Code: Select all
[admin@802.1_test] /interface wireless cap> /export compact
# mar/09/2016 12:03:02 by RouterOS 6.34.2
# software id = KTBV-5JEH
#
/interface bridge
add name=bridge1 protocol-mode=none
/interface ethernet
set [ find default-name=ether1 ] l2mtu=4074 mtu=4000
set [ find default-name=ether2 ] l2mtu=4074 mtu=2000
set [ find default-name=ether3 ] l2mtu=4074
set [ find default-name=ether4 ] l2mtu=4074
set [ find default-name=ether5 ] l2mtu=4074
/interface wireless
# managed by CAPsMAN
# channel: 2427/20-Ce/gn(30dBm), SSID: 8021_Test, local forwarding
set [ find default-name=wlan1 ] band=2ghz-b disabled=no ssid=MikroTik
/caps-man interface
add arp=enabled configuration.mode=ap configuration.ssid=8021_Test datapath.bridge=bridge1 \
datapath.client-to-client-forwarding=no datapath.local-forwarding=yes datapath.vlan-mode=use-tag disabled=no l2mtu=1600 \
mac-address=4C:5E:0C:E9:0E:29 master-interface=none mtu=2290 name=cap1 radio-mac=4C:5E:0C:E9:0E:29 \
security.authentication-types=wpa-eap,wpa2-eap security.eap-methods=passthrough security.eap-radius-accounting=yes \
security.encryption=aes-ccm,tkip
/interface vlan
add interface=bridge1 name=v40_br vlan-id=40
add comment=management interface=ether1 name=v69 vlan-id=69
/ip neighbor discovery
set v897 comment=management
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-eap mode=dynamic-keys radius-eap-accounting=yes radius-mac-mode=\
as-username-and-password supplicant-identity=MikroTik
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=aes-128-cbc
/caps-man aaa
set mac-mode=as-username-and-password
/caps-man access-list
add action=query-radius client-to-client-forwarding=yes disabled=no mac-address=00:00:00:00:00:00 radius-accounting=yes \
ssid-regexp="" vlan-mode=no-tag
/caps-man manager
set ca-certificate=auto certificate=auto enabled=yes
/interface bridge port
add bridge=bridge1 interface=wlan1
add bridge=bridge1 interface=cap1
add bridge=bridge1 interface=ether1
/interface wireless access-list
add authentication=no disabled=yes vlan-mode=no-tag
/interface wireless cap
set bridge=bridge1 discovery-interfaces=bridge1 enabled=yes interfaces=wlan1
/ip address
add address=10.0.0.253/24 interface=v69 network=10.0.0.0
/ip dhcp-client
add default-route-distance=0 dhcp-options=hostname,clientid disabled=no interface=ether1
/ip dns
set servers=10.0.0.3
/ip ipsec policy
set 0 dst-address=0.0.0.0/0 src-address=0.0.0.0/0
/ip route
add distance=1 gateway=10.0.0.1
/lcd
set time-interval=daily
/lcd interface pages
set 0 interfaces=sfp1,ether1,ether2,ether3,ether4,ether5,ether6,ether7,ether8,ether9,ether10
/radius
add address=10.0.0.3 secret=secret service=wireless
/system clock
set time-zone-autodetect=no
/system identity
set name=802.1_test
/user aaa
set use-radius=yes
Code: Select all
14:48:48.327694 In PFE proto 2 (ipv4): (tos 0x0, ttl 128, id 321, offset 0, flags [none], proto: UDP (17), length: 328) 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:24:d6:21:6d:e4, length 300, xid 0x3d11c7e7, secs 1024, Flags [none]
Client-Ethernet-Address 00:24:d6:21:6d:e4
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Discover
Client-ID Option 61, length 7: ether 00:24:d6:21:6d:e4
Hostname Option 12, length 4: "dell"
Vendor-Class Option 60, length 8: "MSFT 5.0"
Parameter-Request Option 55, length 12:
Subnet-Mask, Domain-Name, Default-Gateway, Domain-Name-Server
Netbios-Name-Server, Netbios-Node, Netbios-Scope, Router-Discovery
Static-Route, Classless-Static-Route, Classless-Static-Route-Microsoft, Vendor-Option
14:48:48.328592 Out 64:87:88:3a:38:07 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 346: vlan 40, p 6, ethertype IPv4, (tos 0x0, ttl 1, id 16330, offset 0, flags [none], proto: UDP (17), length: 328) 192.168.40.1.67 > 255.255.255.255.68: BOOTP/DHCP, Reply, length 300, xid 0x3d11c7e7, Flags [none]
Your-IP 192.168.40.107
Client-Ethernet-Address 00:24:d6:21:6d:e4
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Offer
Server-ID Option 54, length 4: 192.168.40.1
Lease-Time Option 51, length 4: 120
Subnet-Mask Option 1, length 4: 255.255.255.0
Default-Gateway Option 3, length 4: 192.168.40.1
Domain-Name-Server Option 6, length 12: x.x.x.x
Domain-Name Option 15, length 15: "bla-bla"