Post your export.
Sent from my SCH-I545 using Tapatalk
Hi There
Thank you for the reply.
I have exported /ip firewall nat, /interface and /ip addresses for both routers.
First the server side router's export.
# IP addresses Server side
# dec/20/2013 15:54:06 by RouterOS 4.11
# software id = WSN9-LLT5
#
/ip address
add address=10.0.1.4/24 broadcast=10.0.1.255 comment="" disabled=no \
interface=ether1 network=10.0.1.0
add address=192.168.0.1/24 broadcast=192.168.0.255 comment="" disabled=no \
interface=LAN network=192.168.0.0
# Interfaces server side
# dec/20/2013 15:52:59 by RouterOS 4.11
# software id = WSN9-LLT5
#
/interface ethernet
set 0 arp=enabled auto-negotiation=yes comment="" disabled=no full-duplex=yes \
l2mtu=1526 mac-address=00:0C:42:87:34:63 mtu=1500 name=ether1 speed=\
100Mbps
set 1 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=\
"" disabled=no full-duplex=yes l2mtu=1524 mac-address=00:0C:42:87:34:64 \
master-port=none mtu=1500 name=LAN speed=100Mbps
set 2 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=\
"" disabled=no full-duplex=yes l2mtu=1524 mac-address=00:0C:42:87:34:65 \
master-port=LAN mtu=1500 name=ether3-local-slave speed=100Mbps
set 3 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=\
"" disabled=no full-duplex=yes l2mtu=1524 mac-address=00:0C:42:87:34:66 \
master-port=LAN mtu=1500 name=ether4-local-slave speed=100Mbps
set 4 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=\
"" disabled=no full-duplex=yes l2mtu=1524 mac-address=00:0C:42:87:34:67 \
master-port=LAN mtu=1500 name=ether5-local-slave speed=100Mbps
/interface pptp-client
add add-default-route=no allow=mschap2 comment="" connect-to=196.44.151.8 \
dial-on-demand=no disabled=no max-mru=1460 max-mtu=1460 mrru=disabled \
name=pptp-out1 password=Emotion123 profile=default-encryption user=nxit
/interface l2tp-server
add comment="" disabled=no name=l2tpuser user=l2tpuser
add comment="" disabled=no name=l2tpuser2 user=l2tpuser2
/interface pppoe-client
add ac-name="" add-default-route=yes allow=pap,chap,mschap1,mschap2 comment=\
"" dial-on-demand=no disabled=no interface=ether1 max-mru=1480 max-mtu=\
1480 mrru=disabled name=pppoe-out1 password=MHOSOL profile=default \
service-name="" use-peer-dns=yes user=
a61232825@adsl.telecom.na
/interface ethernet switch
set switch1 mirror-source=none mirror-target=none name=switch1
/interface wireless security-profiles
set default authentication-types="" eap-methods=passthrough group-ciphers="" \
group-key-update=5m interim-update=0s management-protection=disabled \
mode=none name=default radius-eap-accounting=no radius-mac-accounting=no \
radius-mac-authentication=no radius-mac-caching=disabled \
radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username \
static-algo-0=none static-algo-1=none static-algo-2=none static-algo-3=\
none static-sta-private-algo=none static-transmit-key=key-0 \
supplicant-identity=MikroTik tls-certificate=none tls-mode=\
no-certificates unicast-ciphers=""
/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=\
no
/interface ethernet switch port
set (unknown) vlan-header=leave-as-is vlan-mode=fallback
set (unknown) vlan-header=leave-as-is vlan-mode=fallback
set (unknown) vlan-header=leave-as-is vlan-mode=fallback
set (unknown) vlan-header=leave-as-is vlan-mode=fallback
/interface l2tp-server server
set authentication=pap,chap,mschap1,mschap2 default-profile=\
default-encryption enabled=yes max-mru=1460 max-mtu=1460 mrru=disabled
/interface ovpn-server server
set auth=sha1,md5 certificate=none cipher=blowfish128,aes128 default-profile=\
default enabled=no keepalive-timeout=60 mac-address=FE:26:35:02:C9:83 \
max-mtu=1500 mode=ip netmask=24 port=1194 require-client-certificate=no
/interface pptp-server server
set authentication=mschap1,mschap2 default-profile=default-encryption \
enabled=yes keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=disabled
/interface wireless align
set active-mode=yes audio-max=-20 audio-min=-100 audio-monitor=\
00:00:00:00:00:00 filter-mac=00:00:00:00:00:00 frame-size=300 \
frames-per-second=25 receive-all=no ssid-all=no
/interface wireless sniffer
set channel-time=200ms file-limit=10 file-name="" memory-limit=10 \
multiple-channels=no only-headers=no receive-errors=no streaming-enabled=\
no streaming-max-rate=0 streaming-server=0.0.0.0
/interface wireless snooper
set channel-time=200ms multiple-channels=yes receive-errors=no
# NAT Server side
/ip firewall nat
add action=masquerade chain=srcnat comment="" disabled=no src-address=\
192.168.0.0/24
add action=accept chain=srcnat comment="" disabled=no dst-address=\
192.168.2.0/24 src-address=192.168.0.0/24
Now client side router's export
# Remote / client side NAT
# dec/20/2013 15:55:10 by RouterOS 5.26
# software id = DB5B-R5RR
#
/ip firewall nat
add action=masquerade chain=srcnat comment="default configuration" disabled=\
yes src-address=192.168.2.0/24 to-addresses=0.0.0.0
add action=masquerade chain=srcnat disabled=no out-interface=pppoe-out1 \
to-addresses=0.0.0.0
add action=accept chain=srcnat disabled=no dst-address=192.168.0.0/24 \
src-address=192.168.2.0/24
# IP addresses remote / client side
# dec/20/2013 15:50:08 by RouterOS 5.26
# software id = DB5B-R5RR
# IP address on ether 5 not used
/ip address
add address=192.168.100.3/24 disabled=no interface=ether5-slave-local \
network=192.168.100.0
add address=192.168.2.1/24 disabled=no interface=wlan1 network=192.168.2.0
# Interfaces remote / client side
# dec/20/2013 15:51:23 by RouterOS 5.26
# software id = DB5B-R5RR
#
/interface bridge
add admin-mac=D4:CA:6D:B6:E0:55 ageing-time=5m arp=enabled auto-mac=no \
disabled=no forward-delay=15s l2mtu=1598 max-message-age=20s mtu=1500 \
name=bridge-local priority=0x8000 protocol-mode=rstp transmit-hold-count=\
6
/interface ethernet
set 0 arp=enabled auto-negotiation=yes disabled=no full-duplex=yes l2mtu=1600 \
mac-address=D4:CA:6D:B6:E0:54 mtu=1500 name=ether1-gateway speed=100Mbps
set 1 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited \
disabled=no full-duplex=yes l2mtu=1598 mac-address=D4:CA:6D:B6:E0:55 \
master-port=none mtu=1500 name=ether2-master-local speed=100Mbps
set 2 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited \
disabled=no full-duplex=yes l2mtu=1598 mac-address=D4:CA:6D:B6:E0:56 \
master-port=ether2-master-local mtu=1500 name=ether3-slave-local speed=\
100Mbps
set 3 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited \
disabled=no full-duplex=yes l2mtu=1598 mac-address=D4:CA:6D:B6:E0:57 \
master-port=ether2-master-local mtu=1500 name=ether4-slave-local speed=\
100Mbps
set 4 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited \
disabled=no full-duplex=yes l2mtu=1598 mac-address=D4:CA:6D:B6:E0:58 \
master-port=ether2-master-local mtu=1500 name=ether5-slave-local speed=\
100Mbps
/interface pppoe-client
add ac-name="" add-default-route=yes allow=pap,chap,mschap1,mschap2 \
dial-on-demand=no disabled=no interface=ether1-gateway max-mru=1480 \
max-mtu=1480 mrru=disabled name=pppoe-out1 password=mhosol profile=\
default service-name="" use-peer-dns=yes user=
a61226850@adsl.telecom.na
/interface l2tp-client
add add-default-route=no allow=pap,chap,mschap1,mschap2 connect-to=\
41.182.68.57 dial-on-demand=no disabled=no max-mru=1460 max-mtu=1460 \
mrru=disabled name=l2tp-out1 password=M@chu1207 profile=\
default-encryption user=l2tpuser2
/interface ethernet switch
set 0 mirror-source=none mirror-target=none name=switch1
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk eap-methods="" \
group-ciphers=aes-ccm group-key-update=5m interim-update=0s \
management-protection=disabled mode=dynamic-keys name=default \
radius-eap-accounting=no radius-mac-accounting=no \
radius-mac-authentication=no radius-mac-caching=disabled \
radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username \
static-algo-0=none static-algo-1=none static-algo-2=none static-algo-3=\
none static-sta-private-algo=none static-transmit-key=key-0 \
supplicant-identity=MikroTik tls-certificate=none tls-mode=\
no-certificates unicast-ciphers=aes-ccm
/interface wireless
set 0 adaptive-noise-immunity=none allow-sharedkey=no antenna-gain=0 area="" \
arp=enabled band=2ghz-b/g/n basic-rates-a/g=6Mbps basic-rates-b=1Mbps \
bridge-mode=disabled channel-width=20/40mhz-ht-above compression=no \
country=no_country_set default-ap-tx-limit=0 default-authentication=yes \
default-client-tx-limit=0 default-forwarding=yes dfs-mode=none \
disable-running-check=no disabled=no disconnect-timeout=3s distance=\
indoors frame-lifetime=0 frequency=2412 frequency-mode=manual-txpower \
frequency-offset=0 hide-ssid=no ht-ampdu-priorities=0 ht-amsdu-limit=8192 \
ht-amsdu-threshold=8192 ht-basic-mcs=\
mcs-0,mcs-1,mcs-2,mcs-3,mcs-4,mcs-5,mcs-6,mcs-7 ht-guard-interval=any \
ht-rxchains=0 ht-supported-mcs="mcs-0,mcs-1,mcs-2,mcs-3,mcs-4,mcs-5,mcs-6,\
mcs-7,mcs-8,mcs-9,mcs-10,mcs-11,mcs-12,mcs-13,mcs-14,mcs-15,mcs-16,mcs-17,\
mcs-18,mcs-19,mcs-20,mcs-21,mcs-22,mcs-23" ht-txchains=0 \
hw-fragmentation-threshold=disabled hw-protection-mode=none \
hw-protection-threshold=0 hw-retries=7 l2mtu=2290 mac-address=\
D4:CA:6D:B6:E0:59 max-station-count=2007 mode=ap-bridge mtu=1500 \
multicast-helper=default name=wlan1 noise-floor-threshold=default \
nv2-cell-radius=30 nv2-noise-floor-offset=default nv2-qos=default \
nv2-queue-count=2 nv2-security=disabled on-fail-retry-time=100ms \
periodic-calibration=default periodic-calibration-interval=60 \
preamble-mode=both proprietary-extensions=post-2.9.25 radio-name=\
D4CA6DB6E059 rate-selection=advanced rate-set=default scan-list=default \
security-profile=default ssid=clumsy station-bridge-clone-mac=\
00:00:00:00:00:00 supported-rates-a/g=\
6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps supported-rates-b=\
1Mbps,2Mbps,5.5Mbps,11Mbps tdma-period-size=2 tx-power-mode=default \
update-stats-interval=disabled wds-cost-range=50-150 wds-default-bridge=\
none wds-default-cost=100 wds-ignore-ssid=no wds-mode=disabled \
wireless-protocol=any wmm-support=disabled
/interface wireless manual-tx-power-table
set wlan1 manual-tx-powers="1Mbps:17,2Mbps:17,5.5Mbps:17,11Mbps:17,6Mbps:17,9M\
bps:17,12Mbps:17,18Mbps:17,24Mbps:17,36Mbps:17,48Mbps:17,54Mbps:17,HT20-0:\
17,HT20-1:17,HT20-2:17,HT20-3:17,HT20-4:17,HT20-5:17,HT20-6:17,HT20-7:17,H\
T40-0:17,HT40-1:17,HT40-2:17,HT40-3:17,HT40-4:17,HT40-5:17,HT40-6:17,HT40-\
7:17"
/interface wireless nstreme
set wlan1 disable-csma=no enable-nstreme=no enable-polling=yes framer-limit=\
3200 framer-policy=none
/interface bridge port
add bridge=bridge-local disabled=no edge=auto external-fdb=auto horizon=none \
interface=ether2-master-local path-cost=10 point-to-point=auto priority=\
0x80
add bridge=bridge-local disabled=no edge=auto external-fdb=auto horizon=none \
interface=wlan1 path-cost=10 point-to-point=auto priority=0x80
/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=\
no
/interface ethernet switch port
set 0 vlan-header=leave-as-is vlan-mode=fallback
set 1 vlan-header=leave-as-is vlan-mode=fallback
set 2 vlan-header=leave-as-is vlan-mode=fallback
set 3 vlan-header=leave-as-is vlan-mode=fallback
set 4 vlan-header=leave-as-is vlan-mode=fallback
/interface l2tp-server server
set authentication=pap,chap,mschap1,mschap2 default-profile=\
default-encryption enabled=no keepalive-timeout=30 max-mru=1460 max-mtu=\
1460 mrru=disabled
/interface ovpn-server server
set auth=sha1,md5 certificate=none cipher=blowfish128,aes128 default-profile=\
default enabled=no keepalive-timeout=60 mac-address=FE:6B:F1:3C:7C:64 \
max-mtu=1500 mode=ip netmask=24 port=1194 require-client-certificate=no
/interface pptp-server server
set authentication=mschap1,mschap2 default-profile=default-encryption \
enabled=no keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=disabled
/interface sstp-server server
set authentication=pap,chap,mschap1,mschap2 certificate=none default-profile=\
default enabled=no keepalive-timeout=60 max-mru=1500 max-mtu=1500 mrru=\
disabled port=443 verify-client-certificate=no
/interface wireless align
set active-mode=yes audio-max=-20 audio-min=-100 audio-monitor=\
00:00:00:00:00:00 filter-mac=00:00:00:00:00:00 frame-size=300 \
frames-per-second=25 receive-all=no ssid-all=no
/interface wireless sniffer
set channel-time=200ms file-limit=10 file-name="" memory-limit=10 \
multiple-channels=no only-headers=no receive-errors=no streaming-enabled=\
no streaming-max-rate=0 streaming-server=0.0.0.0
/interface wireless snooper
set channel-time=200ms multiple-channels=yes receive-errors=no