Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # aug/05/2021 17:01:05 by RouterOS 6.48.3
- # software id = 29KN-YBQP
- #
- # model = RBD52G-5HacD2HnD
- # serial number =
- /interface bridge
- add arp=proxy-arp name=FullBridge
- /interface list
- add name=WAN
- add name=LAN
- /interface wireless security-profiles
- set [ find default=yes ] supplicant-identity=MikroTik
- add authentication-types=wpa2-psk eap-methods="" group-key-update=3m mode=\
- dynamic-keys name=password1 supplicant-identity=""
- /interface wireless
- set [ find default-name=wlan1 ] band=2ghz-onlyn disabled=no mode=ap-bridge \
- security-profile=password1 ssid=Tomsik_2G wps-mode=disabled
- set [ find default-name=wlan2 ] band=5ghz-onlyac channel-width=20/40mhz-XX \
- country="czech republic" disabled=no frequency=5280 mode=ap-bridge \
- security-profile=password1 ssid=Tomsik_5G wps-mode=disabled
- /ip pool
- add name=dhcp ranges=10.0.1.20-10.0.1.200
- add name=vpnpool ranges=10.0.1.201-10.0.1.240
- /ip dhcp-server
- add address-pool=dhcp disabled=no interface=FullBridge lease-time=5m name=\
- dhcp1
- /ppp profile
- add bridge=FullBridge change-tcp-mss=yes dns-server=10.0.1.1,10.10.10.10 \
- interface-list=LAN local-address=10.0.1.253 name=my-l2tp-profile \
- remote-address=vpnpool
- /interface bridge port
- add bridge=FullBridge interface=ether2
- add bridge=FullBridge interface=ether3
- add bridge=FullBridge interface=ether4
- add bridge=FullBridge interface=ether5
- add bridge=FullBridge interface=wlan1
- add bridge=FullBridge interface=wlan2
- /ip neighbor discovery-settings
- set discover-interface-list=!dynamic
- /interface l2tp-server server
- set authentication=mschap1,mschap2 default-profile=my-l2tp-profile enabled=\
- yes use-ipsec=yes
- /interface list member
- add interface=ether1 list=WAN
- add interface=FullBridge list=LAN
- /interface sstp-server server
- set default-profile=default-encryption
- /ip address
- add address=100.71.22.3/24 interface=ether1 network=100.71.22.0
- add address=10.0.1.1/24 interface=FullBridge network=10.0.1.0
- /ip cloud
- set ddns-enabled=yes
- /ip dhcp-client
- add interface=wlan2
- /ip dhcp-server lease
- /ip dhcp-server network
- add address=10.0.1.0/24 dns-server=10.100.0.100,10.10.10.10,1.1.1.1 gateway=\
- 10.0.1.1 netmask=24
- add address=100.71.22.0/24 gateway=100.71.22.3 netmask=24
- /ip dns
- set servers=10.100.0.100,10.10.10.10,1.1.1.1,8.8.8.8
- /ip firewall filter
- add action=accept chain=input comment="VPN: allow IKE" dst-port=500 \
- in-interface=ether1 protocol=udp
- add action=accept chain=input comment="VPN: allow L2TP" dst-port=1701 \
- in-interface=ether1 protocol=udp
- add action=accept chain=input comment="VPN: allow IPsec NAT-T" dst-port=4500 \
- in-interface=ether1 protocol=udp
- add action=accept chain=input in-interface=ether1 protocol=ipsec-esp
- add action=accept chain=input in-interface=ether1 protocol=ipsec-ah
- /ip firewall nat
- add action=masquerade chain=srcnat out-interface-list=WAN
- /ip route
- add distance=1 gateway=100.71.22.253
- /ip service
- set telnet disabled=yes
- set ftp disabled=yes
- set www disabled=yes
- set ssh disabled=yes
- set api disabled=yes
- set api-ssl disabled=yes
- /ppp profile
- set *FFFFFFFE local-address=192.168.89.1 remote-address=*5
- /ppp secret
- add disabled=yes name=vpn
- add name=tomsikr profile=my-l2tp-profile service=l2tp
- /system clock
- set time-zone-name=Europe/Prague
- /system identity
- set name=TomsikrMT
- /system logging
- add prefix="L2TP_LOG ===> " topics=l2tp
- add prefix="IPSEC_LOG ===> " topics=ipsec
- /system routerboard settings
- set auto-upgrade=yes
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
