Vai al contenuto
PLC Forum


Rb4011 mikrotik non naviga


abbio90

Messaggi consigliati

Buonasera, qualcuno può aiutarmi con questa configurazione?

 

Rb4011...
Non naviga ne la lan ne la rete guest ma la rb va su internet e i servizi pubblicati all.esterno sono raggiungibili

 

 

# jun/15/2019 16:44:54 by RouterOS 6.44.3
# software id = SPWF-MC4C
#
# model = RB4011iGS+5HacQ2HnD
# serial number = 96890943DDBE
/interface bridge
add name=bridge_LAN
add name=bridge_guest
/interface wireless
set [ find default-name=wlan1 ] band=5ghz-n/ac channel-width=20/40/80mhz-Ceee \
    disabled=no frequency=5600 frequency-mode=superchannel installation=\
    indoor mode=ap-bridge name=wlan1_5ghz ssid=Wifine_A wireless-protocol=\
    802.11
set [ find default-name=wlan2 ] band=2ghz-b/g/n channel-width=20/40mhz-Ce \
    disabled=no frequency=2437 frequency-mode=superchannel installation=\
    indoor mode=ap-bridge name="wlan2 2Ghz" ssid=Wifine_A wireless-protocol=\
    802.11
/interface ethernet
set [ find default-name=ether1 ] name=ether1_WAN

/interface vlan
add interface=ether2 name=vlan_local vlan-id=10
/interface ethernet switch port
set 0 default-vlan-id=0
set 1 default-vlan-id=0
set 2 default-vlan-id=0
set 3 default-vlan-id=0
set 4 default-vlan-id=0
set 5 default-vlan-id=0
set 6 default-vlan-id=0
set 7 default-vlan-id=0
set 8 default-vlan-id=0
set 9 default-vlan-id=0
set 10 default-vlan-id=0
set 11 default-vlan-id=0
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk eap-methods="" \
    mode=dynamic-keys supplicant-identity=MikroTik wpa-pre-shared-key=\
    fafeffa289ne wpa2-pre-shared-key=fafeffa289ne
add authentication-types=wpa-psk,wpa2-psk eap-methods="" mode=dynamic-keys \
    name=AP_guest supplicant-identity="" wpa-pre-shared-key=12345678 \
    wpa2-pre-shared-key=12345678
/interface wireless
add disabled=no keepalive-frames=disabled mac-address=BA:69:F4:D2:E9:ED \
    master-interface=wlan1_5ghz multicast-buffering=disabled name=\
    "wlan3_guest 5Ghz" security-profile=AP_guest ssid=Guest_5GHZ \
    wds-cost-range=0 wds-default-cost=0 wps-mode=disabled
add disabled=no keepalive-frames=disabled mac-address=BA:69:F4:B6:8C:FA \
    master-interface="wlan2 2Ghz" multicast-buffering=disabled name=\
    "wlan4_guest 2Ghz" security-profile=AP_guest ssid=Guest_5GHZ \
    wds-cost-range=0 wds-default-cost=0 wps-mode=disabled
/interface vlan
add interface="wlan3_guest 5Ghz" name=vlan_guest vlan-id=20
/ip pool
add name=dhcp_LAN ranges=192.168.2.100-192.168.2.250
add name=dhcp_guest ranges=10.10.157.25-10.10.157.250
/ip dhcp-server
add address-pool=dhcp_LAN disabled=no interface=bridge_LAN name=dhcp-serv.LAN
add address-pool=dhcp_guest disabled=no interface=bridge_guest name=\
    dhcp-serv.guest
/queue type
add kind=pcq name="pcq down" pcq-classifier=dst-address \
    pcq-dst-address6-mask=64 pcq-rate=4M pcq-src-address6-mask=64
add kind=pcq name="pcq up" pcq-classifier=dst-address pcq-dst-address6-mask=\
    64 pcq-rate=2M pcq-src-address6-mask=64
/queue simple
add name=limit_speed_guest queue="pcq up/pcq down" target=10.10.157.0/24
/tool user-manager customer
set admin access=\
    own-routers,own-users,own-profiles,own-limits,config-payment-gw
/interface bridge port
add bridge=bridge_LAN interface=ether2
add bridge=bridge_LAN interface=ether3
add bridge=bridge_LAN interface=ether4
add bridge=bridge_LAN interface=ether5
add bridge=bridge_LAN interface=ether6
add bridge=bridge_LAN interface=ether7
add bridge=bridge_LAN interface=ether8
add bridge=bridge_LAN interface=ether9
add bridge=bridge_LAN interface=ether10
add bridge=bridge_LAN interface="wlan2 2Ghz"
add bridge=bridge_LAN interface=wlan1_5ghz
add bridge=bridge_LAN interface=sfp-sfpplus1
add bridge=bridge_LAN interface=vlan_local
add bridge=bridge_guest interface="wlan3_guest 5Ghz"
add bridge=bridge_guest interface="wlan4_guest 2Ghz"
add bridge=bridge_guest interface=vlan_guest
/ip neighbor discovery-settings
set discover-interface-list=none
/ip address
add address=192.168.1.2/24 interface=ether1_WAN network=192.168.1.0
add address=192.168.2.1/24 interface=bridge_LAN network=192.168.2.0
add address=10.10.157.254/24 interface=vlan_guest network=10.10.157.0
/ip cloud
set ddns-enabled=yes ddns-update-interval=1m update-time=no
/ip dhcp-server network
add address=10.10.157.0/24 dns-server=10.10.157.254 gateway=10.10.157.254 \
    netmask=24 ntp-server=193.204.114.105
add address=192.168.2.0/24 dns-server=192.168.2.1 gateway=192.168.2.1 \
    netmask=24 ntp-server=193.204.114.105
/ip dns
set allow-remote-requests=yes servers=1.1.1.1,8.8.8.8
/ip firewall filter
add action=drop chain=forward comment="DROP RETE GUEST" dst-address=\
    10.10.157.0/24 src-address=192.168.2.0/24
add action=drop chain=forward dst-address=192.168.2.0/24 src-address=\
    10.10.157.0/24
add action=drop chain=input dst-port=8291 protocol=tcp src-address=\
    10.10.157.0/24
/ip firewall nat
add action=masquerade chain=srcnat comment="Masquerade WAN" out-interface=\
    ether1_WAN
add action=dst-nat chain=dstnat comment=\
    "porta 20 su porta 20 Nas 192.168.2.100" dst-port=20 protocol=tcp \
    src-address-list="" to-addresses=192.168.2.100 to-ports=20
add action=dst-nat chain=dstnat comment=\
    "porta 21 su porta 21 Nas 192.168.2.100" dst-port=21 protocol=tcp \
    src-address-list="" to-addresses=192.168.2.100 to-ports=21
add action=dst-nat chain=dstnat comment=\
    "porta 8080 su porta 8080 Nas 192.168.2.100" dst-port=8080 protocol=tcp \
    src-address-list="" to-addresses=192.168.2.100 to-ports=8080
add action=dst-nat chain=dstnat comment=\
    "porta 80 su porta 80 Nas 192.168.2.100" dst-port=80 protocol=tcp \
    src-address-list="" to-addresses=192.168.2.100 to-ports=80
add action=dst-nat chain=dstnat comment=\
    "porta 8083 su porta 8083 Nas 192.168.2.100" dst-port=8083 protocol=tcp \
    src-address-list="" to-addresses=192.168.2.100 to-ports=8083
add action=dst-nat chain=dstnat comment=\
    "porta 82 su porta 82 Vimar Videosorveg 192.168.2.2" dst-port=82 \
    protocol=tcp src-address-list="" to-addresses=192.168.2.2 to-ports=82
add action=dst-nat chain=dstnat comment=\
    "porta 6036 su porta 6036 Vimar Videosorveg 192.168.2.2" dst-port=6036 \
    protocol=tcp src-address-list="" to-addresses=192.168.2.2 to-ports=6036
add action=dst-nat chain=dstnat comment=\
    "porta 554 su porta 554 Vimar Videosorveg 192.168.2.2" dst-port=554 \
    protocol=tcp src-address-list="" to-addresses=192.168.2.2 to-ports=554
add action=dst-nat chain=dstnat comment=\
    "porta 443 su porta 443 Vimar Domotico 192.168.2.4" dst-port=443 \
    protocol=tcp src-address-list="" to-addresses=192.168.2.4 to-ports=443
add action=dst-nat chain=dstnat comment=\
    "porta 443 su porta 443 Vimar Domotico 192.168.2.4 udp" dst-port=443 \
    protocol=udp src-address-list="" to-addresses=192.168.2.4 to-ports=443
/ip route
add distance=1 gateway=192.168.1.1
add distance=1 dst-address=10.140.100.254/32 gateway=10.166.42.1
add distance=1 dst-address=10.246.159.50/32 gateway=192.168.90.1
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
/system clock
set time-zone-name=Europe/Rome
/system identity
set name=Router-Roberto
/system leds
add interface="wlan2 2Ghz" leds="wlan2 2Ghz_signal1-led,wlan2 2Ghz_signal2-led\
    ,wlan2 2Ghz_signal3-led,wlan2 2Ghz_signal4-led,wlan2 2Ghz_signal5-led" \
    type=wireless-signal-strength
add interface="wlan2 2Ghz" leds="wlan2 2Ghz_tx-led" type=interface-transmit
add interface="wlan2 2Ghz" leds="wlan2 2Ghz_rx-led" type=interface-receive
/system ntp client
set enabled=yes primary-ntp=193.204.114.105 secondary-ntp=10.0.32.138
/system routerboard settings
set silent-boot=yes
/system scheduler
add interval=1w3d name="Upgrade Firmware Routerboard" on-event=\
    Update_Routerboard_script policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=\
    apr/21/2018 start-time=03:30:00
add interval=2d name="Upgrade RouterOS" on-event=Update_RouterOS_script \
    policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \
    start-date=apr/25/2018 start-time=03:00:00
add interval=1w3d name="flush dns cache" on-event="ip dns cache flush" \
    policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \
    start-date=may/19/2018 start-time=04:00:00
/system script
add dont-require-permissions=no name=Update_RouterOS_script owner=admin \
    policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive source="\
    /system package update\r\
    \ncheck-for-updates once\r\
    \n:delay 3s;\r\
    \n:if ( [get status] = \"New version is available\") do={ install };\r\
    \n\r\
    \n/system reboot"
add dont-require-permissions=no name=Update_Routerboard_script owner=admin \
    policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive source="\
    /system routerboard upgrade\r\
    \n\r\
    \n:delay 3s;\r\
    \n\r\
    \n /system reboot\r\
    \n"
/tool user-manager database
set db-path=user-manager

Link al commento
Condividi su altri siti

  • 4 weeks later...

risolto, avevo fatto un copia incolla delle porte e non avevo notato che mancava la in interface...per cui con la porta 80 e 443 aperte la RB si perdeva

Link al commento
Condividi su altri siti

Crea un account o accedi per commentare

Devi essere un utente per poter lasciare un commento

Crea un account

Registrati per un nuovo account nella nostra comunità. è facile!

Registra un nuovo account

Accedi

Hai già un account? Accedi qui.

Accedi ora
×
×
  • Crea nuovo/a...