Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # software id = 5B2I-ECMM
- #
- /interface bridge
- add name=bridge1-Klient
- /interface ethernet
- set [ find default-name=ether1 ] name=ether1_klient
- set [ find default-name=ether3 ] name=ether3_NanoKricen
- set [ find default-name=ether4 ] name=ether4_NanoKasalice
- /interface wireless security-profiles
- set [ find default=yes ] supplicant-identity=RB-750UP-RetrKasaliceKricen
- /ip ipsec proposal
- set [ find default=yes ] enc-algorithms=aes-128-cbc
- /ip pool
- add name=dhcp_pool1 ranges=10.3.5.250-10.3.5.254
- /ip dhcp-server
- add address-pool=dhcp_pool1 disabled=no interface=bridge1-Klient lease-time=\
- 3d name=dhcp1
- /routing bgp instance
- set default as=3020172 redistribute-connected=yes redistribute-static=yes
- /routing ospf area
- add area-id=12.0.0.0 name=pardubice
- /routing ospf instance
- set [ find default=yes ] redistribute-connected=as-type-1
- /snmp community
- set [ find default=yes ] read-access=no
- add addresses=0.0.0.0/0 name=zabbix
- /system logging action
- add name=logfuk remote=10.254.254.254 remote-port=5141 src-address=\
- 10.3.20.172 target=remote
- /user group
- set read policy="local,telnet,ssh,reboot,read,test,winbox,web,sniff,api,!ftp,!\
- write,!policy,!password,!sensitive"
- add name=telnet policy="local,telnet,ssh,reboot,read,write,policy,test,api,!ft\
- p,!winbox,!password,!web,!sniff,!sensitive"
- add name=winbox policy="local,ssh,reboot,read,write,policy,test,winbox,api,!te\
- lnet,!ftp,!password,!web,!sniff,!sensitive"
- add name=ssh policy="ssh,!local,!telnet,!ftp,!reboot,!read,!write,!policy,!tes\
- t,!winbox,!password,!web,!sniff,!sensitive,!api"
- /interface bridge port
- add bridge=bridge1-Klient interface=ether1_klient
- add bridge=bridge1-Klient interface=ether5
- /interface ethernet poe settings
- set ether1-poe-in-long-cable=yes
- /ip address
- add address=10.3.5.249/29 comment=Klient interface=bridge1-Klient network=\
- 10.3.5.248
- add address=10.3.20.172/29 comment="UBNT KRicen" interface=ether3_NanoKricen \
- network=10.3.20.168
- add address=10.3.20.156/29 disabled=yes interface=ether4_NanoKasalice \
- network=10.3.20.152
- add address=10.12.32.45/30 comment="Zaloha Kasalice" interface=\
- ether4_NanoKasalice network=10.12.32.44
- add address=10.3.20.153/29 comment="UBNT kasalice" interface=\
- ether4_NanoKasalice network=10.3.20.152
- /ip dhcp-server lease
- add address=10.3.5.253 mac-address=C4:E9:84:6D:3E:9D server=dhcp1
- /ip dhcp-server network
- add address=10.3.5.248/29 dns-server=77.48.254.254,77.48.100.254 gateway=\
- 10.3.5.249
- /ip dns
- set servers=77.48.254.254,77.48.100.254
- /ip ipsec policy
- set 0 dst-address=0.0.0.0/0 src-address=0.0.0.0/0
- /ip proxy
- set cache-path=web-proxy1
- /ip route
- add distance=1 dst-address=10.3.0.0/16 gateway=10.12.32.46
- add distance=1 dst-address=10.12.0.0/16 gateway=10.3.20.169
- /ip service
- set telnet disabled=yes
- set ftp disabled=yes
- set www disabled=yes
- set ssh port=2222
- set api disabled=yes
- set api-ssl disabled=yes
- /ppp aaa
- set use-radius=yes
- /radius
- add address=10.254.254.254 secret=Sup3R_T4jn3H3sl0 service=\
- ppp,login,wireless,dhcp timeout=1s500ms
- add address=37.221.240.48 secret=Sup3R_T4jn3H3sl0 service=\
- ppp,login,wireless,dhcp timeout=1s500ms
- /radius incoming
- set accept=yes port=1700
- /routing bgp peer
- add hold-time=20s in-filter=backup_in_kri keepalive-time=5s name=Kricen \
- out-filter=backup_out_kri remote-address=10.3.20.169 remote-as=12042100 \
- tcp-md5-key=tlaptlap
- add disabled=yes hold-time=20s in-filter=backup keepalive-time=5s name=\
- "peer 10.3.100.94" out-filter=backup remote-address=10.3.20.153 \
- remote-as=3100094 tcp-md5-key=tlaptlap
- add hold-time=20s in-filter=backup_in_kas keepalive-time=5s name=Kasalice \
- out-filter=backup_out_kas remote-address=10.12.32.46 remote-as=3231244 \
- tcp-md5-key=tlaptlap
- /routing filter
- add chain=backup_in_kas set-bgp-prepend=10
- add chain=backup_out_kas set-bgp-prepend=10
- add chain=backup_in_kri set-bgp-prepend=10
- add chain=backup_out_kri set-bgp-prepend=10
- add action=discard chain=backup_out_kas prefix=10.3.0.0/16
- add action=discard chain=backup_out_kri prefix=10.12.0.0/16
- add action=accept chain=backup_in_kas prefix=10.3.0.0/16 prefix-length=17-32 \
- set-bgp-communities=no-export
- add action=accept chain=backup_in_kri prefix=10.12.0.0/16 prefix-length=17-32 \
- set-bgp-communities=no-export
- /routing ospf interface
- add authentication=md5 authentication-key=tlaptlap dead-interval=5s \
- hello-interval=1s network-type=broadcast retransmit-interval=4s
- /routing ospf network
- add area=pardubice disabled=yes
- /snmp
- set enabled=yes
- /system clock
- set time-zone-autodetect=no time-zone-name=Europe/Prague
- /system identity
- set name=RohovladovaBela_Retranclace_MAIN
- /system logging
- add action=echo disabled=yes topics=radius
- add action=logfuk topics=!debug,!packet,!raw,!snmp
- /system ntp client
- set enabled=yes primary-ntp=37.221.240.61 secondary-ntp=37.221.240.62
- /system scheduler
- add interval=2m name=AD155-MONITOR on-event=AD155-MONITOR policy=\
- ftp,reboot,read,write,policy,test,password,sniff,sensitive start-time=\
- startup
- /system script
- add name=AD155-MONITOR owner=Jirka policy=\
- ftp,reboot,read,write,policy,test,password,sniff,sensitive source="# Prome\
- nna pro aktualni stav baterie a priznaku\r\
- \n:global voltage;\r\
- \n:global priznak;\r\
- \n# kdyz jede na elektriku ma 27V - kdyztak doladit dle MK potenciometrem \
- na zdroji, Kdyz Spadne klesne pri plnem nabiti dle zateze k cca 26,2V\r\
- \n:global frombatt 265;\r\
- \n# vypina pri 19,7V\r\
- \n:global minbatt 200;\r\
- \n# promene pro desetinny zapis napeti\r\
- \n:global V;\r\
- \n\r\
- \n:if ((\"-\" . \$priznak)=\"-\") do={:set priznak 0}\r\
- \n\r\
- \n# Ziskame info o napeti na baterii\r\
- \n:set voltage [system health get voltage];\r\
- \n#Rozdelime si napeti abychom ho mohli vyjadrit ve Voltech\r\
- \n :set V {\"V1\"=[:pick \$voltage 0 2]; \"V2\"=[:pick \$voltage 2 3]; \"V\
- P\"=[(((\$voltage-197)*100)/65)]};\r\
- \n\r\
- \n# zjistime stavy a podle toho reagujeme\r\
- \n:if (\$voltage>\$frombatt) do={\r\
- \n:if (\$priznak=0 && \$voltage>\$frombatt) do={\r\
- \n:log info \"Napajeni ze site obnoveno\";\r\
