Since those settings are in default state, thay do not come on export compact…
Its not a WD problem, using a different wifi ap with wpa2-psk + aes, it works…
Using WD with mikrotik without security profile, it works…
The problems seems to be the security profile that i’m using… !!!
Full Export:
[admin@MikroTik] > export
# may/16/2012 09:25:19 by RouterOS 5.16
# software id = XXXXXXXXXXXXXXXXXXXXXX
#
/interface bridge
add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes disabled=no forward-delay=15s l2mtu=65535 max-message-age=20s \
mtu=1500 name=Bridge_wlan_lan priority=0x8000 protocol-mode=none transmit-hold-count=6
/interface ethernet
set 0 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited disabled=no full-duplex=yes l2mtu=1598 mac-address=\
00:0C:42:FB:3E:30 master-port=none mtu=1500 name=ether1-wan speed=100Mbps
set 1 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited disabled=no full-duplex=yes l2mtu=1598 mac-address=\
00:0C:42:FB:3E:31 master-port=none mtu=1500 name=ether2 speed=100Mbps
set 2 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited disabled=no full-duplex=yes l2mtu=1598 mac-address=\
00:0C:42:FB:3E:32 master-port=ether2 mtu=1500 name=ether3 speed=100Mbps
set 3 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited disabled=no full-duplex=yes l2mtu=1598 mac-address=\
00:0C:42:FB:3E:33 master-port=ether2 mtu=1500 name=ether4 speed=100Mbps
set 4 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited disabled=no full-duplex=yes l2mtu=1598 mac-address=\
00:0C:42:FB:3E:34 master-port=ether2 mtu=1500 name=ether5 speed=100Mbps
/interface ethernet switch
set 0 mirror-source=none mirror-target=none name=switch1
/interface wireless security-profiles
set [ find default=yes ] authentication-types="" eap-methods=passthrough group-ciphers=aes-ccm group-key-update=5m interim-update=0s \
management-protection=disabled management-protection-key="" mode=none name=default radius-eap-accounting=no radius-mac-accounting=\
no radius-mac-authentication=no radius-mac-caching=disabled radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username \
static-algo-0=none static-algo-1=none static-algo-2=none static-algo-3=none static-key-0="" static-key-1="" static-key-2="" \
static-key-3="" static-sta-private-algo=none static-sta-private-key="" static-transmit-key=key-0 supplicant-identity=MikroTik \
tls-certificate=none tls-mode=no-certificates unicast-ciphers=aes-ccm wpa-pre-shared-key="" wpa2-pre-shared-key=""
add authentication-types=wpa2-psk eap-methods="" group-ciphers=aes-ccm group-key-update=5m interim-update=0s management-protection=\
disabled management-protection-key="" mode=dynamic-keys name=WPA2 radius-eap-accounting=no radius-mac-accounting=no \
radius-mac-authentication=no radius-mac-caching=disabled radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username \
static-algo-0=none static-algo-1=none static-algo-2=none static-algo-3=none static-key-0="" static-key-1="" static-key-2="" \
static-key-3="" static-sta-private-algo=none static-sta-private-key="" static-transmit-key=key-0 supplicant-identity="" \
tls-certificate=none tls-mode=no-certificates unicast-ciphers=aes-ccm wpa-pre-shared-key="" wpa2-pre-shared-key=XXXXXXXXXXXXXXXXXXXXXX
/interface wireless
set 0 adaptive-noise-immunity=none allow-sharedkey=no antenna-gain=0 antenna-mode=rxa-txb area="" arp=enabled band=2ghz-b/g/n \
