API tools faq
paste
Guest User

R1

a guest
May 14th, 2020
155
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.55 KB | None | 0 0
raw download clone embed print report
  1. [admin@edge01] > /export
  2. # may/14/2020 14:46:51 by RouterOS 6.45.9
  3. # software id = YTI9-WYWD
  4. #
  5. # model = RouterBOARD 941-2nD
  6. # serial number = xxxxxx
  7. /interface ethernet
  8. set [ find default-name=ether1 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full name=ether1-GTW-STR
  9. set [ find default-name=ether2 ] comment=edge02 name=ether2-LAN speed=1Gbps
  10. set [ find default-name=ether3 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full c
  11. set [ find default-name=ether4 ] loop-protect=off name=ether4-GTW-MTC
  12. /interface wireless
  13. set [ find default-name=wlan1 ] antenna-gain=0 band=2ghz-b/g/n channel-width=20/40mhz-Ce country=no_country_set disabled=no frequency=2417 mac-address=E4:8D:8C:BA:B9:01 mode=\
  14. ap-bridge ssid="WIFI1" wireless-protocol=802.11 wps-mode=disabled
  15. /interface bridge
  16. add name=bridge-local protocol-mode=none
  17. /interface list
  18. add name=mactel
  19. add name=mac-winbox
  20. add name=WAN
  21. add name=MTC_LIST
  22. /interface wireless security-profiles
  23. set [ find default=yes ] authentication-types=wpa2-psk mode=dynamic-keys supplicant-identity=qwerty12321 wpa-pre-shared-key=qwerty12321 wpa2-pre-shared-key=XXXXX
  24. /ip ipsec proposal
  25. set [ find default=yes ] enc-algorithms=aes-128-cbc
  26. /ip pool
  27. add name=dhcp ranges=10.10.10.129-10.10.10.254
  28. /ip dhcp-server
  29. add address-pool=dhcp disabled=no interface=bridge-local name=dhcp
  30. /routing bgp instance
  31. set default disabled=yes
  32. /routing ospf instance
  33. set [ find default=yes ] disabled=yes
  34. /snmp community
  35. set [ find default=yes ] addresses=0.0.0.0/0
  36. /system logging action
  37. set 0 memory-lines=100
  38. /interface bridge port
  39. add bridge=bridge-local interface=ether2-LAN
  40. add bridge=bridge-local interface=ether3-LAN
  41. add bridge=bridge-local broadcast-flood=no interface=wlan1
  42. /ip neighbor discovery-settings
  43. set discover-interface-list=MTC_LIST
  44. /interface list member
  45. add interface=ether2-LAN list=mactel
  46. add interface=ether3-LAN list=mactel
  47. add interface=ether2-LAN list=mac-winbox
  48. add interface=ether3-LAN list=mac-winbox
  49. add list=mactel
  50. add list=mac-winbox
  51. add interface=ether1-GTW-STR list=WAN
  52. add interface=ether4-GTW-MTC list=WAN
  53. add interface=ether4-GTW-MTC list=MTC_LIST
  54. add interface=wlan1 list=mac-winbox
  55. /ip address
  56. add address=10.10.10.1/24 interface=bridge-local network=10.10.10.0
  57. /ip dhcp-client
  58. add default-route-distance=70 disabled=no interface=ether1-GTW-STR use-peer-dns=no
  59. add default-route-distance=50 disabled=no interface=ether4-GTW-MTC use-peer-dns=no
  60. /ip dhcp-server network
  61. add address=10.10.10.0/24 gateway=10.10.10.1
  62. add address=10.10.20.0/24 gateway=10.10.20.1
  63. /ip dns
  64. set allow-remote-requests=yes servers=8.8.8.8
  65. /ip dns static
  66. add address=10.10.10.1 name=router
  67. /ip firewall filter
  68. add action=accept chain=input comment="INPUT - related,established" connection-state=established,related
  69. add action=accept chain=input in-interface-list=!WAN
  70. add action=drop chain=input in-interface-list=WAN log-prefix=rejected_from_WAN protocol=!icmp
  71. add action=fasttrack-connection chain=forward comment=related,established connection-state=established,related
  72. add action=accept chain=forward comment=related,established connection-state=established,related
  73. add action=accept chain=forward
  74. add action=accept chain=forward out-interface=ether4-GTW-MTC
  75. add action=accept chain=forward out-interface=ether1-GTW-STR
  76. /ip firewall nat
  77. add action=masquerade chain=srcnat out-interface=ether1-GTW-STR src-address=10.10.10.0/24
  78. add action=masquerade chain=srcnat out-interface=ether4-GTW-MTC src-address=10.10.10.0/24
  79. /ip firewall service-port
  80. set ftp disabled=yes
  81. set tftp disabled=yes
  82. set irc disabled=yes
  83. set h323 disabled=yes
  84. set sip disabled=yes
  85. set pptp disabled=yes
  86. set dccp disabled=yes
  87. set sctp disabled=yes
  88. /ip service
  89. set telnet disabled=yes
  90. set ftp disabled=yes
  91. set api disabled=yes
  92. set winbox port=8292
  93. set api-ssl disabled=yes
  94. /ip ssh
  95. set allow-none-crypto=yes forwarding-enabled=remote
  96. /routing bfd interface
  97. set [ find default=yes ] disabled=yes
  98. /routing filter
  99. add action=log chain=dynamic-in distance=50 set-check-gateway=ping set-distance=10
  100. add action=log chain=dynamic-in distance=70 set-check-gateway=ping set-distance=30
  101. /system clock
  102. set time-zone-name=Europe/Chisinau
  103. /system identity
  104. set name=edge01
  105. /system logging
  106. add disabled=yes topics=debug
  107. add topics=bridge
  108. /system note
  109. set note="Let the MAgic start!"
  110. /system package update
  111. set channel=long-term
  112. /tool bandwidth-server
  113. set enabled=no
  114. /tool mac-server
  115. set allowed-interface-list=mactel
  116. /tool mac-server mac-winbox
  117. set allowed-interface-list=mac-winbox
  118. /tool romon port
  119. add
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!