Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # HOSTNAME
- /system identity
- set name=MikroTik-Master
- # INTERFACES
- /interface ethernet
- set [ find default-name=ether1 ] speed=100Mbps
- set [ find default-name=sftp1 ] speed=100Mbps
- set [ find default-name=ether3 ] speed=100Mbps
- set [ find default-name=ether4 ] speed=100Mbps
- set [ find default-name=ether5 ] speed=100Mbps
- set [ find default-name=lan-switch ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
- # WRLS
- /interface wireless
- set [ find default-name=wlan2 ] ssid=MikroTik
- /interface wireless security-profiles
- set [ find default=yes ] supplicant-identity=MikroTik
- add authentication-types=wpa2-psk eap-methods="" management-protection=allowed mode=dynamic-keys name=ohod2Gz supplicant-identity="" wpa2-pre-shared-key=9181888206
- /interface wireless
- set [ find default-name=wlan1 ] band=2ghz-onlyn disabled=no mode=ap-bridge security-profile=ohod2Gz ssid=Master vlan-id=27 vlan-mode=use-tag wps-mode=disabled
- # IFACE LIST
- /interface list
- add name=WAN
- add name=LAN
- /interface list member
- add interface=lan-switch list=WAN
- # BRIDGE
- /interface bridge port
- add bridge="lan-switch" interface=ether1 hw=yes
- add bridge="lan-switch" interface=sftp1 hw=yes
- add bridge="lan-switch" interface=ether3 hw=yes
- add bridge="lan-switch" interface=ether4 hw=yes
- add bridge="lan-switch" interface=ether5 hw=yes
- add bridge="lan-switch" interface=wlan1
- add bridge="lan-switch" interface=wlan2
- # VLANDATABASE
- /interface ethernet switch vlan
- add ports=sftp1,ether5,switch1-cpu switch=switch1 vlan-id=5
- add ports=sftp1,ether1,ether2,ether3,ether4,ether5 switch=switch1 vlan-id=27
- add ports=sftp1,ether5 switch=switch1 vlan-id=21
- add ports=sftp1,ether5 switch=switch1 vlan-id=116
- # VLAN HANDLE
- /interface ethernet switch port
- set sftp1 vlan-mode=secure vlan-header=add-if-missing
- set ether1 vlan-mode=secure vlan-header=always-strip default-vlan-id=27
- set ether2 vlan-mode=secure vlan-header=always-strip default-vlan-id=27
- set ether3 vlan-mode=secure vlan-header=always-strip default-vlan-id=27
- set ether4 vlan-mode=secure vlan-header=always-strip default-vlan-id=27
- set ether5 vlan-mode=secure vlan-header=add-if-missing
- # IFACES & ALIASES
- /interface vlan
- add interface=lan-switch name=vlan5 vlan-id=5
- add interface=lan-switch name=vlan21 vlan-id=21
- add interface=lan-switch name=vlan27 vlan-id=27
- add interface=lan-switch name=vlan116 vlan-id=116
- /ip address
- add address=10.5.1.71/24 interface="vlan5" network=10.5.1.0
- /ip dhcp-client
- add dhcp-options=hostname,clientid disabled=no add-default-reoute=no interface="vlan21"
- add dhcp-options=hostname,clientid disabled=no add-default-reoute=no interface="vlan27"
- # BUGGY RULE BUT I WON'T FIX THIS
- /ip firewall nat
- add action=masquerade chain=srcnat
- # SECURITY
- /ip service
- set telnet disabled=yes
- set ftp disabled=yes
- set api disabled=yes
- set api-ssl disabled=yes
- # CLOCK
- /system clock
- set time-zone-name=Asia/Yakutsk
- /system ntp client
- set enabled=yes server-dns-names=ntp5.stratum2.ru,ntp4.stratum2.ru
- # ROS & LDR UPGRADE SETTINGS
- /system package update
- set channel=long-term
- /system routerboard settings
- set auto-upgrade=yes
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