- \n:set priznak 1;\r\
- \n/tool e-mail send to=\"jiri.tlapak1@vodafonemail.cz\" subject=(\"Napajen\
- i bylo obnoveno!\") body=(\"Napajeni bylo obnoveno a baterie je na \" . (\
- \$V->\"V1\") . \",\" . (\$V->\"V2\") . \"V. Zbyvalo jeste: \" . (\$V->\"VP\
- \") . \"%\");\r\
- \n} else={\r\
- \n:log warning \"Napajeni je v poradku\";\r\
- \n:log warning (\"Aktualni napeti:\" . (\$V->\"V1\") . \",\" . (\$V->\"V2\
- \") . \"V. Do uplneho vybiti zbyva: \" . (\$V->\"VP\") . \"%\");\r\
- \n}\r\
- \n} else={\r\
- \n:log error \"Napajeni preruseno\";\r\
- \n:if (\$voltage<=\$minbatt) do={\r\
- \n:log error (\"Stav baterie na kriticke mezi:\" . (\$V->\"V1\") . \",\" .\
- \_(\$V->\"V2\") . \"V. Za chvili dojde k automatickemu vypnuti. Do uplneho\
- \_vybiti zbyva: \" . (\$V->\"VP\") . \"%\");\r\
- \n/tool e-mail send to=\"jiri.tlapak1@vodafonemail.cz\" subject=(\"Napajen\
- i preruseno! Kriticky stav baterie:\" . (\$V->\"V1\") . \",\" . (\$V->\"V2\
- \") . \"V\") body=(\"Baterie je na \" . (\$V->\"V1\") . \",\" . (\$V->\"V2\
- \") . \"V! Do uplneho vybiti zbyva: \" . (\$V->\"VP\") . \"%\");\r\
- \n} else={\r\
- \n:log warning (\"Aktualni napeti:\" . (\$V->\"V1\") . \",\" . (\$V->\"V2\
- \") . \"V. Do uplneho vybiti zbyva: \" . (\$V->\"VP\") . \"%\");\r\
- \n/tool e-mail send to=\"jiri.tlapak1@vodafonemail.cz\" subject=(\"Napajen\
- i preruseno! Zbyva:\" . (\$V->\"V1\") . \",\" . (\$V->\"V2\") . \"V\") bod\
- y=(\"Baterie je na \" . (\$V->\"V1\") . \",\" . (\$V->\"V2\") . \"V! Do up\
- lneho vybiti zbyva: \" . (\$V->\"VP\") . \"%\");\r\
- \n:set priznak 0;\r\
- \n}};\r\
- \n"
- /tool e-mail
- set address=77.48.101.171 from=\
- RB-750UP-RetrKasaliceKricen_10.3.254.90@tlapnet.cz port=55522
- /user aaa
- set accounting=no use-radius=yes
- "
- string(3325) "# nov/20/2019 09:10:58 by RouterOS 6.45.7
- # software id = 34BR-JK01
- #
- # model = 912UAG-5HPnD
- # serial number = 603D01665F37
- /interface ethernet
- set [ find default-name=ether1 ] speed=100Mbps
- /interface wireless
- set [ find default-name=wlan1 ] band=5ghz-onlyn country="united states" \
- disabled=no frequency=5660 frequency-mode=superchannel mode=ap-bridge \
- name=wlan1_PECRAY1 rx-chains=0,1 ssid=PECRAY1 tx-chains=0,1 \
- wireless-protocol=nv2
- /interface wireless security-profiles
- set [ find default=yes ] supplicant-identity=MikroTik
- /ip ipsec proposal
- set [ find default=yes ] enc-algorithms=aes-128-cbc
- /routing bgp instance
- set default as=13011171 redistribute-connected=yes
- /routing ospf area
- add area-id=13.0.0.0 name=Kolin
- /routing ospf instance
- set [ find default=yes ] redistribute-connected=as-type-1
- /snmp community
- set [ find default=yes ] addresses=0.0.0.0/0 read-access=no
- add addresses=0.0.0.0/0 name=zabbix
- /system logging action
- add name=logfuk remote=10.254.254.254 remote-port=5141 src-address=\
- 10.13.11.171 target=remote
- /user group
- set read policy="local,telnet,ssh,reboot,read,test,winbox,web,sniff,api,romon,\
- tikapp,!ftp,!write,!policy,!password,!sensitive,!dude"
- add name=telnet policy="local,telnet,ssh,reboot,read,write,policy,test,api,dud\
