Scribd Logo
Upload

Welcome to Scribd!

  • Plantilla Configuracion Mocrotik VER 6.29.1

    Uploaded by

    Mario Alexander Ramirez Moreno
    30 views10 pages
    mk

    Copyright

    © © All Rights Reserved

    Available Formats

    XLS, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    mk

    Copyright:

    © All Rights Reserved
    Download as XLS, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    30 views10 pages

    Plantilla Configuracion Mocrotik VER 6.29.1

    Uploaded by

    Mario Alexander Ramirez Moreno
    mk

    Copyright:

    © All Rights Reserved
    Download as XLS, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 10

    PLANTILLA CONFIGURACIN MIKROTIK

    /system identity
    set name=ALFONSO CANON
    /interface bridge
    add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes \
    disabled=no forward-delay=15s max-message-age=20s mtu=1500 \
    name=bridge_LAN priority=0x8000 protocol-mode=rstp transmit-hold-count=6
    /interface bridge port
    add bridge=bridge_LAN disabled=no edge=auto external-fdb=auto horizon=none \
    interface=ether2 path-cost=10 point-to-point=auto priority=0x80
    add bridge=bridge_LAN disabled=no edge=auto external-fdb=auto horizon=none \
    interface=ether5 path-cost=10 point-to-point=auto priority=0x80
    add bridge=bridge_LAN disabled=no edge=auto external-fdb=auto horizon=none \
    interface=ether4 path-cost=10 point-to-point=auto priority=0x80
    add bridge=bridge_LAN disabled=no edge=auto external-fdb=auto horizon=none \
    interface=ether3 path-cost=10 point-to-point=auto priority=0x80
    add bridge=bridge_LAN disabled=no edge=auto external-fdb=auto horizon=none \
    interface=wlan1 path-cost=10 point-to-point=auto priority=0x80
    /interface bridge settings
    set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=no
    /ip address
    add address=192.168.0.1/24 comment=RED_LAN disabled=no interface=bridge_LAN network=192.168.0.0
    add address=201.184.82.122/29 comment=RED_WAN disabled=no interface=ether1 network=201.184.82.120
    /ip route
    add comment=Ruta_Internet disabled=no distance=1 dst-address=0.0.0.0/0 gateway=201.184.82.121 scope=30 target-scope
    /ip firewall nat
    add action=masquerade chain=srcnat comment=NAT_Internet disabled=no out-interface=ether1
    /ip service
    set telnet disabled=no port=23
    set ftp disabled=yes port=21
    set www disabled=no port=8089
    set ssh disabled=yes port=22
    set www-ssl certificate=none disabled=yes port=443
    set api disabled=yes port=8728
    set winbox disabled=no port=52798
    /system ntp client
    set enabled=yes mode=unicast primary-ntp=200.13.235.188 secondary-ntp=0.0.0.0
    /system clock
    set time-zone-name=America/Bogota
    /system clock manual
    set dst-delta=+00:00 dst-end="jan/01/1970 00:00:00" dst-start="jan/01/1970 00:00:00" time-zone=+00:00
    /ip dns
    set allow-remote-requests=yes cache-max-ttl=1w cache-size=2048KiB max-udp-packet-size=512 servers=200.13.249.101,200
    /ip pool
    add name=dhcp_pool1 ranges=192.168.0.2-192.168.0.253
    /ip dhcp-server
    add address-pool=dhcp_pool1 authoritative=after-2sec-delay bootp-support=static disabled=no interface=bridge_LAN lease-ti
    /ip dhcp-server network
    add address=192.168.0.0/24 gateway=192.168.0.1
    /snmp
    set contact="" enabled=yes engine-id="" location="" trap-version=1
    /snmp community
    add address=0.0.0.0/0 authentication-password="" authentication-protocol=MD5 encryption-password="" encryption-protocol=
    read-access=yes security=none write-access=no
    /ip firewall filter
    add action=accept chain=input disabled=no dst-address=192.168.0.1 in-interface=bridge_LAN src-address=192.168.0.184
    add action=accept chain=input disabled=no in-interface=ether1 src-address=201.233.146.153
    add action=accept chain=input disabled=no in-interface=ether1 src-address=200.13.250.0/24
    add action=accept chain=input disabled=no in-interface=ether1 src-address=200.13.249.83-200.13.249.254
    add action=accept chain=input disabled=no in-interface=ether1 src-address=200.13.225.133
    add action=accept chain=input disabled=no in-interface=ether1 src-address=201.184.82.121
    add action=drop chain=input disabled=no in-interface=bridge_LAN src-address= 0.0.0.0/0
    add action=drop chain=input disabled=no in-interface=ether1 src-address=0.0.0.0/0
    /ip neighbor discovery
    set ether1 disabled=yes
    set wlan1 disabled=yes
    set bridge_LAN disabled=yes
    ..
    ..
    ..
    DATOS DE CONFIGURACIN
    NOMBRE DEL EQUIPO ALFONSO CANON
    RED LAN 192.168.0.0
    IP LAN MIKROTIK 192.168.0.1
    MASCARA RED LAN /24
    RED WAN 201.184.82.120
    IP PBLICA / MSK 201.184.82.122/29
    DEFAULT GATEWAY 201.184.82.121

