Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /interface bridge
- add name=bridge-LAN
- /interface ethernet
- set [ find default-name=ether1 ] comment=INTERNET-WAN
- set [ find default-name=ether2 ] comment=LAN
- set [ find default-name=ether5 ] poe-out=off
- /interface eoip
- add allow-fast-path=no comment="RB2 con SIM" local-address=10.108.1.1 \
- mac-address=02:56:5E:5B:02:30 name="eoip sede2" remote-address=\
- 10.10.118.1 tunnel-id=10
- add allow-fast-path=no comment="RB3 con Hotspot" local-address=10.108.1.1 \
- mac-address=02:56:5E:5B:02:22 name=eoip-sede3 remote-address=10.10.119.1 \
- tunnel-id=20
- add allow-fast-path=no comment="RB4 - Mario. hotspot + eth1" local-address=\
- 10.108.1.1 mac-address=02:B2:AD:41:62:9A name=eoip-sede4 remote-address=\
- 10.10.120.1 tunnel-id=30
- add allow-fast-path=no comment="RB5 con Hotspot + ether1" local-address=\
- 10.108.1.1 mac-address=02:56:5E:5B:02:30 name=eoip-sede5 remote-address=\
- 10.10.121.1 tunnel-id=40
- /ip pool
- add name=POOL-DHCP ranges=10.108.1.100-10.108.1.200
- add name=pool-VPN ranges=172.16.26.100-172.16.26.110
- /ip dhcp-server
- add address-pool=POOL-DHCP disabled=no interface=bridge-LAN lease-time=12h10m \
- name=server-DHCP
- /ppp profile
- add change-tcp-mss=yes local-address=172.16.26.1 name=profile-vpn \
- remote-address=pool-VPN use-encryption=yes
- /interface bridge port
- add bridge=bridge-LAN interface=ether2
- add bridge=bridge-LAN interface=ether3
- add bridge=bridge-LAN interface=ether4
- add bridge=bridge-LAN interface=ether5
- add bridge=bridge-LAN interface=wlan1
- add bridge=bridge-LAN interface="eoip sede2"
- add bridge=bridge-LAN interface=eoip-sede3
- add bridge=bridge-LAN interface=eoip-sede4
- add bridge=bridge-LAN interface=eoip-sede5
- /interface l2tp-server server
- set default-profile=profile-vpn enabled=yes ipsec-secret=xxxxxxxxx \
- use-ipsec=yes
- /ip address
- add address=192.168.1.253/24 interface=ether1 network=192.168.1.0
- add address=10.108.1.1/24 interface=bridge-LAN network=10.108.1.0
- /ip dhcp-server network
- add address=10.108.1.0/24 dns-server=1.1.1.1,1.0.0.1 gateway=10.108.1.1 \
- netmask=24
- /ip dns
- set allow-remote-requests=yes servers=1.1.1.1,8.8.8.8
- /ip firewall filter
- add action=accept chain=forward connection-state=\
- established,related,untracked
- add action=drop chain=forward connection-state=invalid
- /ip firewall nat
- add action=masquerade chain=srcnat out-interface=ether1
- add action=masquerade chain=srcnat comment=vpn src-address=172.16.26.0/24
- /ip route
- add distance=1 gateway=192.168.1.1
- add comment="route sede2" distance=1 dst-address=10.10.118.0/24 gateway=\
- 172.16.26.2
- add comment="route sede3" distance=1 dst-address=10.10.119.0/24 gateway=\
- 172.16.26.3
- add comment="route sede4" distance=1 dst-address=10.10.120.0/24 gateway=\
- 172.16.26.4
- add comment="route sede5" distance=1 dst-address=10.10.121.0/24 gateway=\
- 172.16.26.5
- /ppp secret
- add name=sede2 password=m@rio_sede2 profile=profile-vpn remote-address=\
- 172.16.26.2
- add name=m@rio.client password=mario.client-2020 profile=profile-vpn
- add name=sede3 password=m@rio_sede3 profile=profile-vpn remote-address=\
- 172.16.26.3
- add name=sede4 password=m@rio_sede4 profile=profile-vpn remote-address=\
- 172.16.26.4
- add name=sede5 password=m@rio_sede5 profile=profile-vpn remote-address=\
- 172.16.26.5
- /system clock
- set time-zone-name=Europe/Rome
- /system identity
- set name=RB1_Server
- /system ntp client
- set enabled=yes primary-ntp=193.204.114.105
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement