API tools faq
paste
Guest User

Untitled

a guest
Dec 8th, 2020
19
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.87 KB | None | 0 0
raw download clone embed print report
  1. # dec/08/2020 12:56:56 by RouterOS 6.47.8
  2. # software id = QDQU-CI02
  3. #
  4. # model = RBSXTR
  5. # serial number = B72B0BD60706
  6. /interface lte
  7. set [ find ] name=lte1
  8. /interface bridge
  9. add admin-mac=C4:AD:34:76:26:BB auto-mac=no comment=defconf name=bridge
  10. /interface list
  11. add comment=defconf name=WAN
  12. add comment=defconf name=LAN
  13. /interface wireless security-profiles
  14. set [ find default=yes ] supplicant-identity=MikroTik
  15. /ip hotspot profile
  16. set [ find default=yes ] html-directory=flash/hotspot
  17. /ip pool
  18. add name=default-dhcp ranges=192.168.88.10-192.168.88.254
  19. /ip dhcp-server
  20. add address-pool=default-dhcp disabled=no interface=bridge name=defconf
  21. /interface bridge port
  22. add bridge=bridge comment=defconf interface=ether1
  23. add bridge=bridge comment=defconf interface=ether2
  24. /ip neighbor discovery-settings
  25. set discover-interface-list=LAN
  26. /interface list member
  27. add comment=defconf interface=bridge list=LAN
  28. add comment=defconf interface=lte1 list=WAN
  29. /ip address
  30. add address=192.168.88.1/24 comment=defconf interface=bridge network=\
  31. 192.168.88.0
  32. /ip dhcp-server network
  33. add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
  34. /ip dns
  35. set allow-remote-requests=yes servers=8.8.8.8
  36. /ip dns static
  37. add address=192.168.88.1 comment=defconf name=router.lan
  38. /ip firewall filter
  39. add action=accept chain=input comment=\
  40. "defconf: accept established,related,untracked" connection-state=\
  41. established,related,untracked
  42. add action=drop chain=input comment="defconf: drop invalid" connection-state=\
  43. invalid
  44. add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
  45. add action=accept chain=input comment=\
  46. "defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
  47. add action=drop chain=input comment="defconf: drop all not coming from LAN" \
  48. in-interface-list=!LAN
  49. add action=accept chain=forward comment="defconf: accept in ipsec policy" \
  50. ipsec-policy=in,ipsec
  51. add action=accept chain=forward comment="defconf: accept out ipsec policy" \
  52. ipsec-policy=out,ipsec
  53. add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
  54. connection-state=established,related
  55. add action=accept chain=forward comment=\
  56. "defconf: accept established,related, untracked" connection-state=\
  57. established,related,untracked
  58. add action=drop chain=forward comment="defconf: drop invalid" \
  59. connection-state=invalid
  60. add action=drop chain=forward comment=\
  61. "defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
  62. connection-state=new in-interface-list=WAN
  63. /ip firewall nat
  64. add action=masquerade chain=srcnat comment="defconf: masquerade" \
  65. ipsec-policy=out,none out-interface=lte1
  66. /system clock
  67. set time-zone-name=Europe/Kiev
  68. /system routerboard settings
  69. set auto-upgrade=yes
  70. /tool mac-server
  71. set allowed-interface-list=LAN
  72. /tool mac-server mac-winbox
  73. set allowed-interface-list=LAN
  74.  
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!