Here is my configuration, I would really appreciate if you can take a look and tell me if I did something wrong. Thank you.
Code: Select all
# sep/02/2021 22:15:05 by RouterOS 6.48.4
# software id = LI1W-MX7U
#
# model = RB760iGS
# serial number = E1F20E0DCED8
/interface bridge
add name=bridge
/interface ethernet
set [ find default-name=ether5 ] poe-out=forced-on
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=pool_1 ranges=192.168.3.10-192.168.3.254
/ip dhcp-server
add address-pool=pool_1 disabled=no interface=bridge name=Server
/interface bridge port
add bridge=bridge interface=LAN
/interface list member
add interface=ether1 list=WAN
add interface=ether2 list=WAN
add interface=ether3 list=LAN
add interface=ether5 list=LAN
add interface=ether4 list=LAN
add interface=sfp1 list=LAN
/ip address
add address=192.168.3.1/24 interface=bridge network=192.168.3.0
add address=192.168.1.2/24 interface=ether1 network=192.168.1.0
add address=192.168.2.100/24 interface=ether2 network=192.168.2.0
/ip dhcp-client
add !dhcp-options disabled=no interface=ether2
add disabled=no interface=ether1
/ip dhcp-server lease
add address=192.168.3.2 client-id=1:68:d7:9a:86:a7:9d comment="Access Point" \
mac-address=68:D7:9A:86:A7:9D server=Server
/ip dhcp-server network
add address=192.168.3.0/24 dns-server=192.168.3.1 gateway=192.168.3.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip firewall filter
add action=drop chain=forward disabled=yes dst-address=192.168.1.1 \
src-address=192.168.3.0/24
add action=drop chain=forward disabled=yes dst-address=192.168.2.1 \
src-address=192.168.3.0/24
/ip firewall mangle
add action=mark-connection chain=output connection-mark=no-mark \
connection-state=new new-connection-mark=VodaFiber_conn out-interface=\
ether1 passthrough=yes
add action=mark-routing chain=output connection-mark=VodaFiber_conn \
new-routing-mark=to_VodaFiber out-interface=ether1 passthrough=yes
add action=mark-connection chain=output connection-mark=no-mark \
connection-state=new new-connection-mark=VodaLte_conn out-interface=\
ether2 passthrough=yes
add action=mark-routing chain=output connection-mark=VodaLte_conn \
new-routing-mark=to_VodaFiber out-interface=ether2 passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
add action=masquerade chain=srcnat out-interface=ether2
/ip route
add check-gateway=ping distance=1 gateway=8.8.8.8 routing-mark=to_VodaFiber
add check-gateway=ping distance=2 gateway=8.8.4.4 routing-mark=to_VodaFiber
add check-gateway=ping distance=1 gateway=8.8.4.4 routing-mark=to_VodaLte
add check-gateway=ping distance=2 gateway=8.8.8.8 routing-mark=to_VodaLte
add distance=1 dst-address=8.8.4.4/32 gateway=192.168.2.1 scope=10
add distance=1 dst-address=8.8.8.8/32 gateway=192.168.1.1 scope=10
/system clock
set time-zone-name=Europe/Rome