On Log its too much info about
Code: Select all
srcnat: in:(unknown 0) out:ether2_WAN, src-mac.....
Code: Select all
# model = RB2011UiAS-2HnD
/interface bridge
add fast-forward=no mtu=1500 name=bridge1
/interface ethernet
set [ find default-name=ether1 ] name=ether1_WANBK
set [ find default-name=ether2 ] name=ether2_WAN rx-flow-control=auto tx-flow-control=auto
set [ find default-name=ether5 ] name=ether5_LAN rx-flow-control=auto tx-flow-control=auto
set [ find default-name=ether6 ] disabled=yes
set [ find default-name=ether7 ] disabled=yes
set [ find default-name=ether8 ] disabled=yes
set [ find default-name=ether9 ] disabled=yes
set [ find default-name=ether10 ] disabled=yes
set [ find default-name=sfp1 ] disabled=yes
/interface wireless
set [ find default-name=wlan1 ] country=indonesia2 disabled=no \
frequency-mode=manual-txpower mode=ap-bridge ssid=PERBEND
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk mode= dynamic-keys wpa-pre-shared-key=........ wpa2-pre-shared-key=........
/ip pool
add name=dhcp_pool0 ranges=192.168.200.1-192.168.200.250
/ip dhcp-server
add address-pool=dhcp_pool0 bootp-support=none disabled=no interface=ether5_LAN lease-time=3d10m name=dhcp1
/interface bridge port
add bridge=bridge1 fast-leave=yes interface=ether1_WANBK point-to-point=no restricted-role=yes trusted=yes
add bridge=bridge1 fast-leave=yes interface=wlan1 point-to-point=no trusted=yes
/interface bridge settings
set use-ip-firewall=yes
/ip settings
set accept-redirects=yes accept-source-route=yes secure-redirects=no
/ip address
add address=192.168.200.254/24 interface=ether5_LAN network=192.168.200.0
/ip dhcp-client
add add-default-route=no disabled=no interface=bridge1 use-peer-dns=no use-peer-ntp=no
add add-default-route=no disabled=no interface=ether2_WAN use-peer-dns=no use-peer-ntp=no
/ip dhcp-server network
add address=192.168.200.0/24 dns-server=192.168.200.254 gateway=192.168.200.254 netmask=24 ntp-server=192.168.200.254
add address=192.168.222.0/24 dns-server=192.168.222.254 gateway=192.168.222.254 netmask=24 ntp-server=192.168.222.254
/ip dns
set allow-remote-requests=yes servers=172.25.5.1,192.168.30.1,8.8.8.8
/ip firewall nat
add action=masquerade chain=srcnat log=yes out-interface=ether2_WAN
/ip route
add distance=30 gateway=172.25.5.1
add disabled=yes distance=1 dst-address=10.10.0.0/16 gateway=172.25.5.1
add distance=1 dst-address=172.18.0.0/24 gateway=172.25.5.1