Hello all,
I am having some issues with my MT router. The network is connected in such a way that i get ip directly from the HX modem (HN9460). The MT gets dynamic ip from the HN modem. But after some time, the router will stop transmitting traffic and i cant open a browser, unless the router or the modem is restarted.
What could be the cause of the dropping or break in communication, I have changed another router, yet the same issues keep repeating itself. What could be responsible for such. Find below configurations i have for the router.
MMM MMM KKK TTTTTTTTTTT KKK
MMMM MMMM KKK TTTTTTTTTTT KKK
MMM MMMM MMM III KKK KKK RRRRRR OOOOOO TTT III KKK KKK
MMM MM MMM III KKKKK RRR RRR OOO OOO TTT III KKKKK
MMM MMM III KKK KKK RRRRRR OOO OOO TTT III KKK KKK
MMM MMM III KKK KKK RRR RRR OOOOOO TTT III KKK KKK
MikroTik RouterOS 5.21 (c) 1999-2012 http://www.mikrotik.com/
[admin@CHI-MACOLLY] > /int
[admin@CHI-MACOLLY] /interface> pr
Flags: D - dynamic, X - disabled, R - running, S - slave
# NAME TYPE MTU L2MTU MAX-L2MTU
0 R ether1 ether 1500 1600 4076
1 ether2 ether 1500 1598 2028
2 R ether3 ether 1500 1598 2028
3 ether4 ether 1500 1598 2028
4 ether5 ether 1500 1598 2028
5 R wlan1 wlan 1500 2290
6 R bridge1 bridge 1500 1598
[admin@CHI-MACOLLY] /interface> export
# may/20/2013 11:56:51 by RouterOS 5.21
# software id = 0B50-BJ2K
#
/interface bridge
add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes \
disabled=no forward-delay=15s l2mtu=1598 max-message-age=20s mtu=1500 \
name=bridge1 priority=0x8000 protocol-mode=none transmit-hold-count=6
/interface ethernet switch
set 0 mirror-source=none mirror-target=none name=switch1
/interface wireless security-profiles
set [ find default=yes ] authentication-types="" eap-methods=passthrough \
group-ciphers=aes-ccm group-key-update=5m interim-update=0s \
management-protection=disabled management-protection-key="" mode=none \
name=default radius-eap-accounting=no radius-mac-accounting=no \
radius-mac-authentication=no radius-mac-caching=disabled \
radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username \
static-algo-0=none static-algo-1=none static-algo-2=none static-algo-3=\
none static-key-0="" static-key-1="" static-key-2="" static-key-3="" \
static-sta-private-algo=none static-sta-private-key="" \
static-transmit-key=key-0 supplicant-identity=MikroTik tls-certificate=\
none tls-mode=no-certificates unicast-ciphers=aes-ccm wpa-pre-shared-key=\
"" wpa2-pre-shared-key=""
/interface wireless
set 0 adaptive-noise-immunity=none allow-sharedkey=no antenna-gain=0 \
antenna-mode=ant-a area="" arp=enabled band=2ghz-b/g/n basic-rates-a/g=\
6Mbps basic-rates-b=1Mbps bridge-mode=enabled channel-width=20mhz \
compression=no country=no_country_set default-ap-tx-limit=0 \
default-authentication=yes default-client-tx-limit=0 default-forwarding=\
yes dfs-mode=none disable-running-check=no disabled=no \
disconnect-timeout=3s distance=dynamic frame-lifetime=0 frequency=2427 \
frequency-mode=manual-txpower frequency-offset=0 hide-ssid=no \
ht-ampdu-priorities=0 ht-amsdu-limit=8192 ht-amsdu-threshold=8192 \
ht-basic-mcs=mcs-0,mcs-1,mcs-2,mcs-3,mcs-4,mcs-5,mcs-6,mcs-7 \
ht-guard-interval=any ht-rxchains=0 ht-supported-mcs="mcs-0,mcs-1,mcs-2,mc\
s-3,mcs-4,mcs-5,mcs-6,mcs-7,mcs-8,mcs-9,mcs-10,mcs-11,mcs-12,mcs-13,mcs-14\
,mcs-15,mcs-16,mcs-17,mcs-18,mcs-19,mcs-20,mcs-21,mcs-22,mcs-23" \
ht-txchains=0 hw-fragmentation-threshold=disabled hw-protection-mode=none \
hw-protection-threshold=0 hw-retries=7 l2mtu=2290 mac-address=\
D4:CA:6D:56:71:CB max-station-count=2007 mode=ap-bridge mtu=1500 \
multicast-helper=default name=wlan1 noise-floor-threshold=default \
nv2-cell-radius=30 nv2-noise-floor-offset=default nv2-preshared-key="" \
nv2-qos=default nv2-queue-count=2 nv2-security=disabled \
on-fail-retry-time=100ms periodic-calibration=default \
periodic-calibration-interval=60 preamble-mode=both \
proprietary-extensions=post-2.9.25 radio-name=D4CA6D5671CB \
rate-selection=advanced rate-set=default scan-list=default \
security-profile=default ssid="CHI-MACOLLY WIRELESS" \
station-bridge-clone-mac=00:00:00:00:00:00 supported-rates-a/g=\
6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps supported-rates-b=\
1Mbps,2Mbps,5.5Mbps,11Mbps tdma-period-size=2 tx-power-mode=default \
update-stats-interval=disabled wds-cost-range=50-150 wds-default-bridge=\
none wds-default-cost=100 wds-ignore-ssid=no wds-mode=disabled \
wireless-protocol=any wmm-support=disabled
/interface wireless manual-tx-power-table
set wlan1 manual-tx-powers="1Mbps:17,2Mbps:17,5.5Mbps:17,11Mbps:17,6Mbps:17,9M\
bps:17,12Mbps:17,18Mbps:17,24Mbps:17,36Mbps:17,48Mbps:17,54Mbps:17,HT20-0:\
17,HT20-1:17,HT20-2:17,HT20-3:17,HT20-4:17,HT20-5:17,HT20-6:17,HT20-7:17,H\
T40-0:17,HT40-1:17,HT40-2:17,HT40-3:17,HT40-4:17,HT40-5:17,HT40-6:17,HT40-\
7:17"
/interface wireless nstreme
set wlan1 disable-csma=no enable-nstreme=no enable-polling=yes framer-limit=\
3200 framer-policy=none
/interface bridge port
add bridge=bridge1 disabled=no edge=auto external-fdb=auto horizon=none \
interface=wlan1 path-cost=10 point-to-point=auto priority=0x80
add bridge=bridge1 disabled=no edge=auto external-fdb=auto horizon=none \
interface=ether4 path-cost=10 point-to-point=auto priority=0x80
add bridge=bridge1 disabled=no edge=auto external-fdb=auto horizon=none \
interface=ether3 path-cost=10 point-to-point=auto priority=0x80
add bridge=bridge1 disabled=no edge=auto external-fdb=auto horizon=none \
interface=ether2 path-cost=10 point-to-point=auto priority=0x80
/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=\
no
/interface ethernet switch port
set 0 vlan-header=leave-as-is vlan-mode=fallback
set 1 vlan-header=leave-as-is vlan-mode=fallback
set 2 vlan-header=leave-as-is vlan-mode=fallback
set 3 vlan-header=leave-as-is vlan-mode=fallback
set 4 vlan-header=leave-as-is vlan-mode=fallback
/interface l2tp-server server
set authentication=pap,chap,mschap1,mschap2 default-profile=\
default-encryption enabled=no max-mru=1460 max-mtu=1460 mrru=disabled
/interface ovpn-server server
set auth=sha1,md5 certificate=none cipher=blowfish128,aes128 default-profile=\
default enabled=no keepalive-timeout=60 mac-address=FE:42:32:E6:EE:07 \
max-mtu=1500 mode=ip netmask=24 port=1194 require-client-certificate=no
/interface pptp-server server
set authentication=mschap1,mschap2 default-profile=default-encryption \
enabled=no keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=disabled
/interface sstp-server server
set authentication=pap,chap,mschap1,mschap2 certificate=none default-profile=\
default enabled=no keepalive-timeout=60 max-mru=1500 max-mtu=1500 mrru=\
disabled port=443 verify-client-certificate=no
/interface wireless align
set active-mode=yes audio-max=-20 audio-min=-100 audio-monitor=\
00:00:00:00:00:00 filter-mac=00:00:00:00:00:00 frame-size=300 \
frames-per-second=25 receive-all=no ssid-all=no
/interface wireless sniffer
set channel-time=200ms file-limit=10 file-name="" memory-limit=10 \
multiple-channels=no only-headers=no receive-errors=no streaming-enabled=\
no streaming-max-rate=0 streaming-server=0.0.0.0
/interface wireless snooper
set channel-time=200ms multiple-channels=yes receive-errors=no
[admin@CHI-MACOLLY] /interface> ..
