microtik_conf_basic

1. # mar/19/2021 15:26:10 by RouterOS 6.48.1
2.  
3. # software id = X5L2-J78L
4.  
5. #
6.  
7. # model = 750GL
8.  
9. # serial number = 467B04284134
10.  
11. /interface bridge
12.  
13. add admin-mac=4C:5E:0C:77:22:7F auto-mac=no comment="created from master port" name=bridge1 protocol-mode=none
14.  
15. /interface ethernet
16.  
17. set [ find default-name=ether1 ] speed=100Mbps
18.  
19. set [ find default-name=ether2 ] name=ether2-master speed=100Mbps
20.  
21. set [ find default-name=ether3 ] speed=100Mbps
22.  
23. set [ find default-name=ether4 ] speed=100Mbps
24.  
25. set [ find default-name=ether5 ] speed=100Mbps
26.  
27. /interface list
28.  
29. add exclude=dynamic name=discover
30.  
31. add name=mactel
32.  
33. add name=mac-winbox
34.  
35. /interface wireless security-profiles
36.  
37. set [ find default=yes ] supplicant-identity=MikroTik
38.  
39. /ip pool
40.  
41. add name=default-dhcp ranges=192.168.88.10-192.168.88.254
42.  
43. /ip dhcp-server
44.  
45. add address-pool=default-dhcp authoritative=after-2sec-delay disabled=no interface=bridge1 name=defconf
46.  
47. /user group
48.  
49. set full policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web,sniff,sensitive,api,romon,dude,tikapp
50.  
51. /interface bridge port
52.  
53. add bridge=bridge1 interface=ether3
54.  
55. add bridge=bridge1 interface=ether4
56.  
57. add bridge=bridge1 interface=ether5
58.  
59. /ip neighbor discovery-settings
60.  
61. set discover-interface-list=discover
62.  
63. /interface list member
64.  
65. add interface=bridge1 list=discover
66.  
67. add interface=ether3 list=discover
68.  
69. add interface=ether4 list=discover
70.  
71. add interface=ether5 list=discover
72.  
73. add interface=bridge1 list=mactel
74.  
75. add interface=bridge1 list=mac-winbox
76.  
77. /ip address
78.  
79. add address=192.168.88.1/24 comment=defconf interface=bridge1 network=192.168.88.0
80.  
81. /ip dhcp-client
82.  
83. add comment=defconf disabled=no interface=ether1
84.  
85. /ip dhcp-server network
86.  
87. add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
88.  
89. /ip dns
90.  
91. set allow-remote-requests=yes
92.  
93. /ip dns static
94.  
95. add address=192.168.88.1 name=router
96.  
97. /ip firewall filter
98.  
99. add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
100.  
101. add action=accept chain=input comment="defconf: accept established,related" connection-state=established,related
102.  
103. add action=drop chain=input comment="defconf: drop all from WAN" in-interface=ether1
104.  
105. add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related
106.  
107. add action=accept chain=forward comment="defconf: accept established,related" connection-state=established,related
108.  
109. add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
110.  
111. add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface=ether1
112.  
113. /ip firewall nat
114.  
115. add action=masquerade chain=srcnat comment="defconf: masquerade" out-interface=ether1
116.  
117. /system clock
118.  
119. set time-zone-name=America/New_York
120.  
121. /system ntp client
122.  
123. set enabled=yes primary-ntp=216.240.36.24
124.  
125. /tool mac-server
126.  
127. set allowed-interface-list=mactel
128.  
129. /tool mac-server mac-winbox
130.  
131. set allowed-interface-list=mac-winbox
132.