Vai al contenuto
PLC Forum


Rb4011 mikrotik non naviga

abbio90

Da abbio90:
in WAN e Larga Banda (Wi-Fi - GPRS - UMTS)

 Share

Messaggi consigliati

abbio90

abbio90

Inserito:
Inserito:

Buonasera, qualcuno può aiutarmi con questa configurazione?

 

Rb4011...
Non naviga ne la lan ne la rete guest ma la rb va su internet e i servizi pubblicati all.esterno sono raggiungibili

 

 

# jun/15/2019 16:44:54 by RouterOS 6.44.3
# software id = SPWF-MC4C
#
# model = RB4011iGS+5HacQ2HnD
# serial number = 96890943DDBE
/interface bridge
add name=bridge_LAN
add name=bridge_guest
/interface wireless
set [ find default-name=wlan1 ] band=5ghz-n/ac channel-width=20/40/80mhz-Ceee \
    disabled=no frequency=5600 frequency-mode=superchannel installation=\
    indoor mode=ap-bridge name=wlan1_5ghz ssid=Wifine_A wireless-protocol=\
    802.11
set [ find default-name=wlan2 ] band=2ghz-b/g/n channel-width=20/40mhz-Ce \
    disabled=no frequency=2437 frequency-mode=superchannel installation=\
    indoor mode=ap-bridge name="wlan2 2Ghz" ssid=Wifine_A wireless-protocol=\
    802.11
/interface ethernet
set [ find default-name=ether1 ] name=ether1_WAN

/interface vlan
add interface=ether2 name=vlan_local vlan-id=10
/interface ethernet switch port
set 0 default-vlan-id=0
set 1 default-vlan-id=0
set 2 default-vlan-id=0
set 3 default-vlan-id=0
set 4 default-vlan-id=0
set 5 default-vlan-id=0
set 6 default-vlan-id=0
set 7 default-vlan-id=0
set 8 default-vlan-id=0
set 9 default-vlan-id=0
set 10 default-vlan-id=0
set 11 default-vlan-id=0
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk eap-methods="" \
    mode=dynamic-keys supplicant-identity=MikroTik wpa-pre-shared-key=\
    fafeffa289ne wpa2-pre-shared-key=fafeffa289ne
add authentication-types=wpa-psk,wpa2-psk eap-methods="" mode=dynamic-keys \
    name=AP_guest supplicant-identity="" wpa-pre-shared-key=12345678 \
    wpa2-pre-shared-key=12345678
/interface wireless
add disabled=no keepalive-frames=disabled mac-address=BA:69:F4:D2:E9:ED \
    master-interface=wlan1_5ghz multicast-buffering=disabled name=\
    "wlan3_guest 5Ghz" security-profile=AP_guest ssid=Guest_5GHZ \
    wds-cost-range=0 wds-default-cost=0 wps-mode=disabled
add disabled=no keepalive-frames=disabled mac-address=BA:69:F4:B6:8C:FA \
    master-interface="wlan2 2Ghz" multicast-buffering=disabled name=\
    "wlan4_guest 2Ghz" security-profile=AP_guest ssid=Guest_5GHZ \
    wds-cost-range=0 wds-default-cost=0 wps-mode=disabled
/interface vlan
add interface="wlan3_guest 5Ghz" name=vlan_guest vlan-id=20
/ip pool
add name=dhcp_LAN ranges=192.168.2.100-192.168.2.250
add name=dhcp_guest ranges=10.10.157.25-10.10.157.250
/ip dhcp-server
add address-pool=dhcp_LAN disabled=no interface=bridge_LAN name=dhcp-serv.LAN
add address-pool=dhcp_guest disabled=no interface=bridge_guest name=\
    dhcp-serv.guest
/queue type
add kind=pcq name="pcq down" pcq-classifier=dst-address \
    pcq-dst-address6-mask=64 pcq-rate=4M pcq-src-address6-mask=64
add kind=pcq name="pcq up" pcq-classifier=dst-address pcq-dst-address6-mask=\
    64 pcq-rate=2M pcq-src-address6-mask=64
/queue simple
add name=limit_speed_guest queue="pcq up/pcq down" target=10.10.157.0/24
/tool user-manager customer
set admin access=\
    own-routers,own-users,own-profiles,own-limits,config-payment-gw
/interface bridge port
add bridge=bridge_LAN interface=ether2
add bridge=bridge_LAN interface=ether3
add bridge=bridge_LAN interface=ether4
add bridge=bridge_LAN interface=ether5
add bridge=bridge_LAN interface=ether6
add bridge=bridge_LAN interface=ether7
add bridge=bridge_LAN interface=ether8
add bridge=bridge_LAN interface=ether9
add bridge=bridge_LAN interface=ether10
add bridge=bridge_LAN interface="wlan2 2Ghz"
add bridge=bridge_LAN interface=wlan1_5ghz
add bridge=bridge_LAN interface=sfp-sfpplus1
add bridge=bridge_LAN interface=vlan_local
add bridge=bridge_guest interface="wlan3_guest 5Ghz"
add bridge=bridge_guest interface="wlan4_guest 2Ghz"
add bridge=bridge_guest interface=vlan_guest
/ip neighbor discovery-settings
set discover-interface-list=none
/ip address
add address=192.168.1.2/24 interface=ether1_WAN network=192.168.1.0
add address=192.168.2.1/24 interface=bridge_LAN network=192.168.2.0
add address=10.10.157.254/24 interface=vlan_guest network=10.10.157.0
/ip cloud
set ddns-enabled=yes ddns-update-interval=1m update-time=no
/ip dhcp-server network
add address=10.10.157.0/24 dns-server=10.10.157.254 gateway=10.10.157.254 \
    netmask=24 ntp-server=193.204.114.105
add address=192.168.2.0/24 dns-server=192.168.2.1 gateway=192.168.2.1 \
    netmask=24 ntp-server=193.204.114.105
/ip dns
set allow-remote-requests=yes servers=1.1.1.1,8.8.8.8
/ip firewall filter
add action=drop chain=forward comment="DROP RETE GUEST" dst-address=\
    10.10.157.0/24 src-address=192.168.2.0/24
add action=drop chain=forward dst-address=192.168.2.0/24 src-address=\
    10.10.157.0/24
add action=drop chain=input dst-port=8291 protocol=tcp src-address=\
    10.10.157.0/24
/ip firewall nat
add action=masquerade chain=srcnat comment="Masquerade WAN" out-interface=\
    ether1_WAN
add action=dst-nat chain=dstnat comment=\
    "porta 20 su porta 20 Nas 192.168.2.100" dst-port=20 protocol=tcp \
    src-address-list="" to-addresses=192.168.2.100 to-ports=20
add action=dst-nat chain=dstnat comment=\
    "porta 21 su porta 21 Nas 192.168.2.100" dst-port=21 protocol=tcp \
    src-address-list="" to-addresses=192.168.2.100 to-ports=21
add action=dst-nat chain=dstnat comment=\
    "porta 8080 su porta 8080 Nas 192.168.2.100" dst-port=8080 protocol=tcp \
    src-address-list="" to-addresses=192.168.2.100 to-ports=8080
add action=dst-nat chain=dstnat comment=\
    "porta 80 su porta 80 Nas 192.168.2.100" dst-port=80 protocol=tcp \
    src-address-list="" to-addresses=192.168.2.100 to-ports=80
add action=dst-nat chain=dstnat comment=\
    "porta 8083 su porta 8083 Nas 192.168.2.100" dst-port=8083 protocol=tcp \
    src-address-list="" to-addresses=192.168.2.100 to-ports=8083
add action=dst-nat chain=dstnat comment=\
    "porta 82 su porta 82 Vimar Videosorveg 192.168.2.2" dst-port=82 \
    protocol=tcp src-address-list="" to-addresses=192.168.2.2 to-ports=82
add action=dst-nat chain=dstnat comment=\
    "porta 6036 su porta 6036 Vimar Videosorveg 192.168.2.2" dst-port=6036 \
    protocol=tcp src-address-list="" to-addresses=192.168.2.2 to-ports=6036
add action=dst-nat chain=dstnat comment=\
    "porta 554 su porta 554 Vimar Videosorveg 192.168.2.2" dst-port=554 \
    protocol=tcp src-address-list="" to-addresses=192.168.2.2 to-ports=554
add action=dst-nat chain=dstnat comment=\
    "porta 443 su porta 443 Vimar Domotico 192.168.2.4" dst-port=443 \
    protocol=tcp src-address-list="" to-addresses=192.168.2.4 to-ports=443
add action=dst-nat chain=dstnat comment=\
    "porta 443 su porta 443 Vimar Domotico 192.168.2.4 udp" dst-port=443 \
    protocol=udp src-address-list="" to-addresses=192.168.2.4 to-ports=443
/ip route
add distance=1 gateway=192.168.1.1
add distance=1 dst-address=10.140.100.254/32 gateway=10.166.42.1
add distance=1 dst-address=10.246.159.50/32 gateway=192.168.90.1
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
/system clock
set time-zone-name=Europe/Rome
/system identity
set name=Router-Roberto
/system leds
add interface="wlan2 2Ghz" leds="wlan2 2Ghz_signal1-led,wlan2 2Ghz_signal2-led\
    ,wlan2 2Ghz_signal3-led,wlan2 2Ghz_signal4-led,wlan2 2Ghz_signal5-led" \
    type=wireless-signal-strength
add interface="wlan2 2Ghz" leds="wlan2 2Ghz_tx-led" type=interface-transmit
add interface="wlan2 2Ghz" leds="wlan2 2Ghz_rx-led" type=interface-receive
/system ntp client
set enabled=yes primary-ntp=193.204.114.105 secondary-ntp=10.0.32.138
/system routerboard settings
set silent-boot=yes
/system scheduler
add interval=1w3d name="Upgrade Firmware Routerboard" on-event=\
    Update_Routerboard_script policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=\
    apr/21/2018 start-time=03:30:00
add interval=2d name="Upgrade RouterOS" on-event=Update_RouterOS_script \
    policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \
    start-date=apr/25/2018 start-time=03:00:00
add interval=1w3d name="flush dns cache" on-event="ip dns cache flush" \
    policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \
    start-date=may/19/2018 start-time=04:00:00
/system script
add dont-require-permissions=no name=Update_RouterOS_script owner=admin \
    policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive source="\
    /system package update\r\
    \ncheck-for-updates once\r\
    \n:delay 3s;\r\
    \n:if ( [get status] = \"New version is available\") do={ install };\r\
    \n\r\
    \n/system reboot"
add dont-require-permissions=no name=Update_Routerboard_script owner=admin \
    policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive source="\
    /system routerboard upgrade\r\
    \n\r\
    \n:delay 3s;\r\
    \n\r\
    \n /system reboot\r\
    \n"
/tool user-manager database
set db-path=user-manager

Link al commento
Condividi su altri siti
  • 4 weeks later...

abbio90

abbio90

Inserita:
  • Autore
Inserita:

risolto, avevo fatto un copia incolla delle porte e non avevo notato che mancava la in interface...per cui con la porta 80 e 443 aperte la RB si perdeva

Link al commento
Condividi su altri siti

Crea un account o accedi per commentare

Devi essere un utente per poter lasciare un commento

Crea un account

Registrati per un nuovo account nella nostra comunità. è facile!

Registra un nuovo account

Accedi

Hai già un account? Accedi qui.

Accedi ora
 Share
Vai alla lista discussioni
×
×
  • Crea nuovo/a...