I apologize for the delayed response.
I am very relieved to hear that the tests can proceed smoothly. Your reliable and thorough support has been truly helpful, and I sincerely appreciate it.
As per your advice, I have made the changes to the settings. I am attaching the file.
I would appreciate it if you could provide any feedback or suggestions.
I would like to express my gratitude once again for the strong support from jaclaz-san and everyone at MikroTik Forum.
AP
Station
I am very relieved to hear that the tests can proceed smoothly. Your reliable and thorough support has been truly helpful, and I sincerely appreciate it.
As per your advice, I have made the changes to the settings. I am attaching the file.
I would appreciate it if you could provide any feedback or suggestions.
I would like to express my gratitude once again for the strong support from jaclaz-san and everyone at MikroTik Forum.
AP
Code:
# 1970-01-02 00:45:41 by RouterOS 7.16.1# software id = JKCS-J7VB## model = RBMetalG-52SHPacn# serial number = HGZ0ABAN9E7/interface bridgeadd name=bridge2/interface wirelessset [ find default-name=wlan1 ] band=2ghz-b country=japan disabled=no \ frequency=auto installation=outdoor mode=ap-bridge ssid=Metal52ac_SN005 \ wireless-protocol=802.11/interface listadd comment=defconf name=WANadd comment=defconf name=LAN/interface lte apnset [ find default=yes ] ip-type=ipv4 use-network-apn=no/interface wireless security-profilesset [ find default=yes ] supplicant-identity=MikroTik/ip pooladd name=default-dhcp ranges=192.168.88.10-192.168.88.254/interface bridge portadd bridge=bridge2 interface=ether1add bridge=bridge2 disabled=yes interface=wlan1/ip firewall connection trackingset udp-timeout=10s/ip neighbor discovery-settingsset discover-interface-list=LAN/ip settingsset max-neighbor-entries=8192/ipv6 settingsset disable-ipv6=yes max-neighbor-entries=8192/interface list memberadd interface=wlan1 list=WANadd interface=ether1 list=LANadd interface=bridge2 list=LAN/interface ovpn-server serverset auth=sha1,md5/ip addressadd address=10.1.0.21/8 comment=defconf disabled=yes interface=ether1 \ network=10.0.0.0add address=192.168.20.245/24 interface=wlan1 network=192.168.20.0/ip dhcp-clientadd comment=defconf disabled=yes interface=wlan1/ip dhcp-server# DHCP server can not run on slave interface!add address-pool=default-dhcp interface=ether1 lease-time=10m name=defconf/ip dhcp-server networkadd address=192.168.88.0/24 comment=defconf dns-server=192.168.88.1 gateway=\ 192.168.88.1/ip dnsset allow-remote-requests=yes/ip dns staticadd address=192.168.20.245 comment=defconf name=router.lan type=A/ip firewall filteradd action=accept chain=input comment=\ "defconf: accept established,related,untracked" connection-state=\ established,related,untracked disabled=yesadd action=drop chain=input comment="defconf: drop invalid" connection-state=\ invalid disabled=yesadd action=accept chain=input comment="defconf: accept ICMP" disabled=yes \ protocol=icmpadd action=accept chain=input comment=\ "defconf: accept to local loopback (for CAPsMAN)" disabled=yes \ dst-address=127.0.0.1add action=drop chain=input comment="defconf: drop all not coming from LAN" \ disabled=yes in-interface-list=!LANadd action=accept chain=forward comment="defconf: accept in ipsec policy" \ disabled=yes ipsec-policy=in,ipsecadd action=accept chain=forward comment="defconf: accept out ipsec policy" \ disabled=yes ipsec-policy=out,ipsecadd action=fasttrack-connection chain=forward comment="defconf: fasttrack" \ connection-state=established,related disabled=yes hw-offload=yesadd action=accept chain=forward comment=\ "defconf: accept established,related, untracked" connection-state=\ established,related,untracked disabled=yesadd action=drop chain=forward comment="defconf: drop invalid" \ connection-state=invalid disabled=yesadd action=drop chain=forward comment=\ "defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \ connection-state=new disabled=yes in-interface-list=WAN/ip firewall natadd action=masquerade chain=srcnat comment="defconf: masquerade" disabled=yes \ ipsec-policy=out,none out-interface-list=WAN/ip hotspot profileset [ find default=yes ] html-directory=hotspot/ip ipsec profileset [ find default=yes ] dpd-interval=2m dpd-maximum-failures=5/routing bfd configurationadd disabled=no interfaces=all min-rx=200ms min-tx=200ms multiplier=5/system