# 2024-11-10 20:52:05 by RouterOS 7.16.1
# software id = DW5L-9VCS
#
# model = RB4011iGS+
# serial number = HEC08YZ3AXE
/interface bridge
add comment="#PPPOE SERVER#" name=bridge1 port-cost-mode=short
/interface ethernet
set [ find default-name=ether1 ] comment="#LINK CLARO#"
set [ find default-name=ether2 ] comment=\
"#BRIDGE PPPOE CAM 2,3,4,5# #UPLINK FIBRA 1GB FUNDOS #Lucas BLOCO 4"
set [ find default-name=ether3 ] comment=\
"#UPLINK FIBRA 1GB RESTAURANTE # Bloco 3"
set [ find default-name=ether4 ] comment=\
"#UPLINK CBO UTP 100MB RESTAURANTE #"
set [ find default-name=ether5 ] comment="# NVD INTELBRAS #"
set [ find default-name=ether6 ] comment="\?\?Uplink app 311\?\?"
set [ find default-name=ether8 ] comment="Cip 850"
set [ find default-name=ether9 ] comment="Ramal Recep\E7\E3o"
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=pool1-PPOE ranges=100.64.1.2-100.64.1.254
add name=pool2-Cameras ranges=172.16.20.70-172.16.20.100
add name=dhcp_pool2 ranges=172.16.20.70-172.16.20.254
add name=vpn ranges=192.168.89.2-192.168.89.255
/ip dhcp-server
add address-pool=dhcp_pool2 interface=bridge1 lease-time=1d10m name=dhcp1
/port
set 0 name=serial0
set 1 name=serial1
/ppp profile
add change-tcp-mss=yes dns-server=8.8.8.8,1.1.1.1 local-address=100.64.1.1 \
name=SERVER-PPPOE remote-address=pool1-PPOE
add local-address=100.64.1.1 name=plano_100MB rate-limit=100m/100m \
remote-address=pool1-PPOE
set *FFFFFFFE local-address=192.168.89.1 remote-address=vpn
/interface bridge port
add bridge=bridge1 interface=ether2 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether3 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether4 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether5 internal-path-cost=10 path-cost=10
add bridge=bridge1 interface=ether6 internal-path-cost=10 path-cost=10
add bridge=bridge1 comment="#RAMAL 9 RECEPCAO ##" interface=ether7 \
internal-path-cost=10 path-cost=10
add bridge=bridge1 comment="##CIP 850 ##" interface=ether8 \
internal-path-cost=10 path-cost=10
add bridge=bridge1 comment="#RAMAL 9 RECEPCAO ##" interface=ether9 \
internal-path-cost=10 path-cost=10
/ip firewall connection tracking
set enabled=yes loose-tcp-tracking=no udp-timeout=10s
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/interface l2tp-server server
set use-ipsec=yes
/interface list member
add interface=ether1 list=WAN
add interface=bridge1 list=LAN
/interface pppoe-server server
add authentication=chap,mschap1,mschap2 default-profile=SERVER-PPPOE \
disabled=no interface=bridge1 max-mru=1480 max-mtu=1480 service-name=\
PPPOE_SERVER
/ip address
add address=172.16.20.1/24 interface=bridge1 network=172.16.20.0
add address=172.16.20.61/8 interface=bridge1 network=172.0.0.0
add address=192.168.100.85/24 interface=bridge1 network=192.168.100.0
/ip cloud
set ddns-update-interval=1m
/ip dhcp-client
add interface=ether1
/ip dhcp-server lease
add address=172.16.20.2 client-id=1:80:8f:e8:a3:5e:ee comment=NVD \
mac-address=80:8F:E8:A3:5E:EE server=dhcp1
add address=172.16.20.3 client-id=1:48:51:cf:5e:4f:79 comment="CAM 01" \
mac-address=48:51:CF:5E:4F:79 server=dhcp1
add address=172.16.20.4 client-id=1:48:51:cf:5e:4f:a3 comment="CAM 02" \
mac-address=48:51:CF:5E:4F:A3 server=dhcp1
add address=172.16.20.35 client-id=1:68:ff:7b:cb:3:d3 comment=\
"TP-LINK RADIO EXTERNO" mac-address=68:FF:7B:CB:03:D3 server=dhcp1
add address=172.16.20.5 client-id=1:48:51:cf:57:31:7 comment="CAM 05 IM5 S" \
mac-address=48:51:CF:57:31:07 server=dhcp1
add address=172.16.20.6 client-id=1:18:d:2c:85:a7:2b comment=\
"CAMERA RECEPCAO" mac-address=18:0D:2C:85:A7:2B server=dhcp1
add address=172.16.20.8 client-id=1:18:d:2c:85:a7:31 comment=\
"CAMERA MIBO RESTAURANTE" mac-address=18:0D:2C:85:A7:31 server=dhcp1
add address=172.16.20.39 client-id=1:d8:77:8b:57:c:4 comment=\
"RADIO INTELBRAS RESTAURANTE" mac-address=D8:77:8B:57:0C:04 server=dhcp1
add address=172.16.20.9 client-id=1:48:51:cf:45:77:c6 comment=\
"camera recepcao" mac-address=48:51:CF:45:77:C6 server=dhcp1
add address=172.16.20.10 client-id=1:48:51:cf:7f:9b:ec comment="CAMERA 06" \
mac-address=48:51:CF:7F:9B:EC server=dhcp1
add address=172.16.20.11 client-id=1:48:51:cf:5e:5b:e0 comment="CAM 07" \
mac-address=48:51:CF:5E:5B:E0 server=dhcp1
add address=172.16.20.67 client-id=1:30:e1:f1:40:37:7d comment="CAM PARK" \
mac-address=30:E1:F1:40:37:7D server=dhcp1
/ip dhcp-server network
add address=172.16.20.0/24 dns-server=8.8.8.8,1.1.1.1 gateway=172.16.20.1
/ip dns
set servers=8.8.8.8,8.8.6.6,1.1.1.1
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
/ip ipsec profile
set [ find default=yes ] dpd-interval=2m dpd-maximum-failures=5
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/ip upnp
set show-dummy-rule=no
/ppp secret
add name=401 profile=SERVER-PPPOE service=pppoe
add name=kiko profile=plano_100MB service=pppoe
add name=402 profile=SERVER-PPPOE service=pppoe
add name=411 profile=SERVER-PPPOE service=pppoe
add name=412 profile=SERVER-PPPOE service=pppoe
add name=413 profile=SERVER-PPPOE service=pppoe
add name=414 profile=SERVER-PPPOE service=pppoe
add name=421 profile=SERVER-PPPOE service=pppoe
add name=301 profile=SERVER-PPPOE service=pppoe
add name=311 profile=SERVER-PPPOE service=pppoe
add name=312 profile=SERVER-PPPOE service=pppoe
add name=radio01 profile=SERVER-PPPOE service=pppoe
add name=radio02 profile=SERVER-PPPOE service=pppoe
add name=radio03 profile=SERVER-PPPOE service=pppoe
add name=radio04 profile=SERVER-PPPOE service=pppoe
add name=radio05 profile=SERVER-PPPOE service=pppoe
add name=radio06 profile=SERVER-PPPOE service=pppoe
add name=radio07 profile=SERVER-PPPOE service=pppoe
add name=radio08 profile=SERVER-PPPOE service=pppoe
add name=radio09 profile=SERVER-PPPOE service=pppoe
add name=radio10 profile=SERVER-PPPOE service=pppoe
add name=radio11 profile=SERVER-PPPOE service=pppoe
add name=radio12 profile=SERVER-PPPOE service=pppoe
add name=radio13 profile=SERVER-PPPOE service=pppoe
add name=radio14 profile=SERVER-PPPOE service=pppoe
add name=313 profile=SERVER-PPPOE service=pppoe
add name=314 profile=SERVER-PPPOE service=pppoe
add name=315 profile=SERVER-PPPOE service=pppoe
add name=316 profile=SERVER-PPPOE service=pppoe
add name=vpn
/system identity
set name=COQUILE
/system note
set show-at-login=no
/system routerboard settings
set enter-setup-on=delete-key