I have problems with the system and I need help CCR1036-12G-4S

RouterOS Beginner Basics
1

This system exhausted me. At first it worked well, but I don’t think so anymore
Now some people complain about ping games and video calling programs. I have a speed of 500M x 2, but the connection is not fully reached. I feel that it is unstable

I am not a professional, please help
Required
Merging two internet lines 500 m
ether1/ether2
work hotspot /pppoe
out ether 5
SAS Redius 12
Public protection





my







MMM MMM KKK TTTTTTTTTTT KKK
MMMM MMMM KKK TTTTTTTTTTT KKK
MMM MMMM MMM III KKK KKK RRRRRR OOOOOO TTT III KKK KKK
MMM MM MMM III KKKKK RRR RRR OOO OOO TTT III KKKKK
MMM MMM III KKK KKK RRRRRR OOO OOO TTT III KKK KKK
MMM MMM III KKK KKK RRR RRR OOOOOO TTT III KKK KKK

MikroTik RouterOS 6.48.6 (c) 1999-2021 http://www.mikrotik.com/

[?] Gives the list of available commands
command [?] Gives help on the command and list of arguments

[Tab] Completes the command/word. If the input is ambiguous,
a second [Tab] gives possible options

/ Move up to base level
.. Move up one level
/command Use command at the base level
[admin@Mobasher.Net] > export