    CONFIGURACIN DHCP
    RED / MSK 192.168.0.0/24
    GATEWAY 192.168.0.1
    RANGO 192.168.0.2-192.168.0.253
    GESTION
    PUERTO DE GESTION WINBOX 52798
    IP GESTION LAN 192.168.0.184
    PLANTILLA CONFIGURACIN MIKROTIK, PERMITE TENER LAS IP PUBLICAS EN EL PTO ETHER
    /system identity
    set name=IMPORMOTOR
    /interface bridge
    add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes \
    disabled=no forward-delay=15s max-message-age=20s mtu=1500 \
    name=bridge_LAN priority=0x8000 protocol-mode=rstp transmit-hold-count=6
    add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes \
    disabled=no forward-delay=15s max-message-age=20s mtu=1500 \
    name=bridge_WAN priority=0x8000 protocol-mode=rstp transmit-hold-count=6
    /interface bridge port
    add bridge=bridge_WAN disabled=no edge=auto external-fdb=auto horizon=none \
    interface=ether1 path-cost=10 point-to-point=auto priority=0x80
    add bridge=bridge_WAN disabled=no edge=auto external-fdb=auto horizon=none \
    interface=ether2 path-cost=10 point-to-point=auto priority=0x80
    add bridge=bridge_LAN disabled=no edge=auto external-fdb=auto horizon=none \
    interface=ether5 path-cost=10 point-to-point=auto priority=0x80
    add bridge=bridge_LAN disabled=no edge=auto external-fdb=auto horizon=none \
    interface=ether4 path-cost=10 point-to-point=auto priority=0x80
    add bridge=bridge_LAN disabled=no edge=auto external-fdb=auto horizon=none \
    interface=ether3 path-cost=10 point-to-point=auto priority=0x80
    add bridge=bridge_LAN disabled=no edge=auto external-fdb=auto horizon=none \
    interface=wlan1 path-cost=10 point-to-point=auto priority=0x80
    /interface bridge settings
    set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=no
    /ip address
    add address=192.168.1.254/24 comment=RED_LAN disabled=no interface=bridge_LAN network=192.168.1.0
    add address=181.143.185.106/29 comment=RED_WAN disabled=no interface=ether1 network=181.143.185.104
    /ip route
    add comment=Ruta_Internet disabled=no distance=1 dst-address=0.0.0.0/0 gateway=181.143.185.105 scope=30 target-scop
    /ip firewall nat
    add action=masquerade chain=srcnat comment=NAT_Internet disabled=no out-interface=bridge_WAN
    /ip service
    set telnet disabled=no port=23
    set ftp disabled=yes port=21
    set www disabled=no port=8089
    set ssh disabled=yes port=22
    set www-ssl certificate=none disabled=yes port=443
    set api disabled=yes port=8728
    set winbox disabled=no port=52798
    /system ntp client
    set enabled=yes mode=unicast primary-ntp=200.13.235.188 secondary-ntp=0.0.0.0
    /system clock
    set time-zone-name=America/Bogota
    /system clock manual
    set dst-delta=+00:00 dst-end="jan/01/1970 00:00:00" dst-start="jan/01/1970 00:00:00" time-zone=+00:00
    /ip dns
    set allow-remote-requests=yes cache-max-ttl=1w cache-size=2048KiB max-udp-packet-size=512 servers=200.13.249.101,200
    /ip pool
    add name=dhcp_pool1 ranges=192.168.1.10-192.168.1.253
    /ip dhcp-server
    add address-pool=dhcp_pool1 authoritative=after-2sec-delay bootp-support=static disabled=no interface=bridge_LAN lease-ti
    /ip dhcp-server network
    add address=192.168.1.0/24 gateway=192.168.1.254
    /snmp
    set contact="" enabled=yes engine-id="" location="" trap-version=1
    /snmp community
    add address=0.0.0.0/0 authentication-password="" authentication-protocol=MD5 encryption-password="" encryption-protocol=
    read-access=yes security=none write-access=no
    /ip firewall filter
    add action=accept chain=input disabled=no dst-address=192.168.1.254 in-interface=bridge_LAN src-address=192.168.1.184
    add action=accept chain=input disabled=no in-interface=ether1 src-address=201.233.146.153
    add action=accept chain=input disabled=no in-interface=ether1 src-address=200.13.250.0/24
    add action=accept chain=input disabled=no in-interface=ether1 src-address=200.13.249.83-200.13.249.254
    add action=accept chain=input disabled=no in-interface=ether1 src-address=200.13.225.133
    add action=accept chain=input disabled=no in-interface=ether1 src-address=181.143.185.105
    add action=drop chain=input disabled=no in-interface=bridge_LAN src-address= 0.0.0.0/0
    add action=drop chain=input disabled=no in-interface=ether1 src-address=0.0.0.0/0
    /ip neighbor discovery
    set ether1 disabled=yes
    set wlan1 disabled=yes
    set bridge_LAN disabled=yes
    ..
    ..
    ..
    DATOS DE CONFIGURACIN
    NOMBRE DEL EQUIPO IMPORMOTOR
    RED LAN 192.168.1.0
    IP LAN MIKROTIK 192.168.1.254
    MASCARA RED LAN /24
    RED WAN 181.143.185.104
    IP PBLICA / MSK 181.143.185.106/29

    DEFAULT GATEWAY 181.143.185.105

    CONFIGURACIN DHCP
    RED / MSK 192.168.1.0/24
    GATEWAY 192.168.1.254
    RANGO 192.168.1.10-192.168.1.253
    GESTION
    PUERTO DE GESTION WINBOX 52798
    IP GESTION LAN 192.168.1.184
    PORTFORWARDING
    /ip firewall nat
    add action=dst-nat chain=dstnat comment=CAMARA \
    disabled=no dst-address=181.143.185.106 dst-port=23-65535 protocol=udp \
    to-addresses=192.168.1.87 to-ports=23-65535
    DATOS
    SERVICIO CAMARA
    IP DESTINO 192.168.1.87
    PUERTO LAN 23-65535
    IP PUBLICA 181.143.185.106
    PUERTO WAN 23-65535

    You might also like