Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /interface ethernet
- set [ find default-name=ether1 ] rx-flow-control=auto speed=100Mbps tx-flow-control=auto
- set [ find default-name=ether2 ] speed=100Mbps
- set [ find default-name=ether3 ] speed=100Mbps
- set [ find default-name=ether4 ] speed=100Mbps
- set [ find default-name=ether5 ] speed=100Mbps
- set [ find default-name=sfp1 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
- /interface bridge
- add admin-mac=6C:3B:6B:45:A6:58 auto-mac=no name=wlan2lan protocol-mode=none
- /interface list
- add name=WAN
- add name=LAN
- /interface wireless security-profiles
- set [ find default=yes ] authentication-types=wpa2-psk eap-methods="" mode=dynamic-keys supplicant-identity=AP02
- add authentication-types=wpa2-eap eap-methods="" mode=dynamic-keys name="DENY MASTER IFACE" supplicant-identity=AP01 tls-certificate=CAP-6C3B6B45B9EA tls-mode=verify-certificate
- add authentication-types=wpa2-psk eap-methods="" group-key-update=1h management-protection=allowed mode=dynamic-keys name="PERMIT IP" supplicant-identity=""
- add authentication-types=wpa2-eap group-key-update=1h mode=dynamic-keys name="DENY IP" supplicant-identity=sphere01 tls-mode=dont-verify-certificate
- add authentication-types=wpa2-eap group-key-update=1h management-protection=allowed mode=dynamic-keys name="DENY IP2" supplicant-identity=sphere01
- /interface wireless
- set [ find default-name=wlan1 ] antenna-gain=3 band=2ghz-onlyn bridge-mode=disabled country=austria disabled=no distance=indoors frequency=2437 frequency-mode=regulatory-domain hide-ssid=yes \
- installation=indoor mode=ap-bridge multicast-helper=full name=2G security-profile="DENY MASTER IFACE" ssid=2 wireless-protocol=802.11 wps-mode=disabled
- set [ find default-name=wlan2 ] antenna-gain=2 band=5ghz-a/n/ac bridge-mode=disabled channel-width=20/40/80mhz-Ceee country=austria disabled=no distance=indoors frequency=auto frequency-mode=\
- regulatory-domain hide-ssid=yes installation=indoor mode=ap-bridge multicast-helper=full name=5G security-profile="DENY MASTER IFACE" ssid=5 wireless-protocol=802.11 wps-mode=disabled
- add mac-address=02:00:00:AA:00:00 master-interface=2G multicast-helper=full name="deny 2" security-profile="DENY IP" ssid="DENY IP ANY ANY" wmm-support=enabled wps-mode=disabled
- add disabled=no mac-address=02:00:00:AA:00:02 master-interface=5G multicast-helper=full name="deny 5" security-profile="DENY IP2" ssid="DENY IP ANY ANY" wmm-support=enabled wps-mode=disabled
- add disabled=no mac-address=02:00:00:AA:00:01 master-interface=2G max-station-count=10 multicast-helper=full name="permit 2" security-profile="PERMIT IP" ssid="PERMIT IP ANY ANY" wps-mode=\
- disabled
- add disabled=no mac-address=02:00:00:AA:00:03 master-interface=5G max-station-count=10 multicast-helper=full name="permit 5" security-profile="PERMIT IP" ssid="PERMIT IP ANY ANY" wps-mode=\
- disabled
- /snmp community
- set [ find default=yes ] addresses=0.0.0.0/0
- add addresses=::/0 name=unimatrix01
- /interface bridge port
- add bridge=wlan2lan interface=ether1
- add bridge=wlan2lan interface=ether2
- add bridge=wlan2lan interface=*1
- add bridge=wlan2lan interface=*2
- add bridge=wlan2lan interface=ether3
- add bridge=wlan2lan interface=ether4
- add bridge=wlan2lan interface=ether5
- add bridge=wlan2lan interface=sfp1
- add bridge=wlan2lan interface="permit 5"
- add bridge=wlan2lan interface="permit 2"
- add bridge=wlan2lan interface="deny 2"
- add bridge=wlan2lan interface="deny 5"
- /ip settings
- set ip-forward=no
- /interface bridge vlan
- add bridge=wlan2lan tagged=wlan2lan,ether1 vlan-ids=9
- /interface list member
- add interface=ether1 list=WAN
- add interface=wlan2lan list=LAN
- /interface wireless access-list
- add disabled=yes interface="permit 2" mac-address=34:CE:00:EB:00:86 vlan-mode=no-tag
- add disabled=yes interface="permit 2" mac-address=00:04:20:F1:75:58 vlan-mode=no-tag
- add authentication=no disabled=yes forwarding=no interface="permit 2" vlan-mode=no-tag
- add authentication=no disabled=yes forwarding=no interface="permit 5" vlan-mode=no-tag
- /interface wireless cap
- set bridge=wlan2lan caps-man-addresses=192.168.254.254 certificate=request discovery-interfaces=ether1,ether2 interfaces=*1,*2 static-virtual=yes
- /ip dhcp-client
- add dhcp-options=hostname,clientid disabled=no interface=wlan2lan
- /ip dns static
- add address=192.168.254.107 name=router.lan
- /ip service
- set telnet disabled=yes
- set www disabled=yes
- set www-ssl disabled=no
- set api disabled=yes
- set api-ssl certificate="Mikrotik API Cert"
- /ip ssh
- set allow-none-crypto=yes forwarding-enabled=remote
- /radius
- add address=192.168.254.250 service=ppp,login,wireless timeout=3s
- /snmp
- set enabled=yes trap-community=unimatrix01
- /system clock
- set time-zone-name=Europe/Vienna
- /system identity
- set name=sphere01
- /system leds
- set 0 interface=2G
- set 1 interface=5G
- /system logging
- add disabled=yes topics=wireless,debug
- add disabled=yes topics=wireless,event
- /system ntp client
- set enabled=yes primary-ntp=192.168.254.250 secondary-ntp=192.168.254.250
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement