Hi Guys
I’m hoping you can help me as this is rather a very odd issue I’m having, so firstly Idd like to say that we are a fairly new WISP Company, we are using a CCR1009-7G-1C-1S+, we use two service providers one primary and one for redundancy, but we manually do failover, our primary link is established via PPPOE and the redundant link gets a static IP, so the issue arose a few weeks after a firmware update to the latest firmware 7.12, everything was running smooth and then suddenly we had complaints, on the MT Cloud core router it Pings DNS, Traffic flow is there, traceroute shows no errors, but upon browsing all sites time out, does not matter what browser we use, I immediately started suspecting our service provider but i need to be 100% sure, we use VLAN’s to separate networks our networks, and clients are Authenticated using a PPPOE Server, I’m posting my configs, if there are smarter ways of doing these configs please let me know, I’m here to learn, but don’t see myself as a noob 
#nov/07/2023 08:34:49 by RouterOS 7.8
# software id = 962A-DCE6
#
# model = CCR1009-7G-1C-1S+
# serial number = 914F0AC655ED
/interface bridge
add name=mgmt-bridge
add name=test
/interface ethernet
set [ find default-name=combo1 ] comment=Telecom
set [ find default-name=ether1 ] comment="Telecom Port" disabled=yes speed=\
100Mbps
set [ find default-name=ether2 ] comment="Paratus Fibre" speed=100Mbps
set [ find default-name=ether3 ] comment="Monitoring server" speed=100Mbps
set [ find default-name=ether4 ] comment="RE Fortigate" disabled=yes name=\
"ether4 " speed=100Mbps
set [ find default-name=ether5 ] comment="RE Firewall" speed=100Mbps
set [ find default-name=ether6 ] comment="Blue ERO01 Switch" speed=100Mbps
set [ find default-name=ether7 ] comment="RECC - Network" speed=100Mbps
set [ find default-name=sfp-sfpplus1 ] advertise=\
10M-full,100M-full,1000M-full
/interface pppoe-client
add add-default-route=yes interface=ether1 name=pppoe-out2 user=ppp1
/interface pppoe-server
add name=ppp-1BRE01 service=pppoe-users user=1BRE01
add name=ppp-1CAR01 service=pppoe-users user=1CAR01
add name=ppp-1DAM01 service=pppoe-users user=1DAM01
add name=ppp-1DEK01 service=pppoe-users user=1DEK01
add name=ppp-1ENS01 service=pppoe-users user=1ENS01
add name=ppp-1HEN01 service=pppoe-users user=1HEN01
add name=ppp-1HYD01 service=pppoe-users user=1HYD01
add name=ppp-1KUB01 service=pppoe-users user=1KUB01
add name=ppp-1LAU01 service=pppoe-users user=1LAU01
add name=ppp-1MOU01 service=pppoe-users user=1MOU01
add name=ppp-1NAM01 service=pppoe-users user=1NAM01
add name=ppp-1OKT01 service=pppoe-users user=1OKT01
add name=ppp-1SEI01 service=pppoe-users user=1SEI01
add name=ppp-1SSB01 service=pppoe-users user=1SSB01
add name=ppp-@BEN01 service=pppoe-users user=@BEN01
add name=ppp-@KRE01 service=pppoe-users user=@KRE01
add name=ppp-F-RECC-CR service=pppoe-users user=F-RECC-CR
add name=ppp-F-RECC-FdT service=pppoe-users user=F-RECC-FdT
add name=ppp-F-RECC-HS service=pppoe-users user=F-RECC-HS
add name=ppp-F-RECC-VA service=pppoe-users user=F-RECC-VA
add name=ppp-F-RECC_HEN01 service=pppoe-users user=F-RECC_HEN01
add name=ppp-F-RECC_LN service=pppoe-users user=F-RECC_LN
add name=ppp-F-SMRCC service=pppoe-users user=F-SMRCC
add name=ppp-F-SMRCC1 service=pppoe-users user=F-SMRCC1
add name=ppp-fortigate service=fortigate user=fortigate
/interface vlan
add comment="Management VLAN 11" interface=ether6 name=vlan11-mgmt vlan-id=11
add comment="Vlan-21 repeater" interface=ether6 name=vlan21-repeater vlan-id=\
21
add comment="Vlan 31 -power mgmt" interface=ether6 name=vlan31-power-mgmt \
vlan-id=31
add interface=ether6 name=vlan41-pppoe vlan-id=41
add interface=ether6 name="vlan42-RE Staff" vlan-id=42
add interface=ether6 name=vlan51-Camera vlan-id=51
add disabled=yes interface=ether1 name=vlan200-Telecom vlan-id=200
/interface pppoe-client
add interface=vlan200-Telecom name=pppoe-out-telecomm user=\
a374321@static.telecom.na
/interface list
add name=WAN
add name=ppp-WVBUser
add name=WAN2
/interface lte apn
set [ find default=yes ] ip-type=ipv4 use-network-apn=no
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name="Local pppoe_pool" ranges=10.41.0.2-10.41.255.250
add name=public_pool ranges=197.188.225.57-197.198.225.62
add name=dhcp_pool2 ranges=10.31.30.90-10.31.30.95
add name=RE_pool ranges=10.47.0.0-10.47.254.254
/ip dhcp-server
add address-pool=dhcp_pool2 disabled=yes interface=vlan31-power-mgmt name=\
dhcp1
/ip vrf
add disabled=yes interfaces=vlan41-pppoe name=Paratus
/lora servers
add address=eu.mikrotik.thethings.industries down-port=1700 name=TTN-EU \
up-port=1700
add address=us.mikrotik.thethings.industries down-port=1700 name=TTN-US \
up-port=1700
add address=eu1.cloud.thethings.industries down-port=1700 name=\
"TTS Cloud (eu1)" up-port=1700
add address=nam1.cloud.thethings.industries down-port=1700 name=\
"TTS Cloud (nam1)" up-port=1700
add address=au1.cloud.thethings.industries down-port=1700 name=\
"TTS Cloud (au1)" up-port=1700
add address=eu1.cloud.thethings.network down-port=1700 name="TTN V3 (eu1)" \
up-port=1700
add address=nam1.cloud.thethings.network down-port=1700 name="TTN V3 (nam1)" \
up-port=1700
add address=au1.cloud.thethings.network down-port=1700 name="TTN V3 (au1)" \
up-port=1700
/port
set 0 name=serial0
set 1 name=serial1
/ppp profile
add address-list=pppoe_users dns-server=8.8.8.8 name=pppoe_profile \
remote-address="Local pppoe_pool" wins-server=8.8.4.4
