Untuk para pemula yang ingin menjalankan bisnis rtrw net,
salah satu kendala yg mungkin bisa bikin pusing adalah kebutuhan akan
mikrotik yang fungsinya untuk mengatur pamakaian bandwidth pada masing
klien dan sekaligus sebagai layanan hotspot yang bisa menampilkan
halaman login
ada cara pintas untuk mengatasi masalah tersebut, yaitu menggunakan setingan orang lain, alias copy-paste
caranya:
- nyalakan mikrotik, hubungkan komputer dengan mikrotik routerboard pada port 2 (sebetulnya bisa port apa aja)
- buka winbox (kalo belum punya download aplikasi winbox di mikrotik.co.id atau mikrotik.com)
- kemudian klik pada sebelah kanan kolom isian "Connect To" alias tombol
searching, tunggu bbrp saat sampai muncul daftar mac/ip dari rb
- klik tepat pada mac address-nya (maka yg masik di kolom isian nantinya
adalah mac addressnya), sebaiknya biasakan klik mac addressnya aja...
- masukkan user: admin , password dikosongkan saja (default mikrotik baru atau setelah di reset)
- kemudian klik tombol "Connect", maka anda akan masuk di WINBOX
Persiapan:
setelah masuk winbox
- dari menu "Files" klik BACKUP (untuk simpan setingan sebelum di modifikasi)
- dari menu "Files" klik BACKUP (untuk simpan setingan sebelum di modifikasi)
- dari menu sebelah kiri, pilih "New Terminal"
- kemudian ketik "sys reset" (tanpa tanda petik)
- konfirmasi "y" untuk melanjutkan
- maka routerboard akan reboot
setelah reboot
- login lagi ke winbox
- akan ada pertanyaan untuk menggunakan default template setelah di reset, pilih no aja (tidak pake template)
- masuk ke website http://www.mikrotik.co.id/download.php
- download all_package_xxxx-mipsbe.zip
- extract, ambil file user-manager (harus sama versi-nya), masukkan di root paling atas di mikrotik
- cara memasukkan file ke mikrotik adalah: buka winbox "Files" bersama
dengan Windows Explorer, kemudain klik(tahan) dan seret ke dalam winbox
"Files"
-download login page'nya disini, kemudian upload foldernya ke bagian Files pada Winbox
- asumsi rb anda sudah ver 5.9 keatas
- masuk ke "System" - "Packages"
- enable kan IPv6
Eksekusi:
buka winbox "New Terminal"
- select all dan copy script berikut "PASTIKAN MIKROTIK ANDA VERSI 5.19:
/interface ethernet switch
set switch1 mirror-source=none mirror-target=none name=switch1
/ip hotspot profile
set default dns-name="" hotspot-address=0.0.0.0 html-directory=hotspot \
http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=cookie,http-chap \
name=default rate-limit="" smtp-server=0.0.0.0 split-user-domain=no \
use-radius=no
/ip hotspot user profile
set default idle-timeout=none keepalive-timeout=2m name=default shared-users=\
1 status-autorefresh=1m transparent-proxy=no
add advertise=no idle-timeout=none keepalive-timeout=2m name=profile#256 \
open-status-page=always rate-limit=\
"64k/256k 128k/1024k 50k/192k 25/25 7 50k/50k" shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add advertise=no idle-timeout=none keepalive-timeout=2m name=profile#128 \
open-status-page=always rate-limit=\
"64k/128k 80k/1024k 40k/90k 25/25 7 50k/50k" shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add advertise=no idle-timeout=none keepalive-timeout=2m name=profile#512 \
open-status-page=always rate-limit=\
"128k/512k 256k/1024k 50k/192k 25/25 7 50k/50k" shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add advertise=no idle-timeout=none keepalive-timeout=2m name=profile@256 \
open-status-page=always rate-limit=96k/256k shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add advertise=no idle-timeout=none keepalive-timeout=2m name=profile@128 \
open-status-page=always rate-limit=64k/128k shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add advertise=no idle-timeout=none keepalive-timeout=2m name=profile@512 \
open-status-page=always rate-limit=128k/512k shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add advertise=no idle-timeout=none keepalive-timeout=2m name=profile@768 \
