Конфигурация:
[?] Gives the list of available commands
command [?] Gives help on the command and list of arguments
[Tab] Completes the command/word. If the input is ambiguous,
a second [Tab] gives possible options
/ Move up to base level
.. Move up one level
/command Use command at the base level
[admin@MikroTik] > /export compact
# aug/03/2014 14:14:57 by RouterOS 6.18
# software id = ZBSP-JB00
#
/interface bridge
add l2mtu=1598 name=bridge1
/interface wireless
set [ find default-name=wlan1 ] disabled=no ht-rxchains=0 ht-txchains=0 \
l2mtu=2290 mode=ap-bridge wireless-protocol=unspecified
/interface ethernet
set [ find default-name=ether1 ] mac-address=00:01:02:9C:C6:0A name=\
"ether1 WAN"
set [ find default-name=ether2 ] arp=proxy-arp name="ether2 LAN" speed=1Gbps
set [ find default-name=ether3 ] name="ether3 LAN" speed=1Gbps
set [ find default-name=ether4 ] name="ether4 LAN" speed=1Gbps
set [ find default-name=ether5 ] name="ether5 LAN" speed=1Gbps
/ip neighbor discovery
set wlan1 discover=no
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk eap-methods="" \
mode=dynamic-keys wpa-pre-shared-key=xxxxxxxx wpa2-pre-shared-key=\
ххххххxx
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=3des,aes-256-cbc pfs-group=none
/ip pool
add name=dhcp ranges=192.168.88.2-192.168.88.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge1 name=dhcp1
/ppp profile
set 0 dns-server=10.0.0.1,10.0.0.2
set 1 dns-server=10.0.0.1,10.0.0.2
/interface l2tp-client
add add-default-route=yes allow=chap connect-to=vpn.akado-ural.ru \
default-route-distance=1 dial-on-demand=no disabled=no keepalive-timeout=\
60 max-mru=1460 max-mtu=1460 mrru=disabled name=l2tp-out1 password=\
yyyyyyyy profile=default user=zzzzzzzz
/ip neighbor discovery
set l2tp-out1 discover=no
/system logging action
set 0 memory-lines=100
set 1 disk-lines-per-file=100
/interface bridge port
add bridge=bridge1 interface="ether2 LAN"
add bridge=bridge1 interface="ether3 LAN"
add bridge=bridge1 interface="ether4 LAN"
add bridge=bridge1 interface="ether5 LAN"
add bridge=bridge1 interface=wlan1
/interface l2tp-server server
set default-profile=default max-mru=1460 max-mtu=1460
/ip address
add address=10.1.76.44/24 comment=wan interface="ether1 WAN" network=\
10.1.76.0
add address=192.168.88.1/24 interface="ether2 LAN" network=192.168.88.0
/ip dhcp-server network
add dns-server=192.168.88.1 gateway=10.1.76.44
add address=192.168.88.0/24 gateway=192.168.88.1
add address=192.168.88.1/32 gateway=192.168.88.1 netmask=32
/ip dns
set allow-remote-requests=yes servers=10.0.0.1,10.0.0.2
/ip firewall filter
add chain=input comment="Added by webbox" protocol=icmp
add chain=input comment="Added by webbox" connection-state=established \
in-interface="ether1 WAN"
add chain=input comment="Added by webbox" connection-state=related \
in-interface="ether1 WAN"
add action=drop chain=input comment="Added by webbox" in-interface=\
"ether1 WAN"
add action=jump chain=forward comment="Added by webbox" in-interface=\
"ether1 WAN" jump-target=customer
add chain=customer comment="Added by webbox" connection-state=established
add chain=customer comment="Added by webbox" connection-state=related
add action=drop chain=customer comment="Added by webbox"
/ip firewall nat
add action=masquerade chain=srcnat comment="Added by webbox" out-interface=\
"ether1 WAN"
/ip ipsec peer
add enc-algorithm=3des exchange-mode=main-l2tp generate-policy=port-override \
secret=test
/ip proxy
set parent-proxy=0.0.0.0
/ip route
add distance=1 gateway=10.1.76.3
/ip service
set telnet disabled=yes
set ftp disabled=yes
set api disabled=yes
/ip upnp
set allow-disable-external-interface=no enabled=yes
/ip upnp interfaces
add interface="ether1 WAN" type=external
add interface="ether2 LAN" type=internal
add interface="ether3 LAN" type=internal
add interface="ether4 LAN" type=internal
add interface="ether5 LAN" type=internal
add interface=wlan1 type=internal
add interface=l2tp-out1 type=internal
add interface=bridge1 type=internal
/system clock
set time-zone-name=Asia/Karachi
/system leds
set 0 interface=wlan1
/tool graphing interface
add
[admin@MikroTik] >
command [?] Gives help on the command and list of arguments
[Tab] Completes the command/word. If the input is ambiguous,
a second [Tab] gives possible options
/ Move up to base level
.. Move up one level
/command Use command at the base level
[admin@MikroTik] > /export compact
# aug/03/2014 14:14:57 by RouterOS 6.18
# software id = ZBSP-JB00
#
/interface bridge
add l2mtu=1598 name=bridge1
/interface wireless
set [ find default-name=wlan1 ] disabled=no ht-rxchains=0 ht-txchains=0 \
l2mtu=2290 mode=ap-bridge wireless-protocol=unspecified
/interface ethernet
set [ find default-name=ether1 ] mac-address=00:01:02:9C:C6:0A name=\
"ether1 WAN"
set [ find default-name=ether2 ] arp=proxy-arp name="ether2 LAN" speed=1Gbps
set [ find default-name=ether3 ] name="ether3 LAN" speed=1Gbps
set [ find default-name=ether4 ] name="ether4 LAN" speed=1Gbps
set [ find default-name=ether5 ] name="ether5 LAN" speed=1Gbps
/ip neighbor discovery
set wlan1 discover=no
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk eap-methods="" \
mode=dynamic-keys wpa-pre-shared-key=xxxxxxxx wpa2-pre-shared-key=\
ххххххxx
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=3des,aes-256-cbc pfs-group=none
/ip pool
add name=dhcp ranges=192.168.88.2-192.168.88.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge1 name=dhcp1
/ppp profile
set 0 dns-server=10.0.0.1,10.0.0.2
set 1 dns-server=10.0.0.1,10.0.0.2
/interface l2tp-client
add add-default-route=yes allow=chap connect-to=vpn.akado-ural.ru \
default-route-distance=1 dial-on-demand=no disabled=no keepalive-timeout=\
60 max-mru=1460 max-mtu=1460 mrru=disabled name=l2tp-out1 password=\
yyyyyyyy profile=default user=zzzzzzzz
/ip neighbor discovery
set l2tp-out1 discover=no
/system logging action
set 0 memory-lines=100
set 1 disk-lines-per-file=100
/interface bridge port
add bridge=bridge1 interface="ether2 LAN"
add bridge=bridge1 interface="ether3 LAN"
add bridge=bridge1 interface="ether4 LAN"
add bridge=bridge1 interface="ether5 LAN"
add bridge=bridge1 interface=wlan1
/interface l2tp-server server
set default-profile=default max-mru=1460 max-mtu=1460
/ip address
add address=10.1.76.44/24 comment=wan interface="ether1 WAN" network=\
10.1.76.0
add address=192.168.88.1/24 interface="ether2 LAN" network=192.168.88.0
/ip dhcp-server network
add dns-server=192.168.88.1 gateway=10.1.76.44
add address=192.168.88.0/24 gateway=192.168.88.1
add address=192.168.88.1/32 gateway=192.168.88.1 netmask=32
/ip dns
set allow-remote-requests=yes servers=10.0.0.1,10.0.0.2
/ip firewall filter
add chain=input comment="Added by webbox" protocol=icmp
add chain=input comment="Added by webbox" connection-state=established \
in-interface="ether1 WAN"
add chain=input comment="Added by webbox" connection-state=related \
in-interface="ether1 WAN"
add action=drop chain=input comment="Added by webbox" in-interface=\
"ether1 WAN"
add action=jump chain=forward comment="Added by webbox" in-interface=\
"ether1 WAN" jump-target=customer
add chain=customer comment="Added by webbox" connection-state=established
add chain=customer comment="Added by webbox" connection-state=related
add action=drop chain=customer comment="Added by webbox"
/ip firewall nat
add action=masquerade chain=srcnat comment="Added by webbox" out-interface=\
"ether1 WAN"
/ip ipsec peer
add enc-algorithm=3des exchange-mode=main-l2tp generate-policy=port-override \
secret=test
/ip proxy
set parent-proxy=0.0.0.0
/ip route
add distance=1 gateway=10.1.76.3
/ip service
set telnet disabled=yes
set ftp disabled=yes
set api disabled=yes
/ip upnp
set allow-disable-external-interface=no enabled=yes
/ip upnp interfaces
add interface="ether1 WAN" type=external
add interface="ether2 LAN" type=internal
add interface="ether3 LAN" type=internal
add interface="ether4 LAN" type=internal
add interface="ether5 LAN" type=internal
add interface=wlan1 type=internal
add interface=l2tp-out1 type=internal
add interface=bridge1 type=internal
/system clock
set time-zone-name=Asia/Karachi
/system leds
set 0 interface=wlan1
/tool graphing interface
add
[admin@MikroTik] >