[admin@CHI-MACOLLY] > /ip
[admin@CHI-MACOLLY] /ip> export
# may/20/2013 11:57:28 by RouterOS 5.21
# software id = 0B50-BJ2K
#
/ip hotspot profile
set [ find default=yes ] dns-name="" hotspot-address=0.0.0.0 html-directory=\
hotspot http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=\
cookie,http-chap name=default rate-limit="" smtp-server=0.0.0.0 \
split-user-domain=no use-radius=no
add dns-name=logout.biz hotspot-address=172.168.30.1 html-directory=hotspot \
http-proxy=0.0.0.0:0 login-by=mac,http-chap,https,http-pap \
mac-auth-password="" name=hsprof1 nas-port-type=wireless-802.11 \
radius-accounting=yes radius-default-domain="" radius-interim-update=\
received radius-location-id="" radius-location-name="" radius-mac-format=\
XX:XX:XX:XX:XX:XX rate-limit="" smtp-server=0.0.0.0 split-user-domain=no \
ssl-certificate=none use-radius=yes
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m name=default \
shared-users=1 status-autorefresh=1m transparent-proxy=no
/ip ipsec proposal
set [ find default=yes ] auth-algorithms=sha1 disabled=no enc-algorithms=3des \
lifetime=30m name=default pfs-group=modp1024
/ip pool
add name=dhcp_pool1 ranges=172.168.30.2-172.168.30.254
/ip dhcp-server
add address-pool=dhcp_pool1 authoritative=after-2sec-delay bootp-support=\
static disabled=no interface=bridge1 lease-time=1d name=dhcp1
/ip hotspot
add address-pool=dhcp_pool1 addresses-per-mac=2 disabled=no idle-timeout=5m \
interface=bridge1 keepalive-timeout=none name=hotspot1 profile=hsprof1
/ip accounting
set account-local-traffic=no enabled=no threshold=256
/ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ip address
add address=172.168.30.1/24 disabled=no interface=bridge1 network=\
172.168.30.0
add address=192.168.100.1/24 disabled=no interface=ether5 network=\
192.168.100.0
/ip dhcp-client
add add-default-route=yes default-route-distance=0 disabled=no interface=\
ether1 use-peer-dns=yes use-peer-ntp=yes
/ip dhcp-server config
set store-leases-disk=5m
/ip dhcp-server network
add address=172.168.30.0/24 dhcp-option="" dns-server="" gateway=172.168.30.1 \
ntp-server="" wins-server=""
/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=2048KiB \
max-udp-packet-size=4096 servers=4.2.2.2,8.8.8.8
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
tcp-close-wait-timeout=10s tcp-established-timeout=1d \
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no \
tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes to-addresses=0.0.0.0
add action=masquerade chain=srcnat disabled=no src-address=172.168.30.0/24
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
disabled=no src-address=172.168.30.0/24 to-addresses=0.0.0.0
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061 sip-direct-media=yes
set pptp disabled=no
/ip hotspot service-port
set ftp disabled=no ports=21
/ip hotspot user
add disabled=no name=admin password=godismywitness profile=default
add disabled=no name=obinna password=uchenna profile=default
/ip neighbor discovery
set ether1 disabled=no
set ether2 disabled=no
set ether3 disabled=no
set ether4 disabled=no
set ether5 disabled=no
set wlan1 disabled=yes
set bridge1 disabled=no
/ip proxy
set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 \
cache-on-disk=no enabled=no max-cache-size=none max-client-connections=\
600 max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0 \
parent-proxy-port=0 port=8080 serialize-connections=no src-address=\
0.0.0.0
/ip service
set telnet address="" disabled=no port=23
set ftp address="" disabled=no port=21
set www address="" disabled=no port=80
set ssh address="" disabled=no port=22
set www-ssl address="" certificate=none disabled=yes port=443
set api address="" disabled=yes port=8728
set winbox address="" disabled=no port=8291
/ip smb
set allow-guests=yes comment=MikrotikSMB domain=MSHOME enabled=no interfaces=\
all
/ip smb shares
set [ find default=yes ] comment="default share" directory=/pub disabled=no \
max-sessions=10 name=pub
/ip smb users
set [ find default=yes ] disabled=no name=guest password="" read-only=yes
/ip socks
set connection-idle-timeout=2m enabled=no max-connections=200 port=1080
/ip traffic-flow
set active-flow-timeout=30m cache-entries=4k enabled=no \
inactive-flow-timeout=15s interfaces=all
/ip upnp
set allow-disable-external-interface=yes enabled=no show-dummy-rule=yes
[admin@CHI-MACOLLY] /ip> ..