noteset show-at-login=no/tool mac-serverset allowed-interface-list=LAN/tool mac-server mac-winboxset allowed-interface-list=LANCode:
# 1970-01-02 00:14:16 by RouterOS 7.16.1# software id = JEZG-JYL8## model = RBMetalG-52SHPacn# serial number = HE108V4V78X/interface bridgeadd name=bridge1/interface wirelessset [ find default-name=wlan1 ] band=2ghz-b country=japan disabled=no \ frequency=auto installation=outdoor mode=station-bridge ssid=\ Metal52ac_SN005 tx-power=20 tx-power-mode=all-rates-fixed \ wireless-protocol=802.11/interface listadd comment=defconf name=WANadd comment=defconf name=LAN/interface lte apnset [ find default=yes ] ip-type=ipv4 use-network-apn=no/interface wireless security-profilesset [ find default=yes ] authentication-types=wpa-psk,wpa2-psk group-ciphers=\ tkip,aes-ccm supplicant-identity=MikroTik unicast-ciphers=tkip,aes-ccm/iot lora serversadd address=eu1.cloud.thethings.industries name="TTS Cloud (eu1)" protocol=\ UDPadd address=nam1.cloud.thethings.industries name="TTS Cloud (nam1)" protocol=\ UDPadd address=au1.cloud.thethings.industries name="TTS Cloud (au1)" protocol=\ UDPadd address=eu1.cloud.thethings.network name="TTN V3 (eu1)" protocol=UDPadd address=nam1.cloud.thethings.network name="TTN V3 (nam1)" protocol=UDPadd address=au1.cloud.thethings.network name="TTN V3 (au1)" protocol=UDP/ip pooladd name=default-dhcp ranges=192.168.88.10-192.168.88.254/interface bridge portadd bridge=bridge1 interface=wlan1add bridge=bridge1 interface=ether1/ip firewall connection trackingset udp-timeout=10s/ip neighbor discovery-settingsset discover-interface-list=LAN/ip settingsset max-neighbor-entries=8192/ipv6 settingsset disable-ipv6=yes max-neighbor-entries=8192/interface list memberadd comment=defconf interface=ether1 list=LANadd comment=defconf interface=wlan1 list=WANadd interface=bridge1 list=LAN/interface ovpn-server serverset auth=sha1,md5/ip addressadd address=192.168.20.244/24 comment=defconf interface=ether1 network=\ 192.168.20.0/ip dhcp-clientadd comment=defconf disabled=yes interface=wlan1/ip dhcp-serveradd address-pool=default-dhcp interface=ether1 lease-time=10m name=defconf/ip dhcp-server networkadd address=192.168.20.0/24 comment=defconf dns-server=192.168.20.244 \ gateway=192.168.20.244 netmask=24/ip dnsset allow-remote-requests=yes/ip dns staticadd address=192.168.20.244 comment=defconf name=router.lan type=A/ip firewall filteradd action=accept chain=input comment=\ "defconf: accept established,related,untracked" connection-state=\ established,related,untracked disabled=yesadd action=drop chain=input comment="defconf: drop invalid" connection-state=\ invalid disabled=yesadd action=accept chain=input comment="defconf: accept ICMP" disabled=yes \ protocol=icmpadd action=accept chain=input comment=\ "defconf: accept to local loopback (for CAPsMAN)" disabled=yes \ dst-address=127.0.0.1add action=drop chain=input comment="defconf: drop all not coming from LAN" \ disabled=yes in-interface-list=!LANadd action=accept chain=forward comment="defconf: accept in ipsec policy" \ disabled=yes ipsec-policy=in,ipsecadd action=accept chain=forward comment="defconf: accept out ipsec policy" \ disabled=yes ipsec-policy=out,ipsecadd action=fasttrack-connection chain=forward comment="defconf: fasttrack" \ connection-state=established,related disabled=yes hw-offload=yesadd action=accept chain=forward comment=\ "defconf: accept established,related, untracked" connection-state=\ established,related,untracked disabled=yesadd action=drop chain=forward comment="defconf: drop invalid" \ connection-state=invalid disabled=yesadd action=drop chain=forward comment=\ "defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \ connection-state=new disabled=yes in-interface-list=WAN/ip firewall natadd action=masquerade chain=srcnat comment="defconf: masquerade" \ ipsec-policy=out,none out-interface-list=WAN/ip hotspot profileset [ find default=yes ] html-directory=hotspot/ip ipsec profileset [ find default=yes ] dpd-interval=2m dpd-maximum-failures=5/routing bfd configurationadd disabled=no interfaces=all min-rx=200ms min-tx=200ms multiplier=5/system gpsset set-system-time=no/system identityset name=RouterOS/system noteset show-at-login=no/tool mac-serverset allowed-interface-list=LAN/tool mac-server mac-winboxset allowed-interface-list=LANStatistics: Posted by Masanori — Fri Mar 21, 2025 12:40 pm