Hi,
Can you please help me with the configuration of an RB750r2?
I would like the mac-address and ip not to be detected on the eth1 and eth2 interfaces, which are my wan interfaces, if someone on the internet tried to check my equipment for a possible hack.
I researched all day and tested several tutorials, but without success.
I would like only the eth3, eth4 and eth5 interfaces that are on the bridge to be able to access via winbox, which should show the ip and mac. I have no way to create an exclusive network for management, so I used the ip .220 for this access.
The problem is that when I start the RB750 I can see its IP and MAC, I can access it once through Winbox using the IP and MAC data shown in the Winbox bar just once, then Winbox no longer shows the IP and MAC in the bar and if I click on neighbors it no longer shows anything, however I can access it in Winbox by typing the IP or MAC.
What could be wrong or missing in the configuration?
Thanks for help !!!
macoff_list.rsc (2.45 KB)
2024-10-15 20:09:29 by RouterOS 7.16.1
software id = 5A71-DWF6
model = RB750r2
serial number = D3530BBB50A
/interface bridge
add name=BRIDGE_LAN_LOCAL_PORTS pvid=100 vlan-filtering=yes
/interface ethernet
set [ find default-name=ether1 ] name=ether1_ISP_NET_TURBO
set [ find default-name=ether2 ] name=ether2_ISP_EXON
set [ find default-name=ether3 ] name=ether3_LAN_LOCAL
set [ find default-name=ether4 ] name=ether4_LAN_LOCAL
set [ find default-name=ether5 ] name=ether5_LAN_LOCAL
/interface list
add name=LAN_LOCAL
/ip pool
add name=dhcp_pool0 ranges=192.168.100.200-192.168.100.220
/ip dhcp-server
add address-pool=dhcp_pool0 interface=BRIDGE_LAN_LOCAL_PORTS name=dhcp1
/interface bridge port
add bridge=BRIDGE_LAN_LOCAL_PORTS interface=ether3_LAN_LOCAL pvid=100
add bridge=BRIDGE_LAN_LOCAL_PORTS interface=ether4_LAN_LOCAL pvid=100
add bridge=BRIDGE_LAN_LOCAL_PORTS interface=ether5_LAN_LOCAL pvid=100
/ip neighbor discovery-settings
set discover-interface-list=LAN_LOCAL
/interface list member
add interface=BRIDGE_LAN_LOCAL_PORTS list=LAN_LOCAL
/ip address
add address=192.168.100.1/24 interface=BRIDGE_LAN_LOCAL_PORTS network=
192.168.100.0
/ip cloud
set update-time=no
/ip dhcp-client
add interface=ether2_ISP_EXON
/ip dhcp-server network
add address=192.168.100.0/24 dns-server=9.9.9.10,8.8.8.8,1.1.1.1,189.38.95.95
gateway=192.168.100.1
/ip dns
set servers=8.8.8.8,9.9.9.10
/ip firewall filter
add action=accept chain=input comment="accept established,related,untracked"
connection-state=established,related,untracked
add action=accept chain=forward comment="allow Winbox" in-interface=
BRIDGE_LAN_LOCAL_PORTS port=8291 protocol=tcp
add action=accept chain=forward comment="accept ICMP" in-interface=
BRIDGE_LAN_LOCAL_PORTS protocol=icmp
add action=accept chain=forward comment="allow Winbox" in-interface=
BRIDGE_LAN_LOCAL_PORTS port=8291 protocol=tcp
add action=drop chain=input comment="drop invalid" connection-state=invalid
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether2_ISP_EXON
/ip service
set winbox address=192.168.100.220/32
/ip ssh
set strong-crypto=yes
/system clock
set time-zone-name=America/Sao_Paulo
/system note
set show-at-login=no
/system ntp client
set enabled=yes
/system ntp client servers
add address=pool.ntp.br
add address=time4.google.com
/tool bandwidth-server
set enabled=no
/tool mac-server
set allowed-interface-list=LAN_LOCAL