Конфиг тика в филиале ниже. Подключение провайдера по витой паре через переходник в sfp1. Схема подключения: тик1(с провайдером, L2TP клиент) - тик2(бриджом по оптике) - тик3(бриджом по оптике) - пользователи. Между ними используются модули SFP Mikrotik S-4554LC80D. Может быть проблема в MTU,MRU(у провайдера запросил настройки), так как во всех филиалах кроме этого Actual MTU указан 1450, а у этого 1496.
Код: Выделить всё
# mar/28/2024 17:03:49 by RouterOS 6.49.13
#
# model = CCR1016-12S-1S+
/interface bridge
add name=bridge1
/interface l2tp-client
add allow=mschap2 allow-fast-path=yes connect-to=**.***.***.** disabled=no \
mrru=1500 name=***** password=***** user=user6
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp ranges=192.168.66.2-192.168.66.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge1 name=dhcp1
/interface bridge port
add bridge=bridge1 interface=sfp3
add bridge=bridge1 interface=sfp4
add bridge=bridge1 interface=sfp5
add bridge=bridge1 interface=sfp6
add bridge=bridge1 interface=sfp7
add bridge=bridge1 interface=sfp8
add bridge=bridge1 interface=sfp9
add bridge=bridge1 interface=sfp10
add bridge=bridge1 interface=sfp11
add bridge=bridge1 interface=sfp12
/interface list member
add interface=sfp2 list=WAN
add interface=sfp3 list=LAN
add interface=sfp4 list=LAN
add interface=sfp5 list=LAN
add interface=sfp6 list=LAN
add interface=sfp7 list=LAN
add interface=sfp8 list=LAN
add interface=sfp9 list=LAN
add interface=sfp10 list=LAN
add interface=sfp11 list=LAN
add interface=sfp12 list=LAN
add interface=sfp1 list=WAN
add interface=bridge1 list=LAN
/ip address
add address=192.168.66.1/24 interface=bridge1 network=192.168.66.0
add address=1**.**.**.**/30 interface=sfp1 network=1**.**.**.**
add address=10.6.200.20/24 interface=sfp2 network=10.6.200.0
/ip dhcp-server lease
add address=192.168.66.244 client-id=1:0:17:c8:c3:f5:a6 mac-address=\
00:17:C8:C3:F5:A6 server=dhcp1
add address=192.168.66.237 client-id=1:0:17:c8:c2:3d:8d mac-address=\
00:17:C8:C2:3D:8D server=dhcp1
add address=192.168.66.233 client-id=1:0:c0:ee:3a:86:21 mac-address=\
00:C0:EE:3A:86:21 server=dhcp1
add address=192.168.66.234 client-id=1:0:17:c8:91:1f:c3 mac-address=\
00:17:C8:91:1F:C3 server=dhcp1
add address=192.168.66.208 mac-address=68:D7:9A:E4:CC:84 server=dhcp1
add address=192.168.66.178 client-id=1:0:c0:ee:aa:19:a8 mac-address=\
00:C0:EE:AA:19:A8 server=dhcp1
add address=192.168.66.111 client-id=1:0:17:c8:db:dd:4b mac-address=\
00:17:C8:DB:DD:4B server=dhcp1
/ip dhcp-server network
add address=0.0.0.0/24 gateway=0.0.0.0 netmask=24
add address=192.168.66.0/24 gateway=192.168.66.1 netmask=24
/ip dns
set allow-remote-requests=yes servers=\
192.168.66.1,217.150.35.129,217.150.34.129
/ip dns static
add address=192.168.66.1 name=stat
add address=192.168.0.118 name=storage
/ip firewall filter
add action=fasttrack-connection chain=forward connection-state=\
established,related
add action=accept chain=forward connection-state=established,related
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=WAN
/ip route
add distance=1 gateway=1**.**.**.**
add distance=1 gateway=10.6.200.1
add distance=1 dst-address=192.168.0.0/24 gateway=172.16.30.1 pref-src=\
192.168.66.1
/ip service
set telnet disabled=yes
set ftp address=192.168.0.0/24,192.168.66.0/24,172.16.30.1/32
set ssh address=192.168.66.0/24,192.168.0.0/24,172.16.30.1/32
set api address=192.168.0.0/24,192.168.66.0/24,172.16.30.1/32
set winbox address=192.168.66.0/24,192.168.0.0/24,172.16.30.1/32
set api-ssl address=192.168.0.0/24,192.168.66.0/24,172.16.30.1/32
/system clock
set time-zone-name=Europe/Moscow
/system identity
set name=MTPervOne
/system package update
set channel=upgrade