Микртоик и сайт https://edata.customs.ru/

[frost19555]

Приветствую!
Имеется микротик rb3011uias настройка из коробки, все работает, все отлично, все открывается, НО!!! сайт https://edata.customs.ru/ не открывается , хоть ты тресни , не подскажите куда копать? Напрямую без роутера сайт открывает.

 

#
# model = RB3011UiAS
# serial number = B88D0C0FD1CB
/interface bridge
add admin-mac=48:8F:5A:6B:F9:A2 auto-mac=no comment=defconf mtu=1500 name=\
bridge
/interface ethernet
set [ find default-name=ether1 ] mac-address=04:D4:C4:C7:C1:B0
/interface pppoe-client
add add-default-route=yes interface=ether1 name=pppoe-out1 use-peer-dns=yes \
user=ptn
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge name=defconf
/interface bridge port
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
add bridge=bridge comment=defconf interface=ether6
add bridge=bridge comment=defconf interface=ether7
add bridge=bridge comment=defconf interface=ether8
add bridge=bridge comment=defconf interface=ether9
add bridge=bridge comment=defconf interface=ether10
add bridge=bridge comment=defconf interface=sfp1
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=WAN
add interface=pppoe-out1 list=WAN
/ip address
add address=192.168.88.1/24 comment=defconf interface=ether2 network=\
192.168.88.0
add address=188.186.141.246/24 interface=ether1 network=188.186.141.0
/ip arp
add address=10.212.88.121 disabled=yes interface=ether1 mac-address=\
DC:E3:05:13:5A:3B
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid interface=ether1
/ip dhcp-server lease
add address=192.168.88.253 client-id=1:0:18:f5:16:9e:c0 mac-address=\
00:18:F5:16:9E:C0 server=defconf
add address=192.168.88.252 client-id=1:1c:6f:65:5b:27:95 mac-address=\
1C:6F:65:5B:27:95 server=defconf
add address=192.168.88.251 client-id=1:fc:aa:14:27:4d:f3 mac-address=\
FC:AA:14:27:4D:F3 server=defconf
add address=192.168.88.250 client-id=1:90:2b:34:46:28:f1 mac-address=\
90:2B:34:46:28:F1 server=defconf
add address=192.168.88.249 client-id=1:f8:32:e4:be:60:26 mac-address=\
F8:32:E4:BE:60:26 server=defconf
add address=192.168.88.248 client-id=1:40:16:7e:73:3:ad mac-address=\
40:16:7E:73:03:AD server=defconf
add address=192.168.88.247 client-id=1:6c:f0:49:16:a3:d mac-address=\
6C:F0:49:16:A3:0D server=defconf
add address=192.168.88.246 client-id=1:40:8d:5c:c3:c9:0 mac-address=\
40:8D:5C:C3:C9:00 server=defconf
add address=192.168.88.245 client-id=1:18:f:76:c3:67:4 mac-address=\
18:0F:76:C3:67:04 server=defconf
add address=192.168.88.244 client-id=1:e4:e7:49:a6:5d:77 mac-address=\
E4:E7:49:A6:5D:77 server=defconf
add address=192.168.88.243 client-id=1:9e:e5:11:11:8e:1a mac-address=\
9E:E5:11:11:8E:1A server=defconf
add address=192.168.88.241 client-id=1:78:7b:8a:c9:85:a4 mac-address=\
78:7B:8A:C9:85:A4 server=defconf
add address=192.168.88.240 client-id=1:ac:e2:d3:47:6c:70 mac-address=\
AC:E2:D3:47:6C:70 server=defconf
add address=192.168.88.239 client-id=1:74:d4:35:1c:42:ed mac-address=\
74:D4:35:1C:42:ED server=defconf
add address=192.168.88.238 client-id=1:f4:30:b9:f0:b3:9c mac-address=\
F4:30:B9:F0:B3:9C server=defconf
add address=192.168.88.237 client-id=1:90:2b:34:5:fd:49 mac-address=\
90:2B:34:05:FD:49 server=defconf
add address=192.168.88.236 client-id=1:e0:3f:49:56:38:54 mac-address=\
E0:3F:49:56:38:54 server=defconf
add address=192.168.88.235 client-id=1:80:ad:16:77:9a:4 mac-address=\
80:AD:16:77:9A:04 server=defconf
add address=192.168.88.242 client-id=1:4:d6:aa:65:13:ea mac-address=\
04:D6:AA:65:13:EA server=defconf
add address=192.168.88.234 client-id=1:0:bb:c1:76:a5:6b mac-address=\
00:BB:C1:76:A5:6B server=defconf
add address=192.168.88.233 client-id=1:90:2b:34:13:6d:a8 mac-address=\
90:2B:34:13:6D:A8 server=defconf
add address=192.168.88.232 client-id=1:e0:d5:5e37:b2 mac-address=\
E0:D5:5E:0B:37:B2 server=defconf
add address=192.168.88.231 client-id=1:a4:45:19:d:16:1b mac-address=\
A4:45:19:0D:16:1B server=defconf
add address=192.168.88.230 client-id=1:8c:c8:4b:93:89:8b mac-address=\
8C:C8:4B:93:89:8B server=defconf
add address=192.168.88.229 client-id=1:9c:5c:f9:2a:7:87 mac-address=\
9C:5C:F9:2A:07:87 server=defconf
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes servers=109.195.80.1,109.195.81.1
/ip dns static
add address=192.168.88.1 comment=defconf name=router.lan
/ip firewall address-list
add address=10.212.88.0/24 list=NetBLOCK
add address=10.212.90.0/24 list=NetBLOCK
/ip firewall filter
add action=accept chain=input comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment=\
"defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related
add action=accept chain=forward comment=\
"defconf: accept established,related, untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" connection-state=\
invalid
add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" \
connection-nat-state=!dstnat connection-state=new in-interface-list=WAN
/ip firewall mangle
add action=change-mss chain=forward new-mss=1360 protocol=tcp tcp-flags=syn \
tcp-mss=1453-65535
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=\
out,none out-interface-list=WAN
/ip route
add distance=1 gateway=188.186.141.254
/ip service
set www-ssl disabled=no
set winbox address=192.168.88.0/24
/lcd
set time-interval=hour
/system clock
set time-zone-name=Europe/Moscow
/system ntp client
set enabled=yes primary-ntp=91.207.136.55
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN
/tool traffic-monitor
add interface=ether1 name=tmon1
add interface=ether2 name=lan
add interface=ether3 name=wi-fi

[KaNelam]

Приветствую!
Имеется микротик rb3011uias настройка из коробки, все работает, все отлично, все открывается, НО!!! сайт https://edata.customs.ru/ не открывается , хоть ты тресни , не подскажите куда копать? Напрямую без роутера сайт открывает.

Красным вверху, ознакомьтесь, пункт 5.