RB1100 configuration

Hi all,

I’ve bought a RB1100 after all the hype around to replace my RB450G.
I’m trying to get my internet to work.
Like my RB450G, for internet, i plug it into the very first port of the RB1100.
In winbox, i can see under DHCP Client that Port 1 has already grabbed my ISP IP address.
So i’m thinking, like my RB450G, internet access should be available on Port 2 throughout to 10.
But its seems that theres no internet access.

I didn’t really configured much on my RB450G as the configurations out of the box already worked.
I juz plug in my internet to port 1 and the clients to the rest of the ports and poof, all done.

I’ve notice that the default configurations that came with the RB1100 is quite diffirent, like theres not DHCP preconfigured etc… and theres no “ether1-gateway” which my RB450G has when it came default.

Please can anyone tell me how to just get the internet working? As in the near config of the RB450G? Port 1 is the Gateway?

Thanks in advance!

yes, this is a professional model, it doesn’t come with a “plug and play” config except apparently the DHCP client on one of the ports.

Any port can be used for LAN/WAN/Whatever, depending on what you configure. In your situation, you can either switch the other ports together, or configure separate network for each port. I think the RB450 has a SRC-NAT rule and a DHCP server on the LAN ports.

From now on, set this as your browser home page:
http://wiki.mikrotik.com/wiki/Category:Manual

Configuration is simple,

• /ip dhcp-client add interface=ether1 disabled=no (where ISP is connected);
• Add address for local interface (where you PC will be connected), /ip address add address=192.168.88.1/24 interface=ether2
• Setup DHCP server by /ip dhcp-server setup, select ether2 or other interface, where local network is connected;
• Setup masquerade rule to make Internet working,
  /ip firewall nat add action=masquerade out-interface=ether1 chain=srcnat

Hi Normis,

thanks for the reply.
I’ve gone through the wiki manual on any near related topics.
But it seems that either they don’t guide us on how to configure it or the guide is very vague.
I understand it’s not your job to assist every single people with a mikrotik product on configuration but i hope you can assist/guide me on how to just get my internet working and the ports configured just like my RB450G. (i need port 1 to be the gateway and port 2 throughout to work like a router)

Thanks a lot.

see above reply from Sergejs

Did the above steps given by sergejs.
Doesn’t work.
Those steps looks like the same which i tried to replicate myself. (tried copying entries 1 by 1on my RB450G using winbox)

type “/export” in the command line, and paste the output here.

Now the RB1100 has an IP add off 192.168.88.1
Its assigning IP out. My mahcine on ether2 has grabbed an IP of 192.168.88.254.
But still, theres no internet connection.

(I’m sure that the internet is working. Tried swapping 3 devices to make sure. RB450G, RB750G and my Watchguard X20e)
The both Mikrotik devices were all in default configs.

