Thank you holvoetn for your friendly and coherent request. Your willingness to help without displaying frustration, sarcasm, or a condescending tone is appreciated. Unlike some individuals on online forums who don't have much in life or much to doBest to provide export of your config.
, and may lack education or seem unwelcoming, you demonstrate a positive attitude and helpful demeanor.Here is the config:
Code:
# mar/11/2024 00:00:00 by RouterOS 7.9# software id = LNA4-IPRD## model = RBD52G-5HacD2HnD# serial number = xxxxxxx/interface bridgeadd admin-mac=2C:xx:xx:xx:xx:CD auto-mac=no comment=defconf name=bridge/interface ethernetset [ find default-name=ether1 ] mac-address=2C:xx:xx:xx:xx:AA/interface wirelessset [ find default-name=wlan1 ] antenna-gain=0 band=2ghz-b/g/n country=xxxx \ distance=indoors frequency=auto installation=indoor mac-address=\ E8:xx:xx:xx:xx:A1 mode=ap-bridge name=wlan2.4 ssid=NET \ station-roaming=enabled wireless-protocol=802.11set [ find default-name=wlan2 ] antenna-gain=0 band=5ghz-a/n/ac \ channel-width=20/40/80mhz-XXXX country=xxxx disabled=no distance=\ indoors frequency=auto installation=indoor mac-address=2C:xx:xx:xx:xx:D8 \ mode=ap-bridge name=wlan5g ssid=NET station-roaming=enabled \ wireless-protocol=802.11/interface wireguardadd disabled=yes listen-port=51001 mtu=1420 name=wire-aws/interface listadd comment=defconf name=WANadd comment=defconf name=LAN/interface lte apnset [ find default=yes ] ip-type=ipv4 use-network-apn=no/interface wireless security-profilesset [ find default=yes ] authentication-types=wpa2-psk mode=dynamic-keys \ supplicant-identity=MikroTik/ip pooladd name=dhcp ranges=192.168.100.10-192.168.100.254/ip dhcp-serveradd address-pool=dhcp interface=bridge lease-time=10m name=defconf/routing bgp templateset default disabled=no output.network=bgp-networks/routing ospf instanceadd disabled=no name=default-v2/routing ospf areaadd disabled=yes instance=default-v2 name=backbone-v2/interface bridge portadd bridge=bridge comment=defconf ingress-filtering=no interface=ether2add bridge=bridge comment=defconf ingress-filtering=no interface=ether3add bridge=bridge comment=defconf ingress-filtering=no interface=ether4add bridge=bridge comment=defconf ingress-filtering=no interface=ether5add bridge=bridge comment=defconf ingress-filtering=no interface=wlan2.4add bridge=bridge comment=defconf ingress-filtering=no interface=wlan5g/ip neighbor discovery-settingsset discover-interface-list=LAN/ip settingsset max-neighbor-entries=8192/ipv6 settingsset disable-ipv6=yes max-neighbor-entries=8192/interface list memberadd comment=defconf interface=bridge list=LANadd comment=defconf interface=ether1 list=WAN/interface ovpn-server serverset auth=sha1,md5/interface wireguard peersadd allowed-address=192.168.69.10/24 disabled=yes endpoint-address=xx.xx.xx.xx \ endpoint-port=51001 interface=wire-aws persistent-keepalive=25s \ public-key="osi1xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx="/ip addressadd address=192.168.100.1/24 comment=defconf interface=ether2 network=\ 192.168.100.0add address=192.168.69.10/24 interface=wire-aws network=192.168.69.0/ip cloudset ddns-enabled=yes/ip dhcp-clientadd comment=defconf interface=ether1/ip dhcp-server networkadd address=192.168.100.0/24 comment=defconf gateway=192.168.100.1 netmask=24/ip dnsset allow-remote-requests=yes/ip dns staticadd address=192.168.100.1 comment=defconf name=router.lan/ip firewall filteradd action=accept chain=input comment=\ "defconf: accept established,related,untracked" connection-state=\ established,related,untrackedadd action=accept chain=input comment=WINBOX dst-port=9800 in-interface-list=\ WAN protocol=tcpadd action=accept chain=forward comment=Wireguard-forward disabled=yes \ out-interface=wire-aws src-address=192.168.100.0/24add action=drop chain=input comment="defconf: drop invalid" connection-state=\ invalidadd action=accept chain=input comment="defconf: accept ICMP" protocol=icmpadd action=accept chain=input comment=\ "defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1add action=drop chain=input comment="defconf: drop all not coming from LAN" \ in-interface-list=!LANadd action=accept chain=forward comment="defconf: accept in ipsec policy" \ ipsec-policy=in,ipsecadd action=accept chain=forward comment="defconf: accept out ipsec policy" \ ipsec-policy=out,ipsecadd action=fasttrack-connection chain=forward comment="defconf: fasttrack" \ connection-state=established,related hw-offload=yesadd action=accept chain=forward comment=\ "defconf: accept established,related, untracked" connection-state=\ established,related,untrackedadd action=drop chain=forward comment="defconf: drop invalid" \ connection-state=invalidadd action=drop chain=forward comment=\ "defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \ connection-state=new in-interface-list=WAN/ip firewall natadd action=masquerade chain=srcnat comment=wireguard-nat disabled=yes \ out-interface=ether1 src-address=192.168.100.0/24add action=masquerade chain=srcnat comment="defconf: masquerade - original" \ ipsec-policy=out,none out-interface-list=WAN/ip routeadd disabled=yes distance=1 dst-address=0.0.0.0/0 gateway=wire-aws pref-src=\ "" routing-table=main scope=30 suppress-hw-offload=no target-scope=10add disabled=no distance=2 dst-address=xx.xx.xx.xx/32 gateway=192.168.100.1 \ pref-src=0.0.0.0 routing-table=main scope=30 suppress-hw-offload=no \ target-scope=10/ip serviceset winbox port=9800/system clockset time-zone-name=world/system identityset name=mtik/system noteset show-at-login=no/system ntp clientset mode=broadcast/tool mac-serverset allowed-interface-list=LAN/tool mac-server mac-winboxset allowed-interface-list=LANStatistics: Posted by axotik — Mon Mar 11, 2024 8:02 pm
