=bridge
- /interface ethernet
- set [ find default-name=sfp1 ] disabled=yes
- /interface pppoe-client
- add add-default-route=yes default-route-distance=2 disabled=no interface=\
- ether1 keepalive-timeout=60 name=pppoe-out1 password=******* user=\
- *********
- /interface list
- add exclude=dynamic name=discover
- add name=mactel
- add name=mac-winbox
- add name=WAN
- /interface wireless security-profiles
- set [ find default=yes ] authentication-types=wpa2-psk mode=dynamic-keys \
- supplicant-identity=MikroTik wpa-pre-shared-key=*********** \
- wpa2-pre-shared-key=***********
- add authentication-types=wpa2-psk eap-methods="" mode=dynamic-keys name=Home \
- supplicant-identity=MikroTik wpa-pre-shared-key=*********** \
- wpa2-pre-shared-key="***********
- /interface wireless
- set [ find default-name=wlan1 ] band=2ghz-onlyn bridge-mode=disabled country=\
- russia default-authentication=no default-forwarding=no disabled=no \
- distance=indoors frequency=2427 frequency-mode=regulatory-domain mode=\
- ap-bridge radio-name=HOME_Z security-profile=Home ssid=Zengis \
- wireless-protocol=802.11 wps-mode=disabled
- /interface wireless nstreme
- set wlan1 enable-polling=no
- /ip pool
- add name=dhcp_pool1 ranges=192.168.88.2-192.168.88.254
- /ip dhcp-server
- add address-pool=dhcp_pool1 disabled=no interface=bridge name=dhcp1
- /ppp profile
- add change-tcp-mss=yes name=l2tp-client use-encryption=no use-upnp=no
- /interface l2tp-client
- add allow=mschap2 connect-to=*********** disabled=no ipsec-secret=\
- *********** keepalive-timeout=30 name=l2tp-out1 password=\
- *********** profile=l2tp-client use-ipsec=yes user=***********
- /snmp community
- set [ find default=yes ] addresses=0.0.0.0/0
- /user group
- set read policy="local,telnet,ssh,read,test,winbox,password,web,api,romon,tika\
- pp,!ftp,!reboot,!write,!policy,!sniff,!sensitive,!dude"
- /interface bridge port
- add bridge=bridge interface=ether3
- add bridge=bridge interface=ether4
- add bridge=bridge interface=ether2
- add bridge=bridge interface=ether5
- add bridge=bridge interface=ether6
- add bridge=bridge interface=ether7
- add bridge=bridge interface=ether8
- add bridge=bridge interface=wlan1
- /interface bridge settings
- set use-ip-firewall=yes
- /ip firewall connection tracking
- set tcp-unacked-timeout=15m
- /ip neighbor discovery-settings
- set discover-interface-list=discover
- /interface list member
- add interface=wlan1 list=discover
- add interface=ether2 list=discover
- add interface=ether3 list=discover
- add interface=ether4 list=discover
- add interface=ether5 list=discover
- add interface=ether6 list=discover
- add interface=ether7 list=discover
- add interface=ether8 list=discover
- add interface=sfp1 list=discover
- add interface=bridge list=discover
- add interface=ether2 list=mactel
- add interface=ether2 list=mac-winbox
- add interface=ether4 list=mac-winbox
- add interface=pppoe-out1 list=WAN
- /interface wireless access-list
- add
- add interface=wlan1
- add interface=wlan1
- /ip address
- add address=192.168.88.1/24 comment=defconf interface=bridge network=\
- 192.168.88.0
- /ip cloud
- set ddns-enabled=yes
- /ip dhcp-client
- add comment=defconf dhcp-options=hostname,clientid interface=ether1 \
- use-peer-dns=no use-peer-ntp=no
- /ip dhcp-server lease
- add address=192.168.88.91 mac-address=74:29:AF:F5:DE:29 server=dhcp1
- add address=192.168.88.66 mac-address=80:13:82:6F:09:1C server=dhcp1
- /ip dhcp-server network
- add address=192.168.88.0/24 comment=defconf dns-server=192.168.88.1,10.0.10.1 \
- gateway=192.168.88.1
- /ip dns
- set allow-remote-requests=yes cache-max-ttl=1d query-server-timeout=3s \
- servers=10.0.10.1
- /ip firewall address-list
- add address=0.0.0.0/8 list=BOGON
- add address=10.0.0.0/8 list=BOGON
- add address=100.64.0.0/10 list=BOGON
- add address=127.0.0.0/8 list=BOGON
- add address=169.254.0.0/16 list=BOGON
- add address=172.16.0.0/12 list=BOGON
- add address=192.0.0.0/24 list=BOGON
- add address=192.0.2.0/24 list=BOGON
- add address=192.168.0.0/16 list=BOGON
- add address=198.18.0.0/15 list=BOGON
- add address=198.51.100.0/24 list=BOGON
- add address=203.0.113.0/24 list=BOGON
- add address=224.0.0.0/4 list=BOGON
- /ip firewall filter
- add action=drop chain=input in-interface=ether1 src-address-list=BOGON
- add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
- connection-state=established,related
- add action=accept chain=forward comment="defconf: accept established,related" \
- connection-state=established,related,new
- add action=accept chain=input protocol=icmp
- add action=accept chain=input connection-state=established,related
- add action=drop chain=input connection-nat-state=!dstnat in-interface=\
- pppoe-out1
- add action=passthrough chain=forward connection-state=invalid log=yes
- add action=passthrough chain=forward connection-state=untracked
- add action=drop chain=forward comment="defconf: drop invalid" \
- connection-state=invalid,untracked
- /ip firewall nat
- add action=masquerade chain=srcnat comment="defconf: masquerade" \
- out-interface=pppoe-out1
- /ip route
- add distance=1 dst-address=13.52.0.0/14 gateway=10.0.10.1
- add distance=1 dst-address=18.196.0.0/15 gateway=10.0.10.1
- add distance=1 dst-address=34.192.0.0/10 gateway=10.0.10.1
- add distance=1 dst-address=35.156.0.0/14 gateway=10.0.10.1
- add distance=1 dst-address=35.160.0.0/13 gateway=10.0.10.1
- add distance=1 dst-address=35.176.0.0/15 gateway=10.0.10.1
- add distance=1 dst-address=35.184.0.0/13 gateway=10.0.10.1
- add distance=1 dst-address=35.192.0.0/12 gateway=10.0.10.1
- add distance=1 dst-address=35.208.0.0/12 gateway=10.0.10.1
- add distance=1 dst-address=35.224.0.0/12 gateway=10.0.10.1
- add distance=1 dst-address=52.0.0.0/11 gateway=10.0.10.1
- add distance=1 dst-address=52.28.0.0/15 gateway=10.0.10.1
- add distance=1 dst-address=52.58.0.0/15 gateway=10.0.10.1
- add distance=1 dst-address=52.192.0.0/11 gateway=10.0.10.1
- add distance=1 dst-address=52.208.0.0/13 gateway=10.0.10.1
- add distance=1 dst-address=54.72.0.0/15 gateway=10.0.10.1
- add distance=1 dst-address=54.88.0.0/16 gateway=10.0.10.1
- add distance=1 dst-address=54.160.0.0/12 gateway=10.0.10.1
- add distance=1 dst-address=54.228.0.0/15 gateway=10.0.10.1
- add distance=1 dst-address=68.171.224.0/19 gateway=10.0.10.1
- add distance=1 dst-address=74.82.64.0/19 gateway=10.0.10.1
- add distance=1 dst-address=91.108.4.0/22 gateway=10.0.10.1
- add distance=1 dst-address=91.108.8.0/22 gateway=10.0.10.1
- add distance=1 dst-address=91.108.12.0/22 gateway=10.0.10.1
- add distance=1 dst-address=91.108.16.0/22 gateway=10.0.10.1
- add distance=1 dst-address=91.108.56.0/22 gateway=10.0.10.1
- add distance=1 dst-address=103.246.200.0/22 gateway=10.0.10.1
- add distance=1 dst-address=104.20.226.0/24 gateway=10.0.10.1
- add distance=1 dst-address=104.20.227.0/24 gateway=10.0.10.1
- add distance=1 dst-address=109.239.140.0/24 gateway=10.0.10.1
- add distance=1 dst-address=149.154.160.0/22 gateway=10.0.10.1
- add distance=1 dst-address=149.154.164.0/22 gateway=10.0.10.1
- add distance=1 dst-address=149.154.168.0/22 gateway=10.0.10.1
- add distance=1 dst-address=149.154.172.0/22 gateway=10.0.10.1
- add distance=1 dst-address=178.239.88.0/21 gateway=10.0.10.1
- add distance=1 dst-address=203.104.128.0/20 gateway=10.0.10.1
- add distance=1 dst-address=203.104.144.0/21 gateway=10.0.10.1
- add distance=1 dst-address=203.104.152.0/22 gateway=10.0.10.1
- add distance=1 dst-address=216.18.168.0/24 gateway=10.0.10.1
- /ip service
- set telnet disabled=yes
- set ftp disabled=yes
- set www-ssl disabled=no
- set api disabled=yes
- set api-ssl disabled=yes
- /ip upnp
- set enabled=yes
- /ip upnp interfaces
- add interface=bridge type=internal
- add interface=pppoe-out1 type=external
- /lcd
- set default-screen=stats-all time-interval=hour
- /lcd interface pages
- set 0 interfaces=wlan1
- /system clock
- set time-zone-name=Europe/Moscow
- /system clock manual
- set time-zone=+03:00
- /system identity
- set name=Home_Z
- /system ntp client
- set enabled=yes primary-ntp=217.162.232.173 secondary-ntp=91.207.136.50
- /system routerboard settings
- set silent-boot=no
- /system routerboard usb
- set usb-mode=force-host
- /system watchdog
- set automatic-supout=no watchdog-timer=no
- /tool bandwidth-server
- set authenticate=no enabled=no
- /tool mac-server
- set allowed-interface-list=mactel
- /tool mac-server mac-winbox
- set allowed-interface-list=mac-winbox
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement