API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 6th, 2018
669
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.17 KB | None | 0 0
raw download clone embed print report
  1. # jun/06/2018 22:09:48 by RouterOS 6.42.3
  2. # software id = ***********
  3. #
  4. # model = CRS109-8G-1S-2HnD
  5. # serial number = ***********
  6. /interface bridge
  7. add admin-mac=64:D1:54:02:3F:38 auto-mac=no comment=defconf name=bridge
  8. /interface ethernet
  9. set [ find default-name=sfp1 ] disabled=yes
  10. /interface pppoe-client
  11. add add-default-route=yes default-route-distance=2 disabled=no interface=\
  12. ether1 keepalive-timeout=60 name=pppoe-out1 password=******* user=\
  13. *********
  14. /interface list
  15. add exclude=dynamic name=discover
  16. add name=mactel
  17. add name=mac-winbox
  18. add name=WAN
  19. /interface wireless security-profiles
  20. set [ find default=yes ] authentication-types=wpa2-psk mode=dynamic-keys \
  21. supplicant-identity=MikroTik wpa-pre-shared-key=*********** \
  22. wpa2-pre-shared-key=***********
  23. add authentication-types=wpa2-psk eap-methods="" mode=dynamic-keys name=Home \
  24. supplicant-identity=MikroTik wpa-pre-shared-key=*********** \
  25. wpa2-pre-shared-key="***********
  26. /interface wireless
  27. set [ find default-name=wlan1 ] band=2ghz-onlyn bridge-mode=disabled country=\
  28. russia default-authentication=no default-forwarding=no disabled=no \
  29. distance=indoors frequency=2427 frequency-mode=regulatory-domain mode=\
  30. ap-bridge radio-name=HOME_Z security-profile=Home ssid=Zengis \
  31. wireless-protocol=802.11 wps-mode=disabled
  32. /interface wireless nstreme
  33. set wlan1 enable-polling=no
  34. /ip pool
  35. add name=dhcp_pool1 ranges=192.168.88.2-192.168.88.254
  36. /ip dhcp-server
  37. add address-pool=dhcp_pool1 disabled=no interface=bridge name=dhcp1
  38. /ppp profile
  39. add change-tcp-mss=yes name=l2tp-client use-encryption=no use-upnp=no
  40. /interface l2tp-client
  41. add allow=mschap2 connect-to=*********** disabled=no ipsec-secret=\
  42. *********** keepalive-timeout=30 name=l2tp-out1 password=\
  43. *********** profile=l2tp-client use-ipsec=yes user=***********
  44. /snmp community
  45. set [ find default=yes ] addresses=0.0.0.0/0
  46. /user group
  47. set read policy="local,telnet,ssh,read,test,winbox,password,web,api,romon,tika\
  48. pp,!ftp,!reboot,!write,!policy,!sniff,!sensitive,!dude"
  49. /interface bridge port
  50. add bridge=bridge interface=ether3
  51. add bridge=bridge interface=ether4
  52. add bridge=bridge interface=ether2
  53. add bridge=bridge interface=ether5
  54. add bridge=bridge interface=ether6
  55. add bridge=bridge interface=ether7
  56. add bridge=bridge interface=ether8
  57. add bridge=bridge interface=wlan1
  58. /interface bridge settings
  59. set use-ip-firewall=yes
  60. /ip firewall connection tracking
  61. set tcp-unacked-timeout=15m
  62. /ip neighbor discovery-settings
  63. set discover-interface-list=discover
  64. /interface list member
  65. add interface=wlan1 list=discover
  66. add interface=ether2 list=discover
  67. add interface=ether3 list=discover
  68. add interface=ether4 list=discover
  69. add interface=ether5 list=discover
  70. add interface=ether6 list=discover
  71. add interface=ether7 list=discover
  72. add interface=ether8 list=discover
  73. add interface=sfp1 list=discover
  74. add interface=bridge list=discover
  75. add interface=ether2 list=mactel
  76. add interface=ether2 list=mac-winbox
  77. add interface=ether4 list=mac-winbox
  78. add interface=pppoe-out1 list=WAN
  79. /interface wireless access-list
  80. add
  81. add interface=wlan1
  82. add interface=wlan1
  83. /ip address
  84. add address=192.168.88.1/24 comment=defconf interface=bridge network=\
  85. 192.168.88.0
  86. /ip cloud
  87. set ddns-enabled=yes
  88. /ip dhcp-client
  89. add comment=defconf dhcp-options=hostname,clientid interface=ether1 \
  90. use-peer-dns=no use-peer-ntp=no
  91. /ip dhcp-server lease
  92. add address=192.168.88.91 mac-address=74:29:AF:F5:DE:29 server=dhcp1
  93. add address=192.168.88.66 mac-address=80:13:82:6F:09:1C server=dhcp1
  94. /ip dhcp-server network
  95. add address=192.168.88.0/24 comment=defconf dns-server=192.168.88.1,10.0.10.1 \
  96. gateway=192.168.88.1
  97. /ip dns
  98. set allow-remote-requests=yes cache-max-ttl=1d query-server-timeout=3s \
  99. servers=10.0.10.1
  100. /ip firewall address-list
  101. add address=0.0.0.0/8 list=BOGON
  102. add address=10.0.0.0/8 list=BOGON
  103. add address=100.64.0.0/10 list=BOGON
  104. add address=127.0.0.0/8 list=BOGON
  105. add address=169.254.0.0/16 list=BOGON
  106. add address=172.16.0.0/12 list=BOGON
  107. add address=192.0.0.0/24 list=BOGON
  108. add address=192.0.2.0/24 list=BOGON
  109. add address=192.168.0.0/16 list=BOGON
  110. add address=198.18.0.0/15 list=BOGON
  111. add address=198.51.100.0/24 list=BOGON
  112. add address=203.0.113.0/24 list=BOGON
  113. add address=224.0.0.0/4 list=BOGON
  114. /ip firewall filter
  115. add action=drop chain=input in-interface=ether1 src-address-list=BOGON
  116. add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
  117. connection-state=established,related
  118. add action=accept chain=forward comment="defconf: accept established,related" \
  119. connection-state=established,related,new
  120. add action=accept chain=input protocol=icmp
  121. add action=accept chain=input connection-state=established,related
  122. add action=drop chain=input connection-nat-state=!dstnat in-interface=\
  123. pppoe-out1
  124. add action=passthrough chain=forward connection-state=invalid log=yes
  125. add action=passthrough chain=forward connection-state=untracked
  126. add action=drop chain=forward comment="defconf: drop invalid" \
  127. connection-state=invalid,untracked
  128. /ip firewall nat
  129. add action=masquerade chain=srcnat comment="defconf: masquerade" \
  130. out-interface=pppoe-out1
  131. /ip route
  132. add distance=1 dst-address=13.52.0.0/14 gateway=10.0.10.1
  133. add distance=1 dst-address=18.196.0.0/15 gateway=10.0.10.1
  134. add distance=1 dst-address=34.192.0.0/10 gateway=10.0.10.1
  135. add distance=1 dst-address=35.156.0.0/14 gateway=10.0.10.1
  136. add distance=1 dst-address=35.160.0.0/13 gateway=10.0.10.1
  137. add distance=1 dst-address=35.176.0.0/15 gateway=10.0.10.1
  138. add distance=1 dst-address=35.184.0.0/13 gateway=10.0.10.1
  139. add distance=1 dst-address=35.192.0.0/12 gateway=10.0.10.1