basic-rates-a/g=6Mbps basic-rates-b=1Mbps bridge-mode=enabled channel-width=20mhz compression=no country=no_country_set \
default-ap-tx-limit=0 default-authentication=yes default-client-tx-limit=0 default-forwarding=yes dfs-mode=none \
disable-running-check=no disabled=no disconnect-timeout=3s distance=dynamic frame-lifetime=0 frequency=2412 frequency-mode=\
manual-txpower frequency-offset=0 hide-ssid=no ht-ampdu-priorities=0 ht-amsdu-limit=8192 ht-amsdu-threshold=8192 ht-basic-mcs=\
mcs-0,mcs-1,mcs-2,mcs-3,mcs-4,mcs-5,mcs-6,mcs-7 ht-guard-interval=any ht-rxchains=0,1 ht-supported-mcs="mcs-0,mcs-1,mcs-2,mcs-3,mcs-\
4,mcs-5,mcs-6,mcs-7,mcs-8,mcs-9,mcs-10,mcs-11,mcs-12,mcs-13,mcs-14,mcs-15,mcs-16,mcs-17,mcs-18,mcs-19,mcs-20,mcs-21,mcs-22,mcs-23" \
ht-txchains=0,1 hw-fragmentation-threshold=disabled hw-protection-mode=none hw-protection-threshold=0 hw-retries=7 l2mtu=2290 \
mac-address=00:0C:42:FB:3E:35 max-station-count=2007 mode=ap-bridge mtu=1500 multicast-helper=default name=wlan1 \
noise-floor-threshold=default nv2-cell-radius=30 nv2-noise-floor-offset=default nv2-preshared-key="" nv2-qos=default \
nv2-queue-count=2 nv2-security=disabled on-fail-retry-time=100ms periodic-calibration=default periodic-calibration-interval=60 \
preamble-mode=both proprietary-extensions=post-2.9.25 radio-name=000C42FB3E35 rate-selection=advanced rate-set=default scan-list=\
default security-profile=WPA2 ssid=HOME station-bridge-clone-mac=00:00:00:00:00:00 supported-rates-a/g=\
6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps supported-rates-b=1Mbps,2Mbps,5.5Mbps,11Mbps tdma-period-size=2 \
tx-power-mode=default update-stats-interval=disabled wds-cost-range=50-150 wds-default-bridge=none wds-default-cost=100 \
wds-ignore-ssid=no wds-mode=disabled wireless-protocol=unspecified wmm-support=disabled
/interface wireless manual-tx-power-table
set wlan1 manual-tx-powers="1Mbps:17,2Mbps:17,5.5Mbps:17,11Mbps:17,6Mbps:17,9Mbps:17,12Mbps:17,18Mbps:17,24Mbps:17,36Mbps:17,48Mbps:17,5\
4Mbps:17,HT20-0:17,HT20-1:17,HT20-2:17,HT20-3:17,HT20-4:17,HT20-5:17,HT20-6:17,HT20-7:17,HT40-0:17,HT40-1:17,HT40-2:17,HT40-3:17,HT4\
0-4:17,HT40-5:17,HT40-6:17,HT40-7:17"
/interface wireless nstreme
set wlan1 disable-csma=no enable-nstreme=no enable-polling=yes framer-limit=3200 framer-policy=none
/ip hotspot profile
set [ find default=yes ] dns-name="" hotspot-address=0.0.0.0 html-directory=hotspot http-cookie-lifetime=3d http-proxy=0.0.0.0:0 \
login-by=cookie,http-chap name=default rate-limit="" smtp-server=0.0.0.0 split-user-domain=no use-radius=no
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m name=default shared-users=1 status-autorefresh=1m transparent-proxy=no
/ip ipsec proposal
set [ find default=yes ] auth-algorithms=sha1 disabled=no enc-algorithms=3des lifetime=30m name=default pfs-group=modp1024
/ip pool
add name=dhcp_pool1 ranges=10.10.10.15-10.10.10.50
/ip dhcp-server
add address-pool=dhcp_pool1 authoritative=after-2sec-delay bootp-support=static disabled=no interface=Bridge_wlan_lan lease-time=1d \
name=dhcp1
/ppp profile
set 0 change-tcp-mss=yes name=default only-one=default use-compression=default use-encryption=default use-mpls=default \
use-vj-compression=default
set 1 change-tcp-mss=yes name=default-encryption only-one=default use-compression=default use-encryption=yes use-mpls=default \
use-vj-compression=default
/interface pppoe-client
add ac-name="" add-default-route=yes allow=pap,chap,mschap1,mschap2 dial-on-demand=no disabled=no interface=ether1-wan max-mru=1480 \
max-mtu=1480 mrru=disabled name=pppoe-out1 password=adslppp profile=default service-name="" use-peer-dns=yes user=\
adslppp@telefonicanetpa
/queue type
set 0 kind=pfifo name=default pfifo-limit=50
set 1 kind=pfifo name=ethernet-default pfifo-limit=50
set 2 kind=sfq name=wireless-default sfq-allot=1514 sfq-perturb=5
set 3 kind=red name=synchronous-default red-avg-packet=1000 red-burst=20 red-limit=60 red-max-threshold=50 red-min-threshold=10
set 4 kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=5
set 5 kind=none name=only-hardware-queue
set 6 kind=mq-pfifo mq-pfifo-limit=50 name=multi-queue-ethernet-default
set 7 kind=pfifo name=default-small pfifo-limit=10
/routing bgp instance
set default as=65530 client-to-client-reflection=yes disabled=no ignore-as-path-len=no name=default out-filter="" \
redistribute-connected=no redistribute-ospf=no redistribute-other-bgp=no redistribute-rip=no redistribute-static=no router-id=\
0.0.0.0 routing-table=""
/routing ospf instance
set [ find default=yes ] disabled=no distribute-default=never in-filter=ospf-in metric-bgp=auto metric-connected=20 metric-default=1 \
metric-other-ospf=auto metric-rip=20 metric-static=20 name=default out-filter=ospf-out redistribute-bgp=no redistribute-connected=\
no redistribute-other-ospf=no redistribute-rip=no redistribute-static=no router-id=0.0.0.0
/routing ospf area
set [ find default=yes ] area-id=0.0.0.0 disabled=no instance=default name=backbone type=default
/snmp community
set [ find default=yes ] address=0.0.0.0/0 authentication-password="" authentication-protocol=MD5 encryption-password="" \
encryption-protocol=DES name=public read-access=yes security=none write-access=no
/system logging action
set 0 memory-lines=100 memory-stop-on-full=no name=memory target=memory
set 1 disk-file-count=2 disk-file-name=log disk-lines-per-file=100 disk-stop-on-full=no name=disk target=disk
set 2 name=echo remember=yes target=echo
set 3 bsd-syslog=no name=remote remote-port=514 src-address=0.0.0.0 syslog-facility=daemon syslog-severity=auto target=remote
/user group
set read name=read policy=local,telnet,ssh,reboot,read,test,winbox,password,web,sniff,sensitive,api,!ftp,!write,!policy skin=default
set write name=write policy=local,telnet,ssh,reboot,read,write,test,winbox,password,web,sniff,sensitive,api,!ftp,!policy skin=default
set full name=full policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web,sniff,sensitive,api skin=default
/interface bridge port
add bridge=Bridge_wlan_lan disabled=no edge=auto external-fdb=auto horizon=none interface=ether2 path-cost=10 point-to-point=auto \
priority=0x80
add bridge=Bridge_wlan_lan disabled=no edge=auto external-fdb=auto horizon=none interface=wlan1 path-cost=10 point-to-point=auto \
priority=0x80
/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=no
/interface ethernet switch port
set 0 vlan-header=leave-as-is vlan-mode=disabled
set 1 vlan-header=leave-as-is vlan-mode=disabled
set 2 vlan-header=leave-as-is vlan-mode=disabled
set 3 vlan-header=leave-as-is vlan-mode=disabled
set 4 vlan-header=leave-as-is vlan-mode=disabled
set 5 vlan-header=leave-as-is vlan-mode=disabled
/interface l2tp-server server
set authentication=pap,chap,mschap1,mschap2 default-profile=default-encryption enabled=no max-mru=1460 max-mtu=1460 mrru=disabled
/interface ovpn-server server
set auth=sha1,md5 certificate=none cipher=blowfish128,aes128 default-profile=default enabled=no keepalive-timeout=60 mac-address=\
FE:A5:57:72:9D:EC max-mtu=1500 mode=ip netmask=24 port=1194 require-client-certificate=no
/interface pptp-server server
set authentication=mschap1,mschap2 default-profile=default-encryption enabled=no keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=\
disabled
/interface sstp-server server
set authentication=pap,chap,mschap1,mschap2 certificate=none default-profile=default enabled=no keepalive-timeout=60 max-mru=1500 \
max-mtu=1500 mrru=disabled port=443 verify-client-certificate=no
/interface wireless align
set active-mode=yes audio-max=-20 audio-min=-100 audio-monitor=00:00:00:00:00:00 filter-mac=00:00:00:00:00:00 frame-size=300 \
frames-per-second=25 receive-all=no ssid-all=no
/interface wireless sniffer
set channel-time=200ms file-limit=10 file-name="" memory-limit=10 multiple-channels=no only-headers=no receive-errors=no \
streaming-enabled=no streaming-max-rate=0 streaming-server=0.0.0.0
/interface wireless snooper
set channel-time=200ms multiple-channels=yes receive-errors=no
/ip accounting
set account-local-traffic=no enabled=no threshold=256
/ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ip address
add address=10.10.10.1/24 disabled=no interface=ether2 network=10.10.10.0
/ip dhcp-server config
set store-leases-disk=5m
/ip dhcp-server lease
add address=10.10.10.20 disabled=no mac-address=XXXXXXXXXXXXXXXXXXXXXX server=dhcp1
add address=10.10.10.10 disabled=no mac-address=XXXXXXXXXXXXXXXXXXXXXX
/ip dhcp-server network
add address=10.10.10.0/24 dhcp-option="" dns-server="" gateway=10.10.10.1 ntp-server="" wins-server=""
/ip dns
set allow-remote-requests=no cache-max-ttl=1w cache-size=2048KiB max-udp-packet-size=4096 servers=XXXXXXXXXXXXXXXXXXXXXX
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s tcp-close-wait-timeout=10s tcp-established-timeout=1d \
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no \
tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall nat
add action=dst-nat chain=dstnat comment="Forward Port XXXXXXXXXXXXXXXXXXXXXX from Public to 10.10.10.20" disabled=no dst-port=XXXXXXXXXXXXXXXXXXXXXX in-interface=\
pppoe-out1 protocol=tcp to-addresses=10.10.10.20 to-ports=XXXXXXXXXXXXXXXXXXXXXX
add action=masquerade chain=srcnat disabled=no out-interface=pppoe-out1
/ip firewall service-port
set ftp disabled=yes ports=21
set tftp disabled=yes ports=69
set irc disabled=yes ports=6667
set h323 disabled=yes
set sip disabled=yes ports=5060,5061 sip-direct-media=yes
set pptp disabled=yes
/ip hotspot service-port
set ftp disabled=no ports=21
/ip neighbor discovery
set ether1-wan disabled=no
set ether2 disabled=no
set ether3 disabled=no
set ether4 disabled=no
set ether5 disabled=no
set wlan1 disabled=yes
set Bridge_wlan_lan disabled=no
set pppoe-out1 disabled=yes
/ip proxy
set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 cache-on-disk=no enabled=no max-cache-size=none \
max-client-connections=600 max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0 parent-proxy-port=0 port=8080 \
serialize-connections=no src-address=0.0.0.0
/ip service
set telnet address="" disabled=yes port=23
set ftp address="" disabled=yes port=21
set www address="" disabled=yes port=80
set ssh address="" disabled=yes port=22
set www-ssl address="" certificate=none disabled=yes port=443
set api address="" disabled=yes port=8728
set winbox address="" disabled=no port=8291
/ip smb
set allow-guests=yes comment=MikrotikSMB domain=MSHOME enabled=no interfaces=all
/ip smb shares
set [ find default=yes ] comment="default share" directory=/pub disabled=no max-sessions=10 name=pub
/ip smb users
set [ find default=yes ] disabled=no name=guest password="" read-only=yes
/ip socks
set connection-idle-timeout=2m enabled=no max-connections=200 port=1080
/ip traffic-flow
set active-flow-timeout=30m cache-entries=4k enabled=no inactive-flow-timeout=15s interfaces=all
/ip upnp
set allow-disable-external-interface=yes enabled=yes show-dummy-rule=yes
/ip upnp interfaces
add disabled=no interface=Bridge_wlan_lan type=internal
/mpls
set dynamic-label-range=16-1048575 propagate-ttl=yes
/mpls interface
set [ find default=yes ] disabled=no interface=all mpls-mtu=1508
/mpls ldp
set distribute-for-default-route=no enabled=no hop-limit=255 loop-detect=no lsr-id=0.0.0.0 path-vector-limit=255 transport-address=\
0.0.0.0 use-explicit-null=no
/port firmware
set directory=firmware
/ppp aaa
set accounting=yes interim-update=0s use-radius=no
/queue interface
set ether1-wan queue=only-hardware-queue
set ether2 queue=only-hardware-queue
set ether3 queue=only-hardware-queue
set ether4 queue=only-hardware-queue
set ether5 queue=only-hardware-queue
set wlan1 queue=wireless-default
/radius incoming
set accept=no port=3799
/routing bfd interface
set [ find default=yes ] disabled=no interface=all interval=0.2s min-rx=0.2s multiplier=5
/routing mme
set bidirectional-timeout=2 gateway-class=none gateway-keepalive=1m gateway-selection=no-gateway origination-interval=5s \
preferred-gateway=0.0.0.0 timeout=1m ttl=50
/routing rip
set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1 metric-default=1 metric-ospf=1 metric-static=1 \
redistribute-bgp=no redistribute-connected=no redistribute-ospf=no redistribute-static=no routing-table=main timeout-timer=3m \
update-timer=30s
/snmp
set contact="" enabled=no engine-id="" location="" trap-generators="" trap-target="" trap-version=1
/system clock
set time-zone-name=Europe/Madrid
/system clock manual
set dst-delta=+00:00 dst-end="jan/01/1970 00:00:00" dst-start="jan/01/1970 00:00:00" time-zone=+00:00
/system identity
set name=MikroTik
/system leds
set 0 disabled=no interface=wlan1 leds=wlan-led type=wireless-status
/system logging
set 0 action=memory disabled=no prefix="" topics=info
set 1 action=memory disabled=no prefix="" topics=error
set 2 action=memory disabled=no prefix="" topics=pppoe
set 3 action=memory disabled=no prefix="" topics=critical
add action=memory disabled=no prefix="" topics=wireless,debug
/system note
set note="" show-at-login=yes
/system ntp client
set enabled=yes mode=unicast primary-ntp=150.214.94.5 secondary-ntp=0.0.0.0
/system resource irq
set 0 cpu=auto
set 1 cpu=auto
set 2 cpu=auto
set 3 cpu=auto
/system routerboard settings
set boot-device=nand-if-fail-then-ethernet boot-protocol=bootp cpu-frequency=400MHz force-backup-booter=no silent-boot=no
/system scheduler
add comment="Update No-IP DDNS" disabled=no interval=30m name=no-ip_ddns_update on-event=no-ip_ddns_update policy=read,write,test \
start-date=may/07/2012 start-time=23:57:16
/system script
add name=no-ip_ddns_update policy=ftp,read,write,test,winbox,api source="# No-IP automatic Dynamic DNS update\r\
\n\r\
\n#--------------- Change Values in this section to match your setup ------------------\r\
\n\r\
\n# No-IP User account info\r\
\n:local noipuser \"XXXXXXXXXXXXXXXXXXXXXX\"\r\
\n:local noippass \"XXXXXXXXXXXXXXXXXXXXXX\"\r\
\n\r\
\n# Set the hostname or label of network to be updated.\r\
\n# Hostnames with spaces are unsupported. Replace the value in the quotations below with your host names.\r\
\n# To specify multiple hosts, separate them with commas.\r\
\n:local noiphost \"XXXXXXXXXXXXXXXXXXXXXX\"\r\
\n\r\
\n# Change to the name of interface that gets the dynamic IP address\r\
\n:local inetinterface \"pppoe-out1\"\r\
\n\r\
\n#------------------------------------------------------------------------------------\r\
\n# No more changes need\r\
\n\r\
\n:global previousIP\r\
\n\r\
\n:if ([/interface get \$inetinterface value-name=running]) do={\r\
\n# Get the current IP on the interface\r\
\n :local currentIP [/ip address get [find interface=\"\$inetinterface\" disabled=no] address]\r\
\n\r\
\n# Strip the net mask off the IP address\r\
\n :for i from=( [:len \$currentIP] - 1) to=0 do={\r\
\n :if ( [:pick \$currentIP \$i] = \"/\") do={ \r\
\n :set currentIP [:pick \$currentIP 0 \$i]\r\
\n } \r\
\n }\r\
\n\r\
\n :if (\$currentIP != \$previousIP) do={\r\
\n :log info \"No-IP: Current IP \$currentIP is not equal to previous IP, update needed\"\r\
\n :set previousIP \$currentIP\r\
\n\r\
\n# The update URL. Note the \"\\3F\" is hex for question mark (\?). Required since \? is a special character in commands.\r\
\n :local url \"http://dynupdate.no-ip.com/nic/update\\3Fmyip=\$currentIP\"\r\
\n :local noiphostarray\r\
\n :set noiphostarray [:toarray \$noiphost]\r\
\n :foreach host in=\$noiphostarray do={\r\
\n :log info \"No-IP: Sending update for \$host\"\r\
\n /tool fetch url=(\$url . \"&hostname=\$host\") user=\$noipuser password=\$noippass mode=http dst-path=(\"no-ip_ddns_upd\
ate-\" . \$host . \".txt\")\r\
\n :log info \"No-IP: Host \$host updated on No-IP with IP \$currentIP\"\r\
\n }\r\
\n } else={\r\
\n :log info \"No-IP: Previous IP \$previousIP is equal to current IP, no update needed\"\r\
\n }\r\
\n} else={\r\
\n :log info \"No-IP: \$inetinterface is not currently running, so therefore will not update.\"\r\
\n}"
/system upgrade mirror
set check-interval=1d enabled=no primary-server=0.0.0.0 secondary-server=0.0.0.0 user=""
/system watchdog
set auto-send-supout=no automatic-supout=yes no-ping-delay=5m watch-address=none watchdog-timer=yes
/tool bandwidth-server
set allocate-udp-ports-from=2000 authenticate=yes enabled=yes max-sessions=100
/tool e-mail
set address=0.0.0.0 from=<> password="" port=25 user=""
/tool graphing
set page-refresh=300 store-every=5min
/tool mac-server
set [ find default=yes ] disabled=no interface=all
/tool mac-server mac-winbox
set [ find default=yes ] disabled=no interface=all
/tool mac-server ping
set enabled=yes
/tool sms
set allowed-number="" channel=0 keep-max-sms=0 receive-enabled=no secret=""
/tool sniffer
set file-limit=1000KiB file-name="" filter-ip-address="" filter-ip-protocol="" filter-mac-address="" filter-mac-protocol="" \
filter-port="" filter-stream=yes interface=all memory-limit=100KiB memory-scroll=yes only-headers=no streaming-enabled=no \
streaming-server=0.0.0.0
/tool traffic-generator
set latency-distribution-scale=10 test-id=0
/user aaa
set accounting=yes default-group=read exclude-groups="" interim-update=0s use-radius=no
[admin@MikroTik] >
, I thought about command: