I have made a bridge for the sfp1-4 and ether1-4. I think thats how I solve the WAN switch.
I made my ether12 to be dhcp client.
Is the remote access port totally secure from the bridge interface?
Code: Select all
# dec/09/2021 09:07:53 by RouterOS 6.49.2
# software id = TLK6-LGFC
#
# model = CCR1036-12G-4S
# serial number =
/interface bridge
add name=WAN-bridge
/interface ethernet
set [ find default-name=sfp2 ] advertise=10000M-full
/interface list
add exclude=all include=all name=LAN
add name=WAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/interface bridge port
add bridge=WAN-bridge interface=sfp1
add bridge=WAN-bridge interface=sfp2 learn=yes trusted=yes
add bridge=WAN-bridge interface=sfp3
add bridge=WAN-bridge interface=sfp4
add bridge=WAN-bridge interface=ether1
add bridge=WAN-bridge interface=ether2
add bridge=WAN-bridge interface=ether3
add bridge=WAN-bridge interface=ether4
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/interface list member
add interface=WAN-bridge list=WAN
/ip dhcp-client
add disabled=no interface=ether12
/system clock
set time-zone-name=Europe/Copenhagen