this is my full setup config, If someone experienced user can give me some help and hints, thank you all the best.
Code: Select all
/interface ethernet
set [ find default-name=ether1 ] name=ether1-WAN1
set [ find default-name=ether2 ] name=ether2-WAN2
set [ find default-name=ether3 ] name=ether3-WAN3
set [ find default-name=ether4 ] name=ether4-LAN1
set [ find default-name=ether5 ] name=ether5-LAN2
/interface list
add name=lan
/interface lte apn
set [ find default=yes ] ip-type=ipv4 use-network-apn=no
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_rede-interna ranges=192.168.100.2-192.168.100.254
add name=dhcp_Impressoras ranges=192.169.0.2-192.169.0.254
add name=pool1 ranges=192.168.0.2-192.168.0.254
/ip dhcp-server
add add-arp=yes address-pool=dhcp_rede-interna always-broadcast=yes \
bootp-support=dynamic interface=ether5-LAN2 name=DHCP_rede-interna
add add-arp=yes address-pool=dhcp_Impressoras always-broadcast=yes \
bootp-support=dynamic interface=ether4-LAN1 name=DHCP_Impressoras
/port
set 0 name=serial0
/routing table
add fib name=TO_WAN1
add fib name=TO_WAN2
add fib name=TO_WAN3
/ip settings
set max-neighbor-entries=8192
/ipv6 settings
set disable-ipv6=yes max-neighbor-entries=8192
/interface list member
add interface=ether4-LAN1 list=lan
add interface=ether5-LAN2 list=lan
/interface ovpn-server server
set auth=sha1,md5
/ip address
add address=192.168.100.1/24 interface=ether5-LAN2 network=192.168.100.0
add address=192.168.18.50/24 disabled=yes interface=ether1-WAN1 network=\
192.168.18.0
add address=192.168.102.50/24 disabled=yes interface=ether2-WAN2 network=\
192.168.102.0
add address=192.168.103.50/24 disabled=yes interface=ether3-WAN3 network=\
192.168.103.0
add address=192.169.0.1/24 interface=ether4-LAN1 network=192.169.0.0
/ip dhcp-client
add interface=ether1-WAN1
add interface=ether2-WAN2
add interface=ether3-WAN3
/ip dhcp-server network
add address=192.168.100.0/24 dns-server=8.8.8.8 gateway=192.168.100.1 netmask=8
add address=192.169.0.0/24 dns-server=8.8.8.8 gateway=192.169.0.1 netmask=8
/ip firewall address-list
add address=192.168.100.2-192.168.100.254 list=LAN_USERS
add address=192.168.18.0/24 list=WAN_SUBNET
add address=192.168.102.0/24 list=WAN_SUBNET
add address=192.169.0.2-192.169.0.254 list=LAN_USERS
add address=192.168.103.0/24 list=WAN_SUBNET
/ip firewall mangle
add action=accept chain=prerouting dst-address-list=WAN_SUBNET
add action=mark-routing chain=prerouting new-routing-mark=TO_WAN1 passthrough=\
yes per-connection-classifier=both-addresses-and-ports:3/0 \
src-address-list=LAN_USERS src-address-type=!local
add action=mark-routing chain=prerouting new-routing-mark=TO_WAN2 passthrough=\
yes per-connection-classifier=both-addresses-and-ports:3/1 \
src-address-list=LAN_USERS src-address-type=!local
add action=mark-routing chain=prerouting new-routing-mark=TO_WAN3 passthrough=\
yes per-connection-classifier=both-addresses-and-ports:3/2 \
src-address-list=LAN_USERS src-address-type=!local
/ip firewall nat
add action=masquerade chain=srcnat src-address-list=LAN_USERS
/ip route
add disabled=no dst-address=0.0.0.0/0 gateway=192.168.18.1 routing-table=\
TO_WAN1 suppress-hw-offload=no
add disabled=no dst-address=0.0.0.0/0 gateway=192.168.102.1 routing-table=\
TO_WAN2 suppress-hw-offload=no
add disabled=no dst-address=0.0.0.0/0 gateway=192.168.103.1 routing-table=\
TO_WAN3 suppress-hw-offload=no
/system clock
set time-zone-name=America/Sao_Paulo