open-status-page=always rate-limit=128k/768k shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add advertise=no idle-timeout=none keepalive-timeout=2m name=youtube \
on-login="64k/256k 128k/800k 50k/192k 30/6000 7 50k/50k" \
open-status-page=always rate-limit=\
"64k/256k 128k/800k 50k/192k 30/600 7 50k/50k" shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add advertise=no idle-timeout=none keepalive-timeout=2m name=profile256x3 \
open-status-page=always rate-limit=\
"64k/256k 128k/1024k 50k/192k 25/25 7 50k/50k" shared-users=3 \
status-autorefresh=1m transparent-proxy=yes
add advertise=no idle-timeout=none keepalive-timeout=2m name=profile4simple \
open-status-page=always rate-limit=128k/1m shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add advertise=no idle-timeout=none keepalive-timeout=2m name=profile4simple-3 \
open-status-page=always rate-limit=128k/1m shared-users=3 \
status-autorefresh=1m transparent-proxy=yes
/ip hotspot profile
add dns-name=planet.hotspot hotspot-address=172.31.146.1 html-directory=PLanet \
http-proxy=0.0.0.0:0 login-by=http-chap,trial name=hsprof1 nas-port-type=\
wireless-802.11 radius-accounting=yes radius-default-domain="" \
radius-interim-update=received radius-location-id="" \
radius-location-name="" radius-mac-format=XX:XX:XX:XX:XX:XX rate-limit="" \
smtp-server=0.0.0.0 split-user-domain=no trial-uptime=30m/1d \
trial-user-profile=profile4simple use-radius=yes
/ip ipsec proposal
set default auth-algorithms=sha1 disabled=no enc-algorithms=3des lifetime=30m \
name=default pfs-group=modp1024
/ip pool
add name=hs-pool-2 ranges=172.31.146.20-172.31.146.200
add name=ppp ranges=10.0.0.20-10.0.0.250
/ip dhcp-server
add address-pool=hs-pool-2 authoritative=after-2sec-delay bootp-support=\
static disabled=no interface=ether2 lease-time=1h name=dhcp1
/ip hotspot
add address-pool=hs-pool-2 addresses-per-mac=2 disabled=no idle-timeout=5m \
interface=ether2 keepalive-timeout=none name=hotspot1 profile=hsprof1
/ppp profile
set default change-tcp-mss=yes local-address=hs-pool-2 name=default only-one=\
default remote-address=ppp remote-ipv6-prefix-pool=none use-compression=\
default use-encryption=default use-ipv6=yes use-mpls=default \
use-vj-compression=default
add change-tcp-mss=default idle-timeout=0s local-address=ppp name=profile#256 \
only-one=yes rate-limit="64k/256k 128k/512k 50k/192k 25/25 7 50k/50k" \
remote-ipv6-prefix-pool=none use-compression=default use-encryption=\
default use-ipv6=yes use-mpls=default use-vj-compression=default
add change-tcp-mss=default local-address=ppp name=profile#128 only-one=yes \
rate-limit="64k/128k 80k/512k 40k/90k 30/30 7 50k/50k" \
remote-ipv6-prefix-pool=none use-compression=default use-encryption=\
default use-ipv6=yes use-mpls=default use-vj-compression=default
add change-tcp-mss=default local-address=ppp name=profile#512 only-one=yes \
rate-limit="128k/512k 256k/1024k 50k/192k 20/20 7 50k/50k" \
remote-ipv6-prefix-pool=none use-compression=default use-encryption=\
default use-ipv6=yes use-mpls=default use-vj-compression=default
add change-tcp-mss=default local-address=ppp name=profile@128 only-one=yes \
rate-limit=64k/128k remote-ipv6-prefix-pool=none use-compression=default \
use-encryption=default use-ipv6=yes use-mpls=default use-vj-compression=\
default
add change-tcp-mss=default local-address=ppp name=profile@256 only-one=yes \
rate-limit=96k/256k remote-ipv6-prefix-pool=none use-compression=default \
use-encryption=default use-ipv6=yes use-mpls=default use-vj-compression=\
default
add change-tcp-mss=default local-address=ppp name=profile@512 only-one=yes \
rate-limit=128k/512k remote-ipv6-prefix-pool=none use-compression=default \
use-encryption=default use-ipv6=yes use-mpls=default use-vj-compression=\
default
add change-tcp-mss=default local-address=ppp name=profile@1024 only-one=yes \
rate-limit=256k/1024k remote-ipv6-prefix-pool=none use-compression=\
default use-encryption=default use-ipv6=yes use-mpls=default \
use-vj-compression=default
set default-encryption change-tcp-mss=yes name=default-encryption only-one=\
