Code: Select all
[admin@MikroTik] > /export hide-sensitive
# mar/09/2021 17:23:56 by RouterOS 6.48.1
# software id = AQPZ-DUUH
#
# model = RouterBOARD D52G-5HacD2HnD-TC
# serial number = XXXXXXXXXXXX
/interface bridge
add ingress-filtering=yes name=bridge1 vlan-filtering=yes
/interface wireless
set [ find default-name=wlan1 ] adaptive-noise-immunity=ap-and-client-mode band=2ghz-onlyn country=germany default-forwarding=no distance=indoors guard-interval=long installation=indoor mode=ap-bridge skip-dfs-channels=all ssid=WLAN-XXXXXX \
wireless-protocol=802.11 wps-mode=disabled
set [ find default-name=wlan2 ] adaptive-noise-immunity=ap-and-client-mode band=5ghz-onlyac channel-width=20/40/80mhz-XXXX country=germany default-forwarding=no distance=indoors guard-interval=long installation=indoor mode=ap-bridge skip-dfs-channels=\
all ssid=WLAN-XXXXXX wireless-protocol=802.11 wps-mode=disabled
/interface vlan
add interface=ether1 name=vlan2 vlan-id=32
add interface=ether1 name=vlan3 vlan-id=33
add interface=ether1 name=vlan4 vlan-id=36
add interface=ether1 name=vlan5 vlan-id=39
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk mode=dynamic-keys supplicant-identity=MikroTik
add authentication-types=wpa2-psk mode=dynamic-keys name=intranet supplicant-identity=MikroTik
/ip pool
add name=dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=dhcp interface=wlan1 name=management
/interface bridge port
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=ether2 pvid=32
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=ether3 pvid=33
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=ether4 pvid=36
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=ether5 pvid=39
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=vlan2 pvid=32
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=vlan3 pvid=33
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=vlan4 pvid=36
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=vlan5 pvid=39
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=wlan1 pvid=39
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=wlan2 pvid=39
/ip neighbor discovery-settings
set discover-interface-list=none
/interface list member
add interface=ether1 list=WAN
add interface=bridge1 list=LAN
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge1 network=192.168.88.0
/ip dhcp-client
add disabled=no interface=ether1
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
/ip service
set telnet disabled=yes
set ftp disabled=yes
set api disabled=yes
set winbox disabled=yes
set api-ssl disabled=yes
/ip ssh
set strong-crypto=yes
/system clock
set time-zone-name=Europe/Berlin
/system leds settings
set all-leds-off=immediate
/system ntp client
set enabled=yes primary-ntp=192.168.30.1
/tool bandwidth-server
set enabled=no
/tool mac-server
set allowed-interface-list=none
/tool mac-server mac-winbox
set allowed-interface-list=none
/tool mac-server ping
set enabled=no