API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 26th, 2017
98
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 13.33 KB | None | 0 0
raw download clone embed print report
  1. # jun/26/2017 13:17:36 by RouterOS 6.30.4
  2. # software id = HBRI-IJDB
  3. #
  4. /interface bridge
  5. add name="GuestAP Bridge"
  6. add admin-mac=E4:8D:8C:59:E6:D8 auto-mac=no name=bridge-local
  7. /interface ethernet
  8. set [ find default-name=ether1 ] comment="DHCP from Charter Reset ever 5 min." \
  9. name="ether1-gateway Charter WAN"
  10. set [ find default-name=ether2 ] name=ether2-master-local
  11. set [ find default-name=ether3 ] comment="DHCP from Trash every 5 min." name=\
  12. "ether3- DSL WAN"
  13. set [ find default-name=ether4 ] master-port=ether2-master-local name=\
  14. ether4-slave-local
  15. set [ find default-name=ether5 ] master-port=ether2-master-local name=\
  16. ether5-slave-local
  17. set [ find default-name=ether6 ] master-port=ether2-master-local name=\
  18. ether6-slave-local
  19. set [ find default-name=ether7 ] master-port=ether2-master-local name=\
  20. ether7-slave-local
  21. set [ find default-name=ether8 ] master-port=ether2-master-local name=\
  22. ether8-slave-local
  23. set [ find default-name=ether9 ] master-port=ether2-master-local name=\
  24. ether9-slave-local
  25. set [ find default-name=ether10 ] master-port=ether2-master-local name=\
  26. ether10-slave-local
  27. set [ find default-name=ether11 ] master-port=ether2-master-local name=\
  28. ether11-slave-local
  29. set [ find default-name=ether12 ] master-port=ether2-master-local name=\
  30. ether12-slave-local
  31. set [ find default-name=ether13 ] master-port=ether2-master-local name=\
  32. ether13-slave-local
  33. set [ find default-name=ether14 ] master-port=ether2-master-local name=\
  34. ether14-slave-local
  35. set [ find default-name=ether15 ] master-port=ether2-master-local name=\
  36. ether15-slave-local
  37. set [ find default-name=ether16 ] master-port=ether2-master-local name=\
  38. ether16-slave-local
  39. set [ find default-name=ether17 ] master-port=ether2-master-local name=\
  40. ether17-slave-local
  41. set [ find default-name=ether18 ] master-port=ether2-master-local name=\
  42. ether18-slave-local
  43. set [ find default-name=ether19 ] master-port=ether2-master-local name=\
  44. ether19-slave-local
  45. set [ find default-name=ether20 ] master-port=ether2-master-local name=\
  46. ether20-slave-local
  47. set [ find default-name=ether21 ] master-port=ether2-master-local name=\
  48. ether21-slave-local
  49. set [ find default-name=ether22 ] master-port=ether2-master-local name=\
  50. ether22-slave-local
  51. set [ find default-name=ether23 ] master-port=ether2-master-local name=\
  52. ether23-slave-local
  53. set [ find default-name=ether24 ] master-port=ether2-master-local name=\
  54. ether24-slave-local
  55. set [ find default-name=sfp1 ] master-port=ether2-master-local name=\
  56. sfp1-slave-local
  57. /interface pppoe-client
  58. add comment="PPPoE Account for Frontier (Broken when Modem set to Bridge Mode)" \
  59. interface="ether3- DSL WAN" keepalive-timeout=disabled max-mru=1480 \
  60. max-mtu=1492 mrru=1600 name="Frontier PPPoE" password="Willamina123!\?" \
  61. user=willyt@connect.frontier.com
  62. /ip neighbor discovery
  63. set "ether1-gateway Charter WAN" comment="DHCP from Charter Reset ever 5 min." \
  64. discover=no
  65. set "ether3- DSL WAN" comment="DHCP from Trash every 5 min."
  66. set "Frontier PPPoE" comment=\
  67. "PPPoE Account for Frontier (Broken when Modem set to Bridge Mode)"
  68. /interface wireless security-profiles
  69. set [ find default=yes ] supplicant-identity=MikroTik
  70. add authentication-types=wpa2-psk eap-methods="" management-protection=allowed \
  71. mode=dynamic-keys name=ProDog supplicant-identity="" wpa2-pre-shared-key=\
  72. Diggity123
  73. add authentication-types=wpa2-psk eap-methods="" mode=dynamic-keys name=\
  74. GuestDog supplicant-identity="" wpa-pre-shared-key=TomsGuest \
  75. wpa2-pre-shared-key=Guest123
  76. /interface wireless
  77. set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-Ce \
  78. comment="Main WiFi Limited to 10M" default-ap-tx-limit=15000000 \
  79. default-client-tx-limit=10000000 disabled=no distance=indoors frequency=\
  80. auto l2mtu=1600 mode=ap-bridge security-profile=ProDog ssid=TomsAuto
  81. /interface wireless manual-tx-power-table
  82. set wlan1 comment="Main WiFi Limited to 10M"
  83. /interface wireless nstreme
  84. set wlan1 comment="Main WiFi Limited to 10M"
  85. /ip neighbor discovery
  86. set wlan1 comment="Main WiFi Limited to 10M"
  87. /interface wireless
  88. add comment="Limited to 5M" default-ap-tx-limit=5000000 \
  89. default-client-tx-limit=5000000 disabled=no l2mtu=1600 mac-address=\
  90. E6:8D:8C:59:E6:F0 master-interface=wlan1 name=GuestAP security-profile=\
  91. GuestDog ssid=TomsGuest wds-cost-range=0 wds-default-bridge=\
  92. "GuestAP Bridge" wds-default-cost=0
  93. /interface wireless manual-tx-power-table
  94. set GuestAP comment="Limited to 5M"
  95. /interface wireless nstreme
  96. set *1C comment="Limited to 5M"
  97. /ip neighbor discovery
  98. set GuestAP comment="Limited to 5M"
  99. /ip ipsec proposal
  100. set [ find default=yes ] enc-algorithms=\
  101. 3des,aes-128-cbc,aes-192-cbc,aes-256-cbc
  102. /ip pool
  103. add name="Main /16" ranges=10.10.0.10-10.10.255.254
  104. add name="Guest /24" ranges=10.2.0.2-10.2.0.254
  105. add name="VPN /24" ranges=10.11.0.2-10.11.0.255
  106. /ip dhcp-server
  107. add address-pool="Main /16" disabled=no interface=bridge-local name=\
  108. "Main Network"
  109. add address-pool="Guest /24" disabled=no interface="GuestAP Bridge" name=\
  110. "Guest DHCP"
  111. /ppp profile
  112. add change-tcp-mss=yes local-address="VPN /24" name=pptp-profile \
  113. remote-address="VPN /24"
  114. add change-tcp-mss=yes local-address="VPN /24" name=l2tp remote-address=\
  115. "VPN /24"
  116. set *FFFFFFFE local-address="VPN /24" remote-address="VPN /24"
  117. /interface bridge port
  118. add bridge=bridge-local interface=ether2-master-local
  119. add bridge=bridge-local interface=wlan1
  120. add bridge="GuestAP Bridge" interface=GuestAP
  121. /interface l2tp-server server
  122. set authentication=mschap1,mschap2 default-profile=pptp-profile enabled=yes \
  123. ipsec-secret=techy3210 max-mru=1460 max-mtu=1460 use-ipsec=yes
  124. /interface pptp-server server
  125. set enabled=yes
  126. /ip address
  127. add address=10.10.0.1/16 comment="Main Network Charter Connection Port 1" \
  128. interface=bridge-local network=10.10.0.0
  129. add address=10.2.0.1/24 comment="Guest AP" interface="GuestAP Bridge" network=\
  130. 10.2.0.0
  131. add address=10.10.0.2/16 comment="Fronteir Port 3 Connection" interface=\
  132. "ether3- DSL WAN" network=10.10.0.0
  133. /ip cloud
  134. set ddns-enabled=yes
  135. /ip dhcp-client
  136. add comment="Main Connection to Charter" dhcp-options=hostname,clientid \
  137. disabled=no interface="ether1-gateway Charter WAN"
  138. add comment="Backup Connection to Trash" default-route-distance=2 dhcp-options=\
  139. hostname,clientid disabled=no interface="ether3- DSL WAN"
  140. /ip dhcp-server network
  141. add address=10.2.0.0/24 comment="Guest Network" dns-server=\
  142. 71.10.216.1,8.8.8.8,8.8.4.4,71.10.216.2 gateway=10.2.0.1 netmask=24
  143. add address=10.10.0.0/16 comment="Main Network DHCP" gateway=10.10.0.1
  144. /ip dns
  145. set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4,74.40.74.40,74.40.74.41
  146. /ip dns static
  147. add address=192.168.88.1 name=router
  148. /ip firewall address-list
  149. add address=10.10.0.0/16 list="Main Network"
  150. add address=10.2.0.0/24 list="Guest AP"
  151. /ip firewall filter
  152. add chain=input comment="Let Tech In" src-address=\
  153. 24.216.245.0/24
  154. add chain=input comment="VPN Port" disabled=yes dst-port=1723 protocol=tcp
  155. add chain=input comment="VPN Also" disabled=yes protocol=gre
  156. add action=drop chain=input comment="Mangled Packet Drop" connection-state=\
  157. invalid
  158. add action=drop chain=input comment="Drop Traffic from Main Network to Guest" \
  159. dst-address=10.2.0.0/24 src-address=10.10.0.0/16
  160. add action=drop chain=input comment="Drop Traffic from Guest to Main" \
  161. dst-address=10.10.0.0/16 src-address=10.2.0.0/24
  162. add chain=input comment="default configuration" protocol=icmp
  163. add chain=input comment="default configuration" connection-state=\
  164. established,related
  165. add action=drop chain=input comment="Basic Security" in-interface=\
  166. "ether1-gateway Charter WAN"
  167. add action=fasttrack-connection chain=forward comment="default configuration" \
  168. connection-state=established,related
  169. add chain=forward comment="default configuration" connection-state=\
  170. established,related
  171. add action=drop chain=forward comment="Basic Security" connection-state=invalid
  172. add action=drop chain=forward comment="NAT killer" connection-nat-state=!dstnat \
  173. connection-state=new in-interface="ether1-gateway Charter WAN"
  174. /ip firewall mangle
  175. add chain=input comment="Mark Connections from Charter" connection-mark=\
  176. Wan1_Charter in-interface="ether1-gateway Charter WAN"
  177. add chain=input comment="Mark Connections from Frontier" connection-mark=\
  178. Wan2_frontier in-interface="ether3- DSL WAN"
  179. add action=mark-routing chain=output comment="Mark Outgoing Charter Traffic" \
  180. connection-mark=Wan1_Charter new-routing-mark=to_Wan1
  181. add action=mark-routing chain=output comment="Mark Outgoing Frontier Traffic" \
  182. connection-mark=Wan2_frontier new-routing-mark=to_Wan2
  183. add chain=prerouting comment="PreRouting for Charter" dst-address=10.10.0.0/16 \
  184. in-interface="ether1-gateway Charter WAN"
  185. add chain=prerouting comment="PreRouting for Frontier" dst-address=10.10.0.0/16 \
  186. in-interface="ether3- DSL WAN"
  187. add action=mark-connection chain=prerouting comment=\
  188. "Mark Non - Local Traffic Charter" dst-address-type=!local in-interface=\
  189. "ether1-gateway Charter WAN" new-connection-mark=Wan1_Charter \
  190. per-connection-classifier=both-addresses-and-ports:2/0
  191. add action=mark-connection chain=prerouting comment=\
  192. "Mark Non-Local Traffic Frontier" dst-address-type=!local in-interface=\
  193. "ether3- DSL WAN" new-connection-mark=Wan2_frontier \
  194. per-connection-classifier=both-addresses-and-ports:2/0
  195. add action=mark-routing chain=prerouting comment="Mark Port Specific Charter" \
  196. connection-mark=Wan1_Charter in-interface="ether1-gateway Charter WAN" \
  197. new-routing-mark=to_Wan1
  198. add action=mark-routing chain=prerouting comment="Mark Port Specific Frontier" \
  199. connection-mark=Wan2_frontier in-interface="ether3- DSL WAN" \
  200. new-routing-mark=to_Wan2
  201. /ip firewall nat
  202. add action=masquerade chain=srcnat comment="NAT for all traffic" out-interface=\
  203. "ether1-gateway Charter WAN"
  204. add action=masquerade chain=srcnat comment="NAT for Guest Network" \
  205. out-interface="ether1-gateway Charter WAN" src-address=10.2.0.0/24
  206. add action=masquerade chain=srcnat comment="Masquerade for Charter WAN" \
  207. out-interface="ether1-gateway Charter WAN"
  208. add action=masquerade chain=srcnat comment="Masquerade for Frontier WAN" \
  209. out-interface="ether3- DSL WAN"
  210. /ip ipsec peer
  211. add address=0.0.0.0/0 enc-algorithm=3des,aes-128,aes-192,aes-256 exchange-mode=\
  212. main-l2tp generate-policy=port-strict secret=billy3210
  213. /ip route
  214. add check-gateway=ping comment="Ping Charter to See if Up" distance=1 gateway=\
  215. "ether1-gateway Charter WAN" routing-mark=to_Wan1
  216. add check-gateway=ping comment="Ping Frontier to See if Up" distance=1 gateway=\
  217. "ether3- DSL WAN" routing-mark=to_Wan2
  218. /lcd
  219. set default-screen=informative-slideshow touch-screen=disabled
  220. /ppp secret
  221. add comment="Tom VPN" name=billy password=billy3210 profile=pptp-profile service=\
  222. pptp
  223. add comment="Tom VPN" name=billy password=billy3210 profile=l2tp service=l2tp
  224. /system clock
  225. set time-zone-name=America/Los_Angeles
  226. /system identity
  227. set name=TomsCore
  228. /system ntp client
  229. set enabled=yes primary-ntp=38.229.71.1 secondary-ntp=129.6.15.29
  230. /system routerboard settings
  231. set protected-routerboot=disabled
  232. /system scheduler
  233. add comment="Force DynDNS Update" interval=5m name="Update DynDNS" on-event=\
  234. "/ip cloud force-update" policy=\
  235. reboot,read,write,policy,test,password,sniff,sensitive start-date=\
  236. jun/05/2017 start-time=21:47:21
  237. /tool mac-server
  238. set [ find default=yes ] disabled=yes
  239. add interface=ether2-master-local
  240. add interface="ether3- DSL WAN"
  241. add interface=ether4-slave-local
  242. add interface=ether5-slave-local
  243. add interface=ether6-slave-local
  244. add interface=ether7-slave-local
  245. add interface=ether8-slave-local
  246. add interface=ether9-slave-local
  247. add interface=ether10-slave-local
  248. add interface=ether11-slave-local
  249. add interface=ether12-slave-local
  250. add interface=ether13-slave-local
  251. add interface=ether14-slave-local
  252. add interface=ether15-slave-local
  253. add interface=ether16-slave-local
  254. add interface=ether17-slave-local
  255. add interface=ether18-slave-local
  256. add interface=ether19-slave-local
  257. add interface=ether20-slave-local
  258. add interface=ether21-slave-local
  259. add interface=ether22-slave-local
  260. add interface=ether23-slave-local
  261. add interface=ether24-slave-local
  262. add interface=sfp1-slave-local
  263. add interface=wlan1
  264. add interface=bridge-local
  265. /tool mac-server mac-winbox
  266. set [ find default=yes ] disabled=yes
  267. add interface=ether2-master-local
  268. add interface="ether3- DSL WAN"
  269. add interface=ether4-slave-local
  270. add interface=ether5-slave-local
  271. add interface=ether6-slave-local
  272. add interface=ether7-slave-local
  273. add interface=ether8-slave-local
  274. add interface=ether9-slave-local
  275. add interface=ether10-slave-local
  276. add interface=ether11-slave-local
  277. add interface=ether12-slave-local
  278. add interface=ether13-slave-local
  279. add interface=ether14-slave-local
  280. add interface=ether15-slave-local
  281. add interface=ether16-slave-local
  282. add interface=ether17-slave-local
  283. add interface=ether18-slave-local
  284. add interface=ether19-slave-local
  285. add interface=ether20-slave-local
  286. add interface=ether21-slave-local
  287. add interface=ether22-slave-local
  288. add interface=ether23-slave-local
  289. add interface=ether24-slave-local
  290. add interface=sfp1-slave-local
  291. add interface=wlan1
  292. add interface=bridge-local
  293. /tool romon port
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!