  140. add distance=1 dst-address=35.208.0.0/12 gateway=10.0.10.1
  141. add distance=1 dst-address=35.224.0.0/12 gateway=10.0.10.1
  142. add distance=1 dst-address=52.0.0.0/11 gateway=10.0.10.1
  143. add distance=1 dst-address=52.28.0.0/15 gateway=10.0.10.1
  144. add distance=1 dst-address=52.58.0.0/15 gateway=10.0.10.1
  145. add distance=1 dst-address=52.192.0.0/11 gateway=10.0.10.1
  146. add distance=1 dst-address=52.208.0.0/13 gateway=10.0.10.1
  147. add distance=1 dst-address=54.72.0.0/15 gateway=10.0.10.1
  148. add distance=1 dst-address=54.88.0.0/16 gateway=10.0.10.1
  149. add distance=1 dst-address=54.160.0.0/12 gateway=10.0.10.1
  150. add distance=1 dst-address=54.228.0.0/15 gateway=10.0.10.1
  151. add distance=1 dst-address=68.171.224.0/19 gateway=10.0.10.1
  152. add distance=1 dst-address=74.82.64.0/19 gateway=10.0.10.1
  153. add distance=1 dst-address=91.108.4.0/22 gateway=10.0.10.1
  154. add distance=1 dst-address=91.108.8.0/22 gateway=10.0.10.1
  155. add distance=1 dst-address=91.108.12.0/22 gateway=10.0.10.1
  156. add distance=1 dst-address=91.108.16.0/22 gateway=10.0.10.1
  157. add distance=1 dst-address=91.108.56.0/22 gateway=10.0.10.1
  158. add distance=1 dst-address=103.246.200.0/22 gateway=10.0.10.1
  159. add distance=1 dst-address=104.20.226.0/24 gateway=10.0.10.1
  160. add distance=1 dst-address=104.20.227.0/24 gateway=10.0.10.1
  161. add distance=1 dst-address=109.239.140.0/24 gateway=10.0.10.1
  162. add distance=1 dst-address=149.154.160.0/22 gateway=10.0.10.1
  163. add distance=1 dst-address=149.154.164.0/22 gateway=10.0.10.1
  164. add distance=1 dst-address=149.154.168.0/22 gateway=10.0.10.1
  165. add distance=1 dst-address=149.154.172.0/22 gateway=10.0.10.1
  166. add distance=1 dst-address=178.239.88.0/21 gateway=10.0.10.1
  167. add distance=1 dst-address=203.104.128.0/20 gateway=10.0.10.1
  168. add distance=1 dst-address=203.104.144.0/21 gateway=10.0.10.1
  169. add distance=1 dst-address=203.104.152.0/22 gateway=10.0.10.1
  170. add distance=1 dst-address=216.18.168.0/24 gateway=10.0.10.1
  171. /ip service
  172. set telnet disabled=yes
  173. set ftp disabled=yes
  174. set www-ssl disabled=no
  175. set api disabled=yes
  176. set api-ssl disabled=yes
  177. /ip upnp
  178. set enabled=yes
  179. /ip upnp interfaces
  180. add interface=bridge type=internal
  181. add interface=pppoe-out1 type=external
  182. /lcd
  183. set default-screen=stats-all time-interval=hour
  184. /lcd interface pages
  185. set 0 interfaces=wlan1
  186. /system clock
  187. set time-zone-name=Europe/Moscow
  188. /system clock manual
  189. set time-zone=+03:00
  190. /system identity
  191. set name=Home_Z
  192. /system ntp client
  193. set enabled=yes primary-ntp=217.162.232.173 secondary-ntp=91.207.136.50
  194. /system routerboard settings
  195. set silent-boot=no
  196. /system routerboard usb
  197. set usb-mode=force-host
  198. /system watchdog
  199. set automatic-supout=no watchdog-timer=no
  200. /tool bandwidth-server
  201. set authenticate=no enabled=no
  202. /tool mac-server
  203. set allowed-interface-list=mactel
  204. /tool mac-server mac-winbox
  205. set allowed-interface-list=mac-winbox
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!