I have been using the cAP ac (3 units) in my home since the beginning of 2019.
Now I want to add IoT and am therefore setting up a completely new setting.
I would like to put the setup together step by step. The cAP ac is only running for test purposes and therefore everything without passwords.
Firmware is: 6.49.12
eth1 is connected to our firewall UTM and it is used to access the Internet.
I got large parts of the setup from another thread in which @anav had given me a lot of helpful tips.
Now, for example, I want to bind the smartphones permanently to wifi2 with 5GHz, but an older tablet permanently to wifi1 with 2.4GHz
wifi 3 + wifi4 are for our children's guests.
How do I solve this?
Now I want to add IoT and am therefore setting up a completely new setting.
I would like to put the setup together step by step. The cAP ac is only running for test purposes and therefore everything without passwords.
Firmware is: 6.49.12
eth1 is connected to our firewall UTM and it is used to access the Internet.
I got large parts of the setup from another thread in which @anav had given me a lot of helpful tips.
Now, for example, I want to bind the smartphones permanently to wifi2 with 5GHz, but an older tablet permanently to wifi1 with 2.4GHz
wifi 3 + wifi4 are for our children's guests.
How do I solve this?
Code:
# jan/30/2024 17:29:34 by RouterOS 6.49.12# software id = **ELIDED**## model = RBcAPGi-5acD2nD# serial number = ***/interface bridgeadd name=bridge1/interface wirelessset [ find default-name=wlan1 ] disabled=no mode=ap-bridge ssid=MikroTik \ wireless-protocol=802.11set [ find default-name=wlan2 ] disabled=no mode=ap-bridge ssid=MikroTik \ wireless-protocol=802.11/interface ethernetset [ find default-name=ether2 ] disabled=yes/interface listadd comment=*****UTM***** name=WANadd comment=*****WiFi***** name=LAN/interface wireless security-profilesset [ find default=yes ] supplicant-identity=MikroTikadd name=profile supplicant-identity=MikroTik/interface wirelessadd disabled=no mac-address=**ELIDED** master-interface=wlan2 name=\ wlan3 security-profile=profile ssid="MikroTik's Guests"add disabled=no mac-address= **ELIDED** master-interface=wlan1 name=\ wlan4 security-profile=profile ssid="MikroTik's Guests"/ip pooladd name=dhcp ranges=172.16.99.0/24/ip dhcp-serveradd add-arp=yes address-pool=dhcp disabled=no interface=bridge1 name=dhcp1/interface bridge filteradd action=drop chain=forward in-interface=wlan3add action=drop chain=forward out-interface=wlan3add action=drop chain=forward in-interface=wlan4add action=drop chain=forward out-interface=wlan4/interface bridge portadd bridge=bridge1 interface=ether2add bridge=bridge1 interface=wlan2add bridge=bridge1 interface=wlan1add bridge=bridge1 interface=wlan3add bridge=bridge1 interface=wlan4/interface list memberadd comment=*****UTM***** interface=ether1 list=WANadd comment=*****WiFi***** interface=bridge1 list=LAN/ip addressadd address=192.168.2.15/24 interface=ether1 network=192.168.2.0add address=172.16.99.1/24 interface=bridge1 network=172.16.99.0/ip cloudset update-time=no/ip dhcp-server networkadd address=172.16.99.0/24 dns-server=1.1.1.1,1.0.0.1,8.8.8.8,8.8.4.4 \ gateway=172.16.99.1/ip dnsset allow-remote-requests=yes servers=8.8.8.8,8.8.4.4,1.1.1.1,1.0.0.1/ip firewall filteradd action=accept chain=input comment=\ "defconf: accept established,related,untracked" connection-state=\ established,related,untrackedadd action=drop chain=input comment="defconf: drop invalid" connection-state=\ invalidadd action=accept chain=input comment="defconf: accept ICMP" protocol=icmpadd action=accept chain=input comment="allow admin access with winbox/www" \ in-interface-list=WAN src-address=192.168.2.50add action=accept chain=input comment="defconf: accept DNS" dst-port=53 \ in-interface-list=WAN protocol=tcpadd action=accept chain=input dst-port=53 in-interface-list=WAN protocol=udpadd action=drop chain=input comment="drop all else"add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \ connection-state=established,relatedadd action=accept chain=forward comment=\ "defconf: accept established,related, untracked" connection-state=\ established,related,untrackedadd action=drop chain=forward comment="defconf: drop invalid" \ connection-state=invalidadd action=accept chain=forward comment=\ "*************allow internet traffic*********" in-interface-list=LAN \ out-interface-list=WANadd action=accept chain=forward comment="allow port forwarding" \ connection-nat-state=dstnat disabled=yesadd action=drop chain=forward/ip firewall natadd action=masquerade chain=srcnat comment="defconf: masquerade" \ ipsec-policy=out,none out-interface-list=WAN/ip firewall service-portset ftp disabled=yesset tftp disabled=yesset irc disabled=yesset h323 disabled=yesset sip disabled=yesset pptp disabled=yesset udplite disabled=yesset dccp disabled=yesset sctp disabled=yes/ip routeadd distance=1 gateway=192.168.2.1/ip serviceset telnet disabled=yesset ftp disabled=yesset www address=192.168.2.0/24set api disabled=yesset winbox address=192.168.2.0/24set api-ssl disabled=yes/ip sshset host-key-size=4096 strong-crypto=yes/system clockset time-zone-name=Europe/Berlin/system loggingadd action=echo topics=dnsadd action=echo topics=wirelessadd action=echo topics=dhcpadd action=echo topics=bridgeadd topics=hotspotadd action=echo topics=interfaceadd action=echo topics=firewalladd action=echo topics=dnsadd action=echo topics=wirelessadd action=echo topics=dhcpadd action=echo topics=bridgeadd topics=hotspotadd action=echo topics=interfaceadd action=echo topics=firewall/system ntp clientset enabled=yes primary-ntp=192.168.2.1/system routerboard settingsset auto-upgrade=yes/system scheduleradd interval=1d name="Auto-Backup per eMail" on-event="/system backup save nam\ e=email; \r\ \n/tool e-mail send to=\"xxx@xyz.de\" subject=([/system\ \_identity get name] . \"-auto-backup\") file=email.backup body=\"automati\ sch erstelltes Backup\"; \r\ \n:log info \"Backup e-mail sent.\";" policy=\ ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \ start-date=nov/06/2019 start-time=00:00:00add interval=1d name="Auto Update Firmware" on-event="/system package update\r\ \ncheck-for-updates once\r\ \n:delay 3s;\r\ \n:if ( [get status] = \"New version is available\") do={\r\ \n install ;\r\ \n/tool e-mail send to=\"xxx@xyzr.de\" subject=([/system\ \_identity get name] . \"-neues Update installiert\") body=\"Update vorhan\ den und installiert\"; \r\ \n:log info \"Update verfuegbar\"\r\ \n:delay 30s;\r\ \n/system reboot\r\ \n};\r\ \n:log info \"kein Update verfuegbar\";" policy=\ ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \ start-date=nov/06/2019 start-time=03:00:00add interval=1d name="Auto Update Routerboard" on-event=":global Var1\r\ \n:global Var2\r\ \n:set Var1 \"\$[/system package get system version]\"\r\ \n:set Var2 \"\$[/system routerboard get current-firmware]\"\r\ \n:if (\$Var1>\$Var2) do={system routerboard upgrade;\r\ \n/tool e-mail send to=\"xxx@xyzr.de\" subject=([/system\ \_identity get name] . \"-neues Routerboard-Update installiert\") body=\"R\ outerboard-Update installiert durch Reboot\";\r\ \n:log info \"Routerboard-Update installiert\"\r\ \n/system reboot\r\ \n};\r\ \n\r\ \n policy=\ ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \ start-date=jan/15/2020 start-time=03:05:00/system watchdogset auto-send-supout=yes send-email-to=xxx@xyz.de/tool e-mailset address=server.com from=yyy@xyzr.de password= **ELIDED** port=587 start-tls=yes user=xxx/tool mac-serverset allowed-interface-list=none/tool mac-server pingset enabled=noStatistics: Posted by albamu — Tue Jan 30, 2024 6:46 pm