abbio90 Inserito: 15 giugno 2019 Segnala Inserito: 15 giugno 2019 Buonasera, qualcuno può aiutarmi con questa configurazione? Rb4011... Non naviga ne la lan ne la rete guest ma la rb va su internet e i servizi pubblicati all.esterno sono raggiungibili # jun/15/2019 16:44:54 by RouterOS 6.44.3 # software id = SPWF-MC4C # # model = RB4011iGS+5HacQ2HnD # serial number = 96890943DDBE /interface bridge add name=bridge_LAN add name=bridge_guest /interface wireless set [ find default-name=wlan1 ] band=5ghz-n/ac channel-width=20/40/80mhz-Ceee \ disabled=no frequency=5600 frequency-mode=superchannel installation=\ indoor mode=ap-bridge name=wlan1_5ghz ssid=Wifine_A wireless-protocol=\ 802.11 set [ find default-name=wlan2 ] band=2ghz-b/g/n channel-width=20/40mhz-Ce \ disabled=no frequency=2437 frequency-mode=superchannel installation=\ indoor mode=ap-bridge name="wlan2 2Ghz" ssid=Wifine_A wireless-protocol=\ 802.11 /interface ethernet set [ find default-name=ether1 ] name=ether1_WAN /interface vlan add interface=ether2 name=vlan_local vlan-id=10 /interface ethernet switch port set 0 default-vlan-id=0 set 1 default-vlan-id=0 set 2 default-vlan-id=0 set 3 default-vlan-id=0 set 4 default-vlan-id=0 set 5 default-vlan-id=0 set 6 default-vlan-id=0 set 7 default-vlan-id=0 set 8 default-vlan-id=0 set 9 default-vlan-id=0 set 10 default-vlan-id=0 set 11 default-vlan-id=0 /interface wireless security-profiles set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk eap-methods="" \ mode=dynamic-keys supplicant-identity=MikroTik wpa-pre-shared-key=\ fafeffa289ne wpa2-pre-shared-key=fafeffa289ne add authentication-types=wpa-psk,wpa2-psk eap-methods="" mode=dynamic-keys \ name=AP_guest supplicant-identity="" wpa-pre-shared-key=12345678 \ wpa2-pre-shared-key=12345678 /interface wireless add disabled=no keepalive-frames=disabled mac-address=BA:69:F4:D2:E9:ED \ master-interface=wlan1_5ghz multicast-buffering=disabled name=\ "wlan3_guest 5Ghz" security-profile=AP_guest ssid=Guest_5GHZ \ wds-cost-range=0 wds-default-cost=0 wps-mode=disabled add disabled=no keepalive-frames=disabled mac-address=BA:69:F4:B6:8C:FA \ master-interface="wlan2 2Ghz" multicast-buffering=disabled name=\ "wlan4_guest 2Ghz" security-profile=AP_guest ssid=Guest_5GHZ \ wds-cost-range=0 wds-default-cost=0 wps-mode=disabled /interface vlan add interface="wlan3_guest 5Ghz" name=vlan_guest vlan-id=20 /ip pool add name=dhcp_LAN ranges=192.168.2.100-192.168.2.250 add name=dhcp_guest ranges=10.10.157.25-10.10.157.250 /ip dhcp-server add address-pool=dhcp_LAN disabled=no interface=bridge_LAN name=dhcp-serv.LAN add address-pool=dhcp_guest disabled=no interface=bridge_guest name=\ dhcp-serv.guest /queue type add kind=pcq name="pcq down" pcq-classifier=dst-address \ pcq-dst-address6-mask=64 pcq-rate=4M pcq-src-address6-mask=64 add kind=pcq name="pcq up" pcq-classifier=dst-address pcq-dst-address6-mask=\ 64 pcq-rate=2M pcq-src-address6-mask=64 /queue simple add name=limit_speed_guest queue="pcq up/pcq down" target=10.10.157.0/24 /tool user-manager customer set admin access=\ own-routers,own-users,own-profiles,own-limits,config-payment-gw /interface bridge port add bridge=bridge_LAN interface=ether2 add bridge=bridge_LAN interface=ether3 add bridge=bridge_LAN interface=ether4 add bridge=bridge_LAN interface=ether5 add bridge=bridge_LAN interface=ether6 add bridge=bridge_LAN interface=ether7 add bridge=bridge_LAN interface=ether8 add bridge=bridge_LAN interface=ether9 add bridge=bridge_LAN interface=ether10 add bridge=bridge_LAN interface="wlan2 2Ghz" add bridge=bridge_LAN interface=wlan1_5ghz add bridge=bridge_LAN interface=sfp-sfpplus1 add bridge=bridge_LAN interface=vlan_local add bridge=bridge_guest interface="wlan3_guest 5Ghz" add bridge=bridge_guest interface="wlan4_guest 2Ghz" add bridge=bridge_guest interface=vlan_guest /ip neighbor discovery-settings set discover-interface-list=none /ip address add address=192.168.1.2/24 interface=ether1_WAN network=192.168.1.0 add address=192.168.2.1/24 interface=bridge_LAN network=192.168.2.0 add address=10.10.157.254/24 interface=vlan_guest network=10.10.157.0 /ip cloud set ddns-enabled=yes ddns-update-interval=1m update-time=no /ip dhcp-server network add address=10.10.157.0/24 dns-server=10.10.157.254 gateway=10.10.157.254 \ netmask=24 ntp-server=193.204.114.105 add address=192.168.2.0/24 dns-server=192.168.2.1 gateway=192.168.2.1 \ netmask=24 ntp-server=193.204.114.105 /ip dns set allow-remote-requests=yes servers=1.1.1.1,8.8.8.8 /ip firewall filter add action=drop chain=forward comment="DROP RETE GUEST" dst-address=\ 10.10.157.0/24 src-address=192.168.2.0/24 add action=drop chain=forward dst-address=192.168.2.0/24 src-address=\ 10.10.157.0/24 add action=drop chain=input dst-port=8291 protocol=tcp src-address=\ 10.10.157.0/24 /ip firewall nat add action=masquerade chain=srcnat comment="Masquerade WAN" out-interface=\ ether1_WAN add action=dst-nat chain=dstnat comment=\ "porta 20 su porta 20 Nas 192.168.2.100" dst-port=20 protocol=tcp \ src-address-list="" to-addresses=192.168.2.100 to-ports=20 add action=dst-nat chain=dstnat comment=\ "porta 21 su porta 21 Nas 192.168.2.100" dst-port=21 protocol=tcp \ src-address-list="" to-addresses=192.168.2.100 to-ports=21 add action=dst-nat chain=dstnat comment=\ "porta 8080 su porta 8080 Nas 192.168.2.100" dst-port=8080 protocol=tcp \ src-address-list="" to-addresses=192.168.2.100 to-ports=8080 add action=dst-nat chain=dstnat comment=\ "porta 80 su porta 80 Nas 192.168.2.100" dst-port=80 protocol=tcp \ src-address-list="" to-addresses=192.168.2.100 to-ports=80 add action=dst-nat chain=dstnat comment=\ "porta 8083 su porta 8083 Nas 192.168.2.100" dst-port=8083 protocol=tcp \ src-address-list="" to-addresses=192.168.2.100 to-ports=8083 add action=dst-nat chain=dstnat comment=\ "porta 82 su porta 82 Vimar Videosorveg 192.168.2.2" dst-port=82 \ protocol=tcp src-address-list="" to-addresses=192.168.2.2 to-ports=82 add action=dst-nat chain=dstnat comment=\ "porta 6036 su porta 6036 Vimar Videosorveg 192.168.2.2" dst-port=6036 \ protocol=tcp src-address-list="" to-addresses=192.168.2.2 to-ports=6036 add action=dst-nat chain=dstnat comment=\ "porta 554 su porta 554 Vimar Videosorveg 192.168.2.2" dst-port=554 \ protocol=tcp src-address-list="" to-addresses=192.168.2.2 to-ports=554 add action=dst-nat chain=dstnat comment=\ "porta 443 su porta 443 Vimar Domotico 192.168.2.4" dst-port=443 \ protocol=tcp src-address-list="" to-addresses=192.168.2.4 to-ports=443 add action=dst-nat chain=dstnat comment=\ "porta 443 su porta 443 Vimar Domotico 192.168.2.4 udp" dst-port=443 \ protocol=udp src-address-list="" to-addresses=192.168.2.4 to-ports=443 /ip route add distance=1 gateway=192.168.1.1 add distance=1 dst-address=10.140.100.254/32 gateway=10.166.42.1 add distance=1 dst-address=10.246.159.50/32 gateway=192.168.90.1 /ip service set telnet disabled=yes set ftp disabled=yes set www disabled=yes set ssh disabled=yes /system clock set time-zone-name=Europe/Rome /system identity set name=Router-Roberto /system leds add interface="wlan2 2Ghz" leds="wlan2 2Ghz_signal1-led,wlan2 2Ghz_signal2-led\ ,wlan2 2Ghz_signal3-led,wlan2 2Ghz_signal4-led,wlan2 2Ghz_signal5-led" \ type=wireless-signal-strength add interface="wlan2 2Ghz" leds="wlan2 2Ghz_tx-led" type=interface-transmit add interface="wlan2 2Ghz" leds="wlan2 2Ghz_rx-led" type=interface-receive /system ntp client set enabled=yes primary-ntp=193.204.114.105 secondary-ntp=10.0.32.138 /system routerboard settings set silent-boot=yes /system scheduler add interval=1w3d name="Upgrade Firmware Routerboard" on-event=\ Update_Routerboard_script policy=\ ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=\ apr/21/2018 start-time=03:30:00 add interval=2d name="Upgrade RouterOS" on-event=Update_RouterOS_script \ policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \ start-date=apr/25/2018 start-time=03:00:00 add interval=1w3d name="flush dns cache" on-event="ip dns cache flush" \ policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \ start-date=may/19/2018 start-time=04:00:00 /system script add dont-require-permissions=no name=Update_RouterOS_script owner=admin \ policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive source="\ /system package update\r\ \ncheck-for-updates once\r\ \n:delay 3s;\r\ \n:if ( [get status] = \"New version is available\") do={ install };\r\ \n\r\ \n/system reboot" add dont-require-permissions=no name=Update_Routerboard_script owner=admin \ policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive source="\ /system routerboard upgrade\r\ \n\r\ \n:delay 3s;\r\ \n\r\ \n /system reboot\r\ \n" /tool user-manager database set db-path=user-manager
abbio90 Inserita: 7 luglio 2019 Autore Segnala Inserita: 7 luglio 2019 risolto, avevo fatto un copia incolla delle porte e non avevo notato che mancava la in interface...per cui con la porta 80 e 443 aperte la RB si perdeva
Messaggi consigliati
Crea un account o accedi per commentare
Devi essere un utente per poter lasciare un commento
Crea un account
Registrati per un nuovo account nella nostra comunità. è facile!
Registra un nuovo accountAccedi
Hai già un account? Accedi qui.
Accedi ora