|
28.01.2022., 11:57 | #302 |
BIND SOFT d.o.o.
Datum registracije: Feb 2006
Lokacija: Novska
Postovi: 2,360
|
ni dmz prema mirku? ne prolazi mi ssh. |
|
|
Oglas
|
|
15.02.2022., 23:47 | #307 |
Premium
Datum registracije: Nov 2006
Lokacija: HR
Postovi: 4,620
|
ima li kojeg mikrotik skriptera ovdje ? kako slozit skriptu, tj da mi logira vanji ip adresu da vidim kad dođe do promjene ip>>cloud>>public adress e sad, kako slozit da on promjenu objavi u log history ? |
24.02.2022., 00:18 | #308 |
Premium
Datum registracije: Feb 2007
Lokacija: Dalmacija
Postovi: 5,600
|
Mi mikrotik amateri Sad imam(cu imat) PPPoE distance 20, A1 WAN distance 10 Jeli moguće nasteliti da jedan uredjaj (tv s netflixom) ide na net preko PPPoE, a ostali uredjaji da idu preko WANa vanka? Ako da u kojem smijeru trebam gledat? |
24.02.2022., 01:39 | #309 |
Premium
Datum registracije: Dec 2007
Lokacija: vž
Postovi: 1,313
|
@dado: https://mhelp.pro/mikrotik-scripts-n...outer-changes/ Za output u log slozis u if bloku umjesto mail i telegram npr: /log info ""New IP: $NewIP, Previous IP: $CurrentIP"; |
24.02.2022., 10:37 | #310 |
Premium
Datum registracije: Nov 2006
Lokacija: HR
Postovi: 4,620
|
Cu probat. Tnx A ovo za 2 wana koristit, moguce je |
|
|
Oglas
|
|
24.02.2022., 10:37 | #311 | |
Premium
Datum registracije: May 2007
Lokacija: Zagreb
Postovi: 206
|
Citiraj:
Takodjer firewall/mangle - chain prerouting - src adress (ip adresa uredjaja) / in interface (interface na kojem je lokalna mreza) - action - mark routing - new routing mark (naziv routinga koji ce biti gore naveden u ruti. |
|
24.02.2022., 20:10 | #312 |
Premium
Datum registracije: Feb 2007
Lokacija: Dalmacija
Postovi: 5,600
|
E to te ja pitam, tenks sad cu prckat tako. Eh problem u startu, koju nisam mislio da cu imat. Spojim 5G antenu od A1 direkt u laptop automatski imam full internet u roku od 10 sekundi. U mikrotika ustekam u Ether 3, gdje je prije bio WAN 4G od HTa, nema interneta, iako aplikacija kaze da ima o.O Problem je sto antena mijenja IP. https://prnt.sc/3sXC1xWBFNrO Edit riješio izgleda da je modemu trebalo malo duze da se digne Zadnje izmijenjeno od: OuttaControl. 25.02.2022. u 00:34. |
25.02.2022., 19:18 | #313 |
Premium
Datum registracije: Feb 2007
Lokacija: Dalmacija
Postovi: 5,600
|
Dragi dnevnice, j*** te mikrotik da te j*** i sta si ga kupio: Ovaj mikrotik je stvanro most user UNfriendly device ikad. Isa disejblat ether3 wan da provjerim nesto na ether1. Kaze mikrotik internet detected, ali nista ne radi ofc zasto bi jer je jucer radilo. Dobro jebe me se Iden resetirat config i ucitat ponovo staru kad resetira. Kliknem ja reset, after reset load preA1 config. I restiram kad ono nema ničega. Pajdo se vratio kompletno na tvornicke, disejblao ip login,izbrisao usere, sve potaraca nista nije restorea. Valjda bi odabrao factory reset da sam htjeo reset a ne reset configuration. Nije restorea zato jer je izbrisa file iz kojeg je triba restorat. Ali neces mene tako lako zajebat, svaki backup je downloadan. Uploadam ja backup selektiram odakle restorat. On kaze No file found, file koji sam upravo odabrao iz tog menija. Nista nasa skriptu backupiranu isa u terminal i pokrenio. je iz suta, vidim ima nekih errora al ko ce to sad ispravljat. Zasto je pppoe crka nikad necemo sazanat, idalje ne radi iako kaze da radi. Tako da mi propada i plan o tvu koji ide na pppoe a ostali uredjaji preko ether 3. Previse je osjetljiv, jedan krivi pogled i sve crkne, a skuzit zašto crkne, pa lakse ga skoro resetirat pa ponovo konfigurirat, tj bilo bi da nije osjetljiv koliko je. Ether1 crkne zato jer namjestis ether3, a erher 3 jenprije radio sa pppoe ali novi ether3 ne radi sa pppoe :facepalm: pppoe sad ne radi jer je factory izbrisa podatke o pppoe, ali nije ni bitno jer je sad isp modem u normalnom modu, ali to je sve radilo Zadnje izmijenjeno od: OuttaControl. 25.02.2022. u 20:19. |
25.02.2022., 19:37 | #314 |
Premium
Datum registracije: Aug 2009
Lokacija: Dugo Selo
Postovi: 1,466
|
A što si uzeo Mikrotik ako nemaš živaca za podešavati sve to, svi znaju da on nije plug&play igračka, i da za većinu stvari treba više stvari poklikati. Meni se nikada nije desilo ovo što si ti napisao, a tebe očito zeza tvoja kriva konfiguracija više nego Mikrotik |
25.02.2022., 20:26 | #315 |
Premium
Datum registracije: Feb 2007
Lokacija: Dalmacija
Postovi: 5,600
|
Uzeo sam ga dok beba nije bila ni u planu Ono sam gore napisao u trenutku ljutnje, dosao sa posla, uspavali bebu i idem predahnuti 15 minuta tako da na hrti pogledam TV Kalendar prije ponovne akcije. Uplaim hrti koji ne radi jer A1. I racunam ok samo se spojim na mikrotika disjeblam ether3 interface di je drugi wan i ovaj ether1 koji je uvijek radio ce jednostavno raditi kao i sto je radio uvjek do sad. (Do sad sam doduse disejblao ether1 da se spoji na ether3) Sad to vise ne radi. Jeli zbog moje konfiguracije, je sigurno, ali do cega, pojma nemam, jer roureru na 192.168.5.1 mogu pristupiti preko mikrotika, ruta postoji, sam mikrotik kaze internet detected. Distanci su konfigurirani di mi dopusta. Samo ne radi. Ovaj dio sa backupom me šokirao, bio sam uvjeren da tu nema sta ne raditi. Mozda ja nesto krivo radim? Edit pošaljem konfiguraciju cim dodjem doma Zadnje izmijenjeno od: OuttaControl. 25.02.2022. u 20:46. |
25.02.2022., 22:22 | #317 |
Premium
Datum registracije: May 2014
Lokacija: istra
Postovi: 3,306
|
meni je naprosto fantaplastično da mikrotik u 2022. godini nema neke stvari koje drugi vendori imaju već 10 godina, a obzirom da drkanjem po postavkama često nešto prvo sjebeš prije nego popraviš bilo bi sasvim realno očekivati da umjesto APPLY prvo klineš na TEST, vidiš dal nešto radi, i onda tek lupiš apply ako je sve ok, ili undo ako ne radi. ubiquiti ima taj test feature koji je prva liga, znam ako sjebem konfig da će se stari restorat za 3 minute. slično i na openwrt, ako sjebem i ubijem konfig, vratit će se na staro nakon par minuta. na mikrotiku lupim OK pa kud puklo da puklo. za neke stvari su sasvim ok, ali neke bolesti vuku zadnjih 15 godina. |
25.02.2022., 22:59 | #319 |
Premium
Datum registracije: Feb 2007
Lokacija: Istra
Postovi: 3,256
|
+1 Safe mode je super. Ja sam prčkao sve i svašta u početku po mtiku i stvarno nisam nikad zatrebao factory reset. Paziš da ne zezneš, a za sve ostalo tu je safe mode. Naravno i backup + export jer i sam mtik (barem na forumu) preporuča da se i export napravi budući da restore backupa nije toliko pouzdan |
25.02.2022., 23:05 | #320 |
Premium
Datum registracije: Feb 2007
Lokacija: Dalmacija
Postovi: 5,600
|
Evo ovde je sve sprckano, trenutno stanje Code:
# feb/25/2022 22:00:52 by RouterOS 6.49 # software id = H8IP-FT07 # # model = RBD52G-5HacD2HnD # serial number = D7160D9D7422 /interface bridge add admin-mac=XX:XX:XX:XX:XX:XX auto-mac=no comment=defconf name=bridge /interface wireless set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-Ce \ country="united states" disabled=no distance=indoors frequency=auto mode=\ ap-bridge ssid= station-roaming=enabled wireless-protocol=802.11 set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=\ 20/40/80mhz-XXXX country="united states" disabled=no distance=indoors \ frequency=auto installation=indoor mode=ap-bridge ssid=" 5GHz" \ station-roaming=enabled wireless-protocol=802.11 /interface list add comment=defconf name=WAN add comment=defconf name=LAN /interface wireless security-profiles set [ find default=yes ] authentication-types=wpa2-psk mode=dynamic-keys \ supplicant-identity=MikroTik /ip firewall layer7-protocol add name="Amazon Update" regexp="^.+d1s31zyz7dcc2d.cloudfront.net.*\$|^.+amzdi\ gital-a.akamaihd.net.*\$|^.+amzdigitaldownloads.edgesuite.net.*\$|^.+updat\ es.amazon.com.*\$|^.+softwareupdates.amazon.com.*\$" /ip kid-control add fri=0s-1d mon=0s-1d name=system-dummy sat=0s-1d sun=0s-1d thu=0s-1d tue=\ 0s-1d tur-fri=0s-1d tur-mon=0s-1d tur-sat=0s-1d tur-sun=0s-1d tur-thu=\ 0s-1d tur-tue=0s-1d tur-wed=0s-1d wed=0s-1d /ip pool add name=dhcp ranges=192.168.1.150-192.168.1.254 /ip dhcp-server add address-pool=dhcp disabled=no interface=bridge lease-time=8h name=defconf /ppp profile set *FFFFFFFE on-up="/tool e-mail send to=\"@gmail.com\" subject=\"PPPo\ E Up\" \\\ \nbody=\" PPPoE Is Up \"" /interface pppoe-client add add-default-route=yes default-route-distance=10 interface=ether1 max-mru=\ 1480 max-mtu=1480 name=pppoe-out1 profile=default-encryption user=\ %bit@iskon-dsl /queue simple add burst-time=5s/0s dst=pppoe-out1 limit-at=512k/0 max-limit=768k/0 name=\ "Main Queue" target=192.168.1.0/24 add name="1PM bojler Filip " parent="Main Queue" target=192.168.1.30/32 add name="1PM bojler mater " parent="Main Queue" target=192.168.1.31/32 add name=1EM parent="Main Queue" target=192.168.1.40/32 add name="Plug S" parent="Main Queue" target=192.168.1.50/32 add max-limit=384k/2M name=Imilab parent="Main Queue" target=192.168.1.167/32 add burst-limit=128k/2M burst-time=1s/1s max-limit=128k/2M name="Galaxy J7" \ parent="Main Queue" target=192.168.1.248/32 /system logging action add email-to=v@gmail.com name=EmailVul target=email /user group set full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,pas\ sword,web,sniff,sensitive,api,romon,dude,tikapp" /interface bridge port add bridge=bridge comment=defconf interface=ether2 add bridge=bridge comment=defconf disabled=yes interface=ether3 add bridge=bridge comment=defconf interface=ether4 add bridge=bridge comment=defconf interface=ether5 add bridge=bridge comment=defconf interface=wlan1 add bridge=bridge comment=defconf disabled=yes interface=ether3 add bridge=bridge comment=defconf interface=wlan2 /ip neighbor discovery-settings set discover-interface-list=LAN /interface detect-internet set detect-interface-list=all /interface list member add comment=defconf interface=bridge list=LAN add comment=defconf interface=ether1 list=WAN add interface=pppoe-out1 list=WAN add interface=ether3 list=WAN /interface wireless access-list add interface=wlan1 mac-address=XX:XX:XX:XX:XX:XX add interface=wlan1 mac-address=XX:XX:XX:XX:XX:XX add interface=wlan1 mac-address=XX:XX:XX:XX:XX:XX add interface=wlan1 mac-address=XX:XX:XX:XX:XX:XX add interface=wlan1 mac-address=XX:XX:XX:XX:XX:XX add comment=OnStep interface=wlan1 mac-address=XX:XX:XX:XX:XX:XX add comment=Imilab interface=wlan1 mac-address=XX:XX:XX:XX:XX:XX /ip address add address=192.168.5.2/24 interface=ether1 network=192.168.5.0 add address=192.168.1.1/24 interface=bridge network=192.168.1.0 add address=172.20.168.2/24 interface=ether3 network=172.20.168.0 /ip dhcp-client add disabled=no interface=ether3 /ip dhcp-server lease add address=192.168.1.151 comment="Klima Daikin" mac-address=\ XX:XX:XX:XX:XX:XX server=defconf add address=192.168.1.248 client-id=1:XX:XX:XX:XX:XX:XX mac-address=\ XX:XX:XX:XX:XX:XX server=defconf add address=192.168.1.120 client-id=1:XX:XX:XX:XX:XX:XX:1 comment=\ "Roborock S5max" mac-address=XX:XX:XX:XX:XX:XX server=defconf add address=192.168.1.158 client-id=1:XX:XX:XX:XX:XX:XX mac-address=\ XX:XX:XX:XX:XX:XX server=defconf add address=192.168.1.152 client-id=1:XX:XX:XX:XX:XX:XX mac-address=\ XX:XX:XX:XX:XX:XX server=defconf add address=192.168.1.20 client-id=1:XX:XX:XX:XX:XX:XX mac-address=\ XX:XX:XX:XX:XX:XX server=defconf add address=192.168.1.150 client-id=Withings mac-address=XX:XX:XX:XX:XX:XX \ server=defconf add address=192.168.1.160 client-id=1:XX:XX:XX:XX:XX:XX mac-address=\ XX:XX:XX:XX:XX:XX server=defconf add address=192.168.1.167 client-id=1:XX:XX:XX:XX:XX:XX comment=imilab \ mac-address=XX:XX:XX:XX:XX:XX server=defconf add address=192.168.1.170 client-id=1:XX:XX:XX:XX:XX:XX mac-address=\ XX:XX:XX:XX:XX:XX server=defconf add address=192.168.1.159 client-id=1:XX:XX:XX:XX:XX:XX comment="lg tv" \ mac-address=XX:XX:XX:XX:XX:XX server=defconf /ip dhcp-server network add address=192.168.1.0/24 comment=defconf gateway=192.168.1.1 netmask=24 /ip dns set allow-remote-requests=yes servers=1.1.1.1,8.8.8.8,192.168.1.1 /ip dns static add address=192.168.1.1 comment=defconf name=router.lan /ip firewall filter add action=accept chain=input comment=\ "defconf: accept established,related,untracked" connection-state=\ established,related,untracked add action=drop chain=input comment="defconf: drop invalid" connection-state=\ invalid add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp add action=accept chain=input comment=\ "defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1 add action=drop chain=input comment="defconf: drop all not coming from LAN" \ in-interface-list=!LAN add action=accept chain=forward comment="defconf: accept in ipsec policy" \ ipsec-policy=in,ipsec add action=accept chain=forward comment="defconf: accept out ipsec policy" \ ipsec-policy=out,ipsec add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \ connection-state=established,related disabled=yes add action=accept chain=forward comment=\ "defconf: accept established,related, untracked" connection-state=\ established,related,untracked add action=drop chain=forward comment="defconf: drop invalid" \ connection-state=invalid add action=drop chain=forward comment=\ "defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \ connection-state=new in-interface-list=WAN add action=drop chain=forward layer7-protocol="Amazon Update" protocol=tcp \ src-port=80,443 /ip firewall nat add action=masquerade chain=srcnat comment="defconf: masquerade" \ ipsec-policy=out,none out-interface-list=WAN /ip route add distance=9 gateway=192.168.5.1 add check-gateway=ping disabled=yes distance=20 gateway=192.168.0.1 add disabled=yes distance=1 gateway=172.20.168.1 /ip service set telnet disabled=yes set ssh disabled=yes /system clock set time-zone-name=Europe/Zagreb /system logging add topics=wireless,debug add action=EmailVul disabled=yes topics=pppoe add action=EmailVul topics=critical add disabled=yes topics=pppoe,debug /tool e-mail set address=in-v3.mailjet.com from= Code:
# feb/25/2022 17:33:29 by RouterOS 6.49 # software id = H8IP-FT07 # # model = RBD52G-5HacD2HnD # serial number = D7160D9D7422 /interface bridge add admin-mac=XX:XX:XX:XX:XX:XX auto-mac=no comment=defconf name=bridge /interface wireless set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-Ce \ country="united states" disabled=no distance=indoors frequency=auto mode=\ ap-bridge ssid= station-roaming=enabled wireless-protocol=802.11 set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=\ 20/40/80mhz-XXXX country="united states" disabled=no distance=indoors \ frequency=auto installation=indoor mode=ap-bridge ssid=" 5GHz" \ station-roaming=enabled wireless-protocol=802.11 /interface list add comment=defconf name=WAN add comment=defconf name=LAN /interface wireless security-profiles set [ find default=yes ] authentication-types=wpa2-psk mode=dynamic-keys \ supplicant-identity=MikroTik wpa2-pre-shared-key /ip firewall layer7-protocol add name="Amazon Update" regexp="^.+d1s31zyz7dcc2d.cloudfront.net.*\$|^.+amzdi\ gital-a.akamaihd.net.*\$|^.+amzdigitaldownloads.edgesuite.net.*\$|^.+updat\ es.amazon.com.*\$|^.+softwareupdates.amazon.com.*\$" /ip kid-control add fri=0s-1d mon=0s-1d name=system-dummy sat=0s-1d sun=0s-1d thu=0s-1d tue=\ 0s-1d tur-fri=0s-1d tur-mon=0s-1d tur-sat=0s-1d tur-sun=0s-1d tur-thu=\ 0s-1d tur-tue=0s-1d tur-wed=0s-1d wed=0s-1d /ip pool add name=dhcp ranges=192.168.1.150-192.168.1.254 /ip dhcp-server add address-pool=dhcp disabled=no interface=bridge lease-time=8h name=defconf /port set 0 baud-rate=9600 data-bits=8 flow-control=none name=usb1 parity=none \ stop-bits=1 /interface ppp-client add apn=internet name=ppp-out1 port=usb1 /ppp profile set *FFFFFFFE on-up="/tool e-mail send to=\"@gmail.com\" subject=\"PPPo\ E Up\" \\\ \nbody=\" PPPoE Is Up \"" /interface pppoe-client add add-default-route=yes default-route-distance=10 interface=ether1 max-mru=\ 1480 max-mtu=1480 name=pppoe-out1 password= profile=\ default-encryption user=***l%bit@iskon-dsl /queue simple add burst-time=5s/0s dst=pppoe-out1 limit-at=512k/0 max-limit=768k/0 name=\ "Main Queue" target=192.168.1.0/24 add name="1PM bojler " parent="Main Queue" target=192.168.1.30/32 add name="1PM bojler mater " parent="Main Queue" target=192.168.1.31/32 add name=1EM parent="Main Queue" target=192.168.1.40/32 add name="Plug S" parent="Main Queue" target=192.168.1.50/32 add max-limit=384k/2M name=Imilab parent="Main Queue" target=192.168.1.167/32 add burst-limit=128k/2M burst-time=1s/1s max-limit=128k/2M name="Galaxy J7" \ parent="Main Queue" target=192.168.1.248/32 /system logging action add email-t@gmail.com name=EmailVul target=email /user group set full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,pas\ sword,web,sniff,sensitive,api,romon,dude,tikapp" /interface bridge port add bridge=bridge comment=defconf interface=ether2 add bridge=bridge comment=defconf disabled=yes interface=ether3 add bridge=bridge comment=defconf interface=ether4 add bridge=bridge comment=defconf interface=ether5 add bridge=bridge comment=defconf interface=wlan1 add bridge=bridge comment=defconf interface=wlan2 /ip neighbor discovery-settings set discover-interface-list=LAN /interface detect-internet set detect-interface-list=all /interface list member add comment=defconf interface=bridge list=LAN add comment=defconf interface=ether1 list=WAN add interface=pppoe-out1 list=WAN add interface=ether3 list=WAN /interface wireless access-list add interface=wlan1 mac-address=XX:XX:XX:XX:XX:XX add interface=wlan1 mac-address=XX:XX:XX:XX:XX:XX add interface=wlan1 mac-address=XX:XX:XX:XX:XX:XX add interface=wlan1 mac-address=XX:XX:XX:XX:XX:XX add interface=wlan1 mac-address=XX:XX:XX:XX:XX:XX add comment=OnStep interface=wlan1 mac-address=XX:XX:XX:XX:XX:XX add comment=Imilab interface=wlan1 mac-address=XX:XX:XX:XX:XX:XX /ip address add address=192.168.5.2/24 interface=ether1 network=192.168.5.0 add address=192.168.1.1/24 interface=bridge network=192.168.1.0 add address=172.20.168.2/24 interface=ether3 network=172.20.168.0 /ip dhcp-client add disabled=no interface=ether3 /ip dhcp-server lease add address=192.168.1.151 comment="Klima Daikin" mac-address=\ XX:XX:XX:XX:XX:XX server=defconf add address=192.168.1.248 client-id=1:XX:XX:XX:XX:XX:XX mac-address=\ XX:XX:XX:XX:XX:XX server=defconf add address=192.168.1.120 client-id=1:XX:XX:XX:XX:XX:XX:1 comment=\ "Roborock S5max" mac-address=XX:XX:XX:XX:XX:XX server=defconf add address=192.168.1.158 client-id=1:XX:XX:XX:XX:XX:XX mac-address=\ XX:XX:XX:XX:XX:XX server=defconf add address=192.168.1.152 client-id=1:XX:XX:XX:XX:XX:XX mac-address=\ XX:XX:XX:XX:XX:XX server=defconf add address=192.168.1.20 client-id=1:XX:XX:XX:XX:XX:XX:1:fe mac-address=\ XX:XX:XX:XX:XX:XX server=defconf add address=192.168.1.150 client-id=Withings mac-address=XX:XX:XX:XX:XX:XX \ server=defconf add address=192.168.1.160 client-id=1:XX:XX:XX:XX:XX:XX mac-address=\ XX:XX:XX:XX:XX:XX server=defconf add address=192.168.1.167 client-id=1:XX:XX:XX:XX:XX:XX comment=imilab \ mac-address=XX:XX:XX:XX:XX:XX server=defconf add address=192.168.1.170 client-id=1:XX:XX:XX:XX:XX:XX:1:e0 mac-address=\ XX:XX:XX:XX:XX:XX server=defconf add address=192.168.1.159 client-id=1:XX:XX:XX:XX:XX:XX comment="lg tv" \ mac-address=XX:XX:XX:XX:XX:XX server=defconf /ip dhcp-server network add address=192.168.1.0/24 comment=defconf gateway=192.168.1.1 netmask=24 /ip dns set allow-remote-requests=yes servers=1.1.1.1,8.8.8.8,192.168.1.1 /ip dns static add address=192.168.1.1 comment=defconf name=router.lan /ip firewall filter add action=accept chain=input comment=\ "defconf: accept established,related,untracked" connection-state=\ established,related,untracked add action=drop chain=input comment="defconf: drop invalid" connection-state=\ invalid add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp add action=accept chain=input comment=\ "defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1 add action=drop chain=input comment="defconf: drop all not coming from LAN" \ in-interface-list=!LAN add action=accept chain=forward comment="defconf: accept in ipsec policy" \ ipsec-policy=in,ipsec add action=accept chain=forward comment="defconf: accept out ipsec policy" \ ipsec-policy=out,ipsec add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \ connection-state=established,related disabled=yes add action=accept chain=forward comment=\ "defconf: accept established,related, untracked" connection-state=\ established,related,untracked add action=drop chain=forward comment="defconf: drop invalid" \ connection-state=invalid add action=drop chain=forward comment=\ "defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \ connection-state=new in-interface-list=WAN add action=drop chain=forward layer7-protocol="Amazon Update" protocol=tcp \ src-port=80,443 /ip firewall nat add action=masquerade chain=srcnat comment="defconf: masquerade" \ ipsec-policy=out,none out-interface-list=WAN /ip route add distance=9 gateway=192.168.5.1 add check-gateway=ping disabled=yes distance=20 gateway=192.168.0.1 add disabled=yes distance=1 gateway=172.20.168.1 /ip service set telnet disabled=yes set ssh disabled=yes /system clock set time-zone-name=Europe/Zagreb /system logging add topics=wireless,debug add action=EmailVul disabled=yes topics=pppoe add action=EmailVul topics=critical add disabled=yes topics=pppoe,debug /tool e-mail set address=in-v3.mailjet.com from= Zadnje izmijenjeno od: OuttaControl. 26.02.2022. u 14:08. |
26.02.2022., 12:28 | #323 |
Moderator
Datum registracije: Sep 2006
Lokacija: St
Postovi: 23,056
|
Makni MAC adrese da te nebi ciljano napadalo, WiFi ti je na USrA umjesto na EU (čitaj kanali), nešto zoveš "Roborock S5max", pogledaj malo MAC adrese, mogao si malo bolje organizirati IP adrese od IoT, klima i sl. ... treba ti Amazon update ? |
26.02.2022., 13:44 | #324 |
Premium
Datum registracije: Feb 2007
Lokacija: Istra
Postovi: 3,256
|
@Outta Uopće nema nekih velikih razlika u te dvije konfiguracije Pusti si neki vizualni compare alat i pogledaj side by side razlike. Da ti sad ne postam tu sliku preko neta, u kasnijoj konfiguraciji imaš dvaput: Code:
add bridge=bridge comment=defconf disabled=yes interface=ether3 Code:
/port set 0 baud-rate=9600 data-bits=8 flow-control=none name=usb1 parity=none \ stop-bits=1 /interface ppp-client add apn=internet name=ppp-out1 port=usb1 Sad ne bi ulazio što je specijalno s tim eth 3 i zašto je disablean i u staroj konfi, ali ovako bez dublje analize, ako je starija konfiguracija radila, napravi reset bez default konfiguracije i učitaj tu staru. Ak ne radi, onda si i tamo nešto sprčkao |
26.02.2022., 14:08 | #325 | ||
Premium
Datum registracije: Feb 2007
Lokacija: Dalmacija
Postovi: 5,600
|
Citiraj:
USA dopusta jacu izlaznu snagu antene, mislim da je EU 0.1 US 0.5W ili cak 1W zato sam stavio US Amazon update sam disjeblao, to radi dobro, Dobro je ovo meni organizirano sve znam di mi je znam napamet IP adresse svega pa je to ok Citiraj:
Dakle prije sam imao na Ether1 Iskon na PPPoE i WAN(oboje nekako radilo u isto vrijeme) i to mi je bila glavna ruta sa distanceom od 10. Uz to sam imao HT4G Router koji je bio spojen na Ether3 sa distanceom 20. Kad bi mi trebao upload ili nešto disjeblao bi Ether1 i automatski bi se prebacilo na Ether3 Wan i to je sve radilo ko sat. Sada sam dobio A1 5G internet, sa brzinama pristojima 21 stoljeća. Iskljucio sam HT 4G, ukljucio sam A1 5G u Ether3, dodao Ip Addressu, i stavio rutu da je distance 1, a PPPoE distance 10. Znači mijenjam koji mi je glavni internet. Od tog trenutka kad izgasim Ether3, ne prebacuje mi se na Ether1 ili ti PPPoE i ako mikrotik javlja internet detected. Znaci da se ne zna prebaciti gdje treba. Ocito negdje jos nesto treba sklepati, ali neman ideje sta ni di. |
||
26.02.2022., 22:38 | #328 |
Premium
Datum registracije: Feb 2007
Lokacija: Dalmacija
Postovi: 5,600
|
Oke, popravio sam ether1 tako da sam ga dodao u dhcp klijent, kad ja ručno odaberem nece da radi kao WAN ali mogu komotno pristupiti routeru na 192.168.5.1... pppoe sam iskljucio. Problem sa DHCP client je sto ne mogu postaviti distance... |
05.03.2022., 13:18 | #329 |
Premium
Datum registracije: Feb 2007
Lokacija: Dalmacija
Postovi: 5,600
|
Dakle tjedan dana borbe bez rezultata. Wan na Ether1 i Ether3, kad stavim Dhcp Client, znaci samo dodam dhcp client sve radi automagically. Kad disableam DHCP klijenta, dodam IP Address, i IP routes(istu ko sto napravi on sam, ili različitu) više ne radi. Sta jos zaboravljam dodati? Nebi mi smetao ni DHCP client ali mi neda namjestiti route distance u tom slučaju. Zadnje izmijenjeno od: OuttaControl. 05.03.2022. u 17:15. |
05.03.2022., 15:51 | #330 |
Premium
Datum registracije: Nov 2006
Lokacija: HR
Postovi: 4,620
|
Ajd, cim navucem silikona po kuci, bacim oko ja Hiti svoj gsm broj u pm |
|
|
Oglas
|
|
Uređivanje | |
|
|