Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [admin@edge01] > /export
- # may/14/2020 14:46:51 by RouterOS 6.45.9
- # software id = YTI9-WYWD
- #
- # model = RouterBOARD 941-2nD
- # serial number = xxxxxx
- /interface ethernet
- set [ find default-name=ether1 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full name=ether1-GTW-STR
- set [ find default-name=ether2 ] comment=edge02 name=ether2-LAN speed=1Gbps
- set [ find default-name=ether3 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full c
- set [ find default-name=ether4 ] loop-protect=off name=ether4-GTW-MTC
- /interface wireless
- set [ find default-name=wlan1 ] antenna-gain=0 band=2ghz-b/g/n channel-width=20/40mhz-Ce country=no_country_set disabled=no frequency=2417 mac-address=E4:8D:8C:BA:B9:01 mode=\
- ap-bridge ssid="WIFI1" wireless-protocol=802.11 wps-mode=disabled
- /interface bridge
- add name=bridge-local protocol-mode=none
- /interface list
- add name=mactel
- add name=mac-winbox
- add name=WAN
- add name=MTC_LIST
- /interface wireless security-profiles
- set [ find default=yes ] authentication-types=wpa2-psk mode=dynamic-keys supplicant-identity=qwerty12321 wpa-pre-shared-key=qwerty12321 wpa2-pre-shared-key=XXXXX
- /ip ipsec proposal
- set [ find default=yes ] enc-algorithms=aes-128-cbc
- /ip pool
- add name=dhcp ranges=10.10.10.129-10.10.10.254
- /ip dhcp-server
- add address-pool=dhcp disabled=no interface=bridge-local name=dhcp
- /routing bgp instance
- set default disabled=yes
- /routing ospf instance
- set [ find default=yes ] disabled=yes
- /snmp community
- set [ find default=yes ] addresses=0.0.0.0/0
- /system logging action
- set 0 memory-lines=100
- /interface bridge port
- add bridge=bridge-local interface=ether2-LAN
- add bridge=bridge-local interface=ether3-LAN
- add bridge=bridge-local broadcast-flood=no interface=wlan1
- /ip neighbor discovery-settings
- set discover-interface-list=MTC_LIST
- /interface list member
- add interface=ether2-LAN list=mactel
- add interface=ether3-LAN list=mactel
- add interface=ether2-LAN list=mac-winbox
- add interface=ether3-LAN list=mac-winbox
- add list=mactel
- add list=mac-winbox
- add interface=ether1-GTW-STR list=WAN
- add interface=ether4-GTW-MTC list=WAN
- add interface=ether4-GTW-MTC list=MTC_LIST
- add interface=wlan1 list=mac-winbox
- /ip address
- add address=10.10.10.1/24 interface=bridge-local network=10.10.10.0
- /ip dhcp-client
- add default-route-distance=70 disabled=no interface=ether1-GTW-STR use-peer-dns=no
- add default-route-distance=50 disabled=no interface=ether4-GTW-MTC use-peer-dns=no
- /ip dhcp-server network
- add address=10.10.10.0/24 gateway=10.10.10.1
- add address=10.10.20.0/24 gateway=10.10.20.1
- /ip dns
- set allow-remote-requests=yes servers=8.8.8.8
- /ip dns static
- add address=10.10.10.1 name=router
- /ip firewall filter
- add action=accept chain=input comment="INPUT - related,established" connection-state=established,related
- add action=accept chain=input in-interface-list=!WAN
- add action=drop chain=input in-interface-list=WAN log-prefix=rejected_from_WAN protocol=!icmp
- add action=fasttrack-connection chain=forward comment=related,established connection-state=established,related
- add action=accept chain=forward comment=related,established connection-state=established,related
- add action=accept chain=forward
- add action=accept chain=forward out-interface=ether4-GTW-MTC
- add action=accept chain=forward out-interface=ether1-GTW-STR
- /ip firewall nat
- add action=masquerade chain=srcnat out-interface=ether1-GTW-STR src-address=10.10.10.0/24
- add action=masquerade chain=srcnat out-interface=ether4-GTW-MTC src-address=10.10.10.0/24
- /ip firewall service-port
- set ftp disabled=yes
- set tftp disabled=yes
- set irc disabled=yes
- set h323 disabled=yes
- set sip disabled=yes
- set pptp disabled=yes
- set dccp disabled=yes
- set sctp disabled=yes
- /ip service
- set telnet disabled=yes
- set ftp disabled=yes
- set api disabled=yes
- set winbox port=8292
- set api-ssl disabled=yes
- /ip ssh
- set allow-none-crypto=yes forwarding-enabled=remote
- /routing bfd interface
- set [ find default=yes ] disabled=yes
- /routing filter
- add action=log chain=dynamic-in distance=50 set-check-gateway=ping set-distance=10
- add action=log chain=dynamic-in distance=70 set-check-gateway=ping set-distance=30
- /system clock
- set time-zone-name=Europe/Chisinau
- /system identity
- set name=edge01
- /system logging
- add disabled=yes topics=debug
- add topics=bridge
- /system note
- set note="Let the MAgic start!"
- /system package update
- set channel=long-term
- /tool bandwidth-server
- set enabled=no
- /tool mac-server
- set allowed-interface-list=mactel
- /tool mac-server mac-winbox
- set allowed-interface-list=mac-winbox
- /tool romon port
- add
Add Comment
Please, Sign In to add comment