default remote-ipv6-prefix-pool=none use-compression=default \
use-encryption=yes use-ipv6=yes use-mpls=default use-vj-compression=\
default
/queue type
set default kind=pfifo name=default pfifo-limit=50
set ethernet-default kind=pfifo name=ethernet-default pfifo-limit=50
set wireless-default kind=sfq name=wireless-default sfq-allot=1514 \
sfq-perturb=5
set synchronous-default kind=red name=synchronous-default red-avg-packet=1000 \
red-burst=20 red-limit=60 red-max-threshold=50 red-min-threshold=10
set hotspot-default kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=\
5
add kind=pcq name=PCQ_upload pcq-burst-rate=0 pcq-burst-threshold=0 \
pcq-burst-time=10s pcq-classifier=src-address pcq-dst-address-mask=32 \
pcq-dst-address6-mask=128 pcq-limit=50 pcq-rate=128k \
pcq-src-address-mask=32 pcq-src-address6-mask=128 pcq-total-limit=2000
add kind=pcq name=PCQ_download pcq-burst-rate=0 pcq-burst-threshold=0 \
pcq-burst-time=10s pcq-classifier=dst-address pcq-dst-address-mask=32 \
pcq-dst-address6-mask=128 pcq-limit=50 pcq-rate=512k \
pcq-src-address-mask=32 pcq-src-address6-mask=128 pcq-total-limit=2000
set only-hardware-queue kind=none name=only-hardware-queue
set multi-queue-ethernet-default kind=mq-pfifo mq-pfifo-limit=50 name=\
multi-queue-ethernet-default
set default-small kind=pfifo name=default-small pfifo-limit=10
/queue simple
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \
disabled=no interface=all limit-at=0/0 max-limit=0/0 name=queue2 \
packet-marks=client_download,client_upload parent=none priority=8 queue=\
PCQ_upload/PCQ_download target-addresses=172.31.146.0/24 total-queue=\
default-small
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=queue2 packet-mark=client_download parent=global-in \
priority=8 queue=PCQ_download
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=queue3 packet-mark=client_upload parent=global-out \
priority=8 queue=PCQ_upload
/routing bgp instance
set default as=65530 client-to-client-reflection=yes disabled=no \
ignore-as-path-len=no name=default out-filter="" redistribute-connected=\
no redistribute-ospf=no redistribute-other-bgp=no redistribute-rip=no \
redistribute-static=no router-id=0.0.0.0 routing-table=""
/routing ospf instance
set default disabled=no distribute-default=never in-filter=ospf-in \
metric-bgp=auto metric-connected=20 metric-default=1 metric-other-ospf=\
auto metric-rip=20 metric-static=20 name=default out-filter=ospf-out \
redistribute-bgp=no redistribute-connected=no redistribute-other-ospf=no \
redistribute-rip=no redistribute-static=no router-id=0.0.0.0
/routing ospf area
set backbone area-id=0.0.0.0 disabled=no instance=default name=backbone type=\
default
/routing ospf-v3 instance
set default disabled=no distribute-default=never metric-bgp=auto \
metric-connected=20 metric-default=1 metric-other-ospf=auto metric-rip=20 \
metric-static=20 name=default redistribute-bgp=no redistribute-connected=\
no redistribute-other-ospf=no redistribute-rip=no redistribute-static=no \
router-id=0.0.0.0
/routing ospf-v3 area
set backbone area-id=0.0.0.0 disabled=no instance=default name=backbone type=\
default
/snmp
set contact="" enabled=no engine-id="" location="" trap-target=0.0.0.0 \
trap-version=1
/snmp community
set public address=0.0.0.0/0 authentication-password="" \
authentication-protocol=MD5 encryption-password="" encryption-protocol=\
DES name=public read-access=yes security=none write-access=no
/system logging action
set memory memory-lines=100 memory-stop-on-full=no name=memory target=memory
set disk disk-file-count=2 disk-file-name=log disk-lines-per-file=100 \
disk-stop-on-full=no name=disk target=disk
set echo name=echo remember=yes target=echo
set remote bsd-syslog=no name=remote remote=:: remote-port=514 src-address=\
0.0.0.0 syslog-facility=daemon syslog-severity=auto target=remote
/system routerboard settings
set boot-device=nand-if-fail-then-ethernet boot-protocol=bootp cpu-frequency=\
400MHz force-backup-booter=no silent-boot=no
