Гостевая сеть
Добавлено: 04 авг 2018, 11:29
Всем доброго времени суток! второй день мучаюсь с гостевой сетью, перечитал полтонны мануалов, форумы всевозжные перешерстил. Гостевая сеть создается, но интернета на ней нет. Раз 10 уже пересоздавал, пробовал всевозможные варианты. В общем 6 часов мучений и толку ноль. Тыкните носом пожалуйста что делаю не так.
Код: Выделить всё
# aug/04/2018 11:11:23 by RouterOS 6.42.6
# software id = R1YL-WEQ6
#
# model = RBD52G-5HacD2HnD
# serial number =
/interface bridge
add arp=proxy-arp fast-forward=no mtu=1500 name=LAN-Bridge
add fast-forward=no name="guest wi fi bridge" protocol-mode=none
/interface ethernet
set [ find default-name=ether2 ] name=LAN1-slave
set [ find default-name=ether3 ] name=LAN3-slave
set [ find default-name=ether4 ] name=LAN4-Master
set [ find default-name=ether5 ] name=LAN5-slave
set [ find default-name=ether1 ] name=WAN1
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk eap-methods="" \
mode=dynamic-keys supplicant-identity=MikroTik wpa-pre-shared-key=\
111 wpa2-pre-shared-key=111
add authentication-types=wpa-psk,wpa2-psk eap-methods="" mode=dynamic-keys \
name=profile supplicant-identity=MikroTik wpa-pre-shared-key=111 \
wpa2-pre-shared-key=111
add authentication-types=wpa-psk,wpa2-psk eap-methods="" mode=dynamic-keys \
name=Guest_Wi-Fi supplicant-identity="" wpa-pre-shared-key=unreachable \
wpa2-pre-shared-key=1122334455
/interface wireless
set [ find default-name=wlan2 ] adaptive-noise-immunity=ap-and-client-mode \
band=5ghz-a/n/ac channel-width=20/40/80mhz-Ceee country="united states" \
disabled=no frequency=auto frequency-mode=regulatory-domain \
guard-interval=long hw-protection-mode=rts-cts mode=ap-bridge \
multicast-helper=full name=wifi-5Ghz security-profile=profile ssid=\
" 5Ghz" wireless-protocol=802.11 wps-mode=disabled
set [ find default-name=wlan1 ] adaptive-noise-immunity=ap-and-client-mode \
band=2ghz-b/g/n channel-width=20/40mhz-Ce country="united states" \
disabled=no frequency=auto frequency-mode=superchannel guard-interval=\
long hw-protection-mode=rts-cts mode=ap-bridge multicast-helper=full \
name=wifi-24ghz security-profile=profile ssid="22ghz" \
wireless-protocol=802.11 wmm-support=enabled wps-mode=disabled
add disabled=no keepalive-frames=disabled mac-address= \
master-interface=wifi-24ghz multicast-buffering=disabled name=wlan1 \
security-profile=Guest_Wi-Fi ssid=wifi wds-cost-range=0 wds-default-cost=\
0 wmm-support=enabled wps-mode=disabled
/interface wireless nstreme
set wifi-5Ghz enable-polling=no
set wifi-24ghz enable-polling=no
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=dhcp ranges=192.168.1.1-192.168.1.254
add name="pool wifi" ranges=10.10.10.2-10.10.10.50
/ip dhcp-server
add add-arp=yes address-pool=dhcp bootp-support=dynamic disabled=no \
interface=LAN-Bridge lease-time=12h name=DHCP-Lan
add add-arp=yes address-pool="pool wifi" bootp-support=dynamic disabled=no \
interface=wlan1 name=server1
/ppp profile
add bridge=LAN-Bridge local-address=192.168.1.1 name=profile1 remote-address=\
dhcp
/interface l2tp-client
add add-default-route=yes connect-to=fvpn.fryazino.net disabled=no max-mtu=\
1500 name=l2tp-out1 password=password profile=default user=user
/interface bridge filter
# no interface
add action=drop chain=forward in-interface=*A
# no interface
add action=drop chain=forward out-interface=*A
# no interface
add action=drop chain=forward in-interface=*B
# no interface
add action=drop chain=forward out-interface=*B
/interface bridge port
add bridge=LAN-Bridge interface=LAN4-Master
add bridge=LAN-Bridge interface=wifi-24ghz
add bridge=LAN-Bridge interface=wifi-5Ghz
add bridge=LAN-Bridge interface=LAN3-slave
add bridge=LAN-Bridge interface=LAN5-slave
add bridge=LAN-Bridge interface=LAN1-slave
/ip neighbor discovery-settings
set discover-interface-list=none
/interface list member
add list=LAN
add interface=LAN1-slave list=LAN
add interface=LAN3-slave list=LAN
add interface=LAN4-Master list=LAN
add interface=LAN5-slave list=LAN
add interface=wifi-24ghz list=LAN
add interface=WAN1 list=WAN
add interface=LAN-Bridge list=LAN
/interface wireless access-list
add ap-tx-limit=104
add ap-tx-limit=104
/ip address
add address=192.168.223.63/24 interface=WAN1 network=192.168.223.0
add address=192.168.1.1/24 interface=LAN1-slave network=192.168.1.0
add address=10.10.10.1 interface=wlan1 network=10.10.10.0
/ip dhcp-client
add dhcp-options=hostname,clientid interface=WAN1
/ip dhcp-server network
add address=10.10.10.0/24 gateway=10.10.10.1 netmask=24
add address=192.0.0.0/8 gateway=192.168.1.1 netmask=8
add address=192.168.1.0/24 gateway=192.168.1.1 netmask=24
add address=192.168.223.0/24 gateway=192.168.223.64 netmask=24
/ip dns
set allow-remote-requests=yes servers=192.168.2.20
/ip firewall filter
add action=accept chain=forward out-interface=l2tp-out1
/ip firewall nat
add action=masquerade chain=srcnat out-interface=l2tp-out1
add action=masquerade chain=srcnat out-interface=l2tp-out1 src-address=\
10.10.10.0/24
add action=masquerade chain=srcnat out-interface=WAN1 src-address=\
10.10.10.0/24
/ip route
add bgp-med=0 distance=2 gateway=192.168.223.1
/ip service
set telnet disabled=yes
set ftp disabled=yes
set ssh disabled=yes
/ip upnp
set enabled=yes
/ip upnp interfaces
add interface=LAN-Bridge type=internal
add interface=WAN1 type=external
/system clock
set time-zone-name=Europe/Moscow
/system package update
set channel=release-candidate
/system routerboard settings
set silent-boot=no