API tools faq
paste
3nema

CHR VPN TRECCANI

3nema
Aug 25th, 2022
97
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.15 KB | Software | 0 0
raw download clone embed print report
  1. # aug/25/2022 06:18:24 by RouterOS 7.4
  2. # software id =
  3. #
  4. /interface bridge
  5. add name=OVPN-bridge
  6. /interface ethernet
  7. set [ find default-name=ether1 ] arp=proxy-arp disable-running-check=no
  8. /interface wireless security-profiles
  9. set [ find default=yes ] supplicant-identity=MikroTik
  10. /ip pool
  11. add name=OVPN-pool ranges=10.100.1.100-10.100.1.250
  12. /port
  13. set 0 name=serial0
  14. set 1 name=serial1
  15. set 2 name=serial2
  16. set 3 name=serial3
  17. /ppp profile
  18. set *FFFFFFFE bridge=OVPN-bridge local-address=10.100.1.1 remote-address=\
  19. OVPN-pool
  20. /routing bgp template
  21. set default as=65000 disabled=no routing-table=main
  22. /interface ovpn-server server
  23. set auth=sha1,md5 certificate=SERVER cipher=blowfish128,aes128,aes192,aes256 \
  24. default-profile=default-encryption enabled=yes \
  25. require-client-certificate=yes
  26. /interface sstp-server server
  27. set enabled=yes tls-version=only-1.2
  28. /ip address
  29. add address=10.100.1.1/24 interface=OVPN-bridge network=10.100.1.0
  30. /ip dhcp-client
  31. add interface=ether1
  32. /ip dns
  33. set servers=8.8.8.8
  34. /ip firewall filter
  35. add action=accept chain=input comment="OVPN pass" dst-port=1194 protocol=tcp
  36. /ip firewall nat
  37. add action=masquerade chain=srcnat out-interface=ether1
  38. add action=netmap chain=dstnat disabled=yes dst-address=10.10.150.0/24 \
  39. to-addresses=192.168.2.0/24
  40. /ip route
  41. add comment="SSTP TUNNEL NETMAP" disabled=no distance=1 dst-address=\
  42. 10.10.100.0/24 gateway=10.250.1.2 pref-src=0.0.0.0 routing-table=main \
  43. scope=30 suppress-hw-offload=no target-scope=10
  44. add comment="OVPN NETMAP" disabled=yes distance=1 dst-address=10.10.150.0/24 \
  45. gateway=10.100.1.2 pref-src=0.0.0.0 routing-table=main scope=30 \
  46. suppress-hw-offload=no target-scope=10
  47. /ip service
  48. set ssh disabled=yes
  49. /ppp secret
  50. add disabled=yes local-address=10.200.1.1 name=treccani.daniele \
  51. remote-address=10.200.1.2 service=sstp
  52. add disabled=yes local-address=10.200.1.1 name=lab remote-address=10.200.1.3 \
  53. service=sstp
  54. add name=treccani.sistemi profile=default-encryption remote-address=\
  55. 10.100.1.154
  56. add local-address=10.250.1.1 name=SSTP remote-address=10.250.1.2 service=sstp
  57. /system identity
  58. set name="VPN Treccani"
  59.  
Tags: mikrotik
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!