Last active
August 19, 2016 23:11
-
-
Save i5okie/7a9edf03d732f956c68865c524c1c5b0 to your computer and use it in GitHub Desktop.
mikrotik_config
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # aug/19/2016 16:09:25 by RouterOS 6.36 | |
| # software id = Y92J-ABBU | |
| # | |
| /interface bridge | |
| add admin-mac=E4:8D:8C:A8:9B:DB auto-mac=no name=bridge-local | |
| /interface wireless | |
| set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-Ce \ | |
| country=canada disabled=no distance=indoors frequency=auto mode=ap-bridge \ | |
| name=WLAN1 ssid=blah wds-default-bridge=bridge-local wds-mode=\ | |
| dynamic-mesh wireless-protocol=802.11 | |
| /interface ethernet | |
| set [ find default-name=ether1 ] name=ether1-gateway | |
| set [ find default-name=ether2 ] name=ether2-master-local | |
| set [ find default-name=ether3 ] master-port=ether2-master-local name=\ | |
| ether3-slave-local | |
| set [ find default-name=ether4 ] master-port=ether2-master-local name=\ | |
| ether4-slave-local | |
| set [ find default-name=ether5 ] master-port=ether2-master-local name=\ | |
| ether5-slave-local | |
| set [ find default-name=ether6 ] master-port=ether2-master-local name=\ | |
| ether6-slave-local | |
| set [ find default-name=ether7 ] master-port=ether2-master-local name=\ | |
| ether7-slave-local | |
| set [ find default-name=ether8 ] master-port=ether2-master-local name=\ | |
| ether8-slave-local | |
| set [ find default-name=ether9 ] master-port=ether2-master-local name=\ | |
| ether9-slave-local | |
| set [ find default-name=ether10 ] master-port=ether2-master-local name=\ | |
| ether10-slave-local | |
| set [ find default-name=ether11 ] master-port=ether2-master-local name=\ | |
| ether11-slave-local | |
| set [ find default-name=ether12 ] master-port=ether2-master-local name=\ | |
| ether12-slave-local | |
| set [ find default-name=ether13 ] master-port=ether2-master-local name=\ | |
| ether13-slave-local | |
| set [ find default-name=ether14 ] master-port=ether2-master-local name=\ | |
| ether14-slave-local | |
| set [ find default-name=ether15 ] master-port=ether2-master-local name=\ | |
| ether15-slave-local | |
| set [ find default-name=ether16 ] master-port=ether2-master-local name=\ | |
| ether16-slave-local | |
| set [ find default-name=ether17 ] master-port=ether2-master-local name=\ | |
| ether17-slave-local | |
| set [ find default-name=ether18 ] master-port=ether2-master-local name=\ | |
| ether18-slave-local | |
| set [ find default-name=ether19 ] master-port=ether2-master-local name=\ | |
| ether19-slave-local | |
| set [ find default-name=ether20 ] master-port=ether2-master-local name=\ | |
| ether20-slave-local | |
| set [ find default-name=ether21 ] master-port=ether2-master-local name=\ | |
| ether21-slave-local | |
| set [ find default-name=ether22 ] master-port=ether2-master-local name=\ | |
| ether22-slave-local | |
| set [ find default-name=ether23 ] master-port=ether2-master-local name=\ | |
| ether23-slave-local | |
| set [ find default-name=ether24 ] master-port=ether2-master-local name=\ | |
| ether24-slave-local | |
| /ip neighbor discovery | |
| set ether1-gateway discover=no | |
| /interface vlan | |
| add interface=bridge-local name=vlan1 vlan-id=1 | |
| /interface ethernet | |
| set [ find default-name=sfp1 ] auto-negotiation=no master-port=\ | |
| ether2-master-local name=SFP1 rx-flow-control=auto tx-flow-control=auto | |
| /interface ethernet switch trunk | |
| add member-ports=ether2-master-local,SFP1 name=trunk1 | |
| /interface wireless security-profiles | |
| set [ find default=yes ] authentication-types=wpa2-psk eap-methods="" \ | |
| group-ciphers=tkip,aes-ccm mode=dynamic-keys supplicant-identity=MikroTik \ | |
| unicast-ciphers=tkip,aes-ccm wpa2-pre-shared-key=WP2016data | |
| /ip ipsec proposal | |
| set [ find default=yes ] enc-algorithms=aes-128-cbc | |
| /ip pool | |
| add name=dhcp ranges=192.168.88.10-192.168.88.254 | |
| /ip dhcp-server | |
| add address-pool=dhcp disabled=no interface=bridge-local name=default | |
| /interface bridge port | |
| add bridge=bridge-local interface=ether2-master-local | |
| add bridge=bridge-local interface=WLAN1 | |
| add bridge=bridge-local disabled=yes interface=ether1-gateway | |
| /interface wireless cap | |
| set interfaces=WLAN1 | |
| /ip address | |
| add address=192.168.88.1/24 comment="default configuration" interface=\ | |
| ether2-master-local network=192.168.88.0 | |
| /ip cloud | |
| set ddns-enabled=yes | |
| /ip dhcp-client | |
| add comment="default configuration" dhcp-options=hostname,clientid disabled=\ | |
| no interface=ether1-gateway | |
| /ip dhcp-server lease | |
| add address=192.168.88.100 client-id=1:70:e2:84:12:c3:26 mac-address=\ | |
| 70:E2:84:12:C3:26 server=default | |
| add address=192.168.88.3 always-broadcast=yes client-id=1:e4:8d:8c:c3:c8:92 \ | |
| mac-address=E4:8D:8C:C3:C8:92 server=default | |
| /ip dhcp-server network | |
| add address=192.168.88.0/24 comment="default configuration" gateway=\ | |
| 192.168.88.1 netmask=24 | |
| /ip dns | |
| set allow-remote-requests=yes | |
| /ip dns static | |
| add address=192.168.88.1 name=router | |
| /ip firewall filter | |
| add action=accept chain=forward comment="default configuration" \ | |
| connection-state=established,related log-prefix="" | |
| add action=drop chain=forward comment="default configuration" \ | |
| connection-state=invalid log-prefix="" | |
| add action=drop chain=forward comment="default configuration" \ | |
| connection-nat-state=!dstnat connection-state=new in-interface=\ | |
| ether1-gateway log-prefix="" | |
| add action=accept chain=input protocol=icmp | |
| add action=accept chain=input connection-state=established | |
| add action=accept chain=input connection-state=related | |
| add action=drop chain=input in-interface=ether1-gateway | |
| /ip firewall nat | |
| add action=masquerade chain=srcnat comment="default configuration" \ | |
| log-prefix="" out-interface=ether1-gateway | |
| /system clock | |
| set time-zone-name=America/Vancouver | |
| /system identity | |
| set name=ROUTER1 | |
| /system routerboard settings | |
| set protected-routerboot=disabled | |
| /tool bandwidth-server | |
| set enabled=no | |
| /tool mac-server | |
| set [ find default=yes ] disabled=yes | |
| add interface=ether2-master-local | |
| add interface=WLAN1 | |
| /tool mac-server mac-winbox | |
| set [ find default=yes ] disabled=yes | |
| add interface=ether2-master-local | |
| add interface=WLAN1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # aug/19/2016 16:09:08 by RouterOS 6.36 | |
| # software id = 06V0-7111 | |
| # | |
| /interface bridge | |
| add name=BRIDGE-Interface | |
| /interface ethernet | |
| set [ find default-name=ether1 ] name=ether1-master-local | |
| set [ find default-name=ether2 ] master-port=ether1-master-local name=\ | |
| ether2-slave-local | |
| set [ find default-name=ether3 ] master-port=ether1-master-local name=\ | |
| ether3-slave-local | |
| set [ find default-name=ether4 ] master-port=ether1-master-local name=\ | |
| ether4-slave-local | |
| set [ find default-name=ether5 ] master-port=ether1-master-local name=\ | |
| ether5-slave-local | |
| set [ find default-name=ether6 ] master-port=ether1-master-local name=\ | |
| ether6-slave-local | |
| set [ find default-name=ether7 ] master-port=ether1-master-local name=\ | |
| ether7-slave-local | |
| set [ find default-name=ether8 ] master-port=ether1-master-local name=\ | |
| ether8-slave-local | |
| set [ find default-name=sfp9 ] auto-negotiation=no name=sfp9-slave-local \ | |
| rx-flow-control=auto tx-flow-control=auto | |
| set [ find default-name=sfp10 ] master-port=ether1-master-local name=\ | |
| sfp10-slave-local | |
| set [ find default-name=sfp11 ] auto-negotiation=no name=sfp11-slave-local \ | |
| rx-flow-control=auto tx-flow-control=auto | |
| set [ find default-name=sfp12 ] master-port=ether1-master-local name=\ | |
| sfp12-slave-local | |
| /ip hotspot profile | |
| set [ find default=yes ] html-directory=flash/hotspot | |
| /ip ipsec proposal | |
| set [ find default=yes ] enc-algorithms=aes-128-cbc | |
| /system logging action | |
| set 1 disk-file-name=log | |
| /interface bridge port | |
| add bridge=BRIDGE-Interface interface=ether1-master-local | |
| add bridge=BRIDGE-Interface interface=sfp9-slave-local | |
| add bridge=BRIDGE-Interface interface=sfp11-slave-local | |
| /ip address | |
| add address=192.168.88.2/24 disabled=yes interface=sfp9-slave-local network=\ | |
| 192.168.88.0 | |
| /ip dhcp-client | |
| add dhcp-options=hostname,clientid disabled=no interface=BRIDGE-Interface | |
| /ip route | |
| add disabled=yes distance=1 gateway=192.168.88.1 | |
| /system clock | |
| set time-zone-name=America/Vancouver | |
| /system identity | |
| set name=SWITCH1 | |
| /system routerboard settings | |
| set protected-routerboot=disabled |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # aug/19/2016 16:09:51 by RouterOS 6.36 | |
| # software id = Z8EK-ETPB | |
| # | |
| /interface bridge | |
| add admin-mac=E4:8D:8C:C3:C8:92 auto-mac=no comment=defconf name=bridge | |
| /interface wireless | |
| set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-Ce \ | |
| disabled=no distance=indoors frequency=auto mode=ap-bridge name=WLAN2 \ | |
| ssid=blah wds-default-bridge=bridge wds-mode=dynamic-mesh \ | |
| wireless-protocol=802.11 | |
| /interface ethernet | |
| set [ find default-name=ether2 ] name=ether2-master | |
| set [ find default-name=ether3 ] master-port=ether2-master | |
| set [ find default-name=ether4 ] master-port=ether2-master | |
| set [ find default-name=ether5 ] master-port=ether2-master | |
| set [ find default-name=ether6 ] master-port=ether2-master | |
| set [ find default-name=ether7 ] master-port=ether2-master | |
| set [ find default-name=ether8 ] master-port=ether2-master | |
| set [ find default-name=sfp1 ] auto-negotiation=no rx-flow-control=auto \ | |
| tx-flow-control=auto | |
| /ip neighbor discovery | |
| set bridge comment=defconf | |
| /interface wireless security-profiles | |
| set [ find default=yes ] authentication-types=wpa2-psk eap-methods="" \ | |
| group-ciphers=tkip,aes-ccm mode=dynamic-keys supplicant-identity=MikroTik \ | |
| unicast-ciphers=tkip,aes-ccm wpa2-pre-shared-key=WP2016data | |
| /ip pool | |
| add name=dhcp ranges=0.0.0.1-255.255.255.254 | |
| /ip dhcp-server | |
| # DHCP server can not run on slave interface! | |
| add address-pool=dhcp disabled=no interface=ether2-master name=defconf | |
| /interface bridge port | |
| add bridge=bridge comment=defconf interface=ether2-master | |
| add bridge=bridge comment=defconf interface=WLAN2 | |
| add bridge=bridge interface=ether1 | |
| add bridge=bridge interface=sfp1 | |
| /ip address | |
| add address=192.168.88.3/24 comment=defconf disabled=yes interface=\ | |
| ether2-master network=192.168.88.0 | |
| /ip dhcp-client | |
| add dhcp-options=hostname,clientid disabled=no interface=bridge | |
| /ip dhcp-server network | |
| add comment=defconf gateway=0.0.0.0 | |
| /ip dns | |
| set allow-remote-requests=yes | |
| /ip dns static | |
| add address=192.168.88.3 name=router | |
| /ip firewall filter | |
| add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \ | |
| connection-state=established,related | |
| add action=accept chain=forward comment="defconf: accept established,related" \ | |
| connection-state=established,related | |
| add action=drop chain=forward comment="defconf: drop invalid" \ | |
| connection-state=invalid | |
| # in/out-interface matcher not possible when interface (ether1) is slave - use master instead (bridge) | |
| add action=drop chain=forward comment=\ | |
| "defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \ | |
| connection-state=new in-interface=ether1 | |
| add action=accept chain=input protocol=icmp | |
| add action=accept chain=input connection-state=established | |
| add action=accept chain=input connection-state=related | |
| # in/out-interface matcher not possible when interface (ether1) is slave - use master instead (bridge) | |
| add action=drop chain=input in-interface=ether1 | |
| /ip firewall nat | |
| add action=masquerade chain=srcnat comment="defconf: masquerade" disabled=yes \ | |
| out-interface=ether1 | |
| /lcd interface pages | |
| set 0 interfaces=WLAN2 | |
| /system clock | |
| set time-zone-name=America/Vancouver | |
| /system identity | |
| set name=SWITCH2 | |
| /system routerboard settings | |
| set protected-routerboot=disabled | |
| /tool mac-server | |
| set [ find default=yes ] disabled=yes | |
| add interface=ether2-master | |
| add interface=sfp1 | |
| add interface=WLAN2 | |
| /tool mac-server mac-winbox | |
| set [ find default=yes ] disabled=yes | |
| add interface=ether2-master | |
| add interface=sfp1 | |
| add interface=WLAN2 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment