See attached image. The 10.x.x.x mikrotik range cannot be changed and I prefer not to change the router ip assignet as I use it to go back and forth between two sources of internet connectivity.
I hope the below helps:
export hide-sensitive
# jun/03/2024 12:56:32 by RouterOS 6.49.14
# software id = 0QCX-3X33
#
# model = RouterBOARD SXTsq G-5acD
# serial number = 899008273C63
/interface bridge
add fast-forward=no name=local
add fast-forward=no name=mesh protocol-mode=none
add fast-forward=no name=wds protocol-mode=none
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
add authentication-types=wpa-psk,wpa2-psk management-protection=allowed mode=dynamic-keys name=bostonmeshnet supplicant-identity=bostonmesh
/interface wireless
set [ find default-name=wlan1 ] antenna-gain=0 band=5ghz-a/n/ac channel-width=20/40/80mhz-Ceee comment="uses bostonmesh-1025-omni via mesh bridge" country="united states3" disabled=no frequency=9584 installation=\
any mode=station-bridge radio-name=bostonmesh-9584-sxt security-profile=bostonmeshnet ssid=bostonmesh-48-omni wireless-protocol=802.11 wps-mode=disabled
/interface wireless manual-tx-power-table
set wlan1 comment="uses bostonmesh-1025-omni via mesh bridge"
/interface wireless nstreme
set wlan1 comment="uses bostonmesh-1025-omni via mesh bridge"
/ip pool
add name=local ranges=10.101.24.134-10.101.24.185
/ip dhcp-server
add address-pool=local disabled=no interface=local name=localdhcp
/routing ospf instance
set [ find default=yes ] redistribute-connected=as-type-1 router-id=10.69.52.118
/interface bridge filter
add action=drop chain=forward in-bridge=mesh
add action=drop chain=forward in-bridge=wds
/interface bridge port
add bridge=local interface=ether1
add bridge=mesh interface=wlan1
add bridge=wds interface=dynamic internal-path-cost=100 path-cost=100
/interface bridge settings
set use-ip-firewall=yes
/interface wireless connect-list
add allow-signal-out-of-range=3s disabled=yes interface=wlan1 security-profile=bostonmeshnet signal-range=-75..120
add connect=no disabled=yes interface=wlan1 security-profile=bostonmeshnet signal-range=-120..-75
/ip address
add address=10.101.24.129/26 interface=local network=10.101.24.128
add address=10.69.52.118/16 interface=mesh network=10.69.0.0
add address=10.68.52.118/16 interface=wds network=10.68.0.0
/ip dhcp-server network
add address=10.101.24.128/26 dns-server=10.10.10.10,10.101.24.129 gateway=10.101.24.129 netmask=26
/ip dns
set allow-remote-requests=yes servers=10.10.10.10,1.1.1.1
/ip firewall address-list
add address=10.0.0.0/8 list=meshaddr
add address=199.167.59.0/24 list=meshaddr
add address=199.170.132.0/24 list=meshaddr
/ip firewall filter
add action=accept chain=input protocol=icmp
add action=accept chain=input dst-port=53 protocol=udp
add action=accept chain=input connection-state=established,related
add action=drop chain=input src-address-list=!meshaddr
/ip firewall service-port
set ftp disabled=yes
set tftp disabled=yes
set irc disabled=yes
set h323 disabled=yes
set sip disabled=yes
set pptp disabled=yes
set udplite disabled=yes
set dccp disabled=yes
set sctp disabled=yes
/routing filter
add chain=ospf-in set-bgp-communities=65000:110 set-distance=205
/routing ospf interface
add interface=mesh network-type=ptmp
add cost=30 interface=wds network-type=ptmp
/routing ospf network
add area=backbone network=10.69.0.0/16
add area=backbone network=10.68.0.0/16
/snmp
set enabled=yes
/system clock
set time-zone-name=America/Boston
/system identity
set name=bostonmesh-9584-sxt
/system ntp client
set enabled=yes primary-ntp=10.10.10.123 server-dns-names=0.pool.ntp.org
![Image]()
I hope the below helps:
export hide-sensitive
# jun/03/2024 12:56:32 by RouterOS 6.49.14
# software id = 0QCX-3X33
#
# model = RouterBOARD SXTsq G-5acD
# serial number = 899008273C63
/interface bridge
add fast-forward=no name=local
add fast-forward=no name=mesh protocol-mode=none
add fast-forward=no name=wds protocol-mode=none
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
add authentication-types=wpa-psk,wpa2-psk management-protection=allowed mode=dynamic-keys name=bostonmeshnet supplicant-identity=bostonmesh
/interface wireless
set [ find default-name=wlan1 ] antenna-gain=0 band=5ghz-a/n/ac channel-width=20/40/80mhz-Ceee comment="uses bostonmesh-1025-omni via mesh bridge" country="united states3" disabled=no frequency=9584 installation=\
any mode=station-bridge radio-name=bostonmesh-9584-sxt security-profile=bostonmeshnet ssid=bostonmesh-48-omni wireless-protocol=802.11 wps-mode=disabled
/interface wireless manual-tx-power-table
set wlan1 comment="uses bostonmesh-1025-omni via mesh bridge"
/interface wireless nstreme
set wlan1 comment="uses bostonmesh-1025-omni via mesh bridge"
/ip pool
add name=local ranges=10.101.24.134-10.101.24.185
/ip dhcp-server
add address-pool=local disabled=no interface=local name=localdhcp
/routing ospf instance
set [ find default=yes ] redistribute-connected=as-type-1 router-id=10.69.52.118
/interface bridge filter
add action=drop chain=forward in-bridge=mesh
add action=drop chain=forward in-bridge=wds
/interface bridge port
add bridge=local interface=ether1
add bridge=mesh interface=wlan1
add bridge=wds interface=dynamic internal-path-cost=100 path-cost=100
/interface bridge settings
set use-ip-firewall=yes
/interface wireless connect-list
add allow-signal-out-of-range=3s disabled=yes interface=wlan1 security-profile=bostonmeshnet signal-range=-75..120
add connect=no disabled=yes interface=wlan1 security-profile=bostonmeshnet signal-range=-120..-75
/ip address
add address=10.101.24.129/26 interface=local network=10.101.24.128
add address=10.69.52.118/16 interface=mesh network=10.69.0.0
add address=10.68.52.118/16 interface=wds network=10.68.0.0
/ip dhcp-server network
add address=10.101.24.128/26 dns-server=10.10.10.10,10.101.24.129 gateway=10.101.24.129 netmask=26
/ip dns
set allow-remote-requests=yes servers=10.10.10.10,1.1.1.1
/ip firewall address-list
add address=10.0.0.0/8 list=meshaddr
add address=199.167.59.0/24 list=meshaddr
add address=199.170.132.0/24 list=meshaddr
/ip firewall filter
add action=accept chain=input protocol=icmp
add action=accept chain=input dst-port=53 protocol=udp
add action=accept chain=input connection-state=established,related
add action=drop chain=input src-address-list=!meshaddr
/ip firewall service-port
set ftp disabled=yes
set tftp disabled=yes
set irc disabled=yes
set h323 disabled=yes
set sip disabled=yes
set pptp disabled=yes
set udplite disabled=yes
set dccp disabled=yes
set sctp disabled=yes
/routing filter
add chain=ospf-in set-bgp-communities=65000:110 set-distance=205
/routing ospf interface
add interface=mesh network-type=ptmp
add cost=30 interface=wds network-type=ptmp
/routing ospf network
add area=backbone network=10.69.0.0/16
add area=backbone network=10.68.0.0/16
/snmp
set enabled=yes
/system clock
set time-zone-name=America/Boston
/system identity
set name=bostonmesh-9584-sxt
/system ntp client
set enabled=yes primary-ntp=10.10.10.123 server-dns-names=0.pool.ntp.org
Statistics: Posted by jeffschips — Mon Jun 03, 2024 10:19 pm