add dns-server=8.8.8.8,41.205.142.132 idle-timeout=10m interface-list=\
ppp-WVBUser local-address=10.41.40.1 name="Symmetric 10 STATIC Public" \
rate-limit=10M/10M remote-address=public_pool session-timeout=1d \
wins-server=8.8.4.4
add dns-server=8.8.8.8,41.205.142.132 idle-timeout=10m interface-list=\
ppp-WVBUser local-address=10.41.40.1 name="Symmetric 10 Local" \
rate-limit=10M/10M remote-address="Local pppoe_pool" session-timeout=1d \
wins-server=8.8.4.4
add dns-server=8.8.8.8,41.205.142.132 idle-timeout=10m interface-list=\
ppp-WVBUser local-address=10.41.40.1 name="Symmetric 5 Local" rate-limit=\
5M/5M remote-address="Local pppoe_pool" session-timeout=1d wins-server=\
8.8.4.4
add dns-server=8.8.8.8,41.205.142.132 idle-timeout=10m interface-list=\
ppp-WVBUser local-address=10.41.40.1 name="Asymmetric 20/10 Local" \
rate-limit=10M/20M remote-address="Local pppoe_pool" session-timeout=1d \
wins-server=8.8.4.4
add dns-server=8.8.8.8,41.205.142.132 idle-timeout=10m interface-list=\
ppp-WVBUser local-address=10.41.40.1 name="Symmetric 50 Local" \
rate-limit=50M/50M remote-address="Local pppoe_pool" session-timeout=1d \
wins-server=8.8.4.4
add dns-server=8.8.8.8,41.205.142.132 interface-list=ppp-WVBUser \
local-address=10.41.40.1 name="Symmetric 100 Local" rate-limit=100M/100M \
remote-address=public_pool wins-server=8.8.4.4
add dns-server=8.8.8.8,41.205.142.132 idle-timeout=10m interface-list=\
ppp-WVBUser local-address=10.41.40.1 name="Asymmetric 50/10 Local" \
rate-limit=10M/50M remote-address="Local pppoe_pool" session-timeout=1d \
wins-server=8.8.4.4
add dns-server=8.8.8.8,41.205.142.132 idle-timeout=10m interface-list=\
ppp-WVBUser local-address=10.41.40.1 name="Asymmetric 25/10 Local" \
rate-limit=10M/25M remote-address="Local pppoe_pool" session-timeout=1d \
wins-server=8.8.4.4
add dns-server=8.8.8.8,41.205.142.132 idle-timeout=10m interface-list=\
ppp-WVBUser local-address=10.41.40.1 name="Asymmetric 25/15 Local" \
rate-limit=15M/25M remote-address="Local pppoe_pool" session-timeout=1d \
wins-server=8.8.4.4
add dns-server=8.8.8.8,41.205.142.132 idle-timeout=10m interface-list=\
ppp-WVBUser local-address=10.41.40.1 name="Asymmetric 10/4 Local" \
rate-limit=5M/10M remote-address="Local pppoe_pool" session-timeout=1d \
wins-server=8.8.4.4
add dns-server=8.8.8.8,41.205.142.132 idle-timeout=10m interface-list=\
ppp-WVBUser local-address=10.41.40.1 name="Asymmetric 15/7 Local" \
rate-limit=7M/15M remote-address="Local pppoe_pool" session-timeout=1d \
wins-server=8.8.4.4
add dns-server=8.8.8.8,41.205.142.132 idle-timeout=10m interface-list=\
ppp-WVBUser local-address=10.41.40.1 name="Asymetric 5/2 Local" \
rate-limit=3M/5M remote-address="Local pppoe_pool" session-timeout=1d \
wins-server=8.8.4.4
add dns-server=8.8.8.8 idle-timeout=10m interface-list=ppp-WVBUser \
local-address=10.41.40.1 name="Asymetric 20/10 Public IP" rate-limit=\
10M/20M remote-address=public_pool session-timeout=1d wins-server=8.8.4.4
add dns-server=8.8.8.8,41.205.142.132 idle-timeout=10m interface-list=\
ppp-WVBUser local-address=10.41.40.1 name="Symmetric 25/25 Local" \
rate-limit=25M/25M remote-address="Local pppoe_pool" session-timeout=1d \
wins-server=8.8.4.4
add dns-server=8.8.8.8,41.205.142.132 interface-list=ppp-WVBUser \
local-address=10.41.40.1 name="Symmetric 300/300" rate-limit=300M/300M \
remote-address="Local pppoe_pool" wins-server=8.8.4.4
add dns-server=8.8.8.8 idle-timeout=10m interface-list=ppp-WVBUser \
local-address=10.47.1.1 name="RE Symetric 5 local" rate-limit=5M/5M \
remote-address=RE_pool session-timeout=1d wins-server=8.8.4.4
/routing bgp template
set default disabled=no output.network=bgp-networks
/routing ospf instance
add disabled=no name=default-v2
/routing ospf area
add disabled=yes instance=default-v2 name=backbone-v2
/routing table
add disabled=no fib name=to_Telecom
add disabled=no fib name=to_Paratus
add disabled=no fib name=Management
add disabled=no fib name=Paratus_Client_list
add disabled=no fib name=TN_Client_List
/tool traffic-generator port
add interface=ether1 name=10443
/interface bridge port
add bridge=mgmt-bridge ingress-filtering=no interface=ether3
add bridge=mgmt-bridge ingress-filtering=no interface=vlan11-mgmt
/ip neighbor discovery-settings
set discover-interface-list=none
/ip settings
set max-neighbor-entries=8192
/ipv6 settings
set disable-ipv6=yes max-neighbor-entries=8192
/interface list member
add interface=pppoe-out-telecomm list=WAN
add interface=ether2 list=WAN2
/interface ovpn-server server
set auth=sha1,md5
/interface pppoe-server server
add default-profile=pppoe_profile disabled=no interface=vlan41-pppoe \
one-session-per-host=yes service-name=pppoe-users
add default-profile=pppoe_profile disabled=no interface="ether4 " \
service-name=fortigate
add default-profile=pppoe_profile interface="vlan42-RE Staff" service-name=\
"Temp pppoe"
add default-profile="RE Symetric 5 local" disabled=no interface=\
"vlan42-RE Staff" one-session-per-host=yes service-name=pppoe-staff
/ip address
add address=10.11.10.1/16 interface=mgmt-bridge network=10.11.0.0
add address=10.31.30.1/24 interface=vlan31-power-mgmt network=10.31.30.0
add address=10.21.20.1/24 interface=vlan21-repeater network=10.21.20.0
add address=10.51.50.1/24 interface=vlan51-Camera network=10.51.50.0
add address=160.242.98.250 interface=ether2 network=160.242.98.250
add address=10.41.0.1/16 interface=vlan41-pppoe network=10.41.0.0
add address=10.47.0.1 interface="vlan42-RE Staff" network=10.47.0.1
add address=10.49.9.95/24 interface=ether5 network=10.49.9.0
/ip cloud
set ddns-enabled=yes
/ip dhcp-client
add add-default-route=no dhcp-options=hostname,clientid_duid interface=ether2 \
use-peer-dns=no
/ip dhcp-server network
add address=10.31.30.0/24 gateway=10.31.30.1
/ip dns
set allow-remote-requests=yes servers=\
8.8.8.8,41.205.142.132,9.9.9.9,160.242.98.250,192.168.1.1
/ip firewall address-list
add address=197.188.225.57-197.198.225.62 list=public_pool
add address=10.0.0.0/8 list=Validlist
add address=10.41.0.0/16 list=Validlist
add address=192.168.0.0/16 list=Validlist
add address=197.188.222.197 list=Validlist
add address=197.188.225.56/29 list=Validlist
add address=197.188.222.73 list=WAN_IP
add address=10.49.0.0/16 list=Validlist
add address=160.242.98.250 list=WAN_IP
add address=192.168.1.1 list=WAN_IP
add address=197.188.225.58 disabled=yes list=Public_ip_Users
add address=197.188.222.73 list=Spam_user
add address=10.42.0.0/16 list=Validlist
/ip firewall filter
add action=accept chain=forward
add action=accept chain=input
add action=accept chain=input disabled=yes dst-port=10443 log=yes protocol=\
tcp
add action=accept chain=input disabled=yes src-address=192.168.170.0/24
add action=accept chain=input disabled=yes in-interface=ether5
add action=accept chain=forward disabled=yes in-interface=ether5 src-address=\
10.41.0.0/16
add action=drop chain=input disabled=yes dst-address=197.188.222.73 \
in-interface=!*F16E7E
add action=passthrough chain=forward
add action=accept chain=forward disabled=yes in-interface=ether5 log=yes
add action=accept chain=forward disabled=yes src-address=192.168.1.0/24
add action=accept chain=input dst-address=10.47.0.0/16 src-address=\
10.11.0.0/16
add action=accept chain=input dst-address=10.41.0.0/16 src-address=\
10.11.0.0/16
add action=accept chain=input dst-address=10.11.0.0/16 src-address=\
10.41.0.0/16
add action=accept chain=input dst-address=10.41.0.0/16 src-address=\
10.11.0.0/16
add action=accept chain=input dst-address=197.188.225.56/29 src-address=\
10.11.0.0/16
add action=accept chain=input dst-address=10.11.0.0/16 src-address=\
197.188.225.56/29
add action=accept chain=forward dst-address=192.168.1.1 src-address=\
10.11.0.0/16
add action=accept chain=forward dst-address=10.11.0.0/16 src-address=\
192.168.1.1
add action=accept chain=forward dst-address=10.11.10.5 src-address=\
10.41.0.0/16
add action=accept chain=forward dst-address=10.11.10.5 src-address=\
10.47.0.0/16
add action=accept chain=forward dst-address=192.168.1.1 src-address=\
10.11.10.5
add action=accept chain=forward dst-address=192.168.1.0/24 src-address=\
10.41.0.0/16
add action=accept chain=forward dst-address=10.41.0.0/16 src-address=\
192.168.1.0/24
add action=accept chain=forward dst-address=10.11.10.9 src-address=\
10.51.0.0/16
add action=accept chain=forward dst-address=10.51.0.0/16 src-address=\
10.11.10.9
add action=accept chain=forward dst-address=10.11.10.5 src-address=\
10.11.0.0/16
add action=accept chain=forward dst-address=10.0.2.15 port=446 protocol=tcp \
src-address=10.11.0.0/16
add action=accept chain=forward dst-address=10.11.10.6 src-address=\
10.11.0.0/16
add action=accept chain=forward dst-address=10.49.9.90 src-address=\
10.11.0.0/16
add action=accept chain=forward dst-address=10.11.10.5 src-address=\
197.188.225.61
add action=accept chain=forward dst-address=10.11.10.6 src-address=\
10.41.0.0/16
add action=accept chain=forward dst-address=10.41.0.0/16 src-address=\
10.49.9.90
add action=accept chain=forward dst-address=10.49.9.90 src-address=\
10.41.0.0/16
add action=accept chain=forward dst-address=10.49.9.90 src-address=\
10.47.0.0/16
add action=add-src-to-address-list address-list="Drop Spammer" \
address-list-timeout=1w4d13h46m40s chain=input comment=\
"SSH and Webfig Blocked for Public" dst-port=25 log=yes log-prefix=\
"Drop Spammer port 25" protocol=tcp src-address-list=Spam_user
add action=add-src-to-address-list address-list=DropHacker \
address-list-timeout=2w chain=forward comment="Port Scanner Block" \
dst-port=25 log=yes log-prefix="Spammer Detect" protocol=tcp psd=\
21,1m,3,3
add action=drop chain=input disabled=yes log-prefix=\
Firewall3:DropInputFromHacker src-address-list=DropHacker
add action=drop chain=forward disabled=yes log-prefix=FW4:DropedToClient \
src-address-list=DropHacker
add action=drop chain=forward disabled=yes in-interface=vlan41-pppoe \
log-prefix="Firewall4: Drop Unauthenticated Customers" src-address-list=\
!Client
add action=drop chain=forward disabled=yes dst-address=10.11.0.0/16 \
src-address=10.41.0.0/16
add action=drop chain=forward disabled=yes dst-address=10.21.20.0/24 \
src-address=10.41.0.0/16
add action=drop chain=forward disabled=yes dst-address=10.31.30.0/24 \
src-address=10.41.0.0/16
add action=drop chain=forward disabled=yes dst-address=10.41.0.0/16 \
src-address=10.41.0.0/16
add action=drop chain=forward disabled=yes dst-address=10.51.50.0/24 \
src-address=10.41.0.0/16
add action=drop chain=forward disabled=yes dst-address=10.11.10.5 \
src-address=10.41.0.0/16
add action=drop chain=forward disabled=yes dst-port=21484 protocol=tcp
add action=drop chain=forward disabled=yes protocol=tcp src-port=21484
add action=add-src-to-address-list address-list=DropHacker \
address-list-timeout=2w chain=input comment="Port Scanner Block" \
disabled=yes in-interface-list=WAN log=yes log-prefix=\
"FW0: PortScanDetectted added to Drop Hacker" protocol=tcp psd=21,1m,3,3