jan/07/2023 18:33:36 by RouterOS 6.48.6

software id = QKEQ-DAXL

model = CCR1036-12G-4S

serial number = xxxxxxxx

/interface ethernet
set [ find default-name=ether1 ] comment=IN1
set [ find default-name=ether2 ] comment=IN2
set [ find default-name=ether3 ] disabled=yes
set [ find default-name=ether4 ] disabled=yes
set [ find default-name=ether5 ] comment=Out2
set [ find default-name=ether6 ] disabled=yes
set [ find default-name=ether7 ] disabled=yes
set [ find default-name=ether8 ] disabled=yes
set [ find default-name=ether9 ] disabled=yes
set [ find default-name=ether10 ] disabled=yes
set [ find default-name=ether11 ] disabled=yes
set [ find default-name=ether12 ] comment=SAS4 Rasdius
set [ find default-name=sfp1 ] comment=Out1 disabled=yes
set [ find default-name=sfp2 ] disabled=yes
set [ find default-name=sfp3 ] disabled=yes
set [ find default-name=sfp4 ] disabled=yes
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip firewall layer7-protocol
add name=freedom regexp=“^.+(2yf.de|1yf.de)”
/ip hotspot profile
set [ find default=yes ] login-by=mac,cookie,http-chap mac-auth-password=xxxx
radius-interim-update=1m use-radius=yes
add dns-name=mmubasher.net hotspot-address=92.0.0.1 login-by=
mac,cookie,http-chap,http-pap mac-auth-password=xxxxname=hsprof1
radius-interim-update=1m use-radius=yes
add dns-name=Mmubasher.net hotspot-address=10.20.0.1 login-by=
mac,cookie,http-chap mac-auth-password=1992 name=hsprof2
radius-interim-update=1m use-radius=yes
/ip hotspot user profile
set [ find default=yes ] add-mac-cookie=no address-list=ToNet
add add-mac-cookie=no address-list=ToNet keepalive-timeout=10m
!mac-cookie-timeout name=4 rate-limit=3072k/3072k
add add-mac-cookie=no !mac-cookie-timeout name=10 rate-limit=3070k/3070k
add add-mac-cookie=no !mac-cookie-timeout name=UIP
/ip pool
add name=dhcp_pool0 ranges=92.0.0.2-92.0.3.254
add name=PPPoe ranges=192.200.0.2-192.200.25.254
add name=dhcp_pool3 ranges=40.40.40.2-40.40.43.254
add name=hotspot_pool6 ranges=10.20.0.2-10.20.7.254
add name=“PPPoe 2” ranges=192.168.200.2-192.168.200.254
/ip dhcp-server
add address-pool=dhcp_pool0 interface=sfp1 name=dhcp1
add address-pool=hotspot_pool6 disabled=no interface=ether5 name=dhcp2
/ip hotspot
add address-pool=dhcp_pool0 addresses-per-mac=1 name=hotspot1 profile=hsprof1
add address-pool=dhcp_pool6 addresses-per-mac=1 disabled=no idle-timeout=15m
interface=ether5 name=hotspot2 profile=hsprof2
/lora servers
add address=eu.mikrotik.thethings.industries down-port=1700 name=TTN-EU
up-port=1700
add address=us.mikrotik.thethings.industries down-port=1700 name=TTN-US
up-port=1700
add address=eu1.cloud.thethings.industries down-port=1700 name=
“TTS Cloud (eu1)” up-port=1700
add address=nam1.cloud.thethings.industries down-port=1700 name=
“TTS Cloud (nam1)” up-port=1700
add address=au1.cloud.thethings.industries down-port=1700 name=
“TTS Cloud (au1)” up-port=1700
add address=eu1.cloud.thethings.network down-port=1700 name=“TTN V3 (eu1)”
up-port=1700
add address=nam1.cloud.thethings.network down-port=1700 name=“TTN V3 (nam1)”
up-port=1700
add address=au1.cloud.thethings.network down-port=1700 name=“TTN V3 (au1)”
up-port=1700
/ppp profile
set *0 address-list=ToNet dns-server=8.8.8.8,8.8.4.4 local-address=192.200.0.1
remote-address=“pppoe 1”
add address-list=ToNet change-tcp-mss=yes dns-server=8.8.8.8,8.8.4.4
local-address=192.200.2.1 name=“profile SFP” remote-address=“pppoe SFP”
/tool user-manager customer
set admin access=
own-routers,own-users,own-profiles,own-limits,config-payment-gw
/user group
set full policy=“local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,passw
ord,web,sniff,sensitive,api,romon,dude,tikapp”
/ip neighbor discovery-settings
set discover-interface-list=!all protocol=“”
/interface pppoe-server server
add authentication=pap,chap default-profile=“profile SFP” service-name=PPPoe
add authentication=pap,chap disabled=no interface=ether5 keepalive-timeout=10
service-name=PPPoe
/ip address
add address=92.0.0.1/22 disabled=yes interface=sfp1 network=92.0.0.0
add address=10.20.0.1/21 interface=ether5 network=10.20.0.0
add address=40.40.40.1/22 interface=ether12 network=40.40.40.0
add address=192.0.0.1/24 disabled=yes interface=ether5 network=192.0.0.0
/ip dhcp-client
add add-default-route=no disabled=no interface=ether1 use-peer-dns=no
use-peer-ntp=no
add add-default-route=no disabled=no interface=ether5 use-peer-dns=no
use-peer-ntp=no
/ip dhcp-server network
add address=10.20.0.0/21 gateway=10.20.0.1
add address=92.0.0.0/22 gateway=92.0.0.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip firewall address-list
add address=40.40.40.40 list=ToNet
add address=94.231.80.100 list=your-freedom
add address=85.214.22.104 list=your-freedom
add address=94.126.16.7 list=your-freedom
add address=85.214.151.156 list=your-freedom
add address=85.214.149.36 list=your-freedom
add address=85.214.45.166 list=your-freedom
add address=85.214.149.43 list=your-freedom
add address=83.170.96.78 list=your-freedom
add address=193.37.152.232 list=your-freedom
add address=80.74.137.161 list=your-freedom
add address=193.164.133.62 list=your-freedom
add address=95.143.192.144 list=your-freedom
add address=208.53.158.27 list=your-freedom
add address=85.214.149.35 list=your-freedom
add address=76.73.125.131 list=your-freedom
add address=77.92.78.225 list=your-freedom
add address=81.169.130.185 list=your-freedom
add address=217.150.244.92 list=your-freedom
add address=83.170.105.81 list=your-freedom
add address=123.108.109.9 list=your-freedom
add address=85.214.143.29 list=your-freedom
add address=85.214.116.165 list=your-freedom
add address=67.212.67.75 list=your-freedom
add address=67.159.5.116 list=your-freedom
add address=202.160.120.226 list=your-freedom
add address=20.37.0.0/16 list=PUBG
add address=51.116.0.0/16 list=PUBG
add address=49.51.0.0/16 list=PUBG
add address=185.151.0.0/16 list=PUBG
add address=119.28.0.0/16 list=PUBG
add address=170.106.0.0/16 list=PUBG
add address=52.9.0.0/16 list=PUBG
add address=203.205.0.0/16 list=PUBG
add address=162.62.0.0/16 list=PUBG
add address=150.109.0.0/16 list=PUBG
add address=162.14.0.0/16 list=PUBG
add address=52.94.0.0/16 list=PUBG
add address=45.40.220.0/22 list=PUBG
add address=apigateway.ap-southeast-1.amazonaws.com list=PUBG
add address=autoscaling.ap-southeast-1.amazonaws.com list=PUBG
add address=appstream2.ap-southeast-1.amazonaws.com list=PUBG
add address=appmesh.ap-southeast-1.amazonaws.com list=PUBG
add address=appsync.ap-southeast-1.amazonaws.com list=PUBG
add address=athena.ap-southeast-1.amazonaws.com list=PUBG
add address=rds.ap-southeast-1.amazonaws.com list=PUBG
add address=batch.ap-southeast-1.amazonaws.com list=PUBG
add address=budgets.amazonaws.com list=PUBG
add address=acm.ap-southeast-1.amazonaws.com list=PUBG
add address=acm-pca.ap-southeast-1.amazonaws.com list=PUBG
add address=cloud9.ap-southeast-1.amazonaws.com list=PUBG
add address=clouddirectory.ap-southeast-1.amazonaws.com list=PUBG
add address=cloudformation.ap-southeast-1.amazonaws.com list=PUBG
add address=cloudhsmv2.ap-southeast-1.amazonaws.com list=PUBG
add address=cloudhsm.ap-southeast-1.amazonaws.com list=PUBG
add address=servicediscovery.ap-southeast-1.amazonaws.com list=PUBG
add address=cloudsearch.ap-southeast-1.amazonaws.com list=PUBG
add address=cloudtrail.ap-southeast-1.amazonaws.com list=PUBG
add address=monitoring.ap-southeast-1.amazonaws.com list=PUBG
add address=events.ap-southeast-1.amazonaws.com list=PUBG
add address=logs.ap-southeast-1.amazonaws.com list=PUBG
add address=codebuild.ap-southeast-1.amazonaws.com list=PUBG
add address=codecommit.ap-southeast-1.amazonaws.com list=PUBG
add address=codedeploy.ap-southeast-1.amazonaws.com list=PUBG
add address=codepipeline.ap-southeast-1.amazonaws.com list=PUBG
add address=codestar.ap-southeast-1.amazonaws.com list=PUBG
add address=cognito-idp.ap-southeast-1.amazonaws.com list=PUBG
add address=cognito-identity.ap-southeast-1.amazonaws.com list=PUBG
add address=cognito-sync.ap-southeast-1.amazonaws.com list=PUBG
add address=comprehend.ap-southeast-1.amazonaws.com list=PUBG
add address=config.ap-southeast-1.amazonaws.com list=PUBG
add address=datasync.ap-southeast-1.amazonaws.com list=PUBG
add address=dms.ap-southeast-1.amazonaws.com list=PUBG
add address=directconnect.ap-southeast-1.amazonaws.com list=PUBG
add address=ds.ap-southeast-1.amazonaws.com list=PUBG
add address=dynamodb.ap-southeast-1.amazonaws.com list=PUBG
add address=dax.ap-southeast-1.amazonaws.com list=PUBG
add address=streams.dynamodb.ap-southeast-1.amazonaws.com list=PUBG
add address=elasticbeanstalk.ap-southeast-1.amazonaws.com list=PUBG
add address=elasticbeanstalk-health.ap-southeast-1.amazonaws.com list=PUBG
add address=ec2.ap-southeast-1.amazonaws.com list=PUBG
add address=119.28.96.0/19 list=PUBG
add address=124.156.0.0/16 list=PUBG
add address=119.28.110.0/23 list=PUBG
add address=elasticache.ap-southeast-1.amazonaws.com list=PUBG
add address=tencentgames.helpshift.com list=PUBG
add address=gcloudcs.com list=PUBG
add address=file.igamecj.com.akamaized.net list=PUBG
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=“place hotspot rules here”
disabled=yes
add action=drop chain=forward dst-address-list=your-freedom
add action=drop chain=forward content=your-freedom
add action=drop chain=pre-hs-input comment=block-freedom-maxupgrade
layer7-protocol=freedom
/ip firewall mangle
add action=mark-connection chain=prerouting connection-state=new disabled=yes
new-connection-mark=IN1 nth=2,1 passthrough=yes src-address=92.0.0.0/22
add action=mark-connection chain=prerouting connection-state=new disabled=yes
new-connection-mark=IN2 nth=2,2 passthrough=yes src-address=92.0.0.0/22
add action=mark-connection chain=prerouting connection-state=new disabled=yes
new-connection-mark=IN1 nth=2,1 passthrough=yes src-address=93.0.0.0/22
add action=mark-connection chain=prerouting connection-state=new disabled=yes
new-connection-mark=IN2 nth=2,2 passthrough=yes src-address=93.0.0.0/22
add action=mark-routing chain=prerouting connection-mark=IN1 disabled=yes
new-routing-mark=IN1 passthrough=yes src-address=92.0.0.0/22
add action=mark-routing chain=prerouting connection-mark=IN2 disabled=yes
new-routing-mark=IN2 passthrough=yes src-address=92.0.0.0/22
add action=mark-routing chain=prerouting connection-mark=IN1 disabled=yes
new-routing-mark=IN1 passthrough=yes src-address=93.0.0.0/22
add action=mark-routing chain=prerouting connection-mark=IN2 disabled=yes
new-routing-mark=IN2 passthrough=yes src-address=93.0.0.0/22
add action=add-src-to-address-list address-list=freedom address-list-timeout=1d
chain=prerouting comment=freedom-maxupgrade layer7-protocol=freedom
add action=mark-packet chain=forward comment=tawasol4sy new-packet-mark=
pubg-download passthrough=no src-address-list=PUBG
add action=mark-packet chain=forward comment=tawasol4sy dst-address-list=PUBG
new-packet-mark=pubg-upload passthrough=no
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=“place hotspot rules here”
disabled=yes
add action=masquerade chain=srcnat comment=“masquerade hotspot network”
src-address=92.0.0.0/22
add action=masquerade chain=srcnat comment=“masquerade hotspot network”
disabled=yes src-address=93.0.0.0/24
add action=masquerade chain=srcnat comment=“masquerade hotspot network”
src-address=192.200.0.0/24
add action=masquerade chain=srcnat comment=“masquerade hotspot network”
src-address=192.200.2.0/24
add action=masquerade chain=srcnat comment=SAS4 src-address-list=ToNet
add action=masquerade chain=srcnat comment=“masquerade hotspot network”
disabled=yes src-address=93.0.0.0/21
add action=masquerade chain=srcnat disabled=yes src-address-list=out-ip
add action=masquerade chain=srcnat comment=“masquerade hotspot network”
src-address=10.20.0.0/21
/ip firewall raw
add action=drop chain=prerouting comment=m
content=m
/ip hotspot service-port
set ftp disabled=yes
/ip hotspot user
/ip route
add disabled=yes distance=1 gateway=195.168.2.1 routing-mark=IN1
add disabled=yes distance=1 gateway=195.168.1.1 routing-mark=IN2
add disabled=yes distance=1 gateway=192.168.100.1 routing-mark=IN2
add distance=1 gateway=195.168.1.1
add disabled=yes distance=1 gateway=192.168.100.1
add disabled=yes distance=1 gateway=195.168.2.1
/ip service
set ssh address=40.40.40.40/32
/ppp aaa
set interim-update=1m use-radius=yes
/radius
add address=40.40.40.40 secret=xxx
service=ppp,login,hotspot timeout=3s
/radius incoming
set accept=yes port=1700
/system clock
set time-zone-name=
/system identity
set name=Net
/system scheduler
add interval=2m name=“remove hotspot” on-event=
“/ip hotspot host remove [find where !authorized !bypassed]” policy=
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon
start-date=dec/15/2022 start-time=11:06:41
/tool user-manager database
set db-path=user-manager
/user aaa
set default-group=full interim-update=1m use-radius=yes
[admin@Net] >