Scribd
Upload
2 views7 pages

Chuchi

The document outlines the configuration settings for a MikroTik router, including interface lists, wireless security profiles, and DHCP client settings. It specifies various wireless interfaces, their modes, and security configurations, as well as IP address assignments and firewall rules. Additionally, it includes settings for DNS, SNMP, and user management, ensuring comprehensive network management and security.

Uploaded by

yamilfleitas9302
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
2 views7 pages

Chuchi

The document outlines the configuration settings for a MikroTik router, including interface lists, wireless security profiles, and DHCP client settings. It specifies various wireless interfaces, their modes, and security configurations, as well as IP address assignments and firewall rules. Additionally, it includes settings for DNS, SNMP, and user management, ensuring comprehensive network management and security.

Uploaded by

yamilfleitas9302
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 7

/interface list

add name=WAN
add name=LAN
add exclude=dynamic name=discover
add name=mactel
add name=mac-winbox
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
add authentication-types=wpa-psk,wpa2-psk eap-methods="" \
management-protection=allowed mode=dynamic-keys name=contrasena \
supplicant-identity="" wpa-pre-shared-key=12345678 wpa2-pre-shared-key=\
12345678
/interface wireless
set [ find default-name=wlan1 ] antenna-gain=30 band=5ghz-a/n \
basic-rates-a/g=6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps \
country="united states2" disabled=no frequency=5745 frequency-mode=\
superchannel ht-basic-mcs=mcs-4,mcs-5,mcs-6,mcs-7 ht-supported-mcs=\
mcs-4,mcs-5,mcs-6,mcs-7 mac-address=BC:62:0E:4C:CA:10 mode=ap-bridge \
multicast-helper=full radio-name=BC620E4CCA10 security-profile=contrasena \
ssid=WIFI_ETECSA tx-power=30 tx-power-mode=all-rates-fixed \
vht-supported-mcs=mcs0-7,mcs0-7,mcs0-7 wireless-protocol=802.11 \
wmm-support=enabled
add disabled=no keepalive-frames=disabled mac-address=54:F2:01:D4:56:B0 \
master-interface=wlan1 mode=station multicast-buffering=disabled \
multicast-helper=full name=wlan2 ssid=WIFI_ETECSA wds-cost-range=0 \
wds-default-cost=0 wmm-support=enabled wps-mode=disabled
add disabled=no keepalive-frames=disabled mac-address=B8:1D:AA:D4:56:D2 \
master-interface=wlan1 mode=station multicast-buffering=disabled name=\
wlan3 ssid=WIFI_ETECSA wds-cost-range=0 wds-default-cost=0 wmm-support=\
enabled wps-mode=disabled
add disabled=no keepalive-frames=disabled mac-address=8C:79:67:C6:C2:EA \
master-interface=wlan1 mode=station multicast-buffering=disabled name=\
wlan4 ssid=WIFI_ETECSA wds-cost-range=0 wds-default-cost=0 wmm-support=\
enabled wps-mode=disabled
add disabled=no keepalive-frames=disabled mac-address=00:02:71:D4:56:8E \
master-interface=wlan1 mode=station multicast-buffering=disabled name=\
wlan5 ssid=WIFI_ETECSA wds-cost-range=0 wds-default-cost=0 wmm-support=\
enabled wps-mode=disabled
add disabled=no keepalive-frames=disabled mac-address=78:C3:E9:D4:56:46 \
master-interface=wlan1 mode=station multicast-buffering=disabled name=\
wlan6 ssid=WIFI_ETECSA wds-cost-range=0 wds-default-cost=0 wmm-support=\
enabled wps-mode=disabled
add disabled=no keepalive-frames=disabled mac-address=58:F1:02:D4:56:C6 \
master-interface=wlan1 mode=station multicast-buffering=disabled name=\
wlan7 ssid=WIFI_ETECSA wds-cost-range=0 wds-default-cost=0 wps-mode=\
disabled
add disabled=no keepalive-frames=disabled mac-address=8C:79:67:D4:56:85 \
master-interface=wlan1 mode=station multicast-buffering=disabled name=\
wlan8 ssid=WIFI_ETECSA wds-cost-range=0 wds-default-cost=0 wps-mode=\
disabled
add disabled=no keepalive-frames=disabled mac-address=4C:4E:03:D4:56:B0 \
master-interface=wlan1 mode=station multicast-buffering=disabled name=\
wlan9 ssid=WIFI_ETECSA wds-cost-range=0 wds-default-cost=0 wps-mode=\
disabled
add disabled=no keepalive-frames=disabled mac-address=4C:4E:03:86:B0:B0 \
master-interface=wlan1 mode=station multicast-buffering=disabled name=\
wlan10 ssid=WIFI_ETECSA wds-cost-range=0 wds-default-cost=0 wps-mode=\
disabled
add disabled=no keepalive-frames=disabled mac-address=FC:2D:5E:D4:56:D4 \
master-interface=wlan1 mode=station multicast-buffering=disabled name=\
wlan11 ssid=WIFI_ETECSA wds-cost-range=0 wds-default-cost=0 wps-mode=\
disabled
add disabled=no keepalive-frames=disabled mac-address=FC:2D:5E:48:3A:D4 \
master-interface=wlan1 mode=station multicast-buffering=disabled name=\
wlan12 ssid=WIFI_ETECSA wds-cost-range=0 wds-default-cost=0 wps-mode=\
disabled
add disabled=no keepalive-frames=disabled mac-address=54:F2:01:BA:9C:B0 \
master-interface=wlan1 mode=station multicast-buffering=disabled name=\
wlan13 ssid=WIFI_ETECSA wds-cost-range=0 wds-default-cost=0 wps-mode=\
disabled
add disabled=no keepalive-frames=disabled mac-address=8C:79:67:D9:49:EA \
master-interface=wlan1 mode=station multicast-buffering=disabled name=\
wlan14 ssid=WIFI_ETECSA wds-cost-range=0 wds-default-cost=0 wps-mode=\
disabled
add disabled=no keepalive-frames=disabled mac-address=00:02:71:D9:33:8E \
master-interface=wlan1 mode=station multicast-buffering=disabled name=\
wlan15 ssid=WIFI_ETECSA wds-cost-range=0 wds-default-cost=0 wps-mode=\
disabled
add disabled=no keepalive-frames=disabled mac-address=78:C3:E9:7B:C7:46 \
master-interface=wlan1 mode=station multicast-buffering=disabled name=\
wlan16 ssid=WIFI_ETECSA wds-cost-range=0 wds-default-cost=0 wps-mode=\
disabled
add disabled=no keepalive-frames=disabled mac-address=58:F1:02:5B:75:C6 \
master-interface=wlan1 mode=station multicast-buffering=disabled name=\
wlan17 ssid=WIFI_ETECSA wds-cost-range=0 wds-default-cost=0 wps-mode=\
disabled
add disabled=no keepalive-frames=disabled mac-address=8C:79:67:51:77:85 \
master-interface=wlan1 mode=station multicast-buffering=disabled name=\
wlan18 ssid=WIFI_ETECSA wds-cost-range=0 wds-default-cost=0 wps-mode=\
disabled
add disabled=no keepalive-frames=disabled mac-address=4C:4E:03:0C:A0:B0 \
master-interface=wlan1 mode=station multicast-buffering=disabled name=\
wlan19 ssid=WIFI_ETECSA wds-cost-range=0 wds-default-cost=0 wps-mode=\
disabled
add disabled=no keepalive-frames=disabled mac-address=FC:2D:5E:D4:71:C4 \
master-interface=wlan1 mode=station multicast-buffering=disabled name=\
wlan20 ssid=WIFI_ETECSA wds-cost-range=0 wds-default-cost=0 wps-mode=\
disabled
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/queue type
add kind=pcq name=Descarga pcq-classifier=dst-address pcq-dst-address6-mask=\
64 pcq-src-address6-mask=64
add kind=pcq name=Subida pcq-classifier=src-address pcq-dst-address6-mask=64 \
pcq-src-address6-mask=64
/snmp community
set [ find default=yes ] addresses=0.0.0.0/0
/tool user-manager customer
set admin access=\
own-routers,own-users,own-profiles,own-limits,config-payment-gw
/user group
add name=ssh policy="local,ssh,reboot,read,write,test,winbox,password,api,!tel\
net,!ftp,!policy,!web,!sniff,!sensitive,!romon,!dude,!tikapp"
/ip firewall connection tracking
set enabled=yes
/ip neighbor discovery-settings
set discover-interface-list=none
/ip settings
set secure-redirects=no tcp-syncookies=yes
/interface list member
add interface=wlan1 list=WAN
add comment=defconf interface=ether1 list=LAN
add interface=ether1 list=mactel
add interface=ether1 list=mac-winbox
add list=LAN
/interface wireless access-list
add mac-address=BC:62:0E:4C:C6:D0 vlan-mode=no-tag
add mac-address=BC:62:0E:4C:CA:10 vlan-mode=no-tag
add mac-address=BC:62:0E:4C:BE:B0 vlan-mode=no-tag
/interface wireless align
set filter-mac=BC:62:0E:4C:C6:D0 receive-all=yes ssid-all=yes
/ip address
add address=10.100.0.1/24 interface=ether1 network=10.100.0.0
add address=10.100.1.1/30 interface=ether1 network=10.100.1.0
add address=10.100.2.1/30 interface=ether1 network=10.100.2.0
add address=10.100.3.1/30 interface=ether1 network=10.100.3.0
add address=10.100.4.1/30 interface=ether1 network=10.100.4.0
add address=10.100.5.1/30 interface=ether1 network=10.100.5.0
add address=10.100.6.1/30 interface=ether1 network=10.100.6.0
add address=10.100.7.1/30 interface=ether1 network=10.100.7.0
add address=10.100.8.1/30 interface=ether1 network=10.100.8.0
add address=10.100.9.1/30 interface=ether1 network=10.100.9.0
add address=10.100.10.1/30 interface=ether1 network=10.100.10.0
add address=10.100.11.1/30 interface=ether1 network=10.100.11.0
add address=10.100.12.1/30 interface=ether1 network=10.100.12.0
add address=10.100.13.1/30 interface=ether1 network=10.100.13.0
add address=10.100.14.1/30 interface=ether1 network=10.100.14.0
add address=10.100.15.1/30 interface=ether1 network=10.100.15.0
add address=10.100.16.1/30 interface=ether1 network=10.100.16.0
add address=10.100.17.1/30 interface=ether1 network=10.100.17.0
add address=10.100.18.1/30 interface=ether1 network=10.100.18.0
add address=10.100.19.1/30 interface=ether1 network=10.100.19.0
add address=10.100.20.1/30 interface=ether1 network=10.100.20.0
/ip cloud
set update-time=no
/ip dhcp-client
add add-default-route=no dhcp-options=hostname,clientid disabled=no \
interface=wlan2 use-peer-dns=no
add add-default-route=no dhcp-options=hostname,clientid disabled=no \
interface=wlan3 use-peer-dns=no
add add-default-route=no dhcp-options=hostname,clientid disabled=no \
interface=wlan4 use-peer-dns=no
add add-default-route=no dhcp-options=hostname,clientid disabled=no \
interface=wlan5 use-peer-dns=no
add add-default-route=no dhcp-options=hostname,clientid disabled=no \
interface=wlan6 use-peer-dns=no
add add-default-route=no dhcp-options=clientid,hostname disabled=no \
interface=wlan7 use-peer-dns=no
add add-default-route=no dhcp-options=hostname,clientid disabled=no \
interface=wlan1 use-peer-dns=no
add add-default-route=no dhcp-options=hostname,clientid disabled=no \
interface=wlan8 use-peer-dns=no
add add-default-route=no dhcp-options=hostname,clientid disabled=no \
interface=wlan9 use-peer-dns=no
add add-default-route=no dhcp-options=hostname,clientid disabled=no \
interface=wlan10 use-peer-dns=no
add add-default-route=no dhcp-options=hostname,clientid disabled=no \
interface=wlan11 use-peer-dns=no
add add-default-route=no dhcp-options=hostname,clientid disabled=no \
interface=wlan12 use-peer-dns=no
add add-default-route=no dhcp-options=hostname,clientid disabled=no \
interface=wlan13 use-peer-dns=no
add add-default-route=no dhcp-options=hostname,clientid disabled=no \
interface=wlan14 use-peer-dns=no
add add-default-route=no dhcp-options=hostname,clientid disabled=no \
interface=wlan15 use-peer-dns=no
add add-default-route=no dhcp-options=hostname,clientid disabled=no \
interface=wlan16 use-peer-dns=no
add add-default-route=no dhcp-options=hostname,clientid disabled=no \
interface=wlan17 use-peer-dns=no
add add-default-route=no dhcp-options=hostname,clientid disabled=no \
interface=wlan18 use-peer-dns=no
add add-default-route=no dhcp-options=hostname,clientid disabled=no \
interface=wlan19 use-peer-dns=no
add add-default-route=no dhcp-options=hostname,clientid disabled=no \
interface=wlan20 use-peer-dns=no
/ip dns
set allow-remote-requests=yes cache-max-ttl=1d cache-size=1024KiB servers=\
181.225.231.120,181.225.231.110,181.225.233.30,181.225.233.40
/ip dns static
add address=10.100.11.1 name=router.lan
/ip firewall address-list
add address=10.100.1.2 list=Interfaz1
add address=10.100.2.2 list=Interfaz2
add address=10.100.3.2 list=Interfaz3
add address=10.100.4.2 list=Interfaz4
add address=10.100.5.2 list=Interfaz5
add address=10.100.6.2 list=Interfaz6
add address=10.100.7.2 list=Interfaz7
add address=10.100.8.2 list=Interfaz8
add address=10.100.9.2 list=Interfaz9
add address=10.100.10.2 list=Interfaz10
add address=10.100.11.2 list=Interfaz11
add address=10.100.12.2 list=Interfaz12
add address=10.100.13.2 list=Interfaz13
add address=10.100.14.2 list=Interfaz14
add address=10.100.15.2 list=Interfaz15
add address=10.100.16.2 list=Interfaz16
add address=10.100.17.2 list=Interfaz17
add address=10.100.18.2 list=Interfaz18
add address=10.100.19.2 list=Interfaz19
add address=10.100.20.2 list=Interfaz20
/ip firewall filter
add action=accept chain=input comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related
add action=accept chain=forward comment=\
"defconf: accept established,related, untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface-list=WAN
/ip firewall mangle
add action=mark-routing chain=prerouting new-routing-mark=Interfaz1 \
passthrough=yes src-address-list=Interfaz1
add action=mark-routing chain=prerouting new-routing-mark=Interfaz2 \
passthrough=yes src-address-list=Interfaz2
add action=mark-routing chain=prerouting new-routing-mark=Interfaz3 \
passthrough=yes src-address-list=Interfaz3
add action=mark-routing chain=prerouting new-routing-mark=Interfaz4 \
passthrough=yes src-address-list=Interfaz4
add action=mark-routing chain=prerouting new-routing-mark=Interfaz6 \
passthrough=yes src-address-list=Interfaz6
add action=mark-routing chain=prerouting new-routing-mark=Interfaz5 \
passthrough=yes src-address-list=Interfaz5
add action=mark-routing chain=prerouting new-routing-mark=Interfaz7 \
passthrough=yes src-address-list=Interfaz7
add action=mark-routing chain=prerouting new-routing-mark=Interfaz8 \
passthrough=yes src-address-list=Interfaz8
add action=mark-routing chain=prerouting new-routing-mark=Interfaz9 \
passthrough=yes src-address-list=Interfaz9
add action=mark-routing chain=prerouting new-routing-mark=Interfaz10 \
passthrough=yes src-address-list=Interfaz10
add action=mark-routing chain=prerouting new-routing-mark=Interfaz11 \
passthrough=yes src-address-list=Interfaz11
add action=mark-routing chain=prerouting new-routing-mark=Interfaz12 \
passthrough=yes src-address-list=Interfaz12
add action=mark-routing chain=prerouting new-routing-mark=Interfaz13 \
passthrough=yes src-address-list=Interfaz13
add action=mark-routing chain=prerouting new-routing-mark=Interfaz14 \
passthrough=yes src-address-list=Interfaz14
add action=mark-routing chain=prerouting new-routing-mark=Interfaz15 \
passthrough=yes src-address-list=Interfaz15
add action=mark-routing chain=prerouting new-routing-mark=Interfaz16 \
passthrough=yes src-address-list=Interfaz16
add action=mark-routing chain=prerouting new-routing-mark=Interfaz17 \
passthrough=yes src-address-list=Interfaz17
add action=mark-routing chain=prerouting new-routing-mark=Interfaz18 \
passthrough=yes src-address-list=Interfaz18
add action=mark-routing chain=prerouting new-routing-mark=Interfaz19 \
passthrough=yes src-address-list=Interfaz19
add action=mark-routing chain=prerouting new-routing-mark=Interfaz20 \
passthrough=yes src-address-list=Interfaz20
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=WAN
add action=masquerade chain=srcnat out-interface=all-wireless
add action=redirect chain=dstnat dst-port=53 in-interface=ether1 protocol=udp \
to-ports=53
/ip route
add comment=Portales distance=1 gateway=10.190.31.1%wlan1 routing-mark=\
Interfaz1
add distance=1 gateway=10.190.31.1%wlan2 routing-mark=Interfaz2
add distance=1 gateway=10.190.31.1%wlan3 routing-mark=Interfaz3
add distance=1 gateway=10.190.31.1%wlan4 routing-mark=Interfaz4
add distance=1 gateway=10.190.31.1%wlan6 routing-mark=Interfaz6
add distance=1 gateway=10.190.31.1%wlan5 routing-mark=Interfaz5
add distance=1 gateway=10.190.31.1%wlan7 routing-mark=Interfaz7
add distance=1 gateway=10.190.31.1%wlan8 routing-mark=Interfaz8
add distance=1 gateway=10.190.31.1%wlan9 routing-mark=Interfaz9
add distance=1 gateway=10.190.31.1%wlan10 routing-mark=Interfaz10
add distance=1 gateway=10.190.31.1%wlan11 routing-mark=Interfaz11
add distance=1 gateway=10.190.31.1%wlan12 routing-mark=Interfaz12
add distance=1 gateway=10.190.31.1%wlan13 routing-mark=Interfaz13
add distance=1 gateway=10.190.31.1%wlan14 routing-mark=Interfaz14
add distance=1 gateway=10.190.31.1%wlan15 routing-mark=Interfaz15
add distance=1 gateway=10.190.31.1%wlan16 routing-mark=Interfaz16
add distance=1 gateway=10.190.31.1%wlan17 routing-mark=Interfaz17
add distance=1 gateway=10.190.31.1%wlan18 routing-mark=Interfaz18
add distance=1 gateway=10.190.31.1%wlan19 routing-mark=Interfaz19
add distance=1 gateway=10.190.31.1%wlan20 routing-mark=Interfaz20
add comment="DNS CACHE" distance=1 dst-address=181.225.231.120/32 gateway=\
10.190.94.1%wlan2
/ip service
set telnet disabled=yes
set ssh port=2245
/ip traffic-flow
set interfaces=ether1
/system clock
set time-zone-name=America/Havana
/system identity
set name=BC:62:0E:4C:BF:10
/system routerboard settings
set silent-boot=no
/system scheduler
add disabled=yes interval=10m name="Revision de puerto ethernet" on-event=\
"Revision de puerto ethernet" policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-time=startup
add disabled=yes interval=5m name="Flush Cache" on-event="Flush Cache" \
policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-time=startup
add interval=35s name="Release automatico a wlan cuando se cae el rx" \
on-event="Release automatico a wlan cuando se cae el rx" policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-time=startup
add interval=12h name="Backup diario" on-event="Backup diario" policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-time=startup
add interval=25s name="Release automatico a wlan por el ip" on-event=\
"Release automatico a wlan por el ip" policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-time=startup
/system script
add name="Revision de puerto ethernet" owner=admin policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source="i\
f ( interface ethernet set ether1 disable=yes=false) do={ interface ethern\
et set ether1 disable=no}"
add name="Flush Cache" owner=admin policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=\
"/ip dns cache flush;\r\
\n"
add name="Release automatico a wlan cuando se cae el rx" owner=admin policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\
log warning message=\"Release automatico a wlan cuando se cae el rx\";\
\nfor ni from=2 to=20 do={ /interface wireless monitor \"wlan\$ni\" once d\
o={ :if (\$\"rx-rate\" = \"---\") do={ /ip dhcp-client release [find inter\
face=\"wlan\$ni\"] } } }"
add name="Backup diario" owner=admin policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=\
"/system backup save name=\$Mac1 password=Jonatan06"
add name="revision de route" owner=admin policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source="f\
or ro from=2 to=11 do={ if (ip route enable numbers=\$ro = false) do={ ip \
route enable numbers=\$ro}}"
add name="Release automatico a wlan por el ip" owner=admin policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\
log warning message=\"Release automatico a wlan cuando se cae el rx\";\
\nfor ni from=2 to=20 do={ /interface wireless monitor \"wlan\$ni\" once d\
o={ :if (\$\"last-ip\" = \"10.190.94.1\") do={ /ip dhcp-client release [fi\
nd interface=\"wlan\$ni\"] } } }"
/tool user-manager database
set db-path=flash/user-manager

You might also like