This is my config:
# mar/27/2024 10:52:45 by RouterOS 6.49.10
# software id = L7P8-PESJ
#
# model = 2011iL
# serial number =
/interface pptp-client
add connect-to= disabled=no name=pptp-out1 password=\
"" user=
/interface bridge
add fast-forward=no mtu=1500 name=bridge1 protocol-mode=none
add fast-forward=no name=bridgeEoIP
/interface ethernet
set [ find default-name=ether1 ] name="ether1-Ba\F1osIzquierda" speed=100Mbps
set [ find default-name=ether2 ] name="ether2-Ba\F1osDerecha" speed=100Mbps
set [ find default-name=ether3 ] name=ether3-LKMultiSur speed=100Mbps
set [ find default-name=ether4 ] name=ether4-PowerStation5G speed=100Mbps
set [ find default-name=ether5 ] speed=100Mbps
set [ find default-name=ether6 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether7 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether8 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether9 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether10 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full name=\
ether10-WAN poe-out=off
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether10-WAN \
keepalive-timeout=60 max-mru=1400 max-mtu=1400 name=pppoe-out1 password=\
econectia use-peer-dns=yes user=/interface l2tp-client
add connect-to= name=l2tp-out1 password=eConectia_l2tp user=\
add connect-to= disabled=no name=l2tp-out3 \
password= user=
/interface eoip
add allow-fast-path=no clamp-tcp-mss=no !keepalive local-address= \
mac-address=02:B1:43:36:89:13 mtu=1500 name=eoip-tunnel1 \
remote-address= tunnel-id=25
/interface list
add exclude=dynamic name=discover
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=
/ip hotspot profile
add dns-name=azahar.info hotspot-address=10.5.50.1 html-directory=hotspot1 \
login-by=cookie,http-chap,https,http-pap name=hsprof1 \
radius-interim-update=1m use-radius=yes
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=3des
/ip pool
add name=hs-pool-13 ranges=10.5.48.1-10.5.50.0,10.5.50.2-10.5.51.254
/ip dhcp-server
add address-pool=hs-pool-13 authoritative=after-2sec-delay disabled=no \
interface=bridge1 lease-time=3h name=dhcp1
/ip hotspot
add address-pool=hs-pool-13 disabled=no interface=bridge1 name=hotspot1 \
profile=hsprof1
/interface l2tp-client
add comment="radius viejo 10.1.5.12" connect-to= name=l2tp-out2 \
password=econectia profile=default user=
/ip hotspot user profile
set [ find default=yes ] keepalive-timeout=10m queue-type=wireless-default \
shared-users=10
add name=MAC_1M/3M queue-type=wireless-default rate-limit=1M/3M \
transparent-proxy=yes
add name=MAC_2M/10M queue-type=wireless-default rate-limit=2M/10M \
shared-users=50 transparent-proxy=yes
add name="2M/10M - 2 shared user" queue-type=wireless-default rate-limit=\
2M/10M shared-users=2 transparent-proxy=yes
add name="2M/10M - 1 shared user" queue-type=wireless-default rate-limit=\
2M/10M transparent-proxy=yes
/queue tree
add max-limit=8M name=Queue_up parent=ether10-WAN queue=default
add name=queue1 packet-mark=Users-packet parent=Queue_up queue=\
pcq-upload-default
add max-limit=16M name=Queue_down parent=bridge1 queue=default
add name=queue2 packet-mark=Users-packet parent=Queue_down queue=\
pcq-download-default
/snmp community
add addresses=0.0.0.0/0 name
/system logging action
set 0 memory-lines=100
set 1 disk-lines-per-file=100
add name=remoteOK remote=10.250.1.4 target=remote
/user group
add name=groupAPI policy="read,write,api,!local,!telnet,!ssh,!ftp,!reboot,!pol\
icy,!test,!winbox,!password,!web,!sniff,!sensitive,!romon,!dude,!tikapp"
/interface bridge port
add bridge=bridge1 hw=no interface="ether2-Ba\F1osDerecha"
add bridge=bridge1 hw=no interface=ether3-LKMultiSur
add bridge=bridge1 hw=no interface=ether4-PowerStation5G
add bridge=bridge1 hw=no interface=ether5
add bridge=bridge1 hw=no interface=ether6
add bridge=bridge1 hw=no interface=ether7
add bridge=bridge1 hw=no interface=ether8
add bridge=bridge1 hw=no interface=ether9
add bridge=bridge1 hw=no interface="ether1-Ba\F1osIzquierda"
add bridge=bridge1 interface=eoip-tunnel1-
/ip neighbor discovery-settings
set discover-interface-list=discover
/interface l2tp-server server
set enabled=yes
/interface list member
add interface="ether1-Ba\F1osIzquierda" list=discover
add interface="ether2-Ba\F1osDerecha" list=discover
add interface=ether3-LKMultiSur list=discover
add interface=ether4-PowerStation5G list=discover
add interface=ether5 list=discover
add interface=ether6 list=discover
add interface=ether7 list=discover
add interface=ether8 list=discover
add interface=ether9 list=discover
add interface=pppoe-out1 list=discover
add interface=bridge1 list=discover
add interface=l2tp-out1 list=discover
add interface=eoip-tunnel1- list=discover
/ip address
add address=10.5.50.1/22 interface=bridge1 network=10.5.48.0
add address=10.10.2.1/24 interface=bridge1 network=10.10.2.0
add address=10.250.1.5/24 disabled=yes interface=ether10-WAN network=\
10.250.1.0
add address=192.168.1.1/24 disabled=yes interface=bridge1 network=192.168.1.0
add address=192.168.1.1/24 disabled=yes interface=bridge1 network=192.168.1.0
/ip cloud
set ddns-enabled=yes
/ip dhcp-client
add add-default-route=no interface=bridge1 use-peer-dns=no use-peer-ntp=no
/ip dhcp-server lease
add address=10.5.48.36 client-id=1:dc:9f:db:68:f2:7a mac-address=\
DC:9F:DB:68:F2:7A server=dhcp1
/ip dhcp-server network
add address=10.5.48.0/22 comment="hotspot network" gateway=10.5.50.1
/ip dns
set servers=8.8.8.8,8.8.4.4
/ip dns static
add address=10.5.50.1 disabled=yes name=captive.apple.com/hotspot-detect.html
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes to-addresses=0.0.0.0
add action=masquerade chain=srcnat comment="masquerade hotspot network " \
src-address=10.5.48.0/22 to-addresses=0.0.0.0
add action=masquerade chain=srcnat comment="Cliente cuota " \
src-address=10.10.2.100
add action=dst-nat chain=dstnat disabled=yes dst-port=1000 in-interface=\
pppoe-out1 protocol=tcp to-addresses=10.10.2.6 to-ports=80
add action=dst-nat chain=dstnat disabled=yes dst-port=5555 in-interface=\
pppoe-out1 protocol=tcp to-addresses=192.168.1.20 to-ports=443
add action=dst-nat chain=dstnat dst-port=5560 in-interface=pppoe-out1 \
protocol=tcp to-addresses=10.10.2.100 to-ports=443
add action=dst-nat chain=dstnat disabled=yes dst-port=5556 in-interface=\
pppoe-out1 protocol=tcp to-addresses=192.168.1.20 to-ports=80
/ip hotspot ip-binding
add address=10.10.2.0/24 type=bypassed
add address=192.168.1.0/24 disabled=yes type=bypassed
/ip hotspot user
add disabled=yes name=instaladores password=instaladores
add name=
add name=add name=
add comment="" name=08:3E:8E:C9:19:2B
add comment="" name=E0:F5:C6:3D:85:EF
add comment="" name=D8:96:95:8F:E7:68
add comment=borrar disabled=yes name=DC:9F:DB:6D:F8:B9
add comment=borrar disabled=yes name=DC:9F:DB:6D:F7:E1
add comment=borrar disabled=yes name=00:27:22:AE:AA:D9
add comment=borrar disabled=yes name=00:27:22:AC:4F:74
add comment=borrar disabled=yes name=00:50:B6:10:D1:F6
add comment=" disabled=yes name=D8:BB:2C:B3:B9:FD
add comment=" name=2C:F0:A2:68:3B:25 profile=MAC_1M/3M
add comment="usuario en caso de emergencia" disabled=yes name= \
password=azahar profile=MAC_2M/10M
add comment="usuario de emergencia" limit-uptime=3w name= password=\
azahar profile=MAC_2M/10M
add comment="usuario de emergencia 20-02-2023" limit-uptime=4w2d name=\
CA14276b password= profile="2M/10M - 2 shared user"
add comment="usuario de emergencia 20-02-2023" limit-uptime=4w2d name=\
CA872046b password= profile="2M/10M - 1 shared user"
add comment="usuario de emergencia 14-03-2023" limit-uptime=1w name=CA500695b \
password= profile="2M/10M - 2 shared user"
add comment="Usuario de emergencia 27-03-2023" name=CA766262 password= \
profile="2M/10M - 2 shared user"
add name= password=profile="2M/10M - 2 shared user"
/ip proxy
set cache-path=web-proxy1 parent-proxy=0.0.0.0
/ip route
add distance=1 dst-address=10.0.0.11/32 gateway=10.1.5.1
add distance=1 dst-address=192.168.10.0/24 gateway=10.1.6.1
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes port=81
set ssh port=
set api address=10.0.0.11/32
set winbox address= port=
set api-ssl disabled=yes
/ip ssh
set allow-none-crypto=yes forwarding-enabled=remote
/ipv6 nd
set [ find default=yes ] advertise-dns=no
/ppp secret
add local-address=10.10.10.14 name=Azahar_eoip password=econectia \
remote-address=10.10.10.15 service=l2tp
/radius
add address=10.0.0.11 disabled=yes secret= service=\
hotspot timeout=2s
add address=disabled=yes secret=jf3a894huiw service=\
login,hotspot,dhcp timeout=3s
add address= disabled=yes secret=jf3a894huiw service=\
login,hotspot,dhcp
add address=127.0.0.1 disabled=yes secret=.crack06 service=\
login,hotspot,wireless
add address=10.0.0.1 secret=.crack06 service=ppp,hotspot timeout=3s
/radius incoming
set accept=yes port=1700
/snmp
set contact= enabled=yes location= trap-community=\
/system clock
set time-zone-autodetect=no time-zone-name=Europe/Madrid
/system identity
set name=
/system logging
add action=remoteOK prefix= topics=critical
add action=remoteOK prefix=- topics=error
add action=remoteOK prefix=- topics=info
add action=remoteOK prefix=- topics=warning
/system ntp client
set enabled=yes primary-ntp=
/system package update
set channel=long-term
/tool graphing interface
add
/tool graphing queue
add
/tool graphing resource
add
# mar/27/2024 10:52:45 by RouterOS 6.49.10
# software id = L7P8-PESJ
#
# model = 2011iL
# serial number =
/interface pptp-client
add connect-to= disabled=no name=pptp-out1 password=\
"" user=
/interface bridge
add fast-forward=no mtu=1500 name=bridge1 protocol-mode=none
add fast-forward=no name=bridgeEoIP
/interface ethernet
set [ find default-name=ether1 ] name="ether1-Ba\F1osIzquierda" speed=100Mbps
set [ find default-name=ether2 ] name="ether2-Ba\F1osDerecha" speed=100Mbps
set [ find default-name=ether3 ] name=ether3-LKMultiSur speed=100Mbps
set [ find default-name=ether4 ] name=ether4-PowerStation5G speed=100Mbps
set [ find default-name=ether5 ] speed=100Mbps
set [ find default-name=ether6 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether7 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether8 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether9 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether10 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full name=\
ether10-WAN poe-out=off
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether10-WAN \
keepalive-timeout=60 max-mru=1400 max-mtu=1400 name=pppoe-out1 password=\
econectia use-peer-dns=yes user=/interface l2tp-client
add connect-to= name=l2tp-out1 password=eConectia_l2tp user=\
add connect-to= disabled=no name=l2tp-out3 \
password= user=
/interface eoip
add allow-fast-path=no clamp-tcp-mss=no !keepalive local-address= \
mac-address=02:B1:43:36:89:13 mtu=1500 name=eoip-tunnel1 \
remote-address= tunnel-id=25
/interface list
add exclude=dynamic name=discover
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=
/ip hotspot profile
add dns-name=azahar.info hotspot-address=10.5.50.1 html-directory=hotspot1 \
login-by=cookie,http-chap,https,http-pap name=hsprof1 \
radius-interim-update=1m use-radius=yes
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=3des
/ip pool
add name=hs-pool-13 ranges=10.5.48.1-10.5.50.0,10.5.50.2-10.5.51.254
/ip dhcp-server
add address-pool=hs-pool-13 authoritative=after-2sec-delay disabled=no \
interface=bridge1 lease-time=3h name=dhcp1
/ip hotspot
add address-pool=hs-pool-13 disabled=no interface=bridge1 name=hotspot1 \
profile=hsprof1
/interface l2tp-client
add comment="radius viejo 10.1.5.12" connect-to= name=l2tp-out2 \
password=econectia profile=default user=
/ip hotspot user profile
set [ find default=yes ] keepalive-timeout=10m queue-type=wireless-default \
shared-users=10
add name=MAC_1M/3M queue-type=wireless-default rate-limit=1M/3M \
transparent-proxy=yes
add name=MAC_2M/10M queue-type=wireless-default rate-limit=2M/10M \
shared-users=50 transparent-proxy=yes
add name="2M/10M - 2 shared user" queue-type=wireless-default rate-limit=\
2M/10M shared-users=2 transparent-proxy=yes
add name="2M/10M - 1 shared user" queue-type=wireless-default rate-limit=\
2M/10M transparent-proxy=yes
/queue tree
add max-limit=8M name=Queue_up parent=ether10-WAN queue=default
add name=queue1 packet-mark=Users-packet parent=Queue_up queue=\
pcq-upload-default
add max-limit=16M name=Queue_down parent=bridge1 queue=default
add name=queue2 packet-mark=Users-packet parent=Queue_down queue=\
pcq-download-default
/snmp community
add addresses=0.0.0.0/0 name
/system logging action
set 0 memory-lines=100
set 1 disk-lines-per-file=100
add name=remoteOK remote=10.250.1.4 target=remote
/user group
add name=groupAPI policy="read,write,api,!local,!telnet,!ssh,!ftp,!reboot,!pol\
icy,!test,!winbox,!password,!web,!sniff,!sensitive,!romon,!dude,!tikapp"
/interface bridge port
add bridge=bridge1 hw=no interface="ether2-Ba\F1osDerecha"
add bridge=bridge1 hw=no interface=ether3-LKMultiSur
add bridge=bridge1 hw=no interface=ether4-PowerStation5G
add bridge=bridge1 hw=no interface=ether5
add bridge=bridge1 hw=no interface=ether6
add bridge=bridge1 hw=no interface=ether7
add bridge=bridge1 hw=no interface=ether8
add bridge=bridge1 hw=no interface=ether9
add bridge=bridge1 hw=no interface="ether1-Ba\F1osIzquierda"
add bridge=bridge1 interface=eoip-tunnel1-
/ip neighbor discovery-settings
set discover-interface-list=discover
/interface l2tp-server server
set enabled=yes
/interface list member
add interface="ether1-Ba\F1osIzquierda" list=discover
add interface="ether2-Ba\F1osDerecha" list=discover
add interface=ether3-LKMultiSur list=discover
add interface=ether4-PowerStation5G list=discover
add interface=ether5 list=discover
add interface=ether6 list=discover
add interface=ether7 list=discover
add interface=ether8 list=discover
add interface=ether9 list=discover
add interface=pppoe-out1 list=discover
add interface=bridge1 list=discover
add interface=l2tp-out1 list=discover
add interface=eoip-tunnel1- list=discover
/ip address
add address=10.5.50.1/22 interface=bridge1 network=10.5.48.0
add address=10.10.2.1/24 interface=bridge1 network=10.10.2.0
add address=10.250.1.5/24 disabled=yes interface=ether10-WAN network=\
10.250.1.0
add address=192.168.1.1/24 disabled=yes interface=bridge1 network=192.168.1.0
add address=192.168.1.1/24 disabled=yes interface=bridge1 network=192.168.1.0
/ip cloud
set ddns-enabled=yes
/ip dhcp-client
add add-default-route=no interface=bridge1 use-peer-dns=no use-peer-ntp=no
/ip dhcp-server lease
add address=10.5.48.36 client-id=1:dc:9f:db:68:f2:7a mac-address=\
DC:9F:DB:68:F2:7A server=dhcp1
/ip dhcp-server network
add address=10.5.48.0/22 comment="hotspot network" gateway=10.5.50.1
/ip dns
set servers=8.8.8.8,8.8.4.4
/ip dns static
add address=10.5.50.1 disabled=yes name=captive.apple.com/hotspot-detect.html
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes to-addresses=0.0.0.0
add action=masquerade chain=srcnat comment="masquerade hotspot network " \
src-address=10.5.48.0/22 to-addresses=0.0.0.0
add action=masquerade chain=srcnat comment="Cliente cuota " \
src-address=10.10.2.100
add action=dst-nat chain=dstnat disabled=yes dst-port=1000 in-interface=\
pppoe-out1 protocol=tcp to-addresses=10.10.2.6 to-ports=80
add action=dst-nat chain=dstnat disabled=yes dst-port=5555 in-interface=\
pppoe-out1 protocol=tcp to-addresses=192.168.1.20 to-ports=443
add action=dst-nat chain=dstnat dst-port=5560 in-interface=pppoe-out1 \
protocol=tcp to-addresses=10.10.2.100 to-ports=443
add action=dst-nat chain=dstnat disabled=yes dst-port=5556 in-interface=\
pppoe-out1 protocol=tcp to-addresses=192.168.1.20 to-ports=80
/ip hotspot ip-binding
add address=10.10.2.0/24 type=bypassed
add address=192.168.1.0/24 disabled=yes type=bypassed
/ip hotspot user
add disabled=yes name=instaladores password=instaladores
add name=
add name=add name=
add comment="" name=08:3E:8E:C9:19:2B
add comment="" name=E0:F5:C6:3D:85:EF
add comment="" name=D8:96:95:8F:E7:68
add comment=borrar disabled=yes name=DC:9F:DB:6D:F8:B9
add comment=borrar disabled=yes name=DC:9F:DB:6D:F7:E1
add comment=borrar disabled=yes name=00:27:22:AE:AA:D9
add comment=borrar disabled=yes name=00:27:22:AC:4F:74
add comment=borrar disabled=yes name=00:50:B6:10:D1:F6
add comment=" disabled=yes name=D8:BB:2C:B3:B9:FD
add comment=" name=2C:F0:A2:68:3B:25 profile=MAC_1M/3M
add comment="usuario en caso de emergencia" disabled=yes name= \
password=azahar profile=MAC_2M/10M
add comment="usuario de emergencia" limit-uptime=3w name= password=\
azahar profile=MAC_2M/10M
add comment="usuario de emergencia 20-02-2023" limit-uptime=4w2d name=\
CA14276b password= profile="2M/10M - 2 shared user"
add comment="usuario de emergencia 20-02-2023" limit-uptime=4w2d name=\
CA872046b password= profile="2M/10M - 1 shared user"
add comment="usuario de emergencia 14-03-2023" limit-uptime=1w name=CA500695b \
password= profile="2M/10M - 2 shared user"
add comment="Usuario de emergencia 27-03-2023" name=CA766262 password= \
profile="2M/10M - 2 shared user"
add name= password=profile="2M/10M - 2 shared user"
/ip proxy
set cache-path=web-proxy1 parent-proxy=0.0.0.0
/ip route
add distance=1 dst-address=10.0.0.11/32 gateway=10.1.5.1
add distance=1 dst-address=192.168.10.0/24 gateway=10.1.6.1
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes port=81
set ssh port=
set api address=10.0.0.11/32
set winbox address= port=
set api-ssl disabled=yes
/ip ssh
set allow-none-crypto=yes forwarding-enabled=remote
/ipv6 nd
set [ find default=yes ] advertise-dns=no
/ppp secret
add local-address=10.10.10.14 name=Azahar_eoip password=econectia \
remote-address=10.10.10.15 service=l2tp
/radius
add address=10.0.0.11 disabled=yes secret= service=\
hotspot timeout=2s
add address=disabled=yes secret=jf3a894huiw service=\
login,hotspot,dhcp timeout=3s
add address= disabled=yes secret=jf3a894huiw service=\
login,hotspot,dhcp
add address=127.0.0.1 disabled=yes secret=.crack06 service=\
login,hotspot,wireless
add address=10.0.0.1 secret=.crack06 service=ppp,hotspot timeout=3s
/radius incoming
set accept=yes port=1700
/snmp
set contact= enabled=yes location= trap-community=\
/system clock
set time-zone-autodetect=no time-zone-name=Europe/Madrid
/system identity
set name=
/system logging
add action=remoteOK prefix= topics=critical
add action=remoteOK prefix=- topics=error
add action=remoteOK prefix=- topics=info
add action=remoteOK prefix=- topics=warning
/system ntp client
set enabled=yes primary-ntp=
/system package update
set channel=long-term
/tool graphing interface
add
/tool graphing queue
add
/tool graphing resource
add
Statistics: Posted by tiago15 — Wed Mar 27, 2024 12:02 pm