/interface ethernet
set 0 arp=enabled auto-negotiation=yes disabled=no full-duplex=yes l2mtu=1600 \
    mac-address=00:0C:42:99:9B:6F mtu=1500 name=ether12 speed=100Mbps
set 1 arp=enabled auto-negotiation=yes disabled=no full-duplex=yes l2mtu=1600 \
    mac-address=00:0C:42:99:9B:70 mtu=1500 name=ether13 speed=100Mbps
set 2 arp=enabled auto-negotiation=yes disabled=no full-duplex=yes l2mtu=1600 \
    mac-address=00:0C:42:99:9B:6E mtu=1500 name=ether11 speed=100Mbps
set 3 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited \
    disabled=no full-duplex=yes l2mtu=1598 mac-address=00:0C:42:99:9B:69 \
    master-port=none mtu=1500 name=ether6 speed=100Mbps
set 4 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited \
    disabled=no full-duplex=yes l2mtu=1598 mac-address=00:0C:42:99:9B:6A \
    master-port=none mtu=1500 name=ether7 speed=100Mbps
set 5 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited \
    disabled=no full-duplex=yes l2mtu=1598 mac-address=00:0C:42:99:9B:6B \
    master-port=none mtu=1500 name=ether8 speed=100Mbps
set 6 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited \
    disabled=no full-duplex=yes l2mtu=1598 mac-address=00:0C:42:99:9B:6C \
    master-port=none mtu=1500 name=ether9 speed=100Mbps
set 7 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited \
    disabled=no full-duplex=yes l2mtu=1598 mac-address=00:0C:42:99:9B:6D \
    master-port=none mtu=1500 name=ether10 speed=100Mbps
set 8 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited \
    disabled=no full-duplex=yes l2mtu=1598 mac-address=00:0C:42:99:9B:64 \
    master-port=none mtu=1500 name=ether1 speed=100Mbps
set 9 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited \
    disabled=no full-duplex=yes l2mtu=1598 mac-address=00:0C:42:99:9B:65 \
    master-port=none mtu=1500 name=ether2 speed=100Mbps
set 10 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited \
    disabled=no full-duplex=yes l2mtu=1598 mac-address=00:0C:42:99:9B:66 \
    master-port=none mtu=1500 name=ether3 speed=100Mbps
set 11 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited \
    disabled=no full-duplex=yes l2mtu=1598 mac-address=00:0C:42:99:9B:67 \
    master-port=none mtu=1500 name=ether4 speed=100Mbps
set 12 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited \
    disabled=no full-duplex=yes l2mtu=1598 mac-address=00:0C:42:99:9B:68 \
    master-port=none mtu=1500 name=ether5 speed=100Mbps
/interface ethernet switch
set switch2 mirror-source=none mirror-target=none name=switch2
set switch1 mirror-source=none mirror-target=none name=switch1
/ip hotspot profile
set default dns-name="" hotspot-address=0.0.0.0 html-directory=hotspot \
    http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=cookie,http-chap \
    name=default rate-limit="" smtp-server=0.0.0.0 split-user-domain=no \
    use-radius=no
/ip hotspot user profile
set default idle-timeout=none keepalive-timeout=2m name=default shared-users=\
    1 status-autorefresh=1m transparent-proxy=no
/ip ipsec proposal
set default auth-algorithms=sha1 disabled=no enc-algorithms=3des lifetime=30m \
    name=default pfs-group=modp1024
/ip pool
add name=dhcp_pool1 ranges=192.168.88.2-192.168.88.254
/ip dhcp-server
add address-pool=dhcp_pool1 authoritative=after-2sec-delay bootp-support=\
    static disabled=no interface=ether2 lease-time=3d name=dhcp1
/port
set 0 baud-rate=115200 data-bits=8 flow-control=none name=serial0 parity=none \
    stop-bits=1
set 1 baud-rate=115200 data-bits=8 flow-control=none name=serial1 parity=none \
    stop-bits=1
/ppp profile
set default change-tcp-mss=yes name=default only-one=default use-compression=\
    default use-encryption=default use-mpls=default use-vj-compression=\
    default
set default-encryption change-tcp-mss=yes name=default-encryption only-one=\
    default use-compression=default use-encryption=yes use-mpls=default \
    use-vj-compression=default
/queue type
set default kind=pfifo name=default pfifo-limit=50
set ethernet-default kind=pfifo name=ethernet-default pfifo-limit=50
set wireless-default kind=sfq name=wireless-default sfq-allot=1514 \
    sfq-perturb=5
set synchronous-default kind=red name=synchronous-default red-avg-packet=1000 \
    red-burst=20 red-limit=60 red-max-threshold=50 red-min-threshold=10
set hotspot-default kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=\
    5
set default-small kind=pfifo name=default-small pfifo-limit=10
/routing bgp instance
set default as=65530 client-to-client-reflection=yes disabled=no \
    ignore-as-path-len=no name=default out-filter="" redistribute-connected=\
    no redistribute-ospf=no redistribute-other-bgp=no redistribute-rip=no \
    redistribute-static=no router-id=0.0.0.0 routing-table=""
/routing ospf instance
set default disabled=no distribute-default=never in-filter=ospf-in \
    metric-bgp=auto metric-connected=20 metric-default=1 metric-other-ospf=\
    auto metric-rip=20 metric-static=20 name=default out-filter=ospf-out \
    redistribute-bgp=no redistribute-connected=no redistribute-other-ospf=no \
    redistribute-rip=no redistribute-static=no router-id=0.0.0.0
/routing ospf area
set backbone area-id=0.0.0.0 disabled=no instance=default name=backbone type=\
    default
/snmp
set contact="" enabled=no engine-id="" location="" trap-target=0.0.0.0 \
    trap-version=1
/snmp community
set public address=0.0.0.0/0 authentication-password="" \
    authentication-protocol=MD5 encryption-password="" encryption-protocol=\
    DES name=public read-access=yes security=none write-access=no
/system logging action
set memory memory-lines=100 memory-stop-on-full=no name=memory target=memory
set disk disk-file-count=2 disk-file-name=log disk-lines-per-file=100 \
    disk-stop-on-full=no name=disk target=disk
set echo name=echo remember=yes target=echo
set remote bsd-syslog=no name=remote remote=0.0.0.0 remote-port=514 \
    src-address=0.0.0.0 syslog-facility=daemon syslog-severity=auto target=\
    remote
/system routerboard settings
set baud-rate=115200 boot-delay=2s boot-device=nand-if-fail-then-ethernet \
    boot-protocol=bootp cpu-frequency=533MHz enable-jumper-reset=yes \
    enter-setup-on=any-key force-backup-booter=no memory-data-rate=533DDR \
    silent-boot=no
set baud-rate=115200 boot-delay=2s boot-device=nand-if-fail-then-ethernet \
    boot-protocol=bootp cpu-frequency=533MHz enable-jumper-reset=yes \
    enter-setup-on=any-key force-backup-booter=no memory-data-rate=533DDR \
    silent-boot=no
/user group
add name=read policy="local,telnet,ssh,reboot,read,test,winbox,password,web,sn\
    iff,sensitive,api,!ftp,!write,!policy"
add name=write policy="local,telnet,ssh,reboot,read,write,test,winbox,password\
    ,web,sniff,sensitive,api,!ftp,!policy"
add name=full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,winbo\
    x,password,web,sniff,sensitive,api"
/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=\
    no
/interface ethernet switch port
set cpu vlan-header=leave-as-is vlan-mode=fallback
set ether6 vlan-header=leave-as-is vlan-mode=fallback
set ether7 vlan-header=leave-as-is vlan-mode=fallback
set ether8 vlan-header=leave-as-is vlan-mode=fallback
set ether9 vlan-header=leave-as-is vlan-mode=fallback
set ether10 vlan-header=leave-as-is vlan-mode=fallback
set ether1 vlan-header=leave-as-is vlan-mode=fallback
set ether2 vlan-header=leave-as-is vlan-mode=fallback
set ether3 vlan-header=leave-as-is vlan-mode=fallback
set ether4 vlan-header=leave-as-is vlan-mode=fallback
set ether5 vlan-header=leave-as-is vlan-mode=fallback
/interface l2tp-server server
set authentication=pap,chap,mschap1,mschap2 default-profile=\
    default-encryption enabled=no max-mru=1460 max-mtu=1460 mrru=disabled
/interface ovpn-server server
set auth=sha1,md5 certificate=none cipher=blowfish128,aes128 default-profile=\
    default enabled=no keepalive-timeout=60 mac-address=FE:6B:5A:14:B4:B0 \
    max-mtu=1500 mode=ip netmask=24 port=1194 require-client-certificate=no
/interface pptp-server server
set authentication=mschap1,mschap2 default-profile=default-encryption \
    enabled=no keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=disabled
/interface sstp-server server
set authentication=pap,chap,mschap1,mschap2 certificate=none default-profile=\
    default enabled=no keepalive-timeout=60 max-mru=1500 max-mtu=1500 mrru=\
    disabled port=443 verify-client-certificate=no
/ip accounting
set account-local-traffic=no enabled=no threshold=256
/ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ip address
add address=192.168.88.1/24 broadcast=192.168.88.255 comment=\
    "default configuration" disabled=no interface=ether1 network=192.168.88.0
add address=192.168.88.1/24 broadcast=192.168.88.255 disabled=no interface=\
    ether2 network=192.168.88.0
/ip dhcp-client
add add-default-route=yes default-route-distance=1 disabled=no interface=\
    ether1 use-peer-dns=yes use-peer-ntp=yes
/ip dhcp-server config
set store-leases-disk=5m
/ip dhcp-server network
add address=192.168.88.0/24 gateway=192.168.88.1
/ip dns
set allow-remote-requests=no cache-max-ttl=1w cache-size=2048KiB \
    max-udp-packet-size=512 servers=202.65.245.19
/ip dns static
add address=192.168.88.1 disabled=no name=router ttl=1d
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
    tcp-close-wait-timeout=10s tcp-established-timeout=1d \
    tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \
    tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no \
    tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall nat
add action=masquerade chain=srcnat disabled=no out-interface=ether1
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061
set pptp disabled=no
/ip hotspot service-port
set ftp disabled=no ports=21
/ip neighbor discovery
set ether12 discover=yes
set ether13 discover=yes
set ether11 discover=yes
set ether6 discover=yes
set ether7 discover=yes
set ether8 discover=yes
set ether9 discover=yes
set ether10 discover=yes
set ether1 discover=yes
set ether2 discover=yes
set ether3 discover=yes
set ether4 discover=yes
set ether5 discover=yes
/ip proxy
set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 \
    cache-on-disk=no enabled=no max-cache-size=none max-client-connections=\
    600 max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0 \
    parent-proxy-port=0 port=8080 serialize-connections=no src-address=\
    0.0.0.0
/ip service
set telnet disabled=no port=23
set ftp disabled=no port=21
set www disabled=no port=80
set ssh disabled=no port=22
set www-ssl certificate=none disabled=yes port=443
set api disabled=yes port=8728
set winbox disabled=no port=8291
/ip socks
set connection-idle-timeout=2m enabled=no max-connections=200 port=1080
/ip ssh
set forwarding-enabled=no
/ip traffic-flow
set active-flow-timeout=30m cache-entries=4k enabled=no \
    inactive-flow-timeout=15s interfaces=all
/ip upnp
set allow-disable-external-interface=yes enabled=no show-dummy-rule=yes
/mpls
set dynamic-label-range=16-1048575 propagate-ttl=yes
/mpls interface
add disabled=no interface=all mpls-mtu=1508
/mpls ldp
set distribute-for-default-route=no enabled=no hop-limit=255 loop-detect=no \
    lsr-id=0.0.0.0 path-vector-limit=255 transport-address=0.0.0.0 \
    use-explicit-null=no
/port firmware
set directory=firmware
/ppp aaa
set accounting=yes interim-update=0s use-radius=no
/queue interface
set ether12 queue=ethernet-default
set ether13 queue=ethernet-default
set ether11 queue=ethernet-default
set ether6 queue=ethernet-default
set ether7 queue=ethernet-default
set ether8 queue=ethernet-default
set ether9 queue=ethernet-default
set ether10 queue=ethernet-default
set ether1 queue=ethernet-default
set ether2 queue=ethernet-default
set ether3 queue=ethernet-default
set ether4 queue=ethernet-default
set ether5 queue=ethernet-default
/radius incoming
set accept=no port=3799
/routing bfd interface
set all disabled=no interface=all interval=0.2sec min-rx=0.2sec multiplier=5
/routing igmp-proxy
set query-interval=2m5s query-response-interval=10s quick-leave=no
/routing mme
set bidirectional-timeout=2 gateway-class=none gateway-keepalive=1m \
    gateway-selection=no-gateway origination-interval=5s preferred-gateway=\
    0.0.0.0 timeout=1m ttl=50
/routing pim
set switch-to-spt=yes switch-to-spt-bytes=0 switch-to-spt-interval=1m40s
/routing rip
set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1 \
    metric-default=1 metric-ospf=1 metric-static=1 redistribute-bgp=no \
    redistribute-connected=no redistribute-ospf=no redistribute-static=no \
    routing-table=main timeout-timer=3m update-timer=30s
/store
add disabled=no disk=system name=user-manager1 type=user-manager
add disabled=no disk=system name=web-proxy1 type=web-proxy
/system clock
set time-zone-name=manual
/system clock manual
set dst-delta=+00:00 dst-end="jan/01/1970 00:00:00" dst-start=\
    "jan/01/1970 00:00:00" time-zone=+00:00
/system console
add disabled=no port=serial0 term=vt102
/system gps
set channel=0 enabled=no set-system-time=no
/system health
set fan-mode=auto use-fan=main
/system identity
set name=MikroTik
/system logging
add action=memory disabled=no prefix="" topics=info
add action=memory disabled=no prefix="" topics=error
add action=memory disabled=no prefix="" topics=warning
add action=echo disabled=no prefix="" topics=critical
/system note
set note="" show-at-login=yes
/system ntp client
set enabled=no mode=unicast primary-ntp=0.0.0.0 secondary-ntp=0.0.0.0
/system ntp server
set broadcast=no enabled=no manycast=yes multicast=no
/system resource irq
set 0 cpu=auto
set 1 cpu=auto
set 2 cpu=auto
set 3 cpu=auto
set 4 cpu=auto
set 5 cpu=auto
set 6 cpu=auto
set 7 cpu=auto
set 8 cpu=auto
set 9 cpu=auto
set 10 cpu=auto
set 11 cpu=auto
set 12 cpu=auto
set 13 cpu=auto
/system upgrade mirror
set check-interval=1d enabled=no primary-server=0.0.0.0 secondary-server=\
    0.0.0.0 user=""
/system watchdog
set auto-send-supout=no automatic-supout=yes no-ping-delay=5m watch-address=\
    none watchdog-timer=yes
/tool bandwidth-server
set allocate-udp-ports-from=2000 authenticate=yes enabled=yes max-sessions=\
    100
/tool e-mail
set address=0.0.0.0 from=<> password="" port=25 username=""
/tool graphing
set page-refresh=300 store-every=5min
/tool mac-server
add disabled=no interface=all
/tool mac-server ping
set enabled=yes
/tool sms
set allowed-number="" channel=0 keep-max-sms=0 receive-enabled=no secret=""
/tool sniffer
set file-limit=10 file-name="" filter-address1=0.0.0.0/0:0-65535 \
    filter-address2=0.0.0.0/0:0-65535 filter-protocol=ip-only filter-stream=\
    yes interface=all memory-limit=10 memory-scroll=no only-headers=no \
    streaming-enabled=no streaming-server=0.0.0.0
/tool user-manager customer
add backup-allowed=yes disabled=no login=admin parent=admin password="" \
    paypal-accept-pending=no paypal-allowed=no paypal-secure-response=no \
    permissions=owner signup-allowed=no time-zone=-00:00
/user aaa
set accounting=yes default-group=read interim-update=0s use-radius=no
[admin@MikroTik] >