- e,!ftp,!winbox,!password,!web,!sniff,!sensitive,!romon,!tikapp"
- add name=winbox policy="local,ssh,reboot,read,write,policy,test,winbox,api,rom\
- on,dude,tikapp,!telnet,!ftp,!password,!web,!sniff,!sensitive"
- add name=ssh policy="ssh,!local,!telnet,!ftp,!reboot,!read,!write,!policy,!tes\
- t,!winbox,!password,!web,!sniff,!sensitive,!api,!romon,!dude,!tikapp"
- /ip firewall connection tracking
- set enabled=no
- /ipv6 settings
- set max-neighbor-entries=1024
- /interface wireless connect-list
- add interface=wlan1_PECRAY1 mac-address=4C:5E:0C:D9:2A:3B security-profile=\
- default
- /ip address
- add address=10.13.11.171/29 comment=WAN interface=ether1 network=10.13.11.168
- add address=10.13.12.33/28 comment=PECRAY1 interface=wlan1_PECRAY1 network=\
- 10.13.12.32
- /ip dns
- set servers=77.48.254.254,77.48.100.254
- /ip service
- set telnet disabled=yes
- set ftp disabled=yes
- set www disabled=yes
- set ssh port=2222
- set api disabled=yes
- set api-ssl disabled=yes
- /ppp aaa
- set use-radius=yes
- /radius
- add address=10.254.254.254 secret=Sup3R_T4jn3H3sl0 service=\
- ppp,login,wireless,dhcp timeout=1s500ms
- add address=37.221.240.48 secret=Sup3R_T4jn3H3sl0 service=\
- ppp,login,wireless,dhcp timeout=1s500ms
- /radius incoming
- set accept=yes port=1700
- /routing bgp peer
- add hold-time=20s keepalive-time=5s name="peer 10.13.11.162" remote-address=\
- 10.13.11.169 remote-as=13024250 tcp-md5-key=tlaptlap
- /routing ospf interface
- add authentication=md5 authentication-key=tlaptlap dead-interval=5s \
- hello-interval=1s network-type=broadcast retransmit-interval=4s
- /routing ospf network
- add area=Kolin disabled=yes
- /snmp
- set enabled=yes
- /system clock
- set time-zone-autodetect=no time-zone-name=Europe/Prague
- /system identity
- set name=Cervene_Pecky_150_PECRAY1
- /system leds
- set 0 interface=wlan1_PECRAY1
- /system logging
- add action=echo disabled=yes topics=radius
- add action=logfuk topics=!debug,!packet,!raw,!snmp
- /system ntp client
- set enabled=yes primary-ntp=37.221.240.61 secondary-ntp=37.221.240.62
- /user aaa
- set accounting=no use-radius=yes
- "
- string(2937) "# nov/20/2019 09:11:21 by RouterOS 6.42.3
- # software id = 2SPT-1IRB
- #
- # model = 912UAG-5HPnD
- # serial number = 68120500E63B
- /interface wireless
- set [ find default-name=wlan1 ] band=5ghz-onlyn country="czech republic" \
- disabled=no frequency=5620 frequency-mode=superchannel mode=ap-bridge \
- name=wlan1_RAY2 rx-chains=0,1 ssid=169_RAY2 tx-chains=0,1 \
- wireless-protocol=nv2
- /interface wireless security-profiles
- set [ find default=yes ] supplicant-identity=MikroTik
- /routing bgp instance
- set default as=9011214 redistribute-connected=yes
- /routing ospf instance
- set [ find default=yes ] redistribute-connected=as-type-1
- /snmp community
- set [ find default=yes ] addresses=0.0.0.0/0 read-access=no
- add addresses=0.0.0.0/0 name=zabbix
- /system logging action
- add name=logfuk remote=10.254.254.254 remote-port=5141 src-address=\
- 10.9.11.214 target=remote
- /user group
- set read policy="local,telnet,ssh,reboot,read,test,winbox,web,sniff,api,romon,\
- tikapp,!ftp,!write,!policy,!password,!sensitive,!dude"
- add name=telnet policy="local,telnet,ssh,reboot,read,write,policy,test,api,!ft\
- p,!winbox,!password,!web,!sniff,!sensitive,!romon,!dude,!tikapp"
- add name=winbox policy="local,ssh,reboot,read,write,policy,test,winbox,api,!te\
- lnet,!ftp,!password,!web,!sniff,!sensitive,!romon,!dude,!tikapp"
- add name=ssh policy="ssh,!local,!telnet,!ftp,!reboot,!read,!write,!policy,!tes\
- t,!winbox,!password,!web,!sniff,!sensitive,!api,!romon,!dude,!tikapp"
- /ip firewall connection tracking
- set enabled=no
- /ip address
- add address=10.9.11.214/28 interface=ether1 network=10.9.11.208
- add address=10.9.14.33/28 interface=wlan1_RAY2 network=10.9.14.32
- /ip dns
- set servers=77.48.254.254,77.48.100.254
- /ip service
- set telnet disabled=yes
- set ftp disabled=yes
- set www disabled=yes
- set ssh port=2222
- set api disabled=yes
- set api-ssl disabled=yes
- /ppp aaa
- set use-radius=yes
- /radius
- add address=10.254.254.254 secret=Sup3R_T4jn3H3sl0 service=\
- ppp,login,wireless,dhcp timeout=1s500ms
- add address=37.221.240.48 secret=Sup3R_T4jn3H3sl0 service=\
- ppp,login,wireless,dhcp timeout=1s500ms
- /radius incoming
- set accept=yes port=1700
- /routing bgp peer
- add comment=WAN hold-time=20s keepalive-time=5s name="peer 10.9.11.209" \
- remote-address=10.9.11.209 remote-as=12052044 tcp-md5-key=tlaptlap
- /routing ospf interface
- add authentication=md5 authentication-key=tlaptlap network-type=broadcast
- /routing ospf network
- add area=backbone disabled=yes
- /snmp
- set enabled=yes
- /system clock
- set time-zone-name=Europe/Prague
- /system identity
- set name=Mikulovice_cp169_Ray2_smerVLouckach
- /system leds
- set 0 interface=wlan1_RAY2
- /system logging
- add action=echo topics=info
- add action=echo disabled=yes topics=radius
- add action=logfuk topics=!debug,!packet,!raw,!snmp
- /system ntp client
- set enabled=yes primary-ntp=37.221.240.61 secondary-ntp=37.221.240.62
- /system routerboard settings
- set silent-boot=no
- /user aaa
- set accounting=no use-radius=yes
- "
- string(4502) "# nov/20/2019 09:10:48 by RouterOS 6.43.7
- # software id = RXLE-131N
- #
- # model = 2011UAS
- # serial number = 402F02A4C4AD
- /interface bridge
- add fast-forward=no mtu=1500 name=IPTV-SWITCH protocol-mode=none
- add fast-forward=no mtu=1500 name=NET-SWITCH protocol-mode=none
- add fast-forward=no mtu=1500 name=WAN-TRUNK-SWITCH protocol-mode=none
- /interface ethernet
- set [ find default-name=ether1 ] comment=tripleplay_READY speed=100Mbps
- set [ find default-name=ether2 ] comment=tripleplay_READY speed=100Mbps
- set [ find default-name=ether3 ] comment=IPTV_READY speed=100Mbps
- set [ find default-name=ether4 ] comment=IPTV_READY speed=100Mbps
- set [ find default-name=ether5 ] comment=IPTV_READY speed=100Mbps
- set [ find default-name=ether6 ] comment=NET_READY
- set [ find default-name=ether7 ] comment=NET_READY
- set [ find default-name=ether8 ] comment=NET_READY
- set [ find default-name=ether9 ] comment=NET_READY
- set [ find default-name=ether10 ] comment=NET_READY
- set [ find default-name=sfp1 ] comment=WAN speed=100Mbps
- /interface vlan
- add interface=WAN-TRUNK-SWITCH name=IPTV vlan-id=104
- add interface=WAN-TRUNK-SWITCH name=NET vlan-id=318
- /interface list
- add exclude=dynamic name=discover
- /interface wireless security-profiles
- set [ find default=yes ] supplicant-identity=MikroTik
- /ip ipsec proposal
- set [ find default=yes ] enc-algorithms=3des
- /snmp community
- set [ find default=yes ] read-access=no
- add addresses=0.0.0.0/0 name=zabbix
- /system logging action
- set 0 memory-lines=100
- set 1 disk-lines-per-file=100
- add name=logfuk remote=37.221.240.47 remote-port=5141 src-address=10.3.191.2 \
- target=remote
- /user group
- set read policy="local,telnet,ssh,reboot,read,test,winbox,web,sniff,api,romon,\
- tikapp,!ftp,!write,!policy,!password,!sensitive,!dude"
- add name=telnet policy="local,telnet,ssh,reboot,read,write,policy,test,api,dud\
- e,!ftp,!winbox,!password,!web,!sniff,!sensitive,!romon,!tikapp"
- add name=winbox policy="local,ssh,reboot,read,write,policy,test,winbox,api,rom\
- on,dude,tikapp,!telnet,!ftp,!password,!web,!sniff,!sensitive"
- add name=ssh policy="ssh,!local,!telnet,!ftp,!reboot,!read,!write,!policy,!tes\
- t,!winbox,!password,!web,!sniff,!sensitive,!api,!romon,!dude,!tikapp"
- /interface bridge port
- add bridge=WAN-TRUNK-SWITCH hw=no interface=sfp1
- add bridge=WAN-TRUNK-SWITCH hw=no interface=ether1
- add bridge=WAN-TRUNK-SWITCH hw=no interface=ether2
- add bridge=IPTV-SWITCH hw=no interface=ether3
- add bridge=IPTV-SWITCH hw=no interface=ether4
- add bridge=IPTV-SWITCH hw=no interface=ether5
- add bridge=IPTV-SWITCH interface=IPTV
- add bridge=NET-SWITCH interface=NET
- add bridge=NET-SWITCH hw=no interface=ether6
- add bridge=NET-SWITCH hw=no interface=ether7
- add bridge=NET-SWITCH hw=no interface=ether8
- add bridge=NET-SWITCH hw=no interface=ether9
- add bridge=NET-SWITCH hw=no interface=ether10
- /ip neighbor discovery-settings
- set discover-interface-list=discover
- /interface list member
- add interface=sfp1 list=discover
- add interface=ether1 list=discover
- add interface=ether2 list=discover
- add interface=ether3 list=discover
- add interface=ether4 list=discover
- add interface=ether5 list=discover
- add interface=ether6 list=discover
- add interface=ether7 list=discover
- add interface=ether8 list=discover
- add interface=ether9 list=discover
- add interface=ether10 list=discover
- add interface=WAN-TRUNK-SWITCH list=discover
- add interface=IPTV-SWITCH list=discover
- add interface=NET-SWITCH list=discover
- add interface=IPTV list=discover
- add interface=NET list=discover
- /ip address
- add address=10.3.191.2/24 interface=NET-SWITCH network=10.3.191.0
- /ip dns
- set servers=77.48.254.254,77.48.100.254
- /ip route
- add distance=1 gateway=10.3.191.1
- /ip service
- set telnet disabled=yes
- set ftp disabled=yes
- set www disabled=yes
- set ssh port=2222
- set api disabled=yes
- set api-ssl disabled=yes
- /ppp aaa
- set use-radius=yes
- /radius
- add address=10.254.254.254 secret=Sup3R_T4jn3H3sl0 service=\
- ppp,login,wireless,dhcp timeout=1s500ms
- add address=37.221.240.48 secret=Sup3R_T4jn3H3sl0 service=\
- ppp,login,wireless,dhcp timeout=1s500ms
- /radius incoming
- set accept=yes port=1700
- /snmp
- set enabled=yes location=Pardubicka_1334
- /system clock
- set time-zone-autodetect=no time-zone-name=Europe/Prague
- /system identity
- set name=Prelouc_Pardubicka-1334-switch_RB2011
- /system logging
- add action=echo disabled=yes topics=radius
- add action=logfuk topics=!debug,!packet,!raw,!snmp
- /system ntp client
- set enabled=yes primary-ntp=37.221.240.61 secondary-ntp=37.221.240.62
- /user aaa
- set accounting=no use-radius=yes
- "
- string(2526) "# nov/20/2019 09:10:46 by RouterOS 6.38.5
- # software id = M0ZF-CLGL
- #
- /interface wireless
- set [ find default-name=wlan1 ] band=5ghz-a/n country="czech republic" \
- disabled=no frequency=5775 mode=ap-bridge name=wlan1_Ray4-smerKunka \
- rx-chains=0,1 ssid=MikSEKH1 tx-chains=0,1 wireless-protocol=nv2
- /interface wireless security-profiles
- set [ find default=yes ] supplicant-identity=MikroTik
- /routing bgp instance
- set default as=9011210 redistribute-connected=yes
- /snmp community
- set [ find default=yes ] read-access=no
- add addresses=0.0.0.0/0 name=zabbix
- /system logging action
- add name=logfuk remote=10.254.254.254 remote-port=5141 src-address=\
- 10.9.11.210 target=remote
- /user group
- set read policy="local,telnet,ssh,reboot,read,test,winbox,web,sniff,api,romon,\
- tikapp,!ftp,!write,!policy,!password,!sensitive,!dude"
- add name=telnet policy="local,telnet,ssh,reboot,read,write,policy,test,api,!ft\
- p,!winbox,!password,!web,!sniff,!sensitive,!romon,!dude,!tikapp"
- add name=winbox policy="local,ssh,reboot,read,write,policy,test,winbox,api,!te\
- lnet,!ftp,!password,!web,!sniff,!sensitive,!romon,!dude,!tikapp"
- add name=ssh policy="ssh,!local,!telnet,!ftp,!reboot,!read,!write,!policy,!tes\
- t,!winbox,!password,!web,!sniff,!sensitive,!api,!romon,!dude,!tikapp"
- /ip address
- add address=10.9.11.210/28 comment=WAN interface=ether1 network=10.9.11.208
- add address=10.9.12.225/28 comment=Sek interface=wlan1_Ray4-smerKunka \
- network=10.9.12.224
- /ip dns
- set servers=77.48.254.254,77.48.100.254
- /ip service
- set telnet disabled=yes
- set ftp disabled=yes
- set www disabled=yes
- set ssh port=2222
- set api disabled=yes
- set api-ssl disabled=yes
- /ppp aaa
- set use-radius=yes
- /radius
- add address=10.254.254.254 secret=Sup3R_T4jn3H3sl0 service=\
- ppp,login,wireless,dhcp timeout=1s500ms
- add address=37.221.240.48 secret=Sup3R_T4jn3H3sl0 service=\
- ppp,login,wireless,dhcp timeout=1s500ms
- /radius incoming
- set accept=yes port=1700
- /routing bgp peer
- add comment=WAN hold-time=20s keepalive-time=5s name="peer 10.9.11.209" \
- remote-address=10.9.11.209 remote-as=12052044 tcp-md5-key=tlaptlap
- /snmp
- set enabled=yes
- /system clock
- set time-zone-name=Europe/Prague
- /system identity
- set name=Mikulovice_cp169_Ray4_smerKunka
- /system logging
- add action=echo disabled=yes topics=radius
- add action=logfuk topics=!debug,!packet,!raw,!snmp
- /system ntp client
- set enabled=yes primary-ntp=37.221.240.61 secondary-ntp=37.221.240.62
- /system routerboard settings
- set init-delay=0s
- /user aaa
- set accounting=no use-radius=yes
- "
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement