HI anav.
sorry for delay ! I read some post on HOW to send router config. Hope I've done well!
please don misunderstand me. Thanks
sorry for delay ! I read some post on HOW to send router config. Hope I've done well!
please don misunderstand me. Thanks
Code:
# 2025-04-15 18:45:01 by RouterOS 7.18.2# software id = *******## model = E50UG# serial number = *******/interface bridgeadd admin-mac=******* auto-mac=no comment=defconf name=bridge/interface listadd comment=defconf name=WANadd comment=defconf name=LAN/ip pooladd name=dhcp ranges=192.168.88.100-192.168.88.254add name=vpn ranges=192.168.89.2-192.168.89.255/ip dhcp-serveradd address-pool=dhcp interface=bridge name=defconf/ppp profileset *FFFFFFFE local-address=192.168.89.1 remote-address=vpn/disk settingsset auto-media-interface=bridge auto-media-sharing=yes auto-smb-sharing=yes/interface bridge portadd bridge=bridge comment=defconf interface=ether2add bridge=bridge comment=defconf interface=ether3add bridge=bridge comment=defconf interface=ether4add bridge=bridge comment=defconf interface=ether5/ip neighbor discovery-settingsset discover-interface-list=LAN lldp-med-net-policy-vlan=1/interface l2tp-server serverset enabled=yes use-ipsec=yes/interface list memberadd comment=defconf interface=bridge list=LANadd comment=defconf interface=ether1 list=WAN/interface ovpn-server serveradd mac-address=FE:33:86:FA:C5:26 name=ovpn-server1/ip addressadd address=192.168.88.1/24 comment=defconf interface=bridge network=\ 192.168.88.0/ip cloudset ddns-enabled=yes update-time=no/ip dhcp-clientadd comment=defconf interface=ether1/ip dhcp-server leaseadd address=192.168.88.11 client-id=1:a8:20:66:12:3f:a2 mac-address=\ A8:20:66:12:3F:A2 server=defconfadd address=192.168.88.20 client-id=1:d0:d2:b0:94:38:6e mac-address=\ D0:D2:B0:94:38:6E server=defconfadd address=192.168.88.10 client-id=1:a0:36:bc:58:ae:a2 mac-address=\ A0:36:BC:58:AE:A2 server=defconfadd address=192.168.88.21 mac-address=00:05:CD:A0:B9:E9 server=defconfadd address=192.168.88.30 client-id=1:90:f6:52:ee:76:6f mac-address=\ 90:F6:52:EE:76:6F server=defconfadd address=192.168.88.3 client-id=1:7c:f1:7e:66:84:a0 mac-address=\ 7C:F1:7E:66:84:A0 server=defconf/ip dhcp-server networkadd address=192.168.88.0/24 comment=defconf dns-server=192.168.88.1 gateway=\ 192.168.88.1/ip dnsset allow-remote-requests=yes/ip dns staticadd address=192.168.88.1 comment=defconf name=router.lan type=A/ip firewall filteradd action=accept chain=input comment=\ "defconf: accept established,related,untracked" connection-state=\ established,related,untrackedadd action=accept chain=input comment="allow IPsec NAT" dst-port=4500 \ protocol=udpadd action=accept chain=input comment="allow IKE" dst-port=500 protocol=udpadd action=accept chain=input comment="allow l2tp" dst-port=1701 protocol=udpadd action=drop chain=input comment="defconf: drop invalid" connection-state=\ invalidadd action=accept chain=input comment="defconf: accept ICMP" protocol=icmpadd action=accept chain=input comment=\ "defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1add action=drop chain=input comment="defconf: drop all not coming from LAN" \ in-interface-list=!LANadd action=accept chain=forward comment="defconf: accept in ipsec policy" \ ipsec-policy=in,ipsecadd action=accept chain=forward comment="defconf: accept out ipsec policy" \ ipsec-policy=out,ipsecadd action=fasttrack-connection chain=forward comment="defconf: fasttrack" \ connection-state=established,related hw-offload=yesadd action=accept chain=forward comment=\ "defconf: accept established,related, untracked" connection-state=\ established,related,untrackedadd action=drop chain=forward comment="defconf: drop invalid" \ connection-state=invalidadd action=drop chain=forward comment=\ "defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \ connection-state=new in-interface-list=WANadd action=passthrough chain=forward comment=CAM dst-address=192.168.88.30 \ dst-port=80 protocol=udp src-port=120/ip firewall natadd action=masquerade chain=srcnat comment="defconf: masquerade" \ ipsec-policy=out,none out-interface-list=WANadd action=masquerade chain=srcnat comment="masq. vpn traffic" src-address=\ 192.168.89.0/24/ipv6 firewall address-listadd address=::/128 comment="defconf: unspecified address" list=bad_ipv6add address=::1/128 comment="defconf: lo" list=bad_ipv6add address=fec0::/10 comment="defconf: site-local" list=bad_ipv6add address=::ffff:0.0.0.0/96 comment="defconf: ipv4-mapped" list=bad_ipv6add address=::/96 comment="defconf: ipv4 compat" list=bad_ipv6add address=100::/64 comment="defconf: discard only " list=bad_ipv6add address=2001:db8::/32 comment="defconf: documentation" list=bad_ipv6add address=2001:10::/28 comment="defconf: ORCHID" list=bad_ipv6add address=3ffe::/16 comment="defconf: 6bone" list=bad_ipv6/ipv6 firewall filteradd action=accept chain=input comment=\ "defconf: accept established,related,untracked" connection-state=\ established,related,untrackedadd action=drop chain=input comment="defconf: drop invalid" connection-state=\ invalidadd action=accept chain=input comment="defconf: accept ICMPv6" protocol=\ icmpv6add action=accept chain=input comment="defconf: accept UDP traceroute" \ dst-port=33434-33534 protocol=udpadd action=accept chain=input comment=\ "defconf: accept DHCPv6-Client prefix delegation." dst-port=546 protocol=\ udp src-address=fe80::/10add action=accept chain=input comment="defconf: accept IKE" dst-port=500,4500 \ protocol=udpadd action=accept chain=input comment="defconf: accept ipsec AH" protocol=\ ipsec-ahadd action=accept chain=input comment="defconf: accept ipsec ESP" protocol=\ ipsec-espadd action=accept chain=input comment=\ "defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsecadd action=drop chain=input comment=\ "defconf: drop everything else not coming from LAN" in-interface-list=\ !LANadd action=accept chain=forward comment=\ "defconf: accept established,related,untracked" connection-state=\ established,related,untrackedadd action=drop chain=forward comment="defconf: drop invalid" \ connection-state=invalidadd action=drop chain=forward comment=\ "defconf: drop packets with bad src ipv6" src-address-list=bad_ipv6add action=drop chain=forward comment=\ "defconf: drop packets with bad dst ipv6" dst-address-list=bad_ipv6add action=drop chain=forward comment="defconf: rfc4890 drop hop-limit=1" \ hop-limit=equal:1 protocol=icmpv6add action=accept chain=forward comment="defconf: accept ICMPv6" protocol=\ icmpv6add action=accept chain=forward comment="defconf: accept HIP" protocol=139add action=accept chain=forward comment="defconf: accept IKE" dst-port=\ 500,4500 protocol=udpadd action=accept chain=forward comment="defconf: accept ipsec AH" protocol=\ ipsec-ahadd action=accept chain=forward comment="defconf: accept ipsec ESP" protocol=\ ipsec-espadd action=accept chain=forward comment=\ "defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsecadd action=drop chain=forward comment=\ "defconf: drop everything else not coming from LAN" in-interface-list=\ !LAN/ppp secretadd name=vpn/system clockset time-zone-name=America/Argentina/Buenos_Aires/system noteset show-at-login=no/tool e-mailset from="" server=none/tool mac-serverset allowed-interface-list=LAN/tool mac-server mac-winboxset allowed-interface-list=LANSince you didnt bother to post config, Im outta here good luck. Others have more patience than I.
Statistics: Posted by sdanieltan — Sat Apr 19, 2025 9:15 pm