add action=drop chain=input comment="SSH and Webfig Blocked for Public" \
disabled=yes dst-port=81,22,21,25 in-interface-list=WAN log=yes \
log-prefix=Spam protocol=tcp
add action=drop chain=forward disabled=yes dst-address=10.41.0.0/16 log=yes \
log-prefix="FW 7 Drop User Ping" protocol=icmp src-address=10.41.0.0/16
add action=accept chain=input comment=down connection-state=\
established,related disabled=yes
add action=drop chain=forward comment=down disabled=yes dst-address=\
197.188.225.56/29 src-address=10.21.0.0/16
add action=drop chain=forward comment=down disabled=yes dst-address=\
197.188.225.56/29 src-address=10.11.0.0/16
add action=drop chain=forward comment=down disabled=yes dst-address=\
197.188.225.56/29 src-address=10.31.0.0/16
add action=drop chain=forward disabled=yes dst-address=197.188.225.56/29 \
src-address=10.41.0.0/16
add action=drop chain=forward comment=down disabled=yes dst-port=10443 \
in-interface-list=all log=yes protocol=tcp src-address-list=Client
add action=drop chain=input comment=down connection-state=invalid disabled=\
yes
add action=drop chain=input comment=down disabled=yes dst-port=53 \
in-interface-list=WAN protocol=tcp
add action=drop chain=input comment=down disabled=yes dst-port=53 \
in-interface-list=WAN protocol=udp
add action=drop chain=forward comment=down disabled=yes dst-address-list=\
pppoe_users src-address-list=pppoe_users
add action=drop chain=input comment=down disabled=yes dst-port=22,23,80,443 \
in-interface-list=WAN protocol=tcp
add action=drop chain=forward disabled=yes log-prefix=FW4:DropedToClient \
out-interface=ether2 src-address=10.11.10.5
add action=drop chain=forward disabled=yes dst-address=10.11.0.0/16 log=yes \
src-address=197.188.225.56/29
add action=drop chain=forward disabled=yes dst-address=10.21.20.0/24 \
src-address=197.188.225.56/29
add action=drop chain=forward disabled=yes dst-address=10.31.30.0/24 \
src-address=197.188.225.56/29
add action=drop chain=forward disabled=yes dst-address=10.41.0.0/16 \
src-address=197.188.225.56/29
add action=drop chain=forward disabled=yes dst-address=10.51.50.0/24 \
src-address=197.188.225.56/29
add action=accept chain=forward disabled=yes dst-address=10.11.0.0/16 log=yes \
src-address=197.188.225.57
/ip firewall mangle
add action=accept chain=prerouting disabled=yes dst-address=197.188.225.58 \
src-address=10.41.0.0/16
add action=add-src-to-address-list address-list=DropHacker \
address-list-timeout=50m chain=prerouting dst-address=197.188.222.73 \
dst-port=21,22,81 in-interface-list=WAN log=yes log-prefix=\
"Mangle1: AddHacker 21,22,81" protocol=tcp src-address-list=Validlist
add action=mark-connection chain=output connection-mark=no-mark \
connection-state=new disabled=yes log=yes new-connection-mark=\
Telecom_conn out-interface=ether1 passthrough=yes
add action=mark-connection chain=output connection-mark=no-mark \
connection-state=new disabled=yes log=yes new-connection-mark=\
Paratus_conn out-interface=ether2 passthrough=yes
add action=mark-routing chain=output connection-mark=Telecom_conn \
connection-state=new disabled=yes log=yes new-routing-mark=to_Telecom \
out-interface=ether1 passthrough=yes
add action=mark-routing chain=output connection-mark=Paratus_conn \
connection-state=new disabled=yes log=yes new-routing-mark=to_Paratus \
out-interface=ether2 passthrough=yes
add action=mark-routing chain=prerouting disabled=yes in-interface=\
vlan41-pppoe new-routing-mark=to_Paratus passthrough=yes
add action=mark-routing chain=prerouting disabled=yes in-interface=\
"vlan42-RE Staff" new-routing-mark=to_Telecom passthrough=yes
/ip firewall nat
add action=dst-nat chain=dstnat disabled=yes dst-port=500 protocol=udp \
to-addresses=10.41.40.50 to-ports=500
add action=dst-nat chain=dstnat disabled=yes dst-port=4500 protocol=udp \
to-addresses=10.49.8.50 to-ports=4500
add action=masquerade chain=srcnat disabled=yes out-interface=\
pppoe-out-telecomm src-address-list=public_pool
add action=masquerade chain=srcnat disabled=yes out-interface-list=WAN \
src-address-list=public_pool
add action=masquerade chain=srcnat disabled=yes out-interface-list=WAN \
src-address=197.188.225.61
add action=masquerade chain=srcnat out-interface-list=WAN
add action=masquerade chain=srcnat out-interface-list=WAN2
add action=dst-nat chain=dstnat disabled=yes dst-port=50-51 protocol=tcp \
to-addresses=10.49.8.50 to-ports=50-51
add action=dst-nat chain=dstnat disabled=yes dst-address=10.49.9.5 dst-port=\
10443 in-interface=ether1 log=yes protocol=udp to-ports=10443
add action=dst-nat chain=dstnat disabled=yes dst-address=10.49.9.5 dst-port=\
10443 in-interface=ether1 log=yes protocol=tcp src-address=0.0.0.0 \
to-ports=10443
add action=masquerade chain=srcnat comment=\
"masq traffico monitoring - others" disabled=yes out-interface=\
!pppoe-out-telecomm src-address=!10.11.10.5
add action=masquerade chain=srcnat comment=\
"masq traffico monitoring - others" out-interface-list=WAN src-address=\
10.11.0.0/16
add action=masquerade chain=srcnat comment=\
"masq traffico monitoring - others" out-interface-list=WAN2 src-address=\
10.11.0.0/16
add action=masquerade chain=srcnat comment=\
"masq traffico monitoring - others" disabled=yes dst-address=\
!192.168.120.0/24 out-interface=!ether5 src-address=10.11.0.0/16
add action=dst-nat chain=dstnat disabled=yes dst-address=197.188.225.60 \
in-interface=ether1 to-addresses=10.41.40.1
add action=masquerade chain=srcnat comment="Paratus " disabled=yes \
out-interface=ether2 src-address-list=pppoe_users
add action=masquerade chain=srcnat comment="NAT pppoe" disabled=yes \
out-interface-list=WAN src-address=197.188.225.58
add action=masquerade chain=srcnat disabled=yes out-interface=ether5 \
out-interface-list=WAN
add action=masquerade chain=srcnat comment="NAT pppoe" disabled=yes \
dst-address=!197.188.225.58 dst-address-list=public_pool \
out-interface-list=WAN src-address=10.41.0.0/16 src-address-list=\
pppoe_users
add action=masquerade chain=srcnat comment="NAT pppoe" out-interface-list=\
WAN2 src-address=10.41.0.0/16
add action=masquerade chain=srcnat comment="NAT pppoe" out-interface-list=WAN \
src-address=10.47.0.0/16
add action=masquerade chain=srcnat comment="NAT mgmt" disabled=yes \
src-address=10.11.0.0/16
add action=masquerade chain=srcnat comment="NAT repeater" out-interface-list=\
WAN src-address=10.21.0.0/16
add action=masquerade chain=srcnat comment="NAT power" out-interface-list=WAN \
src-address=10.31.0.0/16
add action=masquerade chain=srcnat comment="NAT Cam" out-interface-list=WAN \
src-address=10.51.0.0/16
add action=dst-nat chain=dstnat comment="Hitradio Access to Barix" dst-port=\
9401-9402 in-interface-list=WAN protocol=tcp to-addresses=10.41.1.145 \
to-ports=9401-9402
add action=masquerade chain=srcnat disabled=yes out-interface=\
pppoe-out-telecomm src-address-list=!pppoe_users
add action=masquerade chain=srcnat disabled=yes out-interface=*43 \
src-address-list=!pppoe_users
add action=masquerade chain=srcnat disabled=yes out-interface=\
pppoe-out-telecomm src-address-list=!pppoe_users
add action=masquerade chain=srcnat comment="Paratus " disabled=yes \
out-interface=ether2 src-address-list=!public_pool
add action=dst-nat chain=dstnat disabled=yes in-interface-list=WAN protocol=\
tcp src-address=10.41.0.0/16 to-addresses=10.41.0.0/24 to-ports=80
add action=dst-nat chain=dstnat disabled=yes in-interface-list=WAN protocol=\
tcp to-addresses=10.41.40.110 to-ports=3478-3480
add action=dst-nat chain=dstnat disabled=yes in-interface-list=WAN protocol=\
tcp to-addresses=10.41.40.110 to-ports=1935
add action=dst-nat chain=dstnat disabled=yes in-interface-list=WAN protocol=\
tcp to-addresses=197.188.225.61 to-ports=3074
add action=dst-nat chain=dstnat disabled=yes in-interface-list=WAN protocol=\
udp to-addresses=10.41.40.110 to-ports=3478-3479
add action=dst-nat chain=dstnat disabled=yes in-interface-list=WAN protocol=\
udp to-addresses=10.41.40.110 to-ports=3074
add action=dst-nat chain=dstnat disabled=yes in-interface-list=WAN protocol=\
udp to-addresses=197.188.225.61 to-ports=3074
add action=dst-nat chain=dstnat comment="Hitradio Access to Barix" dst-port=\
3040 protocol=tcp to-addresses=10.31.30.39 to-ports=80
add action=dst-nat chain=dstnat comment="Hitradio Access to Barix" dst-port=\
3032-3034 in-interface-list=WAN protocol=tcp to-addresses=10.31.30.39 \
to-ports=3032-3034
add action=dst-nat chain=dstnat comment="Access to ERO04-S03" disabled=yes \
dst-port=2222 in-interface-list=WAN protocol=tcp to-addresses=10.11.11.43 \
to-ports=2222
add action=dst-nat chain=dstnat comment="Hitradio Access to Barix" dst-port=\
1011 in-interface-list=WAN protocol=tcp to-addresses=10.31.30.39 \
to-ports=1011
add action=dst-nat chain=dstnat comment="Hitradio Access to Barix" dst-port=\
3032-3034 in-interface-list=WAN protocol=udp to-addresses=10.31.30.39 \
to-ports=3032-3034
add action=dst-nat chain=dstnat dst-address-list=WAN_IP dst-port=3074 \
protocol=udp to-addresses=10.41.40.100 to-ports=3074
/ip route
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.1.1 \
pref-src="" routing-table=main scope=30 suppress-hw-offload=no \
target-scope=10 vrf-interface=ether2
add disabled=yes distance=1 dst-address=0.0.0.0/0 gateway=pppoe-out-telecomm \
pref-src="" routing-table=main scope=30 suppress-hw-offload=no \
target-scope=10 vrf-interface=pppoe-out-telecomm
add disabled=no distance=1 dst-address="" gateway=pppoe-out-telecomm \
pref-src="" routing-table=to_Telecom scope=30 suppress-hw-offload=no \
target-scope=10
add disabled=no distance=1 dst-address="" gateway=192.168.1.1 pref-src="" \
routing-table=to_Paratus scope=30 suppress-hw-offload=no target-scope=10
add disabled=yes distance=1 dst-address=10.41.0.0/16 gateway=vlan41-pppoe \
pref-src="" routing-table=Paratus_Client_list scope=10 \
suppress-hw-offload=no target-scope=10
add disabled=yes distance=1 dst-address=160.242.98.250/32 gateway=ether2 \
pref-src="" routing-table=to_Paratus scope=10 suppress-hw-offload=no \
target-scope=10
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/ip traffic-flow ipfix
set nat-events=yes
/ip traffic-flow target
add dst-address=197.188.225.57
/lcd
set time-interval=hour
/ppp secret
add comment="Radio Electronic Fortigate" local-address=10.47.0.1 name=\
fortigate profile="Symmetric 100 Local" remote-address=197.188.225.57 \
service=pppoe
add disabled=yes local-address=10.41.40.1 name=example1234_PUBLIC profile=\
pppoe_profile remote-address=197.188.225.62 service=pppoe
add disabled=yes local-address=10.41.40.1 name=example_nat_pool profile=\
pppoe_profile service=pppoe
add comment="Epic Transport" disabled=yes local-address=10.41.40.1 name=\
PST-@COL01b profile="Symmetric 10 STATIC Public" remote-address=\
10.41.2.250 service=pppoe
add local-address=10.41.40.1 name=@HIT01d profile="Symmetric 10 Local" \
remote-address=10.41.40.15 service=pppoe
add local-address=10.41.40.1 name=F-RECC-HS profile="Asymmetric 10/4 Local" \
remote-address=10.41.40.30 service=pppoe
add local-address=10.47.0.1 name=F-RECC-JR profile="Symmetric 5 Local" \
remote-address=10.47.0.35 service=pppoe
add local-address=10.47.0.1 name=F-RECC-CR profile="Symmetric 5 Local" \
remote-address=10.47.0.40 service=pppoe
add comment="E3 Logistics" disabled=yes local-address=10.41.40.1 name=@BEN01 \
profile="Asymmetric 20/10 Local" remote-address=197.188.225.59 service=\
pppoe
add local-address=10.41.40.1 name=F-RECC-FdT profile=\
"Asymetric 20/10 Public IP" remote-address=10.41.40.20 service=pppoe
add local-address=10.41.0.1 name=F-RECC-JW profile="Asymmetric 20/10 Local" \
remote-address=10.41.40.25 service=pppoe
add comment="Radio Electronic Fortigate" disabled=yes local-address=\
10.41.40.1 name=fortigate2 profile="Symmetric 50 Local" remote-address=\
197.188.225.57 service=pppoe
add disabled=yes local-address=10.41.40.1 name=COLBackup profile=\
"Symmetric 10 STATIC Public" remote-address=197.188.225.58 service=pppoe
add local-address=10.41.40.1 name=F-RECC_HEN01 profile="Symmetric 10 Local" \
remote-address=10.41.40.55 service=pppoe
add comment="Dries Schoonbee " local-address=10.41.40.1 name=@DRI01 profile=\
"Asymmetric 20/10 Local" remote-address=10.41.40.50 service=pppoe
add local-address=10.47.0.1 name=F-RECC-RN profile="Symmetric 5 Local" \
remote-address=10.47.40.65 service=pppoe
add local-address=10.41.40.1 name=F-RECC-FdT2 profile=\
"Asymmetric 25/15 Local" remote-address=10.41.40.70 service=pppoe
add local-address=10.41.40.1 name=F-RECC_LN profile=\
"Asymetric 20/10 Public IP" remote-address=10.41.40.110 service=pppoe
add local-address=10.47.0.1 name=F-RECC-AD profile="Symmetric 10 Local" \
remote-address=10.47.40.85 service=pppoe
add local-address=10.41.40.1 name=@KRE01 profile="Asymmetric 10/4 Local" \
remote-address=10.41.40.90 service=pppoe
add comment="Roman Catholic Church" name=F-SMRCC profile="Symmetric 5 Local" \
remote-address=10.41.40.95 service=pppoe
add local-address=10.47.0.1 name=F-RECC-RH profile="Symmetric 5 Local" \
remote-address=10.47.0.105 service=pppoe
add local-address=10.41.40.1 name=F-RECC-VA profile="Asymmetric 15/7 Local" \
remote-address=197.188.225.62 service=pppoe
add comment="Natasha/Sheldon Hendricks" local-address=10.41.40.1 name=1HEN01 \
profile="Asymmetric 10/4 Local" remote-address=10.41.40.115 service=pppoe
add comment="Franzisk Bredenkamp" local-address=10.41.40.1 name=1BRE01 \
profile="Asymmetric 10/4 Local" remote-address=10.41.40.120 service=pppoe
add local-address=10.47.0.1 name=PPPOETest profile="Asymmetric 10/4 Local" \
remote-address=10.47.0.25 service=pppoe
add comment="Sweet Side Bakery 10.41.40.125" local-address=10.41.40.1 name=\
1SSB01 profile="Asymmetric 10/4 Local" remote-address=10.41.1.254 \
service=pppoe
add comment="Ruschdeen De Klerk" local-address=10.41.40.1 name=1DEK01 \
profile="Asymetric 5/2 Local" remote-address=10.41.40.130 service=pppoe
add comment="Geraldo Laubcher" local-address=10.41.40.1 name=1LAU01 profile=\
"Asymetric 5/2 Local" remote-address=10.41.40.135 service=pppoe
add comment="Hydraulic Services - Pottie Potgieter" local-address=10.41.40.1 \
name=1HYD01 profile="Asymmetric 25/15 Local" remote-address=10.41.40.140 \
service=pppoe
add comment="Hydraulic Services - Regina Vries" local-address=10.41.40.1 \
name=2VRI02 profile="Symmetric 5 Local" remote-address=10.41.40.145 \
service=pppoe
add local-address=10.47.0.1 name=F-RECC-CF profile="Symmetric 5 Local" \
remote-address=10.47.0.150 service=pppoe
add comment="Roman Catholic Church Hall" local-address=10.41.40.1 name=\
F-SMRCC1 profile="Symmetric 5 Local" remote-address=10.41.40.60 service=\
pppoe
add comment="Vernice Plaatje" local-address=10.41.40.1 name=1PLA01 profile=\
"Asymmetric 10/4 Local" remote-address=10.41.40.155 service=pppoe
add comment="Alroy Enssle" local-address=10.41.40.1 name=1ENS01 profile=\
"Asymetric 5/2 Local" remote-address=10.41.40.160 service=pppoe
add comment="Tanya Seibes" local-address=10.41.40.1 name=1SEI01 profile=\
"Symmetric 5 Local" remote-address=10.41.40.165 service=pppoe
add comment="William Patrick Mouers" local-address=10.41.40.1 name=1MOU01 \
profile="Asymetric 5/2 Local" remote-address=10.41.40.170 service=pppoe
add comment="Clifford Kubas" local-address=10.41.40.1 name=1KUB01 profile=\
"Asymetric 5/2 Local" remote-address=10.41.40.175 service=pppoe
add local-address=10.47.0.1 name=F-RECC-RNS profile="Symmetric 5 Local" \
remote-address=10.47.40.180 service=pppoe
add comment="Petronella Colleridge" local-address=10.41.40.1 name=1COL01 \
profile="Asymmetric 10/4 Local" remote-address=10.41.40.185 service=pppoe
add comment="Annelie Carolissen" local-address=10.41.40.1 name=1CAR01 \
profile="Asymetric 5/2 Local" remote-address=10.41.40.190 service=pppoe
add comment="Simeon Namwandi" local-address=10.41.40.1 name=1NAM01 profile=\
"Asymetric 5/2 Local" remote-address=10.41.40.195 service=pppoe
add local-address=10.47.0.1 name=BluePPPOE profile="Symmetric 300/300" \
remote-address=10.47.0.254 service=pppoe
add comment="Damian Sean Victor" local-address=10.41.40.1 name=1DAM01 \
profile="Symmetric 10 Local" remote-address=10.41.40.200 service=pppoe
add comment="Lynn Glover" local-address=10.41.40.1 name=1GLO01 profile=\
"Asymmetric 10/4 Local" remote-address=10.41.40.205 service=pppoe
add comment="Gwenda Oktober" local-address=10.41.40.1 name=1OKT01 profile=\
"Symmetric 5 Local" remote-address=10.41.40.210 service=pppoe
add local-address=10.41.40.1 name=2MAJ01 profile="Asymetric 5/2 Local" \
remote-address=10.41.40.215 service=pppoe
add local-address=10.41.40.1 name=1KNO01 profile="Asymetric 5/2 Local" \
remote-address=10.41.40.220 service=pppoe
add local-address=10.41.40.1 name=1DRE01 profile="Asymmetric 10/4 Local" \
remote-address=10.41.40.100 service=pppoe
add local-address=10.47.0.1 name=F-RECC-WN profile="Symmetric 5 Local" \
remote-address=10.47.0.230 service=pppoe
add local-address=10.47.0.1 name=F-RECC-AS profile="Symmetric 5 Local" \
remote-address=10.47.40.235 service=pppoe
add local-address=10.41.40.1 name=2MOL01 profile="Asymmetric 20/10 Local" \
remote-address=10.41.40.240 service=pppoe
add local-address=10.41.40.1 name=2VRI01 profile="Asymetric 5/2 Local" \
remote-address=10.41.40.245 service=pppoe
add local-address=10.41.40.1 name=2HAM01 profile="Asymetric 5/2 Local" \
remote-address=10.41.40.250 service=pppoe
add local-address=10.41.40.1 name=2FOR01 profile="Asymmetric 25/15 Local" \
remote-address=10.41.40.80 service=pppoe
add local-address=10.41.40.1 name=2HUS01 profile="Asymetric 5/2 Local" \
remote-address=10.41.1.5 service=pppoe
add local-address=10.41.40.1 name=2WIL01 profile="Asymetric 5/2 Local" \
remote-address=10.41.40.225 service=pppoe
add local-address=10.41.40.1 name=2ANT01 profile="Symmetric 5 Local" \
remote-address=10.41.1.10 service=pppoe
add local-address=10.41.40.1 name=2THE01 profile="Symmetric 5 Local" \
remote-address=10.41.1.15 service=pppoe
add local-address=10.41.40.1 name=2SNY01 profile="Symmetric 5 Local" \
remote-address=10.41.1.50 service=pppoe
add local-address=10.41.40.1 name=2ANA02 profile="Asymmetric 25/15 Local" \
remote-address=10.41.1.30 service=pppoe
add local-address=10.41.40.1 name=2MOU02 profile="Asymetric 5/2 Local" \
remote-address=10.41.1.20 service=pppoe
add local-address=10.41.40.1 name=2APP02 profile="Asymmetric 25/15 Local" \
remote-address=10.41.1.35 service=pppoe
add local-address=10.41.40.1 name=2DRE03 profile="Symmetric 5 Local" \
remote-address=10.41.1.40 service=pppoe
add local-address=10.41.40.1 name=2SYV01 profile="Asymmetric 20/10 Local" \
remote-address=10.41.1.45 service=pppoe
add local-address=10.41.40.1 name=2SHI01 profile="Asymmetric 10/4 Local" \
remote-address=10.41.1.55 service=pppoe
add local-address=10.41.40.1 name=2ACS01 profile="Asymetric 5/2 Local" \
remote-address=10.41.1.60 service=pppoe
add local-address=10.41.40.1 name=2CRO01 profile="Asymmetric 10/4 Local" \
remote-address=10.41.1.65 service=pppoe
add comment="Hilma Twa" local-address=10.41.40.1 name=2TWA01 profile=\
"Asymetric 5/2 Local" remote-address=10.41.1.70 service=pppoe
add local-address=10.41.40.1 name=2GUR01 profile="Symmetric 5 Local" \
remote-address=10.41.40.75 service=pppoe
add local-address=10.41.40.1 name=2VAN06 profile="Asymetric 5/2 Local" \
remote-address=10.41.1.80 service=pppoe
add local-address=10.41.40.1 name=2SMI01 profile="Asymetric 5/2 Local" \
remote-address=10.41.1.95 service=pppoe
add local-address=10.41.40.1 name=2SOL01 profile="Asymmetric 10/4 Local" \
remote-address=10.41.1.85 service=pppoe
add local-address=10.41.40.0 name=2DOE01 profile="Asymetric 5/2 Local" \
remote-address=10.41.1.100 service=pppoe
add local-address=10.41.40.1 name=2ROM01 profile="Symmetric 5 Local" \
remote-address=10.41.1.105 service=pppoe
add local-address=10.41.40.1 name=2NEL01 profile="Asymmetric 15/7 Local" \
remote-address=10.41.1.110 service=pppoe
add local-address=10.47.0.1 name=F-RECC-OB profile="Asymmetric 10/4 Local" \
remote-address=10.47.0.115 service=pppoe
add local-address=10.41.40.1 name=2THE03 profile="Symmetric 5 Local" \
remote-address=10.41.1.120 service=pppoe
add local-address=10.41.40.1 name=2VAN07 profile="Asymmetric 25/10 Local" \
remote-address=10.41.1.125 service=pppoe
add local-address=10.41.40.1 name=2WAN01 profile="Symmetric 5 Local" \
remote-address=10.41.1.130 service=pppoe
add local-address=10.41.40.1 name=2JAN01 profile="Asymmetric 10/4 Local" \
remote-address=10.41.1.135 service=pppoe
add local-address=10.41.40.1 name=2SEP01 profile="Asymetric 5/2 Local" \
remote-address=10.41.1.140 service=pppoe
add local-address=10.41.40.1 name=2BMI01 profile="Symmetric 5 Local" \
remote-address=10.41.1.150 service=pppoe
add local-address=10.41.40.1 name=2SSM01 profile="Asymmetric 25/15 Local" \
remote-address=10.41.1.155 service=pppoe
add local-address=10.41.40.1 name=2EME01 profile="Symmetric 5 Local" \
remote-address=10.41.1.160 service=pppoe
add local-address=10.41.40.1 name=2CRO02 profile="Asymmetric 10/4 Local" \
remote-address=10.41.1.165 service=pppoe
add local-address=10.41.40.1 name=2AHH01 profile="Symmetric 25/25 Local" \
remote-address=10.41.1.170 service=pppoe
add local-address=10.41.40.1 name=2KEY01 profile="Asymmetric 10/4 Local" \
remote-address=10.41.1.175 service=pppoe
add disabled=yes local-address=10.41.40.1 name=2MAA03 profile=\
"Asymmetric 15/7 Local" remote-address=10.41.1.180 service=pppoe
add local-address=10.41.40.1 name=2RIE01 profile="Asymmetric 10/4 Local" \
remote-address=10.41.1.190 service=pppoe
add local-address=10.41.40.1 name=2VAN08 profile="Asymmetric 10/4 Local" \
remote-address=10.41.1.195 service=pppoe
add local-address=10.41.40.1 name=2LOS01 profile="Asymmetric 10/4 Local" \
remote-address=10.41.1.200 service=pppoe
add local-address=10.41.40.1 name=2OIS01 profile="RE Symetric 5 local" \
remote-address=10.41.1.205 service=pppoe
add local-address=10.41.40.1 name=2PAU01 profile="Asymmetric 10/4 Local" \
remote-address=10.41.1.210 service=pppoe
add local-address=10.41.1.40 name=2DAM02 profile="Asymmetric 10/4 Local" \
remote-address=10.41.1.215 service=pppoe
add local-address=10.41.40.1 name=2STE01 profile="Asymmetric 10/4 Local" \
remote-address=10.41.1.230 service=pppoe
add local-address=10.41.0.1 name=Rossing profile="Symmetric 5 Local" \
remote-address=10.41.40.151 service=pppoe
add local-address=10.41.40.1 name=2FRA01 profile="Asymmetric 10/4 Local" \
remote-address=10.41.40.170 service=pppoe
add local-address=10.41.1.1 name=2ENG04 profile="Asymmetric 10/4 Local" \
remote-address=10.41.1.235 service=pppoe
add local-address=10.41.40.1 name=2NAI01 profile="Asymmetric 10/4 Local" \
remote-address=10.41.1.240 service=pppoe
add local-address=10.41.40.1 name=2NAI02 profile="Asymmetric 10/4 Local" \
remote-address=10.41.1.245 service=pppoe
/routing rule
add action=lookup-only-in-table disabled=yes dst-address=10.47.0.0/16 \
interface="vlan42-RE Staff" table=main
add action=lookup-only-in-table disabled=yes interface=vlan41-pppoe \
src-address=10.41.0.0/16 table=to_Paratus
add action=lookup-only-in-table disabled=yes interface="vlan42-RE Staff" \
src-address=10.47.0.0/16 table=to_Telecom
add action=lookup-only-in-table disabled=yes interface=vlan41-pppoe \
src-address=10.41.0.0/16 table=main
add action=lookup-only-in-table disabled=yes interface=ppp-F-RECC_LN table=\
to_Paratus
add action=lookup-only-in-table disabled=yes interface="vlan42-RE Staff" \
src-address=10.47.0.0/16 table=main
add action=lookup-only-in-table disabled=yes src-address=10.49.9.90/32 table=\
main
add action=lookup disabled=yes src-address=10.11.10.5/32 table=main
add action=lookup-only-in-table disabled=yes src-address=10.11.10.5/32 table=\
to_Paratus
add action=lookup-only-in-table disabled=yes src-address=10.49.9.90/32 table=\
to_Paratus
add action=lookup disabled=yes interface=mgmt-bridge src-address=10.11.0.0/16 \
table=main
add action=lookup-only-in-table disabled=yes interface=ppp-fortigate table=\
to_Telecom
add action=lookup disabled=yes src-address=197.188.225.57/32 table=main
add action=lookup-only-in-table disabled=yes src-address=10.41.0.0/16 table=\
Management
add action=lookup-only-in-table disabled=yes src-address=10.11.10.5/32 table=\
to_Paratus
add action=lookup-only-in-table disabled=yes src-address=10.11.10.5/32 table=\
Paratus_Client_list
add action=lookup-only-in-table disabled=yes src-address=10.11.10.5/32 table=\
TN_Client_List
add action=lookup-only-in-table disabled=yes src-address=10.49.9.90/32 table=\
TN_Client_List
add action=lookup-only-in-table disabled=yes src-address=10.49.9.90/32 table=\
Paratus_Client_list
add action=lookup disabled=yes dst-address=10.41.0.0/16 table=TN_Client_List
add action=lookup disabled=yes dst-address=197.188.225.56/29 table=main
add action=lookup disabled=yes dst-address=10.11.10.5/32 table=TN_Client_List
add action=lookup disabled=yes dst-address=10.42.0.0/16 table=\
Paratus_Client_list
add action=lookup-only-in-table disabled=yes dst-address=10.11.10.5/32 \
src-address=197.188.225.56/29 table=main
/snmp
set enabled=yes
/system clock
set time-zone-name=Africa/Windhoek
/system identity
set name=ERO01-RECC-CORE-ROUTER-WVB
/system scheduler
add interval=1w name="Email Backup" on-event="/system backup save name=lastbac\
kup\r\
\n/tool e-mail send to=\"ln@re.com.na\" \\ cc=\"rr@re.com.na\" subject=([/\
system identity get name].\" backup\") file=lastbackup.backup;\
\n:log info \"Walvis Bay Backup e-mail sent.\"; }" policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-time=startup
/tool e-mail
set address=smtp.office365.com from=bluetelecomnamibia@outlook.com port=587 \
tls=starttls user=bluetelecomnamibia@outlook.com
/tool mac-server
set allowed-interface-list=none
/tool mac-server mac-winbox
set allowed-interface-list=none
/tool mac-server ping
set enabled=no
/tool netwatch
add disabled=yes down-script="/tool e-mail send to=\"db@recc.com.na\" \\ cc=\"\
rr@recc.com.na\" subject=\"10.11.10.42 down\" \
\n" host=10.11.10.42 http-codes="" interval=1s test-script="" timeout=1s \
type=simple up-script="/tool e-mail send to=\"db@recc.com.na\" \\ cc=\"rr@\
recc.com.na\" subject=\"10.11.10.42 up\" \
\n"
add disabled=yes down-script="/tool e-mail send to=\"db@recc.com.na\" \\ cc=\"\
rr@recc.com.na\" subject=\"10.31.30.39 down\" \
\n" host=10.31.30.39 http-codes="" interval=1s test-script="" timeout=1s \
type=simple up-script="/tool e-mail send to=\"db@recc.com.na\" \\ cc=\"rr@\
recc.com.na\" subject=\"10.31.30.39 up\" \
\n"
add disabled=yes down-script="" host=197.188.225.57 http-codes="" interval=\
10s port=10443 test-script="" type=icmp up-script=""
add disabled=yes down-script="" host=0.0.0.0 http-codes="" interval=10s \
test-script="" timeout=900ms type=icmp up-script=""
add disabled=no down-script=\
"/tool e-mail send to=\"ln@re.com.na\" subject=\"Blue Google DNS Down\"" \
host=8.8.8.8 http-codes="" interval=30s test-script="" timeout=900ms \
type=icmp up-script=\
"/tool e-mail send to=\"ln@re.com.na\" subject=\"Blue Google DNS Up\""
add disabled=no down-script=\
"/tool e-mail send to=\"ln@re.com.na\" subject=\"Blue Connection Down\"" \
host=0.0.0.0 http-codes="" interval=10s test-script="" timeout=900ms \
type=icmp up-script=\
"/tool e-mail send to=\"ln@re.com.na\" subject=\"Blue connection Up\""
/tool sniffer
set filter-interface=vlan31-power-mgmt
/tool traffic-monitor
add interface=ether1 name=tmon1 threshold=0 traffic=received