@romaro
Планирую сделать апдейт с версии 6.xx, чтобы подключить LTE-модем Huawei E3372h-320. Где-то читал, что 7-я версия бажит с меченым трафиком (но то была beta1, а сейчас 6). У меня достаточно простая конфигурация, но есть маршрутизация по меткам. Должно ли работать?
[admin@MikroTik] > export
# jul/29/2021 16:23:15 by RouterOS 6.45.8
# software id = 5TPH-MU43
#
# model = RBD52G-5HacD2HnD
# serial number = xxxxxxxxxxxxx
/interface bridge
add igmp-snooping=yes mtu=1500 name=bridge_LAN protocol-mode=none
add igmp-snooping=yes name=bridge_tv
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-eC country=russia disabled=no frequency=2432 mode=
ap-bridge ssid=y3y
set [ find default-name=wlan2 ] country=russia disabled=no mode=ap-bridge ssid=y4y
/interface vlan
<b>add interface=ether1 name=VLAN_rt-internet vlan-id=3823
add interface=ether1 name=VLAN_rt-tv vlan-id=592</b>
/interface pppoe-client
add add-default-route=yes disabled=no interface=VLAN_rt-internet max-mru=1492 max-mtu=1500 name=PPPoE-client_rt password=
xxxxxxxxxxxx use-peer-dns=yes user=xxxxxxxxxxxxxx
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk mode=dynamic-keys supplicant-identity=MikroTik
wpa-pre-shared-key=romaroma wpa2-pre-shared-key=romaroma
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=LAN_dhcp_pool ranges=192.168.9.2-192.168.9.20
/ip dhcp-server
add address-pool=LAN_dhcp_pool disabled=no interface=bridge_LAN lease-time=4w2d name=LAN_dhcp
/ppp profile
set *0 use-encryption=no
/user group
add name=ip_phones policy=
local,ftp,read,!telnet,!ssh,!reboot,!write,!policy,!test,!winbox,!password,!web,!sniff,!sensitive,!api,!romon,!dude,!tikapp
/interface bridge port
add bridge=bridge_LAN interface=ether5
add bridge=bridge_LAN interface=wlan1
add bridge=bridge_LAN interface=wlan2
add bridge=bridge_tv interface=VLAN_rt-tv
add bridge=bridge_tv interface=ether4
add interface=ether2
/interface pppoe-server server
add disabled=no interface=bridge_LAN service-name=test_PPPoE
/ip address
add address=192.168.9.1/24 interface=bridge_LAN network=192.168.9.0
/ip dhcp-client
add add-default-route=no disabled=no interface=ether2 use-peer-dns=no
/ip dhcp-server lease
add address=192.168.9.20 client-id=1:0:e0:52:a6:c4:fa mac-address=00:E0:52:A6:C4:FA server=LAN_dhcp
/ip dhcp-server network
add address=192.168.9.0/24 gateway=192.168.9.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip firewall address-list
add address=xxxxxxxxxxxxxx list="External IPs"
/ip firewall filter
add action=accept chain=forward comment="D0E0E7F0E5F8E0E5F2 EBFEE1EEE9 F2F0E0F4E8EA ECE5E6E4F3 F5EEF1
F2E0ECE8 EBEEEAE0EBFCEDEEE9 F1E5F2E8" dst-address=192.168.9.0/24 src-address=192.168.9.20
add action=log chain=forward comment="CFF0EEE2E5F0FFFE F2F0E0F4E8EA IP-F2E5EBE5F4EEEDE0" log=yes
log-prefix=polycom src-address=192.168.9.13
add action=drop chain=forward comment="C7E0EFF0E5F9E0E5F2 E4EBFF EAEEECEFE0 E2E5F1FC E8F1F5EEE4FFF9
E8E9 F2F0E0F4E8EA (EAF0EEECE5 F0E0E7F0E5F8E5EDEDEEE3EE E2FBF8E5)" src-address=192.168.9.20
add action=accept chain=input connection-state=established,related,untracked
add action=drop chain=input connection-state=invalid
add action=accept chain=input protocol=icmp
add action=drop chain=input in-interface=!bridge_LAN
add action=accept chain=forward ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward connection-state=established,related
add action=accept chain=forward connection-state=established,related,untracked
add action=drop chain=forward connection-state=invalid
add action=drop chain=forward connection-nat-state=!dstnat connection-state=new disabled=yes
add action=drop chain=input dst-address-list="External IPs" dst-port=53 protocol=udp
add action=drop chain=input dst-address-list="External IPs" dst-port=53 protocol=tcp
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether2
add action=masquerade chain=srcnat out-interface=PPPoE-client_rt
/ip firewall service-port
set ftp disabled=yes
set irc disabled=yes
set pptp disabled=yes
/ip route
<b>add distance=2 gateway=xxxxxxxxxxxxxxxx routing-mark=mosnet1</b>
/ip route rule
add action=lookup-only-in-table src-address=10.15.1.2/32 table=mosnet1
/ip service
set api disabled=yes
set api-ssl disabled=yes
/ppp secret
add local-address=10.15.1.1 name=mosnet1 password=123 remote-address=10.15.1.2 service=pppoe
add local-address=10.19.1.3 name=rt1 password=123 remote-address=10.19.1.4 service=pppoe
/system clock
set time-zone-name=Europe/Moscow
Решения вопроса 0
Ответы на вопрос 2
@Tabletko
Это бета, используйте на свой страх и риск. Стабильность никто не гарантирует и даже не обещает.
@martin74ua
обновляетесь, конфигурите, проверяете. В чем проблема то? это у вас займет 15 минут….