SHARE
TWEET

Untitled

a guest Apr 23rd, 2019 80 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # HOSTNAME
  2. /system identity
  3. set name=MikroTik-Master
  4. # INTERFACES
  5. /interface ethernet
  6. set [ find default-name=ether1 ] speed=100Mbps
  7. set [ find default-name=sftp1 ] speed=100Mbps
  8. set [ find default-name=ether3 ] speed=100Mbps
  9. set [ find default-name=ether4 ] speed=100Mbps
  10. set [ find default-name=ether5 ] speed=100Mbps
  11. set [ find default-name=lan-switch ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
  12. # WRLS
  13. /interface wireless
  14. set [ find default-name=wlan2 ] ssid=MikroTik
  15. /interface wireless security-profiles
  16. set [ find default=yes ] supplicant-identity=MikroTik
  17. add authentication-types=wpa2-psk eap-methods="" management-protection=allowed mode=dynamic-keys name=ohod2Gz supplicant-identity="" wpa2-pre-shared-key=9181888206
  18. /interface wireless
  19. set [ find default-name=wlan1 ] band=2ghz-onlyn disabled=no mode=ap-bridge security-profile=ohod2Gz ssid=Master vlan-id=27 vlan-mode=use-tag wps-mode=disabled
  20. # IFACE LIST
  21. /interface list
  22. add name=WAN
  23. add name=LAN
  24. /interface list member
  25. add interface=lan-switch list=WAN
  26. # BRIDGE
  27. /interface bridge port
  28. add bridge="lan-switch" interface=ether1 hw=yes
  29. add bridge="lan-switch" interface=sftp1 hw=yes
  30. add bridge="lan-switch" interface=ether3 hw=yes
  31. add bridge="lan-switch" interface=ether4 hw=yes
  32. add bridge="lan-switch" interface=ether5 hw=yes
  33. add bridge="lan-switch" interface=wlan1
  34. add bridge="lan-switch" interface=wlan2
  35. # VLANDATABASE
  36. /interface ethernet switch vlan
  37. add ports=sftp1,ether5,switch1-cpu switch=switch1 vlan-id=5
  38. add ports=sftp1,ether1,ether2,ether3,ether4,ether5 switch=switch1 vlan-id=27
  39. add ports=sftp1,ether5 switch=switch1 vlan-id=21
  40. add ports=sftp1,ether5 switch=switch1 vlan-id=116
  41. # VLAN HANDLE
  42. /interface ethernet switch port
  43. set sftp1 vlan-mode=secure vlan-header=add-if-missing
  44. set ether1 vlan-mode=secure vlan-header=always-strip default-vlan-id=27
  45. set ether2 vlan-mode=secure vlan-header=always-strip default-vlan-id=27
  46. set ether3 vlan-mode=secure vlan-header=always-strip default-vlan-id=27
  47. set ether4 vlan-mode=secure vlan-header=always-strip default-vlan-id=27
  48. set ether5 vlan-mode=secure vlan-header=add-if-missing
  49. # IFACES & ALIASES
  50. /interface vlan
  51. add interface=lan-switch name=vlan5 vlan-id=5
  52. add interface=lan-switch name=vlan21 vlan-id=21
  53. add interface=lan-switch name=vlan27 vlan-id=27
  54. add interface=lan-switch name=vlan116 vlan-id=116
  55. /ip address
  56. add address=10.5.1.71/24 interface="vlan5" network=10.5.1.0
  57. /ip dhcp-client
  58. add dhcp-options=hostname,clientid disabled=no add-default-reoute=no interface="vlan21"
  59. add dhcp-options=hostname,clientid disabled=no add-default-reoute=no interface="vlan27"
  60.  
  61. # BUGGY RULE BUT I WON'T FIX THIS
  62. /ip firewall nat
  63. add action=masquerade chain=srcnat
  64. # SECURITY
  65. /ip service
  66. set telnet disabled=yes
  67. set ftp disabled=yes
  68. set api disabled=yes
  69. set api-ssl disabled=yes
  70. # CLOCK
  71. /system clock
  72. set time-zone-name=Asia/Yakutsk
  73. /system ntp client
  74. set enabled=yes server-dns-names=ntp5.stratum2.ru,ntp4.stratum2.ru
  75. # ROS & LDR UPGRADE SETTINGS
  76. /system package update
  77. set channel=long-term
  78. /system routerboard settings
  79. set auto-upgrade=yes
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top