My wireless network was stable but since yesterday my wireless is going crazy (same as me).
Almost all my devices were unavailable and very often my SSID disappear. I did a reset on my router ( RBD52G-5HacD2HnD ), then restore a backup of my configuration, then it works again, eventhoug I needed to reconfigure all my devices.
Any clue on what is going on? and how could I tune my router?
Here is my configuration
Code: Select all
# mar/24/2021 07:32:30 by RouterOS 6.47.9
# software id = VSTX-MV85
#
# model = RBD52G-5HacD2HnD
# serial number = C6140C2E3ACE
/interface bridge
add admin-mac=48:8F:5A:6C:FD:60 auto-mac=no name=bridge
add name=bridge_old_network
/interface ethernet
set [ find default-name=ether4 ] comment="SMC switch old network"
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk disable-pmkid=yes mode=dynamic-keys supplicant-identity=my::NET
add authentication-types=wpa-psk,wpa2-psk disable-pmkid=yes eap-methods="" group-ciphers=tkip,aes-ccm group-key-update=1h mode=dynamic-keys name=akaii supplicant-identity="" unicast-ciphers=\
tkip,aes-ccm
add authentication-types=wpa2-psk eap-methods="" group-ciphers=tkip,aes-ccm management-protection=allowed mode=dynamic-keys name=akguest supplicant-identity="" unicast-ciphers=tkip,aes-ccm
add authentication-types=wpa-psk,wpa2-psk,wpa-eap,wpa2-eap eap-methods="" group-ciphers=tkip,aes-ccm mode=dynamic-keys name=kids supplicant-identity="" unicast-ciphers=tkip,aes-ccm
add authentication-types=wpa2-psk disable-pmkid=yes eap-methods="" group-ciphers=tkip,aes-ccm management-protection=allowed mode=dynamic-keys name=akdom supplicant-identity="" unicast-ciphers=\
tkip,aes-ccm
add authentication-types=wpa-psk,wpa2-psk disable-pmkid=yes eap-methods="" group-ciphers=tkip,aes-ccm management-protection=allowed mode=dynamic-keys name=CANLBOX-URM supplicant-identity="" \
unicast-ciphers=tkip,aes-ccm
add authentication-types=wpa-psk,wpa2-psk disable-pmkid=yes eap-methods="" group-ciphers=tkip,aes-ccm management-protection=allowed mode=dynamic-keys name="Cabinet Bowen" supplicant-identity="" \
unicast-ciphers=tkip,aes-ccm
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n basic-rates-a/g=6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps basic-rates-b=1Mbps,2Mbps,5.5Mbps,11Mbps channel-width=20/40mhz-Ce country=france \
disabled=no distance=indoors frequency=auto mode=ap-bridge rate-set=configured security-profile=akaii ssid=akaii station-roaming=enabled tx-power=30 tx-power-mode=all-rates-fixed wireless-protocol=\
802.11 wps-mode=disabled
set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=20/40/80mhz-Ceee distance=indoors frequency=auto mode=ap-bridge security-profile=akaii ssid=akaii station-roaming=enabled \
wireless-protocol=802.11 wps-mode=disabled
add keepalive-frames=disabled mac-address=4A:8F:5A:6C:FD:69 master-interface=wlan1 multicast-buffering=disabled name=CANLBOX-URM1 security-profile=CANLBOX-URM ssid=CANLBOX-URM wds-cost-range=0 \
wds-default-cost=0 wps-mode=disabled
add keepalive-frames=disabled mac-address=4A:8F:5A:6C:FD:6A master-interface=wlan2 multicast-buffering=disabled name=CANLBOX-URM2 security-profile=CANLBOX-URM ssid=CANLBOX-URM wds-cost-range=0 \
wds-default-cost=0 wps-mode=disabled
add keepalive-frames=disabled mac-address=4A:8F:5A:6C:FD:6D master-interface=wlan2 multicast-buffering=disabled name="Cabinet Bowen 2" security-profile="Cabinet Bowen" ssid="Cabinet Bowen" \
wds-cost-range=0 wds-default-cost=0 wps-mode=disabled
add keepalive-frames=disabled mac-address=4A:8F:5A:6C:FD:6C master-interface=wlan1 multicast-buffering=disabled name="Cabinet Bowen1" security-profile="Cabinet Bowen" ssid="Cabinet Bowen" \
wds-cost-range=0 wds-default-cost=0 wps-mode=disabled
add disabled=no keepalive-frames=disabled mac-address=4A:8F:5A:6C:FD:68 master-interface=wlan1 multicast-buffering=disabled name=akdom1 security-profile=akdom ssid=akdom wds-cost-range=0 \
wds-default-cost=0 wps-mode=disabled
add disabled=no keepalive-frames=disabled mac-address=4A:8F:5A:6C:FD:6B master-interface=wlan2 multicast-buffering=disabled name=akdom2 security-profile=akdom ssid=akdom wds-cost-range=0 \
wds-default-cost=0 wps-mode=disabled
add keepalive-frames=disabled mac-address=4A:8F:5A:6C:FD:64 master-interface=wlan1 multicast-buffering=disabled name=akguest1 security-profile=akguest ssid=akguest station-roaming=enabled \
wds-cost-range=0 wds-default-cost=0 wps-mode=disabled
add keepalive-frames=disabled mac-address=4A:8F:5A:6C:FD:65 master-interface=wlan2 multicast-buffering=disabled name=akguest2 security-profile=akguest ssid=akguest station-roaming=enabled \
wds-cost-range=0 wds-default-cost=0 wps-mode=disabled
add keepalive-frames=disabled mac-address=4A:8F:5A:6C:FD:66 master-interface=wlan1 multicast-buffering=disabled name=akkids1 security-profile=kids ssid=akkids station-roaming=enabled wds-cost-range=0 \
wds-default-cost=0 wps-mode=disabled
add keepalive-frames=disabled mac-address=4A:8F:5A:6C:FD:67 master-interface=wlan2 multicast-buffering=disabled name=akkids2 security-profile=kids ssid=akkids station-roaming=enabled wds-cost-range=0 \
wds-default-cost=0 wps-mode=disabled
/ip pool
add name=dhcp ranges=192.168.88.100-192.168.88.254
add name=dhcp_akaii_old ranges=192.168.1.100-192.168.1.250
add name=dhcp_akaii_new ranges=10.10.10.100-10.10.10.250
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge lease-time=6h name=dhcp
add address-pool=dhcp_akaii_old disabled=no interface=bridge_old_network lease-time=6h10m name=dhcp_old_network
/ppp profile
add change-tcp-mss=yes name=mls on-up=onup
/interface pppoe-client
add add-default-route=yes allow=pap disabled=no interface=ether1 keepalive-timeout=60 name=FTTH profile=mls service-name=MLS use-peer-dns=yes user=clavien417150@mls.nc
/queue tree
add max-limit=100M name=Download parent=bridge
add max-limit=100M name=Upload parent=FTTH
/queue type
add kind=pcq name=DSL-DL pcq-classifier=dst-address
add kind=pcq name=DSL-UL pcq-classifier=src-address
/queue tree
add name=queue1 packet-mark=lan-pqt,lan6-pqt parent=Download queue=DSL-DL
add name=queue2 packet-mark=lan-pqt,lan6-pqt parent=Upload queue=DSL-UL
/user group
set full policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web,sniff,sensitive,api,romon,dude,tikapp
add name=user policy=read,write,web,sensitive,!local,!telnet,!ssh,!ftp,!reboot,!policy,!test,!winbox,!password,!sniff,!api,!romon,!dude,!tikapp skin=user
/interface bridge port
add bridge=bridge interface=ether2
add bridge=bridge interface=ether3
add bridge=bridge interface=wlan1
add bridge=bridge interface=wlan2
add bridge=bridge interface=ether4
add bridge=bridge interface=akguest1
add bridge=bridge interface=akguest2
add bridge=bridge interface=akkids1
add bridge=bridge interface=akkids2
add bridge=bridge interface=akdom1
add bridge=bridge interface=CANLBOX-URM1
add bridge=bridge interface=ether5
add bridge=bridge interface="Cabinet Bowen1"
add bridge=bridge interface="Cabinet Bowen 2"
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface detect-internet
set detect-interface-list=all
/interface list member
add interface=bridge list=LAN
add interface=ether1 list=WAN
add interface=FTTH list=WAN
add interface=bridge_old_network list=LAN
/ip address
add address=192.168.88.1/24 interface=bridge network=192.168.88.0
add address=192.168.1.254/24 interface=bridge_old_network network=192.168.1.0
/ip arp
add address=192.168.88.250 comment=PC-AKAII-FIX interface=bridge mac-address=00:01:6C:D6:3D:04
add address=192.168.1.104 interface=bridge_old_network mac-address=B8:27:EB:93:9F:B6
add address=192.168.1.4 comment=akncnc interface=bridge_old_network mac-address=B8:27:EB:FF:8E:04
add address=192.168.1.5 comment=akngx interface=bridge_old_network mac-address=B8:27:EB:A7:CD:24
add address=192.168.1.19 comment=akkiss interface=bridge_old_network mac-address=B8:27:EB:CC:54:34
add address=192.168.1.18 comment=aksub interface=bridge_old_network mac-address=B8:27:EB:12:8C:F3
add address=192.168.1.8 comment=aksalt interface=bridge_old_network mac-address=B8:27:EB:72:70:0B
add address=192.168.1.131 comment=akrdp interface=bridge_old_network mac-address=B8:27:EB:93:9F:B6
add address=192.168.1.132 comment=aktag interface=bridge_old_network mac-address=DC:A6:32:0F:1D:2D
add address=192.168.1.122 comment=osmcbed interface=bridge_old_network mac-address=B8:27:EB:CA:CD:6B
add address=192.168.88.235 interface=bridge mac-address=B8:27:EB:04:86:FB
add address=192.168.88.249 comment=PC-AKAII-PORTABLE interface=bridge mac-address=3C:A9:F4:29:14:1C
add address=192.168.1.112 comment=PC-AKAII-PORTABLE interface=bridge_old_network mac-address=3C:A9:F4:29:14:1C
add address=192.168.88.148 comment=osmcliving interface=bridge mac-address=B8:27:EB:04:86:FB
add address=192.168.88.22 comment="aktor\
\n" interface=bridge mac-address=B8:27:EB:75:20:D5
add address=192.168.1.111 comment=tplrp4buster interface=bridge_old_network mac-address=DC:A6:32:0F:1D:2D
add address=192.168.88.124 comment="MiBox living" interface=bridge mac-address=3C:BD:3E:71:00:30
add address=192.168.88.126 comment="MiBox Bedroom" interface=bridge mac-address=3C:BD:3E:71:01:2D
add address=192.168.88.122 comment=akaiiphone interface=bridge mac-address=4E:FF:2D:58:2D:92
add address=192.168.88.118 comment="HP Deskjet" interface=bridge mac-address=30:E1:71:9E:6E:AB
add address=192.168.88.18 comment=aksub interface=bridge published=yes
/ip dhcp-client
add interface=ether1
/ip dhcp-server network
add address=10.10.10.0/24 dns-server=10.10.10.1 gateway=10.10.10.1
add address=192.168.1.0/24 dns-server=192.168.1.254 gateway=192.168.1.254
add address=192.168.88.0/24 dns-server=192.168.88.1 gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes servers=192.168.88.1,118.179.232.213
/ip dns static
add address=192.168.88.1 name=router.lan
/ip firewall address-list
add address=192.168.88.0/24 list=LAN
add address=202.22.224.14 comment="MLS Firewall" list=support
add address=202.22.224.7 comment="Dude server" list=support
add address=10.0.0.0/8 list=bogons
add address=169.254.0.0/16 list=bogons
add address=127.0.0.0/8 list=bogons
add address=224.0.0.0/3 list=bogons
add address=100.64.0.0/10 list=bogons
add address=0.0.0.0/8 list=bogons
add address=172.16.0.0/12 list=bogons
add address=192.0.0.0/24 list=bogons
add address=192.0.2.0/24 list=bogons
add address=192.168.0.0/16 list=bogons
add address=198.18.0.0/15 list=bogons
add address=198.51.100.0/24 list=bogons
add address=203.0.113.0/24 list=bogons
/ip firewall filter
add action=accept chain=input comment="accept established,related,untracked" connection-state=established,related,untracked
add action=accept chain=input comment="accept from support" src-address-list=support
add action=drop chain=input comment="drop invalid" connection-state=invalid
add action=accept chain=input comment="accept ICMP" protocol=icmp
add action=drop chain=input comment="drop all not coming from LAN" in-interface-list=!LAN log=yes log-prefix="Not from LAN"
add action=accept chain=input comment="Accept local connection CAPsMAN" dst-address=127.0.0.1
add action=drop chain=forward comment="drop bogons" dst-address-list=bogons log=yes out-interface-list=WAN
add action=accept chain=forward comment="accept in ipsec policy" ipsec-policy=in,ipsec
add action=accept chain=forward comment="accept out ipsec policy" ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment=fasttrack connection-state=established,related
add action=accept chain=forward comment="accept established,related, untracked" connection-state=established,related,untracked
add action=drop chain=forward comment="drop invalid" connection-state=invalid log=yes
add action=drop chain=forward comment="drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface-list=WAN
add action=drop chain=input comment="Winbox on WAN" dst-port=8291 in-interface=ether1 protocol=tcp
/ip firewall mangle
add action=mark-connection chain=forward new-connection-mark=lan-cnx passthrough=yes src-address-list=LAN
add action=mark-packet chain=forward connection-mark=lan-cnx new-packet-mark=lan-pqt passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat comment=masquerade ipsec-policy=out,none out-interface-list=WAN
add action=redirect chain=dstnat comment="Proxy DNS" dst-port=53 in-interface-list=all log-prefix="DNS -->" protocol=udp
add action=dst-nat chain=dstnat comment="akngx 443" dst-address=118.179.232.213 port=443 protocol=tcp to-addresses=192.168.88.5 to-ports=443
add action=dst-nat chain=dstnat comment=PC-AKAII-FIX dst-address=118.179.232.213 dst-port=47878 protocol=tcp to-addresses=192.168.88.250 to-ports=3389
add action=dst-nat chain=dstnat comment=aktor dst-address=118.179.232.213 dst-port=47879 protocol=tcp to-addresses=192.168.88.22 to-ports=5900
add action=dst-nat chain=dstnat comment="akngx 80" dst-address=118.179.232.213 port=80 protocol=tcp to-addresses=192.168.88.5 to-ports=80
add action=dst-nat chain=dstnat dst-address=118.179.232.213 dst-port=7132 protocol=tcp to-addresses=192.168.1.32 to-ports=7132
add action=dst-nat chain=dstnat disabled=yes dst-address=118.179.232.213 dst-port=80 protocol=tcp to-addresses=192.168.88.5 to-ports=80
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www address=192.168.1.0/24,118.179.232.213/32,192.168.88.0/24,202.22.229.166/32 port=4444
set ssh address=192.168.88.0/24,118.179.232.213/32,202.22.229.166/32,43.224.195.55/32 port=4722
set api address=202.22.224.14/32,2407:4a00:0:f00d::cafe/128
set winbox address=192.168.88.0/24,202.22.224.14/32,2407:4a00::/48
set api-ssl disabled=yes
/ipv6 address
# address pool error: pool not found: Poolv6 (4)
add advertise=no from-pool=Poolv6 interface=ether1
# address pool error: pool not found: Poolv6 (4)
add from-pool=Poolv6 interface=bridge
/ipv6 dhcp-client
add add-default-route=yes interface=FTTH pool-name=Poolv6 request=prefix
/ipv6 firewall address-list
add address=2407:4a00:0:f00d::cafe/128 comment="serveur MLS" list=support
add address=2407:4a00:0:173::/64 comment="SAV MLS" list=support
add address=2407:4a00:0:171::/64 comment="RD MLS" list=support
add address=2407:4a00::224:232:7/128 comment="Serveur Dude" list=support
add address=::/128 comment="unspecified address" list=bad_ipv6
add address=::1/128 comment=lo list=bad_ipv6
add address=fec0::/10 comment=site-local list=bad_ipv6
add address=::ffff:0.0.0.0/96 comment=ipv4-mapped list=bad_ipv6
add address=::/96 comment="ipv4 compat" list=bad_ipv6
add address=100::/64 comment="discard only" list=bad_ipv6
add address=2001:db8::/32 comment=documentation list=bad_ipv6
add address=2001:10::/28 comment=ORCHID list=bad_ipv6
add address=3ffe::/16 comment=6bone list=bad_ipv6
add address=::224.0.0.0/100 comment=other list=bad_ipv6
add address=::127.0.0.0/104 comment=other list=bad_ipv6
add address=::/104 comment=other list=bad_ipv6
add address=::255.0.0.0/104 comment=other list=bad_ipv6
/ipv6 firewall filter
add action=accept chain=input comment="accept established,related,untracked" connection-state=established,related,untracked
add action=accept chain=input comment="accept from support" src-address-list=support
add action=drop chain=input comment="drop invalid" connection-state=invalid
add action=accept chain=input comment="From support" src-address-list=support
add action=accept chain=input comment="accept ICMPv6" protocol=icmpv6
add action=accept chain=input comment="accept UDP traceroute" port=33434-33534 protocol=udp
add action=accept chain=input comment="accept DHCPv6-Client prefix delegation." dst-port=546 protocol=udp src-address=fe80::/16
add action=accept chain=input comment="accept IKE" dst-port=500,4500 protocol=udp
add action=accept chain=input comment="accept ipsec AH" protocol=ipsec-ah
add action=accept chain=input comment="accept ipsec ESP" protocol=ipsec-esp
add action=accept chain=input comment="accept all that matches ipsec policy" ipsec-policy=in,ipsec
add action=drop chain=input comment="drop everything else not coming from LAN" in-interface-list=!LAN
add action=accept chain=forward comment="accept established,related,untracked" connection-state=established,related,untracked
add action=drop chain=forward comment="drop invalid" connection-state=invalid
add action=drop chain=forward comment="drop packets with bad src ipv6" src-address-list=bad_ipv6
add action=drop chain=forward comment="drop packets with bad dst ipv6" dst-address-list=bad_ipv6
add action=drop chain=forward comment="rfc4890 drop hop-limit=1" hop-limit=equal:1 protocol=icmpv6
add action=accept chain=forward comment="accept ICMPv6" protocol=icmpv6
add action=accept chain=forward comment="accept HIP" protocol=139
add action=accept chain=forward comment="accept IKE" dst-port=500,4500 protocol=udp
add action=accept chain=forward comment="accept ipsec AH" protocol=ipsec-ah
add action=accept chain=forward comment="accept ipsec ESP" protocol=ipsec-esp
add action=accept chain=forward comment="accept all that matches ipsec policy" ipsec-policy=in,ipsec
add action=drop chain=forward comment="drop everything else not coming from LAN" in-interface-list=!LAN
/ipv6 firewall mangle
add action=mark-connection chain=forward in-interface-list=LAN new-connection-mark=lan6_cnx passthrough=yes
add action=mark-packet chain=forward connection-mark=lan6_cnx new-packet-mark=lan6-pqt passthrough=yes
/ipv6 nd
set [ find default=yes ] advertise-dns=no mtu=1480
/system clock
set time-zone-autodetect=no
/system clock manual
set time-zone=+11:00
/system identity
set name=clavien417150@mls.nc
/system logging
add topics=wireless
add prefix=FW--> topics=firewall
/system ntp client
set enabled=yes primary-ntp=202.22.224.18
/system package update
set channel=long-term
/system routerboard settings
set auto-upgrade=yes silent-boot=yes
/system scheduler
add interval=1d name=upgrade_os on-event=upgrade_os policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-date=aug/29/2018 start-time=03:00:00
add interval=1d name=upgrade_rb on-event=upgrade_rb policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-date=may/01/2020 start-time=03:20:00
/system script
add dont-require-permissions=no name=onup owner=*sys policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":delay 20s\r\
\n:local uptime [/system resource get uptime];\r\
\n:local macadd [/interface get [find default-name=ether1] mac-address];\r\
\n:local ver [/system resource get version];\r\
\n:local name [/interface pppoe-client get number=0 user];\r\
\n:local wan [/interface pppoe-client get number=0 name];\r\
\n:local model [/system routerboard get model];\r\
\n:local gw [/ip route get [find gateway=\$wan distance=0] dst-address];\r\
\n:local dhcp [/ipv6 dhcp-client get number=0 status];\r\
\n:if (\$dhcp =\"bound\") do={\r\
\n:set \$ip6 [/ipv6 pool get [find name=Poolv6] prefix];\r\
\n} else={\r\
\n:set \$ip6 \"nov6\";}\r\
\n/system identity set name=\$name;\r\
\n:set \$str \"rtrName=\$name&rtrMac=\$macadd&rtrUptime=\$uptime&rtrVersion=\$ver&rtrModel=\$model&rtrGW=\$gw&rtr6=\$ip6\";\r\
\n:put \$str;\r\
\n:do {\r\
\n:put \"Checking-in\";\r\
\n/tool fetch mode=https url=https://mtk.mls.nc/clientsmtkX.php keep-result=yes dst-path=resultat.txt http-method=post http-data=\$str ;\r\
\n} on-error={ log warning \"Greeter: Send to server Failed!\" }"
add dont-require-permissions=no name=upgrade_os owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive source=\
"/system package update\r\
\ncheck-for-updates once\r\
\n:delay 3s;\r\
\n:if ( [get status] = \"New version is available\") do={ install }"
add dont-require-permissions=no name=upgrade_rb owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive source=\
"/system routerboard \r\
\n:if ([get current-firmware] < [get upgrade-firmware]) do={ \r\
\n:log info \"Updating firmware\"; \r\
\nupgrade; \r\
\n/system reboot;\r\
\n} else={ \r\
\n:log info \"No update.\" }"
/tool graphing interface
add allow-address=192.168.88.0/24 interface=FTTH
add allow-address=192.168.88.0/24 interface=ether1
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN