Last active
April 29, 2022 13:28
-
-
Save gcv/ee70efb8e330eb4811ddfeced859c941 to your computer and use it in GitHub Desktop.
MikroTik hAP ac configuration
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # jun/09/2020 14:35:33 by RouterOS 6.46.6 | |
| # software id = XN0M-1C1M | |
| # | |
| # model = RouterBOARD 962UiGS-5HacT2HnT | |
| # serial number = REDACTED | |
| /interface bridge | |
| add admin-mac=REDACTED auto-mac=no comment=defconf name=bridge | |
| /interface wireless | |
| set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-XX disabled=no distance=indoors frequency=auto installation=indoor mode=ap-bridge \ | |
| ssid="NH Test (2.4GHz)" wireless-protocol=802.11 | |
| set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=20/40/80mhz-XXXX disabled=no distance=indoors frequency=auto installation=indoor mode=\ | |
| ap-bridge ssid="NH Test" wireless-protocol=802.11 | |
| /interface list | |
| add comment=defconf name=WAN | |
| add comment=defconf name=LAN | |
| /interface wireless security-profiles | |
| set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk mode=dynamic-keys supplicant-identity=MikroTik wpa-pre-shared-key=REDACTED \ | |
| wpa2-pre-shared-key=REDACTED | |
| /ip pool | |
| add name=dhcp ranges=192.168.88.10-192.168.88.254 | |
| /ip dhcp-server | |
| add address-pool=dhcp disabled=no interface=bridge name=defconf | |
| /user group | |
| set full policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web,sniff,sensitive,api,romon,dude,tikapp | |
| /interface bridge port | |
| add bridge=bridge comment=defconf interface=ether2 | |
| add bridge=bridge comment=defconf interface=ether3 | |
| add bridge=bridge comment=defconf interface=ether4 | |
| add bridge=bridge comment=defconf interface=ether5 | |
| add bridge=bridge comment=defconf interface=sfp1 | |
| add bridge=bridge comment=defconf interface=wlan1 | |
| add bridge=bridge comment=defconf interface=wlan2 | |
| /interface list member | |
| add comment=defconf interface=bridge list=LAN | |
| add comment=defconf interface=ether1 list=WAN | |
| /ip address | |
| add address=192.168.88.1/24 comment=defconf interface=ether2 network=192.168.88.0 | |
| /ip dhcp-client | |
| add comment=defconf disabled=no interface=ether1 | |
| /ip dhcp-server network | |
| add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1 | |
| /ip dns | |
| set allow-remote-requests=yes servers=1.1.1.1,1.0.0.1 | |
| /ip dns static | |
| add address=192.168.88.1 comment=defconf name=router.lan | |
| /ip firewall filter | |
| add action=accept chain=forward comment="defconf: accept in ipsec policy" ipsec-policy=in,ipsec | |
| add action=accept chain=forward comment="defconf: accept out ipsec policy" ipsec-policy=out,ipsec | |
| add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related | |
| add action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=established,related,untracked | |
| add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid | |
| add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface-list=WAN | |
| /ip firewall nat | |
| add action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=out,none out-interface-list=WAN | |
| /ip upnp | |
| set enabled=yes | |
| /ip upnp interfaces | |
| add interface=bridge type=internal | |
| add interface=ether1 type=external | |
| /system clock | |
| set time-zone-name=America/Los_Angeles | |
| /system identity | |
| set name=mikrotik |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # may/28/2020 14:22:16 by RouterOS 6.46.4 | |
| # software id = XN0M-1C1M | |
| # | |
| # model = RouterBOARD 962UiGS-5HacT2HnT | |
| # serial number = REDACTED | |
| /interface bridge | |
| add admin-mac=REDACTED auto-mac=no comment=defconf name=bridge | |
| /interface wireless | |
| set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-XX disabled=no distance=indoors frequency=auto installation=indoor mode=ap-bridge \ | |
| ssid="NH Test 2.4" wireless-protocol=802.11 | |
| set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=20/40/80mhz-XXXX disabled=no distance=indoors frequency=auto installation=indoor mode=\ | |
| ap-bridge ssid="NH Test 5" wireless-protocol=802.11 | |
| /interface wireless security-profiles | |
| set [ find default=yes ] authentication-types=wpa2-psk mode=dynamic-keys supplicant-identity=MikroTik wpa2-pre-shared-key=REDACTED | |
| /ip hotspot profile | |
| set [ find default=yes ] html-directory=flash/hotspot | |
| /interface bridge port | |
| add bridge=bridge comment=defconf interface=ether2 | |
| add bridge=bridge comment=defconf interface=ether3 | |
| add bridge=bridge comment=defconf interface=ether4 | |
| add bridge=bridge comment=defconf interface=ether5 | |
| add bridge=bridge comment=defconf interface=sfp1 | |
| add bridge=bridge comment=defconf interface=wlan1 | |
| add bridge=bridge comment=defconf interface=wlan2 | |
| /ip neighbor discovery-settings | |
| set discover-interface-list=none | |
| /interface list member | |
| add comment=defconf interface=bridge | |
| /ip address | |
| add address=10.0.0.2/8 comment=defconf interface=bridge network=10.0.0.0 | |
| /ip dns | |
| set servers=10.0.0.1 | |
| /ip route | |
| add check-gateway=arp distance=1 gateway=10.0.0.1 | |
| /system clock | |
| set time-zone-name=America/Los_Angeles |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment