11.09.2023., 18:44
|
#447
|
|
Registered User
Datum registracije: Oct 2021
Lokacija: Grobinština
Postovi: 66
|
DHCP cliant searching
Da odgovorim svima.
Mikrotik je spojen direktno na ONT od ISP-a a konekcija je ppoe sa passwordom i imenom usera. DHCP server je na Mikrotiku.
Neznam koje bi podatke trebao dati da Nikky ne traži novu kristalnu kuglu.
Možda vam treba ovo
Code:
/ip> export hide-sensitiv
2023-09-11 18:39:03 by RouterOS 7.11
# software id = 2Q2C-PP2H
#
# model = C53UiG+5HPaxD2HPaxD
# serial number = HEQ0xxxxxxx
/ip pool
add name=dhcp ranges=192.168.5.100-192.168.5.254
/ip dhcp-server
add address-pool=dhcp interface=bridge lease-time=10m name=DHCP_LAN
/ip address
add address=192.168.5.5/24 interface=bridge network=192.168.5.0
add address=192.168.10.1/24 interface=dokers network=192.168.10.0
/ip dhcp-client
add interface="ether1[WAN]"
/ip dhcp-server lease
add address=192.168.5.1 client-id=1:c0:74:ad:33:8f:3e comment=telephon mac-address=C0:74:AD:33:8F:3E server=DHCP_LAN
/ip dhcp-server network
add address=192.168.5.0/24 dns-server=1.1.1.1 gateway=192.168.5.5 netmask=24
/ip dns
set servers=192.168.10.2,9.9.9.9
/ip dns static
add address=192.168.5.5 comment=defconf name=router.lan
/ip firewall address-list
add address=192.168.5.10-192.168.5.30 list=allowed_to_router
/ip neighbor discovery-settings
set discover-interface-list=all
/ip firewall filter
add action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment="defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
add action=drop chain=input comment="defconf: drop all not coming from LAN" in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related \
hw-offload=yes
add action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface-list=WAN
add action=drop chain=input comment="drop ftp brute forcers" dst-port=21 protocol=tcp src-address-list=ftp_blacklist
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=out,none out-interface-list=WAN
add action=masquerade chain=srcnat src-address=192.168.0.0/24
add action=dst-nat chain=dstnat comment=Container dst-address=192.168.5.5 dst-port=888 protocol=tcp to-addresses=\
192.168.10.2 to-ports=80
/ip firewall service-port
set tftp disabled=yes
set h323 disabled=yes
/ip service
set telnet disabled=yes
/ip ssh
set always-allow-password-login=yes forwarding-enabled=local host-key-size=4096
Zadnje izmijenjeno od: Nikky. 11.09.2023. u 19:26.
Razlog: Maknut serial ...
|
|
|