Несколько сетей на разных портах
Добавлено: 06 окт 2020, 13:42
Всем доброго дня.
Цель. Две сети, сеть WiFi. У каждой сетки свой пул адресов. Все сети должны быть изолированы друг от друга. У всех должен быть интернет. Вроде всё настроил, но инета нет. Что делаю не так?
Прошу помощи. Конфиг ниже. Спасибо.
# oct/06/2020 11:49:48 by RouterOS 6.47
# software id = KBRQ-TLIM
#
# model = 951Ui-2HnD
# serial number = 643105AF3631
/interface bridge
add arp=proxy-arp name=bridge1 protocol-mode=none
add arp=proxy-arp name=bridge2 protocol-mode=none
add arp=proxy-arp name=bridge3 protocol-mode=none
/interface pppoe-client
add add-default-route=yes default-route-distance=10 disabled=no interface=\
ether1 name=pppoe-out1 password=12345 use-peer-dns=yes user=\
12345
/interface wireless
set [ find default-name=wlan1 ] antenna-gain=0 band=2ghz-b/g/n country=russia \
disabled=no frequency-mode=manual-txpower mode=ap-bridge ssid=virus \
station-roaming=enabled wireless-protocol=802.11
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk mode=\
dynamic-keys supplicant-identity=MikroTik wpa-pre-shared-key=12345 \
wpa2-pre-shared-key=12345
/ip pool
add name=network1 ranges=192.168.0.2-192.168.0.254
add name=network2 ranges=192.168.1.2-192.168.1.254
add name=network3 ranges=192.168.2.2-192.168.2.254
/ip neighbor discovery-settings
set discover-interface-list=discover
/ip dhcp-server
add address-pool=network1 disabled=no interface=bridge1 name=dhcp1
add address-pool=network2 disabled=no interface=bridge2 name=dhcp2
add address-pool=network3 disabled=no interface=bridge3 name=dhcp3
/interface bridge port
add bridge=bridge1 interface=ether2
add bridge=bridge2 interface=ether3
add bridge=bridge3 interface=wlan1
/ip address
add address=192.168.0.0/24 interface=bridge1 network=192.168.0.0
add address=192.168.1.0/24 interface=bridge2 network=192.168.1.0
add address=192.168.2.0/24 interface=bridge3 network=192.168.2.0
/ip dhcp-client
add disabled=no interface=ether1
/ip dhcp-server network
add address=192.168.0.0/24 gateway=192.168.0.1
add address=192.168.1.0/24 gateway=192.168.1.1
add address=192.168.2.0/24 gateway=192.168.2.0
/ip firewall filter
# pppoe-out1 not ready
add action=accept chain=input protocol=icmp
add action=accept chain=input connection-state=established
add action=accept chain=input connection-state=related
add action=drop chain=input in-interface=pppoe-out1
# pppoe-out1 not ready
add action=drop chain=input in-interface=pppoe-out1
add action=drop chain=forward in-interface=bridge1 out-interface=bridge2
add action=drop chain=forward in-interface=bridge2 out-interface=bridge1
add action=drop chain=forward in-interface=bridge1 out-interface=bridge3
add action=drop chain=forward in-interface=bridge2 out-interface=bridge3
add action=drop chain=forward in-interface=bridge3 out-interface=bridge1
add action=drop chain=forward in-interface=bridge3 out-interface=bridge2
/ip firewall nat
# pppoe-out1 not ready
add action=masquerade chain=srcnat out-interface=pppoe-out1
/system clock
set time-zone-name=Europe/Moscow
Цель. Две сети, сеть WiFi. У каждой сетки свой пул адресов. Все сети должны быть изолированы друг от друга. У всех должен быть интернет. Вроде всё настроил, но инета нет. Что делаю не так?
Прошу помощи. Конфиг ниже. Спасибо.
# oct/06/2020 11:49:48 by RouterOS 6.47
# software id = KBRQ-TLIM
#
# model = 951Ui-2HnD
# serial number = 643105AF3631
/interface bridge
add arp=proxy-arp name=bridge1 protocol-mode=none
add arp=proxy-arp name=bridge2 protocol-mode=none
add arp=proxy-arp name=bridge3 protocol-mode=none
/interface pppoe-client
add add-default-route=yes default-route-distance=10 disabled=no interface=\
ether1 name=pppoe-out1 password=12345 use-peer-dns=yes user=\
12345
/interface wireless
set [ find default-name=wlan1 ] antenna-gain=0 band=2ghz-b/g/n country=russia \
disabled=no frequency-mode=manual-txpower mode=ap-bridge ssid=virus \
station-roaming=enabled wireless-protocol=802.11
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk mode=\
dynamic-keys supplicant-identity=MikroTik wpa-pre-shared-key=12345 \
wpa2-pre-shared-key=12345
/ip pool
add name=network1 ranges=192.168.0.2-192.168.0.254
add name=network2 ranges=192.168.1.2-192.168.1.254
add name=network3 ranges=192.168.2.2-192.168.2.254
/ip neighbor discovery-settings
set discover-interface-list=discover
/ip dhcp-server
add address-pool=network1 disabled=no interface=bridge1 name=dhcp1
add address-pool=network2 disabled=no interface=bridge2 name=dhcp2
add address-pool=network3 disabled=no interface=bridge3 name=dhcp3
/interface bridge port
add bridge=bridge1 interface=ether2
add bridge=bridge2 interface=ether3
add bridge=bridge3 interface=wlan1
/ip address
add address=192.168.0.0/24 interface=bridge1 network=192.168.0.0
add address=192.168.1.0/24 interface=bridge2 network=192.168.1.0
add address=192.168.2.0/24 interface=bridge3 network=192.168.2.0
/ip dhcp-client
add disabled=no interface=ether1
/ip dhcp-server network
add address=192.168.0.0/24 gateway=192.168.0.1
add address=192.168.1.0/24 gateway=192.168.1.1
add address=192.168.2.0/24 gateway=192.168.2.0
/ip firewall filter
# pppoe-out1 not ready
add action=accept chain=input protocol=icmp
add action=accept chain=input connection-state=established
add action=accept chain=input connection-state=related
add action=drop chain=input in-interface=pppoe-out1
# pppoe-out1 not ready
add action=drop chain=input in-interface=pppoe-out1
add action=drop chain=forward in-interface=bridge1 out-interface=bridge2
add action=drop chain=forward in-interface=bridge2 out-interface=bridge1
add action=drop chain=forward in-interface=bridge1 out-interface=bridge3
add action=drop chain=forward in-interface=bridge2 out-interface=bridge3
add action=drop chain=forward in-interface=bridge3 out-interface=bridge1
add action=drop chain=forward in-interface=bridge3 out-interface=bridge2
/ip firewall nat
# pppoe-out1 not ready
add action=masquerade chain=srcnat out-interface=pppoe-out1
/system clock
set time-zone-name=Europe/Moscow