API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 23rd, 2019
71
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.66 KB | None | 0 0
raw download clone embed print report
  1. # may/23/2019 22:37:39 by RouterOS 6.43.8
  2. # software id = EGV5-839D
  3. #
  4. # model = RouterBOARD 750G r3
  5. # serial number = 6F3808AB54A2
  6. /interface bridge
  7. add admin-mac=CC:2D:E0:08:D2:5D auto-mac=no comment=\
  8. "created from master port" name=bridge1 protocol-mode=none
  9. /interface ethernet
  10. set [ find default-name=ether1 ] mac-address=64:70:02:DF:42:20 speed=100Mbps
  11. set [ find default-name=ether2 ] name=ether2-master speed=100Mbps
  12. set [ find default-name=ether3 ] speed=100Mbps
  13. set [ find default-name=ether4 ] speed=100Mbps
  14. set [ find default-name=ether5 ] speed=100Mbps
  15. /interface l2tp-client
  16. add allow=mschap2 connect-to=91.2.2.2 disabled=no keepalive-timeout=\
  17. disabled name=l2tp-tun use-ipsec=yes user=tunuser
  18. /interface list
  19. add exclude=dynamic name=discover
  20. add name=mactel
  21. add name=mac-winbox
  22. /interface wireless security-profiles
  23. set [ find default=yes ] supplicant-identity=MikroTik
  24. /ip hotspot profile
  25. set [ find default=yes ] html-directory=flash/hotspot
  26. /ip pool
  27. add name=dhcp ranges=192.168.88.10-192.168.88.254
  28. /ip dhcp-server
  29. add address-pool=dhcp authoritative=after-2sec-delay disabled=no interface=\
  30. bridge1 lease-time=12h name=defconf
  31. /snmp community
  32. set [ find default=yes ] addresses=0.0.0.0/0
  33. /interface bridge port
  34. add bridge=bridge1 interface=ether3
  35. add bridge=bridge1 interface=ether4
  36. add bridge=bridge1 interface=ether5
  37. add bridge=bridge1 interface=ether2-master
  38. /ip neighbor discovery-settings
  39. set discover-interface-list=discover
  40. /interface list member
  41. add interface=bridge1 list=discover
  42. add interface=ether3 list=discover
  43. add interface=ether4 list=discover
  44. add interface=ether5 list=discover
  45. add interface=bridge1 list=mactel
  46. add interface=bridge1 list=mac-winbox
  47. /ip address
  48. add address=192.168.88.1/24 comment=defconf interface=bridge1 network=\
  49. 192.168.88.0
  50. add address=178.1.1.1/24 interface=ether1 network=178.1.1.0
  51. /ip dhcp-client
  52. add comment=defconf dhcp-options=hostname,clientid interface=ether1
  53. /ip dhcp-server lease
  54. add address=192.168.88.250 mac-address=3C:A9:F4:92:55:30 server=defconf
  55. add address=192.168.88.243 mac-address=02:81:92:8A:55:61 server=defconf
  56. add address=192.168.88.236 client-id=1:24:a4:3c:55:8:6 comment=uap-ac \
  57. mac-address=24:A4:3C:50:55:06 server=defconf
  58. add address=192.168.88.219 mac-address=00:10:83:55:C3:12 server=defconf
  59. /ip dhcp-server network
  60. add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
  61. /ip dns
  62. set allow-remote-requests=yes servers=8.8.8.8,80.55.22.2,80.55.2.4
  63. /ip dns static
  64. add address=192.168.88.1 name=router
  65. /ip firewall address-list
  66. add address=91.1.1.3 list=mgmt
  67. add address=62.152.4.14 list=mgmt
  68. add address=91.1.1.1 list=mgmt
  69. add address=91.2.1.9 list=mgmt
  70. /ip firewall filter
  71. add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
  72. add action=accept chain=input in-interface=ether1 src-address-list=mgm
  73. add action=accept chain=forward connection-nat-state=dstnat in-interface=\
  74. ether1
  75. add action=accept chain=input comment="defconf: accept established,related" \
  76. connection-state=established,related
  77. add action=accept chain=forward comment="defconf: accept established,related" \
  78. connection-state=established,related
  79. add action=accept chain=input dst-port=80 in-interface=ether1 protocol=tcp \
  80. src-address-list=mgm
  81. add action=accept chain=input dst-port=22 in-interface=ether1 protocol=tcp \
  82. src-address-list=mgm
  83. add action=drop chain=input comment="defconf: drop all from WAN" \
  84. connection-state=invalid,new in-interface=ether1
  85. add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
  86. connection-state=established,related
  87. add action=drop chain=forward comment="defconf: drop invalid" \
  88. connection-state=invalid
  89. add action=drop chain=forward comment=\
  90. "defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
  91. connection-state=new in-interface=ether1
  92. /ip firewall nat
  93. add action=masquerade chain=srcnat comment="defconf: masquerade" \
  94. out-interface=ether1
  95. add action=accept chain=dstnat disabled=yes dst-port=80 protocol=tcp \
  96. src-address=0.0.0.0
  97. add action=dst-nat chain=dstnat dst-port=8021 in-interface=ether1 protocol=\
  98. tcp to-addresses=192.168.88.243 to-ports=8021
  99. add action=dst-nat chain=dstnat dst-port=8021 in-interface=ether1 protocol=\
  100. udp to-addresses=192.168.88.243 to-ports=8021
  101. add action=dst-nat chain=dstnat dst-port=50000-50300 in-interface=ether1 \
  102. protocol=tcp to-addresses=192.168.88.243 to-ports=50000-50300
  103. add action=dst-nat chain=dstnat dst-port=50000-50300 in-interface=ether1 \
  104. protocol=udp to-addresses=192.168.88.243 to-ports=50000-50300
  105. add action=masquerade chain=srcnat dst-address=91.1.1.1 out-interface=\
  106. l2tp-tun
  107. add action=masquerade chain=srcnat dst-address=91.1.1.10 out-interface=\
  108. l2tp-tun
  109. add action=dst-nat chain=dstnat dst-address=178.1.1.1 dst-port=8022 \
  110. protocol=tcp to-addresses=192.168.10.46 to-ports=22
  111. /ip route
  112. add distance=1 gateway=178.1.1.2
  113. add distance=1 dst-address=91.1.1.10/32 gateway=192.168.10.1 pref-src=\
  114. 192.168.10.46
  115. add distance=1 dst-address=91.1.1.1/32 gateway=192.168.10.1 pref-src=\
  116. 192.168.10.46
  117. /ip service
  118. set telnet disabled=yes
  119. set ftp disabled=yes
  120. set api disabled=yes
  121. set api-ssl disabled=yes
  122. /system clock
  123. set time-zone-name=Europe/Moscow
  124. /system identity
  125. set name=unseen
  126. /system ntp client
  127. set enabled=yes primary-ntp=193.70.94.182 server-dns-names=\
  128. 0.pool.ntp.org,1.pool.ntp.org
  129. /system resource irq rps
  130. set ether1 disabled=no
  131. set ether3 disabled=no
  132. set ether4 disabled=no
  133. set ether5 disabled=no
  134. /tool mac-server
  135. set allowed-interface-list=mactel
  136. /tool mac-server mac-winbox
  137. set allowed-interface-list=mac-winbox
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!