[admin@CHI-MACOLLY] >
certificate ip mpls radius store beep led redo
driver ipv6 port routing system blink password setup
file log ppp snmp tool export ping undo
interface metarouter queue special-login user import quit
[admin@CHI-MACOLLY] > export
# may/20/2013 11:57:59 by RouterOS 5.21
# software id = 0B50-BJ2K
#
/interface bridge
add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes \
disabled=no forward-delay=15s l2mtu=1598 max-message-age=20s mtu=1500 \
name=bridge1 priority=0x8000 protocol-mode=none transmit-hold-count=6
/interface ethernet switch
set 0 mirror-source=none mirror-target=none name=switch1
/interface wireless security-profiles
set [ find default=yes ] authentication-types="" eap-methods=passthrough \
group-ciphers=aes-ccm group-key-update=5m interim-update=0s \
management-protection=disabled management-protection-key="" mode=none \
name=default radius-eap-accounting=no radius-mac-accounting=no \
radius-mac-authentication=no radius-mac-caching=disabled \
radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username \
static-algo-0=none static-algo-1=none static-algo-2=none static-algo-3=\
none static-key-0="" static-key-1="" static-key-2="" static-key-3="" \
static-sta-private-algo=none static-sta-private-key="" \
static-transmit-key=key-0 supplicant-identity=MikroTik tls-certificate=\
none tls-mode=no-certificates unicast-ciphers=aes-ccm wpa-pre-shared-key=\
"" wpa2-pre-shared-key=""
/interface wireless
set 0 adaptive-noise-immunity=none allow-sharedkey=no antenna-gain=0 \
antenna-mode=ant-a area="" arp=enabled band=2ghz-b/g/n basic-rates-a/g=\
6Mbps basic-rates-b=1Mbps bridge-mode=enabled channel-width=20mhz \
compression=no country=no_country_set default-ap-tx-limit=0 \
default-authentication=yes default-client-tx-limit=0 default-forwarding=\
yes dfs-mode=none disable-running-check=no disabled=no \
disconnect-timeout=3s distance=dynamic frame-lifetime=0 frequency=2427 \
frequency-mode=manual-txpower frequency-offset=0 hide-ssid=no \
ht-ampdu-priorities=0 ht-amsdu-limit=8192 ht-amsdu-threshold=8192 \
ht-basic-mcs=mcs-0,mcs-1,mcs-2,mcs-3,mcs-4,mcs-5,mcs-6,mcs-7 \
ht-guard-interval=any ht-rxchains=0 ht-supported-mcs="mcs-0,mcs-1,mcs-2,mc\
s-3,mcs-4,mcs-5,mcs-6,mcs-7,mcs-8,mcs-9,mcs-10,mcs-11,mcs-12,mcs-13,mcs-14\
,mcs-15,mcs-16,mcs-17,mcs-18,mcs-19,mcs-20,mcs-21,mcs-22,mcs-23" \
ht-txchains=0 hw-fragmentation-threshold=disabled hw-protection-mode=none \
hw-protection-threshold=0 hw-retries=7 l2mtu=2290 mac-address=\
D4:CA:6D:56:71:CB max-station-count=2007 mode=ap-bridge mtu=1500 \
multicast-helper=default name=wlan1 noise-floor-threshold=default \
nv2-cell-radius=30 nv2-noise-floor-offset=default nv2-preshared-key="" \
nv2-qos=default nv2-queue-count=2 nv2-security=disabled \
on-fail-retry-time=100ms periodic-calibration=default \
periodic-calibration-interval=60 preamble-mode=both \
proprietary-extensions=post-2.9.25 radio-name=D4CA6D5671CB \
rate-selection=advanced rate-set=default scan-list=default \
security-profile=default ssid="CHI-MACOLLY WIRELESS" \
station-bridge-clone-mac=00:00:00:00:00:00 supported-rates-a/g=\
6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps supported-rates-b=\
1Mbps,2Mbps,5.5Mbps,11Mbps tdma-period-size=2 tx-power-mode=default \
update-stats-interval=disabled wds-cost-range=50-150 wds-default-bridge=\
none wds-default-cost=100 wds-ignore-ssid=no wds-mode=disabled \
wireless-protocol=any wmm-support=disabled
/interface wireless manual-tx-power-table
set wlan1 manual-tx-powers="1Mbps:17,2Mbps:17,5.5Mbps:17,11Mbps:17,6Mbps:17,9M\
bps:17,12Mbps:17,18Mbps:17,24Mbps:17,36Mbps:17,48Mbps:17,54Mbps:17,HT20-0:\
17,HT20-1:17,HT20-2:17,HT20-3:17,HT20-4:17,HT20-5:17,HT20-6:17,HT20-7:17,H\
T40-0:17,HT40-1:17,HT40-2:17,HT40-3:17,HT40-4:17,HT40-5:17,HT40-6:17,HT40-\
7:17"
/interface wireless nstreme
set wlan1 disable-csma=no enable-nstreme=no enable-polling=yes framer-limit=\
3200 framer-policy=none
/ip hotspot profile
set [ find default=yes ] dns-name="" hotspot-address=0.0.0.0 html-directory=\
hotspot http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=\
cookie,http-chap name=default rate-limit="" smtp-server=0.0.0.0 \
split-user-domain=no use-radius=no
add dns-name=logout.biz hotspot-address=172.168.30.1 html-directory=hotspot \
http-proxy=0.0.0.0:0 login-by=mac,http-chap,https,http-pap \
mac-auth-password="" name=hsprof1 nas-port-type=wireless-802.11 \
radius-accounting=yes radius-default-domain="" radius-interim-update=\
received radius-location-id="" radius-location-name="" radius-mac-format=\
XX:XX:XX:XX:XX:XX rate-limit="" smtp-server=0.0.0.0 split-user-domain=no \
ssl-certificate=none use-radius=yes
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m name=default \
shared-users=1 status-autorefresh=1m transparent-proxy=no
/ip ipsec proposal
set [ find default=yes ] auth-algorithms=sha1 disabled=no enc-algorithms=3des \
lifetime=30m name=default pfs-group=modp1024
/ip pool
add name=dhcp_pool1 ranges=172.168.30.2-172.168.30.254
/ip dhcp-server
add address-pool=dhcp_pool1 authoritative=after-2sec-delay bootp-support=\
static disabled=no interface=bridge1 lease-time=1d name=dhcp1
/ip hotspot
add address-pool=dhcp_pool1 addresses-per-mac=2 disabled=no idle-timeout=5m \
interface=bridge1 keepalive-timeout=none name=hotspot1 profile=hsprof1
/ppp profile
set 0 change-tcp-mss=yes name=default only-one=default use-compression=\
default use-encryption=default use-mpls=default use-vj-compression=\
default
set 1 change-tcp-mss=yes name=default-encryption only-one=default \
use-compression=default use-encryption=yes use-mpls=default \
use-vj-compression=default
/queue type
set 0 kind=pfifo name=default pfifo-limit=50
set 1 kind=pfifo name=ethernet-default pfifo-limit=50
set 2 kind=sfq name=wireless-default sfq-allot=1514 sfq-perturb=5
set 3 kind=red name=synchronous-default red-avg-packet=1000 red-burst=20 \
red-limit=60 red-max-threshold=50 red-min-threshold=10
set 4 kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=5
set 5 kind=none name=only-hardware-queue
set 6 kind=mq-pfifo mq-pfifo-limit=50 name=multi-queue-ethernet-default
set 7 kind=pfifo name=default-small pfifo-limit=10
/routing bgp instance
set default as=65530 client-to-client-reflection=yes disabled=no \
ignore-as-path-len=no name=default out-filter="" redistribute-connected=\
no redistribute-ospf=no redistribute-other-bgp=no redistribute-rip=no \
redistribute-static=no router-id=0.0.0.0 routing-table=""
/routing ospf instance
set [ find default=yes ] disabled=no distribute-default=never in-filter=\
ospf-in metric-bgp=auto metric-connected=20 metric-default=1 \
metric-other-ospf=auto metric-rip=20 metric-static=20 name=default \
out-filter=ospf-out redistribute-bgp=no redistribute-connected=no \
redistribute-other-ospf=no redistribute-rip=no redistribute-static=no \
router-id=0.0.0.0
/routing ospf area
set [ find default=yes ] area-id=0.0.0.0 disabled=no instance=default name=\
backbone type=default
/snmp community
set [ find default=yes ] addresses=0.0.0.0/0 authentication-password="" \
authentication-protocol=MD5 encryption-password="" encryption-protocol=\
DES name=public read-access=yes security=none write-access=no
/system logging action
set 0 memory-lines=100 memory-stop-on-full=no name=memory target=memory
set 1 disk-file-count=2 disk-file-name=log disk-lines-per-file=100 \
disk-stop-on-full=no name=disk target=disk
set 2 name=echo remember=yes target=echo
set 3 bsd-syslog=no name=remote remote-port=514 src-address=0.0.0.0 \
syslog-facility=daemon syslog-severity=auto target=remote
/tool user-manager customer
add backup-allowed=yes disabled=no login=admin password="" \
paypal-accept-pending=no paypal-allowed=no paypal-secure-response=no \
permissions=owner signup-allowed=no time-zone=-00:00
/tool user-manager profile
add name=1hr name-for-users="" override-shared-users=off owner=admin price=0 \
starts-at=logon validity=0s
add name=staff name-for-users="" override-shared-users=off owner=admin price=\
10 starts-at=logon validity=0s
add name=30mins name-for-users="" override-shared-users=off owner=admin \
price=150 starts-at=logon validity=2d
/tool user-manager profile limitation
add address-list="" download-limit=0B group-name="" ip-pool="" name=1hr \
rate-limit-min-rx=100352B rate-limit-min-tx=131072B rate-limit-rx=100352B \
rate-limit-tx=131072B transfer-limit=0B upload-limit=0B uptime-limit=1h
add address-list="" download-limit=0B group-name="" ip-pool="" name=staff \
rate-limit-min-rx=131072B rate-limit-min-tx=131072B rate-limit-rx=131072B \
rate-limit-tx=131072B transfer-limit=0B upload-limit=0B uptime-limit=0s
add address-list="" download-limit=0B group-name="" ip-pool="" name=30mins \
rate-limit-min-rx=100352B rate-limit-min-tx=131072B rate-limit-rx=100352B \
rate-limit-tx=131072B transfer-limit=0B upload-limit=0B uptime-limit=30m
/user group
set read name=read policy="local,telnet,ssh,reboot,read,test,winbox,password,w\
eb,sniff,sensitive,api,!ftp,!write,!policy" skin=default
set write name=write policy="local,telnet,ssh,reboot,read,write,test,winbox,pa\
ssword,web,sniff,sensitive,api,!ftp,!policy" skin=default
set full name=full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,\
winbox,password,web,sniff,sensitive,api" skin=default
/interface bridge port
add bridge=bridge1 disabled=no edge=auto external-fdb=auto horizon=none \
interface=wlan1 path-cost=10 point-to-point=auto priority=0x80
add bridge=bridge1 disabled=no edge=auto external-fdb=auto horizon=none \
interface=ether4 path-cost=10 point-to-point=auto priority=0x80
add bridge=bridge1 disabled=no edge=auto external-fdb=auto horizon=none \
interface=ether3 path-cost=10 point-to-point=auto priority=0x80
add bridge=bridge1 disabled=no edge=auto external-fdb=auto horizon=none \
interface=ether2 path-cost=10 point-to-point=auto priority=0x80
/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=\
no
/interface ethernet switch port
set 0 vlan-header=leave-as-is vlan-mode=fallback
set 1 vlan-header=leave-as-is vlan-mode=fallback
set 2 vlan-header=leave-as-is vlan-mode=fallback
set 3 vlan-header=leave-as-is vlan-mode=fallback
set 4 vlan-header=leave-as-is vlan-mode=fallback
/interface l2tp-server server
set authentication=pap,chap,mschap1,mschap2 default-profile=\
default-encryption enabled=no max-mru=1460 max-mtu=1460 mrru=disabled
/interface ovpn-server server
set auth=sha1,md5 certificate=none cipher=blowfish128,aes128 default-profile=\
default enabled=no keepalive-timeout=60 mac-address=FE:AC:ED:86:1B:2D \
max-mtu=1500 mode=ip netmask=24 port=1194 require-client-certificate=no
/interface pptp-server server
set authentication=mschap1,mschap2 default-profile=default-encryption \
enabled=no keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=disabled
/interface sstp-server server
set authentication=pap,chap,mschap1,mschap2 certificate=none default-profile=\
default enabled=no keepalive-timeout=60 max-mru=1500 max-mtu=1500 mrru=\
disabled port=443 verify-client-certificate=no
/interface wireless align
set active-mode=yes audio-max=-20 audio-min=-100 audio-monitor=\
00:00:00:00:00:00 filter-mac=00:00:00:00:00:00 frame-size=300 \
frames-per-second=25 receive-all=no ssid-all=no
/interface wireless sniffer
set channel-time=200ms file-limit=10 file-name="" memory-limit=10 \
multiple-channels=no only-headers=no receive-errors=no streaming-enabled=\
no streaming-max-rate=0 streaming-server=0.0.0.0
/interface wireless snooper
set channel-time=200ms multiple-channels=yes receive-errors=no
/ip accounting
set account-local-traffic=no enabled=no threshold=256
/ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ip address
add address=172.168.30.1/24 disabled=no interface=bridge1 network=\
172.168.30.0
add address=192.168.100.1/24 disabled=no interface=ether5 network=\
192.168.100.0
/ip dhcp-client
add add-default-route=yes default-route-distance=0 disabled=no interface=\
ether1 use-peer-dns=yes use-peer-ntp=yes
/ip dhcp-server config
set store-leases-disk=5m
/ip dhcp-server network
add address=172.168.30.0/24 dhcp-option="" dns-server="" gateway=172.168.30.1 \
ntp-server="" wins-server=""
/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=2048KiB \
max-udp-packet-size=4096 servers=4.2.2.2,8.8.8.8
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
tcp-close-wait-timeout=10s tcp-established-timeout=1d \
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no \
tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes to-addresses=0.0.0.0
add action=masquerade chain=srcnat disabled=no src-address=172.168.30.0/24
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
disabled=no src-address=172.168.30.0/24 to-addresses=0.0.0.0
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061 sip-direct-media=yes
set pptp disabled=no
/ip hotspot service-port
set ftp disabled=no ports=21
/ip hotspot user
add disabled=no name=admin password=godismywitness profile=default
add disabled=no name=obinna password=uchenna profile=default
/ip neighbor discovery
set ether1 disabled=no
set ether2 disabled=no
set ether3 disabled=no
set ether4 disabled=no
set ether5 disabled=no
set wlan1 disabled=yes
set bridge1 disabled=no
/ip proxy
set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 \
cache-on-disk=no enabled=no max-cache-size=none max-client-connections=\
600 max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0 \
parent-proxy-port=0 port=8080 serialize-connections=no src-address=\
0.0.0.0
/ip service
set telnet address="" disabled=no port=23
set ftp address="" disabled=no port=21
set www address="" disabled=no port=80
set ssh address="" disabled=no port=22
set www-ssl address="" certificate=none disabled=yes port=443
set api address="" disabled=yes port=8728
set winbox address="" disabled=no port=8291
/ip smb
set allow-guests=yes comment=MikrotikSMB domain=MSHOME enabled=no interfaces=\
all
/ip smb shares
set [ find default=yes ] comment="default share" directory=/pub disabled=no \
max-sessions=10 name=pub
/ip smb users
set [ find default=yes ] disabled=no name=guest password="" read-only=yes
/ip socks
set connection-idle-timeout=2m enabled=no max-connections=200 port=1080
/ip traffic-flow
set active-flow-timeout=30m cache-entries=4k enabled=no \
inactive-flow-timeout=15s interfaces=all
/ip upnp
set allow-disable-external-interface=yes enabled=no show-dummy-rule=yes
/mpls
set dynamic-label-range=16-1048575 propagate-ttl=yes
/mpls interface
set [ find default=yes ] disabled=no interface=all mpls-mtu=1508
/mpls ldp
set distribute-for-default-route=no enabled=no hop-limit=255 loop-detect=no \
lsr-id=0.0.0.0 path-vector-limit=255 transport-address=0.0.0.0 \
use-explicit-null=no
/port firmware
set directory=firmware ignore-directip-modem=no
/ppp aaa
set accounting=yes interim-update=0s use-radius=no
/queue interface
set ether1 queue=only-hardware-queue
set ether2 queue=only-hardware-queue
set ether3 queue=only-hardware-queue
set ether4 queue=only-hardware-queue
set ether5 queue=only-hardware-queue
set wlan1 queue=wireless-default
/radius
add accounting-backup=no accounting-port=1813 address=127.0.0.1 \
authentication-port=1812 called-id="" disabled=no domain="" realm="" \
secret=123456 service=hotspot timeout=300ms
/radius incoming
set accept=yes port=3799
/routing bfd interface
set [ find default=yes ] disabled=no interface=all interval=0.2s min-rx=0.2s \
multiplier=5
/routing igmp-proxy
set query-interval=2m5s query-response-interval=10s quick-leave=no
/routing mme
set bidirectional-timeout=2 gateway-class=none gateway-keepalive=1m \
gateway-selection=no-gateway origination-interval=5s preferred-gateway=\
0.0.0.0 timeout=1m ttl=50
/routing pim
set switch-to-spt=yes switch-to-spt-bytes=0 switch-to-spt-interval=1m40s
/routing rip
set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1 \
metric-default=1 metric-ospf=1 metric-static=1 redistribute-bgp=no \
redistribute-connected=no redistribute-ospf=no redistribute-static=no \
routing-table=main timeout-timer=3m update-timer=30s
/snmp
set contact="" enabled=no engine-id="" location="" trap-generators="" \
trap-target="" trap-version=1
/system clock
set time-zone-name=Africa/Lagos
/system clock manual
set dst-delta=+00:00 dst-end="jan/01/1970 00:00:00" dst-start=\
"jan/01/1970 00:00:00" time-zone=+00:00
/system identity
set name=CHI-MACOLLY
/system lcd
set contrast=0 enabled=no port=parallel type=24x4
/system lcd page
set time disabled=yes display-time=5s
set resources disabled=yes display-time=5s
set uptime disabled=yes display-time=5s
set packets disabled=yes display-time=5s
set bits disabled=yes display-time=5s
set version disabled=yes display-time=5s
set identity disabled=yes display-time=5s
set bridge1 disabled=yes display-time=5s
set wlan1 disabled=yes display-time=5s
set ether5 disabled=yes display-time=5s
set ether4 disabled=yes display-time=5s
set ether3 disabled=yes display-time=5s
set ether2 disabled=yes display-time=5s
set ether1 disabled=yes display-time=5s
/system leds
set 0 disabled=no interface=wlan1 leds=wlan-led type=wireless-status
/system logging
set 0 action=memory disabled=no prefix="" topics=info
set 1 action=memory disabled=no prefix="" topics=error
set 2 action=memory disabled=no prefix="" topics=warning
set 3 action=echo disabled=no prefix="" topics=critical
/system note
set note="" show-at-login=yes
/system ntp client
set enabled=yes mode=unicast primary-ntp=41.73.38.11 secondary-ntp=\
41.216.193.26
/system ntp server
set broadcast=no broadcast-addresses="" enabled=no manycast=yes multicast=no
/system resource irq
set 0 cpu=auto
set 1 cpu=auto
set 2 cpu=auto
set 3 cpu=auto
/system routerboard settings
set boot-device=nand-if-fail-then-ethernet boot-protocol=bootp cpu-frequency=\
400MHz force-backup-booter=no silent-boot=no
/system upgrade mirror
set check-interval=1d enabled=no primary-server=0.0.0.0 secondary-server=\
0.0.0.0 user=""
/system watchdog
set auto-send-supout=no automatic-supout=yes no-ping-delay=5m watch-address=\
none watchdog-timer=yes
/tool bandwidth-server
set allocate-udp-ports-from=2000 authenticate=yes enabled=yes max-sessions=\
100
/tool e-mail
set address=0.0.0.0 from=<> password="" port=25 starttls=no user=""
/tool graphing
set page-refresh=300 store-every=5min
/tool mac-server
set [ find default=yes ] disabled=no interface=all
/tool mac-server mac-winbox
set [ find default=yes ] disabled=no interface=all
/tool mac-server ping
set enabled=yes
/tool sms
set allowed-number="" channel=0 keep-max-sms=0 receive-enabled=no secret=""
/tool sniffer
set file-limit=1000KiB file-name="" filter-ip-address="" filter-ip-protocol=\
"" filter-mac-address="" filter-mac-protocol="" filter-port="" \
filter-stream=yes interface=all memory-limit=100KiB memory-scroll=yes \
only-headers=no streaming-enabled=no streaming-server=0.0.0.0
/tool traffic-generator
set latency-distribution-scale=10 test-id=0
/tool user-manager profile profile-limitation
add from-time=0s limitation=1hr profile=1hr till-time=23h59m59s weekdays=\
sunday,monday,tuesday,wednesday,thursday,friday,saturday
add from-time=0s limitation=staff profile=staff till-time=23h59m59s weekdays=\
sunday,monday,tuesday,wednesday,thursday,friday,saturday
add from-time=0s limitation=30mins profile=30mins till-time=23h59m59s \
weekdays=sunday,monday,tuesday,wednesday,thursday,friday,saturday
/tool user-manager router
add coa-port=1700 customer=admin disabled=no ip-address=127.0.0.1 log="" \
name=hotspot shared-secret=123456 use-coa=no
/tool user-manager user
add customer=admin disabled=no name=azuoma password=nnanna shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=test password=test shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=srykuf password=5nsf5a shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=hi9yt6 password=ckb8ax shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=hi4tum password=8x48er shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=prc9u6 password=z3vnwc shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=axax76 password=jkz4mt shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=22vfhr password=gz8bjp shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=mh8kvy password=7zvzjt shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=e3a5n8 password=k22g99 shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=c64pfb password=ijap9h shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=4yhbs4 password=72ag8k shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=hjnhf2 password=h5479y shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=txzgac password=areepv shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=majmnd password=tfqr8z shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=pc6egm password=k9c3k9 shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=emwatd password=te7h3k shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=2y5ued password=99rcgq shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=irci6u password=wjit5u shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=d5bc5h password=yz4m4e shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=3erfum password=i53wp2 shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=tcaq7k password=qkvtmq shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
/user aaa
set accounting=yes default-group=read exclude-groups="" interim-update=0s \
use-radius=no
[admin@CHI-MACOLLY] >