I can export my config on the RB750G if needed…

/ip address
add address=192.168.88.1/24 broadcast=192.168.88.255 comment=
“default configuration” disabled=no interface=ether1 network=192.168.88.0
add address=192.168.88.1/24 broadcast=192.168.88.255 disabled=no interface=
ether2 network=192.168.88.0

remove 192.168.88.1 from Ether1, it is not allowed to use the same address on different interfaces.

Thanks sergejs!

That worked!
I now have internet connection on ether2.
But the rest of the ports 3-10 doesn’t have internet connection.
I guess thats because DHCP was not assign on ether3-10?
I tried looking around to see if i can assign multiple ports on that DHCP1 but it seems that only 1 interface can be specified there.
How do i make it work like my RB450G where a DHCP pool is assign across to all port 2-5?
Also i notice theres a switch between Port 10 and 11. Does it serve a purpose?

You can create bridge,

/interface bridge add
add required Ethernet interface to ports
/interface bridge ports add

Do not add public interface to bridge ports.
Do not forget to change DHCP-server interface to bridge.

hi all, really hoping someone can help me as i have to get this setup by tonight! Having the exact same issue. below is the setup

#
/interface ethernet
set 0 arp=enabled auto-negotiation=yes disabled=no full-duplex=yes l2mtu=1600 \
    mac-address=4C:5E:0C:3E:94:61 mtu=1500 name=ether12 speed=100Mbps
set 1 arp=enabled auto-negotiation=yes disabled=no full-duplex=yes l2mtu=1600 \
    mac-address=4C:5E:0C:3E:94:62 mtu=1500 name=ether13 speed=100Mbps
set 2 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited disabled=\
    no full-duplex=yes l2mtu=1598 mac-address=4C:5E:0C:3E:94:56 master-port=\
    none mtu=1500 name=ether1 speed=100Mbps
set 3 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited disabled=\
    no full-duplex=yes l2mtu=1598 mac-address=4C:5E:0C:3E:94:57 master-port=\
    none mtu=1500 name=ether2 speed=100Mbps
set 4 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited disabled=\
    no full-duplex=yes l2mtu=1598 mac-address=4C:5E:0C:3E:94:58 master-port=\
    none mtu=1500 name=ether3 speed=100Mbps
set 5 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited disabled=\
    no full-duplex=yes l2mtu=1598 mac-address=4C:5E:0C:3E:94:59 master-port=\
    none mtu=1500 name=ether4 speed=100Mbps
set 6 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited disabled=\
    no full-duplex=yes l2mtu=1598 mac-address=4C:5E:0C:3E:94:5A master-port=\
    none mtu=1500 name=ether5 speed=100Mbps
set 7 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited disabled=\
    no full-duplex=yes l2mtu=1598 mac-address=4C:5E:0C:3E:94:5B master-port=\
    none mtu=1500 name=ether6 speed=100Mbps
set 8 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited disabled=\
    no full-duplex=yes l2mtu=1598 mac-address=4C:5E:0C:3E:94:5C master-port=\
    none mtu=1500 name=ether7 speed=100Mbps
set 9 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited disabled=\
    no full-duplex=yes l2mtu=1598 mac-address=4C:5E:0C:3E:94:5D master-port=\
    none mtu=1500 name=ether8 speed=100Mbps
set 10 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited disabled=\
    no full-duplex=yes l2mtu=1598 mac-address=4C:5E:0C:3E:94:5E master-port=\
    none mtu=1500 name=ether9 speed=100Mbps
set 11 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited disabled=\
    no full-duplex=yes l2mtu=1598 mac-address=4C:5E:0C:3E:94:5F master-port=\
    none mtu=1500 name=ether10 speed=100Mbps
set 12 arp=enabled auto-negotiation=yes disabled=no full-duplex=yes l2mtu=1600 \
    mac-address=4C:5E:0C:3E:94:60 mtu=1500 name=ether11 speed=100Mbps
/interface ethernet switch
set 0 mirror-source=none mirror-target=none name=switch2
set 1 mirror-source=none mirror-target=none name=switch1
/ip hotspot profile
set [ find default=yes ] dns-name="" hotspot-address=0.0.0.0 html-directory=\
    hotspot http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=\
    cookie,http-chap name=default rate-limit="" smtp-server=0.0.0.0 \
    split-user-domain=no use-radius=no
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m name=default \
    shared-users=1 status-autorefresh=1m transparent-proxy=no
/ip ipsec proposal
set [ find default=yes ] auth-algorithms=sha1 disabled=no enc-algorithms=3des \
    lifetime=30m name=default pfs-group=modp1024
/ip pool
add name=dhcp_pool1 ranges=10.0.0.2-10.0.0.254
/ip dhcp-server
add address-pool=dhcp_pool1 authoritative=after-2sec-delay bootp-support=static \
    disabled=no interface=ether3 lease-time=3d name=dhcp1
/port
set 0 baud-rate=115200 data-bits=8 flow-control=none name=serial0 parity=none \
    stop-bits=1
set 1 baud-rate=115200 data-bits=8 flow-control=none name=serial1 parity=none \
    stop-bits=1
/ppp profile
set 0 change-tcp-mss=yes name=default only-one=default use-compression=default \
    use-encryption=default use-mpls=default use-vj-compression=default
set 1 change-tcp-mss=yes name=default-encryption only-one=default \
    use-compression=default use-encryption=yes use-mpls=default \
    use-vj-compression=default
/queue type
set 0 kind=pfifo name=default pfifo-limit=50
set 1 kind=pfifo name=ethernet-default pfifo-limit=50
set 2 kind=sfq name=wireless-default sfq-allot=1514 sfq-perturb=5
set 3 kind=red name=synchronous-default red-avg-packet=1000 red-burst=20 \
    red-limit=60 red-max-threshold=50 red-min-threshold=10
set 4 kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=5
set 5 kind=none name=only-hardware-queue
set 6 kind=mq-pfifo mq-pfifo-limit=50 name=multi-queue-ethernet-default
set 7 kind=pfifo name=default-small pfifo-limit=10
/routing bgp instance
set default as=65530 client-to-client-reflection=yes disabled=no \
    ignore-as-path-len=no name=default out-filter="" redistribute-connected=no \
    redistribute-ospf=no redistribute-other-bgp=no redistribute-rip=no \
    redistribute-static=no router-id=0.0.0.0 routing-table=""
/routing ospf instance
set [ find default=yes ] disabled=no distribute-default=never in-filter=ospf-in \
    metric-bgp=auto metric-connected=20 metric-default=1 metric-other-ospf=auto \
    metric-rip=20 metric-static=20 name=default out-filter=ospf-out \
    redistribute-bgp=no redistribute-connected=no redistribute-other-ospf=no \
    redistribute-rip=no redistribute-static=no router-id=0.0.0.0
/routing ospf area
set [ find default=yes ] area-id=0.0.0.0 disabled=no instance=default name=\
    backbone type=default
/snmp community
set [ find default=yes ] addresses="" authentication-password="" \
    authentication-protocol=MD5 encryption-password="" encryption-protocol=DES \
    name=public read-access=yes security=none write-access=no
/system logging action
set 0 memory-lines=100 memory-stop-on-full=no name=memory target=memory
set 1 disk-file-count=2 disk-file-name=log disk-lines-per-file=100 \
    disk-stop-on-full=no name=disk target=disk
set 2 name=echo remember=yes target=echo
set 3 bsd-syslog=no name=remote remote-port=514 src-address=0.0.0.0 \
    syslog-facility=daemon syslog-severity=auto target=remote
/user group
set read name=read policy="local,telnet,ssh,reboot,read,test,winbox,password,web\
    ,sniff,sensitive,api,!ftp,!write,!policy" skin=default
set write name=write policy="local,telnet,ssh,reboot,read,write,test,winbox,pass\
    word,web,sniff,sensitive,api,!ftp,!policy" skin=default
set full name=full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,wi\
    nbox,password,web,sniff,sensitive,api" skin=default
/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=no
/interface ethernet switch port
set 0 vlan-header=leave-as-is vlan-mode=disabled
set 1 vlan-header=leave-as-is vlan-mode=disabled
set 2 vlan-header=leave-as-is vlan-mode=disabled
set 3 vlan-header=leave-as-is vlan-mode=disabled
set 4 vlan-header=leave-as-is vlan-mode=disabled
set 5 vlan-header=leave-as-is vlan-mode=disabled
set 6 vlan-header=leave-as-is vlan-mode=disabled
set 7 vlan-header=leave-as-is vlan-mode=disabled
set 8 vlan-header=leave-as-is vlan-mode=disabled
set 9 vlan-header=leave-as-is vlan-mode=disabled
set 10 vlan-header=leave-as-is vlan-mode=disabled
set 11 vlan-header=leave-as-is vlan-mode=disabled
/interface l2tp-server server
set authentication=pap,chap,mschap1,mschap2 default-profile=default-encryption \
    enabled=no keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=disabled
/interface ovpn-server server
set auth=sha1,md5 certificate=none cipher=blowfish128,aes128 default-profile=\
    default enabled=no keepalive-timeout=60 mac-address=FE:D8:DE:1D:C1:03 \
    max-mtu=1500 mode=ip netmask=24 port=1194 require-client-certificate=no
/interface pptp-server server
set authentication=mschap1,mschap2 default-profile=default-encryption enabled=\
    no keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=disabled
/interface sstp-server server
set authentication=pap,chap,mschap1,mschap2 certificate=none default-profile=\
    default enabled=no keepalive-timeout=60 max-mru=1500 max-mtu=1500 mrru=\
    disabled port=443 verify-client-certificate=no
/ip accounting
set account-local-traffic=no enabled=no threshold=256
/ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ip address
add address=192.168.88.1/24 comment="default configuration" disabled=yes \
    interface=ether1 network=192.168.88.0
add address=10.0.0.1/24 disabled=no interface=ether3 network=10.0.0.0
/ip dhcp-client
add add-default-route=yes default-route-distance=0 disabled=no interface=ether1 \
    use-peer-dns=yes use-peer-ntp=yes
/ip dhcp-server config
set store-leases-disk=5m
/ip dhcp-server network
add address=10.0.0.0/24 dhcp-option="" dns-server="" gateway=10.0.0.1 \
    ntp-server="" wins-server=""
/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=2048KiB \
    max-udp-packet-size=4096 servers=""
/ip dns static
add address=192.168.88.1 disabled=no name=router ttl=1d
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
    tcp-close-wait-timeout=10s tcp-established-timeout=1d tcp-fin-wait-timeout=\
    10s tcp-last-ack-timeout=10s tcp-syn-received-timeout=5s \
    tcp-syn-sent-timeout=5s tcp-syncookie=no tcp-time-wait-timeout=10s \
    udp-stream-timeout=3m udp-timeout=10s
/ip firewall nat
add action=masquerade chain=srcnat disabled=no dst-address=0.0.0.0 src-address=\
    10.0.0.0/24
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061 sip-direct-media=yes
set pptp disabled=no
/ip hotspot service-port
set ftp disabled=no ports=21
/ip neighbor discovery
set ether12 disabled=no
set ether13 disabled=no
set ether1 disabled=no
set ether2 disabled=no
set ether3 disabled=no
set ether4 disabled=no
set ether5 disabled=no
set ether6 disabled=no
set ether7 disabled=no
set ether8 disabled=no
set ether9 disabled=no
set ether10 disabled=no
set ether11 disabled=no
/ip proxy
set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 \
    cache-on-disk=no enabled=no max-cache-size=unlimited \
    max-client-connections=600 max-fresh-time=3d max-server-connections=600 \
    parent-proxy=0.0.0.0 parent-proxy-port=0 port=8080 serialize-connections=no \
    src-address=0.0.0.0
/ip route
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.1.254 scope=30 \
    target-scope=10
/ip service
set telnet address="" disabled=no port=23
set ftp address="" disabled=no port=21
set www address="" disabled=no port=80
set ssh address="" disabled=no port=22
set www-ssl address="" certificate=none disabled=yes port=443
set api address="" disabled=yes port=8728
set winbox address="" disabled=no port=8291
/ip smb
set allow-guests=yes comment=MikrotikSMB domain=MSHOME enabled=no interfaces=\
    all
/ip smb shares
set [ find default=yes ] comment="default share" directory=/pub disabled=no \
    max-sessions=10 name=pub
/ip smb users
set [ find default=yes ] disabled=no name=guest password="" read-only=yes
/ip socks
set connection-idle-timeout=2m enabled=no max-connections=200 port=1080
/ip traffic-flow
set active-flow-timeout=30m cache-entries=4k enabled=no inactive-flow-timeout=\
    15s interfaces=all
/ip upnp
set allow-disable-external-interface=yes enabled=no show-dummy-rule=yes
/mpls
set dynamic-label-range=16-1048575 propagate-ttl=yes
/mpls interface
set [ find default=yes ] disabled=no interface=all mpls-mtu=1508
/mpls ldp
set distribute-for-default-route=no enabled=no hop-limit=255 loop-detect=no \
    lsr-id=0.0.0.0 path-vector-limit=255 transport-address=0.0.0.0 \
    use-explicit-null=no
/port firmware
set directory=firmware ignore-directip-modem=no
/ppp aaa
set accounting=yes interim-update=0s use-radius=no
/queue interface
set ether12 queue=only-hardware-queue
set ether13 queue=only-hardware-queue
set ether1 queue=only-hardware-queue
set ether2 queue=only-hardware-queue
set ether3 queue=only-hardware-queue
set ether4 queue=only-hardware-queue
set ether5 queue=only-hardware-queue
set ether6 queue=only-hardware-queue
set ether7 queue=only-hardware-queue
set ether8 queue=only-hardware-queue
set ether9 queue=only-hardware-queue
set ether10 queue=only-hardware-queue
set ether11 queue=only-hardware-queue
/radius incoming
set accept=no port=3799
/routing bfd interface
set [ find default=yes ] disabled=no interface=all interval=0.2s min-rx=0.2s \
    multiplier=5
/routing mme
set bidirectional-timeout=2 gateway-class=none gateway-keepalive=1m \
    gateway-selection=no-gateway origination-interval=5s preferred-gateway=\
    0.0.0.0 timeout=1m ttl=50
/routing rip
set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1 \
    metric-default=1 metric-ospf=1 metric-static=1 redistribute-bgp=no \
    redistribute-connected=no redistribute-ospf=no redistribute-static=no \
    routing-table=main timeout-timer=3m update-timer=30s
/snmp
set contact="" enabled=no engine-id="" location="" trap-generators="" \
    trap-target="" trap-version=1
/system clock
set time-zone-name=manual
/system clock manual
set dst-delta=+00:00 dst-end="jan/01/1970 00:00:00" dst-start=\
    "jan/01/1970 00:00:00" time-zone=+00:00
/system console
set [ find port=serial0 ] channel=0 disabled=no port=serial0 term=vt102
/system health
set fan-mode=auto use-fan=main
/system identity
set name=MikroTik
/system logging
set 0 action=memory disabled=no prefix="" topics=info
set 1 action=memory disabled=no prefix="" topics=error
set 2 action=memory disabled=no prefix="" topics=warning
set 3 action=echo disabled=no prefix="" topics=critical
/system note
set note="" show-at-login=yes
/system ntp client
set enabled=no mode=broadcast primary-ntp=0.0.0.0 secondary-ntp=0.0.0.0
/system resource irq
set 0 cpu=auto
set 1 cpu=auto
set 2 cpu=auto
set 3 cpu=auto
set 4 cpu=auto
set 5 cpu=auto
set 6 cpu=auto
set 7 cpu=auto
set 8 cpu=auto
set 9 cpu=auto
set 10 cpu=auto
set 11 cpu=auto
set 12 cpu=auto
set 13 cpu=auto
set 14 cpu=auto
set 15 cpu=auto
/system resource irq rps
set ether12 disabled=no
set ether13 disabled=no
set ether1 disabled=yes
set ether2 disabled=yes
set ether3 disabled=yes
set ether4 disabled=yes
set ether5 disabled=yes
set ether6 disabled=yes
set ether7 disabled=yes
set ether8 disabled=yes
set ether9 disabled=yes
set ether10 disabled=yes
set ether11 disabled=yes
/system routerboard settings
set baud-rate=115200 boot-delay=2s boot-device=nand-if-fail-then-ethernet \
    boot-protocol=bootp cpu-frequency=1066MHz enable-jumper-reset=yes \
    enter-setup-on=any-key force-backup-booter=no memory-data-rate=533DDR \
    silent-boot=no
/system upgrade mirror
set check-interval=1d enabled=no primary-server=0.0.0.0 secondary-server=\
    0.0.0.0 user=""
/system watchdog
set auto-send-supout=no automatic-supout=yes no-ping-delay=5m watch-address=\
    none watchdog-timer=yes
/tool bandwidth-server
set allocate-udp-ports-from=2000 authenticate=yes enabled=yes max-sessions=100
/tool e-mail
set address=0.0.0.0 from=<> password="" port=25 starttls=no user=""
/tool graphing
set page-refresh=300 store-every=5min
/tool mac-server
set [ find default=yes ] disabled=no interface=all
/tool mac-server mac-winbox
set [ find default=yes ] disabled=no interface=all
/tool mac-server ping
set enabled=yes
/tool sms
set allowed-number="" channel=0 keep-max-sms=0 receive-enabled=no secret=""
/tool sniffer
set file-limit=1000KiB file-name="" filter-ip-address="" filter-ip-protocol="" \
    filter-mac-address="" filter-mac-protocol="" filter-port="" filter-stream=\
    yes interface=all memory-limit=100KiB memory-scroll=yes only-headers=no \
    streaming-enabled=no streaming-server=0.0.0.0
/tool traffic-generator
set latency-distribution-scale=10 test-id=0
/user aaa
set accounting=yes default-group=read exclude-groups="" interim-update=0s \
    use-radius=no

Hi.
I have bought a mikrotik rb110ahx2 for captive portal in my office using 4 router wifi cisco e2500.
The cisco e2500 are configured in bridge mode, without dhcp and without guest access wireless.
I want to configure it, but I have any problem. I have only configure dhcp on ether2.
I explain my network.
The ip router gateway is 192.168.5.1, subnet mask 255.255.255.0.
ip Cisco 1 is 192.168.5.11, ip Cisco2 is 192.168.5.12, ip Cisco3 is 192.168.5.13, ip Cisco4 is 192.168.5.14
The Router Cisco 1 is connected to the switch. The Router Cisco 2 is connected to the Router Cisco 1.
The Router Cisco 3 is connected to the switch. A Printer Lan is connected to Router Cisco 3.
The Router Cisco 4 is connected to the switch. A PC is connected to the Router Cisco 4.
Now, I want that on my mikrotik, I use the port:

• Ether1 only to connect a pc for configure mikrotik of connect to the gateway
• Ether2 only to connect a pc for configure mikrotik of connect to the gateway
• Ether3 connect to the Router Cisco 3 for internet and lan.
• Ether4 connect to the Router Cisco 4 for internet and lan.
• Ether5 connect to the Router Cisco1 (and so Router Cisco2) for only internet
  When the device connect to the wifi of router cisco, the dhcp of mikrotik would be assign an ip only for internet (i.e. 192.168.88.x/yy, subnet 255.255.255.0, gateway… dns….)
  Is possibile this configuration? How I can configure it?
  If are any other solution more simple, I accept all solution.
  Anyone can help me?