set boot-device=nand-if-fail-then-ethernet boot-protocol=bootp cpu-frequency=\
400MHz force-backup-booter=no silent-boot=no
/tool user-manager profile
add name=profil1 name-for-users="" override-shared-users=unlimited price=0 \
starts-at=now validity=0s
add name=profile-256 name-for-users="" override-shared-users=1 price=0 \
starts-at=now validity=0s
add name=profile-512 name-for-users="" override-shared-users=1 price=0 \
starts-at=logon validity=0s
add name=profile256 name-for-users="" override-shared-users=1 price=0 \
starts-at=now validity=0s
add name=profile512 name-for-users="" override-shared-users=1 price=0 \
starts-at=now validity=0s
add name=profile128 name-for-users="" override-shared-users=1 price=0 \
starts-at=now validity=0s
/tool user-manager profile limitation
add address-list="" download-limit=0B group-name="" ip-pool="" name=limit-512 \
rate-limit-burst-rx=204800B rate-limit-burst-time-rx=20s \
rate-limit-burst-time-tx=20s rate-limit-burst-treshold-rx=81920B \
rate-limit-burst-treshold-tx=358400B rate-limit-burst-tx=819200B \
rate-limit-min-rx=51200B rate-limit-min-tx=61440B rate-limit-priority=8 \
rate-limit-rx=102400B rate-limit-tx=512000B transfer-limit=0B \
upload-limit=0B uptime-limit=0s
add address-list="" download-limit=0B group-name="" ip-pool="" name=limit-256 \
rate-limit-burst-rx=102400B rate-limit-burst-time-rx=20s \
rate-limit-burst-time-tx=20s rate-limit-burst-treshold-rx=51200B \
rate-limit-burst-treshold-tx=194560B rate-limit-burst-tx=512000B \
rate-limit-min-rx=40960B rate-limit-min-tx=61440B rate-limit-priority=8 \
rate-limit-rx=61440B rate-limit-tx=256000B transfer-limit=0B \
upload-limit=0B uptime-limit=0s
add address-list="" download-limit=0B group-name="" ip-pool="" name=limit-128 \
rate-limit-burst-rx=81920B rate-limit-burst-time-rx=30s \
rate-limit-burst-time-tx=30s rate-limit-burst-treshold-rx=40960B \
rate-limit-burst-treshold-tx=92160B rate-limit-burst-tx=524288B \
rate-limit-min-rx=40960B rate-limit-min-tx=51200B rate-limit-priority=7 \
rate-limit-rx=65536B rate-limit-tx=131072B transfer-limit=0B \
upload-limit=0B uptime-limit=0s
/user group
set read name=read policy="local,telnet,ssh,reboot,read,test,winbox,password,w\
eb,sniff,sensitive,api,!ftp,!write,!policy" skin=default
set write name=write policy="local,telnet,ssh,reboot,read,write,test,winbox,pa\
ssword,web,sniff,sensitive,api,!ftp,!policy" skin=default
set full name=full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,\
winbox,password,web,sniff,sensitive,api" skin=default
/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=\
no
/interface ethernet switch port
set ether1 vlan-mode=disabled
set ether2 vlan-mode=fallback
set ether3 vlan-mode=fallback
set ether4 vlan-mode=fallback
set ether5 vlan-mode=fallback
set switch1_cpu vlan-mode=fallback
/interface l2tp-server server
set authentication=pap,chap,mschap1,mschap2 default-profile=\
default-encryption enabled=no max-mru=1460 max-mtu=1460 mrru=disabled
/interface ovpn-server server
set auth=sha1,md5 certificate=none cipher=blowfish128,aes128 default-profile=\
default enabled=no keepalive-timeout=60 mac-address=FE:98:26:35:02:C9 \
max-mtu=1500 mode=ip netmask=24 port=1194 require-client-certificate=no
/interface pppoe-server server
add authentication=pap,chap,mschap1,mschap2 default-profile=default disabled=\
no interface=ether2 keepalive-timeout=10 max-mru=1480 max-mtu=1480 \
max-sessions=0 mrru=disabled one-session-per-host=no service-name=\
service1
/interface pptp-server server
set authentication=mschap1,mschap2 default-profile=default-encryption \
enabled=no keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=disabled
/interface sstp-server server
set authentication=pap,chap,mschap1,mschap2 certificate=none default-profile=\
default enabled=no keepalive-timeout=60 max-mru=1500 max-mtu=1500 mrru=\
disabled port=443 verify-client-certificate=no
/ip accounting
set account-local-traffic=no enabled=no threshold=256
/ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ip address
add address=172.31.146.1/24 disabled=no interface=ether2 network=172.31.146.0
/ip dhcp-client
add default-route-distance=0 disabled=no interface=ether1
/ip dhcp-server config
set store-leases-disk=5m
/ip dhcp-server network
add address=172.31.146.0/24 comment="hotspot network" gateway=172.31.146.1
/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=2048KiB \
max-udp-packet-size=512 servers=\
192.168.1.1,180.131.144.144,202.134.0.155,202.134.1.10
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
tcp-close-wait-timeout=10s tcp-established-timeout=1d \
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no \
tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
disabled=no src-address=172.31.146.0/24
add action=masquerade chain=srcnat disabled=no src-address=10.0.0.0/24
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061 sip-direct-media=yes
set pptp disabled=no
/ip hotspot ip-binding
add address=172.31.146.41 disabled=no mac-address=00:0F:FE:3C:28:12 server=\
hotspot1 to-address=172.31.146.41 type=bypassed
/ip hotspot service-port
set ftp disabled=no ports=21
/ip hotspot user
add disabled=no name=admin password=ndasem profile=default
add disabled=no name=user1 password=satu profile=profile4simple
add disabled=no name=user2 password=dua profile=profile4simple
add disabled=no name=user3 password=tiga profile=profile4simple-3
/ip neighbor discovery
set ether1 disabled=no
set ether2 disabled=no
set ether3 disabled=no
set ether4 disabled=no
set ether5 disabled=no
/ip proxy
set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 \
cache-on-disk=no enabled=no max-cache-size=none max-client-connections=\
600 max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0 \
parent-proxy-port=0 port=8080 serialize-connections=no src-address=\
0.0.0.0
/ip service
set telnet disabled=no port=23
set ftp disabled=no port=21
set www disabled=no port=81
set ssh disabled=yes port=22
set www-ssl certificate=none disabled=yes port=443
set api disabled=yes port=8728
set winbox disabled=no port=8291
/ip socks
set connection-idle-timeout=2m enabled=no max-connections=200 port=1080
/ip ssh
set forwarding-enabled=no
/ip traffic-flow
set active-flow-timeout=30m cache-entries=4k enabled=no \
inactive-flow-timeout=15s interfaces=all
/ip upnp
set allow-disable-external-interface=yes enabled=no show-dummy-rule=yes
/ipv6 nd
add advertise-dns=no advertise-mac-address=yes disabled=no hop-limit=\
unspecified interface=all managed-address-configuration=no mtu=\
unspecified other-configuration=no ra-delay=3s ra-interval=3m20s-10m \
ra-lifetime=30m reachable-time=unspecified retransmit-interval=\
unspecified
/ipv6 nd prefix default
set autonomous=yes preferred-lifetime=1w valid-lifetime=4w2d
/port firmware
set directory=firmware
/ppp aaa
set accounting=yes interim-update=0s use-radius=yes
/ppp secret
add caller-id="" disabled=no limit-bytes-in=0 limit-bytes-out=0 name=ppp \
password=111 profile=default routes="" service=any
add caller-id="" disabled=no limit-bytes-in=0 limit-bytes-out=0 name=ppp1 \
password=111 profile=profile#128 routes="" service=any
add caller-id="" disabled=no limit-bytes-in=0 limit-bytes-out=0 name=ppp2 \
password=222 profile=profile#256 routes="" service=any
add caller-id="" disabled=no limit-bytes-in=0 limit-bytes-out=0 name=ppp3 \
password=333 profile=profile#512 routes="" service=any
add caller-id="" disabled=no limit-bytes-in=0 limit-bytes-out=0 name=ppp4 \
password=444 profile=profile@1024 routes="" service=any
/queue interface
set ether1 queue=ethernet-default
set ether2 queue=ethernet-default
set ether3 queue=ethernet-default
set ether4 queue=ethernet-default
set ether5 queue=ethernet-default
/radius
add accounting-backup=no accounting-port=1813 address=127.0.0.1 \
authentication-port=1812 called-id="" disabled=no domain="" realm="" \
secret=1 service=ppp,hotspot timeout=300ms
/radius incoming
set accept=no port=3799
/routing bfd interface
set all disabled=no interface=all interval=0.2sec min-rx=0.2sec multiplier=5
/routing mme
set bidirectional-timeout=2 gateway-class=none gateway-keepalive=1m \
gateway-selection=no-gateway origination-interval=5s preferred-gateway=\
0.0.0.0 timeout=1m ttl=50
/routing rip
set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1 \
metric-default=1 metric-ospf=1 metric-static=1 redistribute-bgp=no \
redistribute-connected=no redistribute-ospf=no redistribute-static=no \
routing-table=main timeout-timer=3m update-timer=30s
/routing ripng
set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1 \
metric-default=1 metric-ospf=1 metric-static=1 redistribute-bgp=no \
redistribute-connected=no redistribute-ospf=no redistribute-static=no \
timeout-timer=3m update-timer=30s
/store
add disabled=no disk=system name=user-manager1 type=user-manager
add disabled=no disk=system name=web-proxy1 type=web-proxy
/system clock
set time-zone-name=Asia/Jakarta
/system clock manual
set dst-delta=+00:00 dst-end="jan/01/1970 00:00:00" dst-start=\
"jan/01/1970 00:00:00" time-zone=+00:00
/system health
set
/system identity
set name=MikroTik
/system logging
add action=memory disabled=no prefix="" topics=info
add action=memory disabled=no prefix="" topics=error
add action=memory disabled=no prefix="" topics=warning
add action=echo disabled=no prefix="" topics=critical
add action=memory disabled=no prefix="" topics=info
add action=memory disabled=no prefix="" topics=error
add action=memory disabled=no prefix="" topics=warning
add action=echo disabled=no prefix="" topics=critical
add action=memory disabled=no prefix="" topics=info
add action=memory disabled=no prefix="" topics=error
add action=memory disabled=no prefix="" topics=warning
add action=echo disabled=no prefix="" topics=critical
add action=memory disabled=no prefix="" topics=info
add action=memory disabled=no prefix="" topics=error
add action=memory disabled=no prefix="" topics=warning
add action=echo disabled=no prefix="" topics=critical
/system note
set note="" show-at-login=yes
/system ntp client
set enabled=yes mode=unicast primary-ntp=140.112.2.189 secondary-ntp=\
203.160.128.3
/system resource irq
set 0 cpu=auto
set 1 cpu=auto
/system upgrade mirror
set check-interval=1d enabled=no primary-server=0.0.0.0 secondary-server=\
0.0.0.0 user=""
/system watchdog
set auto-send-supout=no automatic-supout=yes no-ping-delay=5m watch-address=\
none watchdog-timer=yes
/tool bandwidth-server
set allocate-udp-ports-from=2000 authenticate=yes enabled=yes max-sessions=\
100
/tool e-mail
set address=0.0.0.0 from=<> password="" port=25 user=""
/tool graphing
set page-refresh=300 store-every=5min
/tool graphing interface
add allow-address=0.0.0.0/0 disabled=no interface=ether1 store-on-disk=yes
/tool mac-server
set (unknown) disabled=no interface=all
/tool mac-server ping
set enabled=yes
/tool sms
set allowed-number="" channel=0 keep-max-sms=0 receive-enabled=no secret=""
/tool sniffer
set file-limit=1000KiB file-name="" filter-stream=yes interface=all \
memory-limit=100KiB memory-scroll=yes only-headers=no streaming-enabled=\
no streaming-server=0.0.0.0
/tool traffic-generator
set latency-distribution-scale=10 test-id=0
/tool user-manager customer
add backup-allowed=yes disabled=no login=admin parent=admin password=dasekocl \
paypal-accept-pending=no paypal-allowed=no paypal-secure-response=no \
permissions=owner signup-allowed=no time-zone=-00:00
/tool user-manager profile profile-limitation
add from-time=0s limitation=limit-256 profile=profile-256 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-512 profile=profile-512 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-256 profile=profile256 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-512 profile=profile512 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-128 profile=profile128 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-256 profile=profile256 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-512 profile=profile512 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-128 profile=profile128 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-256 profile=profile256 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-512 profile=profile512 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-128 profile=profile128 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-256 profile=profile256 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-512 profile=profile512 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-128 profile=profile128 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-256 profile=profile256 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-512 profile=profile512 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-128 profile=profile128 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-256 profile=profile256 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-512 profile=profile512 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-128 profile=profile128 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-256 profile=profile256 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-512 profile=profile512 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-128 profile=profile128 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-256 profile=profile256 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-512 profile=profile512 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-128 profile=profile128 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-256 profile=profile256 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-512 profile=profile512 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-128 profile=profile128 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
/tool user-manager router
add coa-port=1700 customer=admin disabled=no ip-address=192.168.1.2 log=\
auth-fail name=router1 shared-secret=""
add coa-port=1700 customer=admin disabled=no ip-address=127.0.0.1 log="" \
name=rnet-userman shared-secret=1
/tool user-manager user
add customer=admin disabled=no name=admin password=dasekocl shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=radius password=radius shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=ale password=ale shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=echa password=echa shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=eca password=eca shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=alae password=alae shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=user1 password=111 shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=user2 password=222 shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=user3 password=333 shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=usman password=000 shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=usman2 password=222 shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=usman3 password=333 shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=usman1 password=111 shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
/user aaa
set accounting=yes default-group=read interim-update=0s use-radius=no:
- setelah selesai dan tidak ada yg error, reboot mikrotik
maka routerboard sdh terisi dengan setingan yang baru
port 1: untuk disambungkan ke modem speedy atau isp lain
port 2: untuk disambungkan ke aksess point
buka winbox "New Terminal"
- select all dan copy script berikut "PASTIKAN MIKROTIK ANDA VERSI 5.19:
/interface ethernet switch
set switch1 mirror-source=none mirror-target=none name=switch1
/ip hotspot profile
set default dns-name="" hotspot-address=0.0.0.0 html-directory=hotspot \
http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=cookie,http-chap \
name=default rate-limit="" smtp-server=0.0.0.0 split-user-domain=no \
use-radius=no
/ip hotspot user profile
set default idle-timeout=none keepalive-timeout=2m name=default shared-users=\
1 status-autorefresh=1m transparent-proxy=no
add advertise=no idle-timeout=none keepalive-timeout=2m name=profile#256 \
open-status-page=always rate-limit=\
"64k/256k 128k/1024k 50k/192k 25/25 7 50k/50k" shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add advertise=no idle-timeout=none keepalive-timeout=2m name=profile#128 \
open-status-page=always rate-limit=\
"64k/128k 80k/1024k 40k/90k 25/25 7 50k/50k" shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add advertise=no idle-timeout=none keepalive-timeout=2m name=profile#512 \
open-status-page=always rate-limit=\
"128k/512k 256k/1024k 50k/192k 25/25 7 50k/50k" shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add advertise=no idle-timeout=none keepalive-timeout=2m name=profile@256 \
open-status-page=always rate-limit=96k/256k shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add advertise=no idle-timeout=none keepalive-timeout=2m name=profile@128 \
open-status-page=always rate-limit=64k/128k shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add advertise=no idle-timeout=none keepalive-timeout=2m name=profile@512 \
open-status-page=always rate-limit=128k/512k shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add advertise=no idle-timeout=none keepalive-timeout=2m name=profile@768 \
open-status-page=always rate-limit=128k/768k shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add advertise=no idle-timeout=none keepalive-timeout=2m name=youtube \
on-login="64k/256k 128k/800k 50k/192k 30/6000 7 50k/50k" \
open-status-page=always rate-limit=\
"64k/256k 128k/800k 50k/192k 30/600 7 50k/50k" shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add advertise=no idle-timeout=none keepalive-timeout=2m name=profile256x3 \
open-status-page=always rate-limit=\
"64k/256k 128k/1024k 50k/192k 25/25 7 50k/50k" shared-users=3 \
status-autorefresh=1m transparent-proxy=yes
add advertise=no idle-timeout=none keepalive-timeout=2m name=profile4simple \
open-status-page=always rate-limit=128k/1m shared-users=1 \
status-autorefresh=1m transparent-proxy=yes
add advertise=no idle-timeout=none keepalive-timeout=2m name=profile4simple-3 \
open-status-page=always rate-limit=128k/1m shared-users=3 \
status-autorefresh=1m transparent-proxy=yes
/ip hotspot profile
add dns-name=planet.hotspot hotspot-address=172.31.146.1 html-directory=PLanet \
http-proxy=0.0.0.0:0 login-by=http-chap,trial name=hsprof1 nas-port-type=\
wireless-802.11 radius-accounting=yes radius-default-domain="" \
radius-interim-update=received radius-location-id="" \
radius-location-name="" radius-mac-format=XX:XX:XX:XX:XX:XX rate-limit="" \
smtp-server=0.0.0.0 split-user-domain=no trial-uptime=30m/1d \
trial-user-profile=profile4simple use-radius=yes
/ip ipsec proposal
set default auth-algorithms=sha1 disabled=no enc-algorithms=3des lifetime=30m \
name=default pfs-group=modp1024
/ip pool
add name=hs-pool-2 ranges=172.31.146.20-172.31.146.200
add name=ppp ranges=10.0.0.20-10.0.0.250
/ip dhcp-server
add address-pool=hs-pool-2 authoritative=after-2sec-delay bootp-support=\
static disabled=no interface=ether2 lease-time=1h name=dhcp1
/ip hotspot
add address-pool=hs-pool-2 addresses-per-mac=2 disabled=no idle-timeout=5m \
interface=ether2 keepalive-timeout=none name=hotspot1 profile=hsprof1
/ppp profile
set default change-tcp-mss=yes local-address=hs-pool-2 name=default only-one=\
default remote-address=ppp remote-ipv6-prefix-pool=none use-compression=\
default use-encryption=default use-ipv6=yes use-mpls=default \
use-vj-compression=default
add change-tcp-mss=default idle-timeout=0s local-address=ppp name=profile#256 \
only-one=yes rate-limit="64k/256k 128k/512k 50k/192k 25/25 7 50k/50k" \
remote-ipv6-prefix-pool=none use-compression=default use-encryption=\
default use-ipv6=yes use-mpls=default use-vj-compression=default
add change-tcp-mss=default local-address=ppp name=profile#128 only-one=yes \
rate-limit="64k/128k 80k/512k 40k/90k 30/30 7 50k/50k" \
remote-ipv6-prefix-pool=none use-compression=default use-encryption=\
default use-ipv6=yes use-mpls=default use-vj-compression=default
add change-tcp-mss=default local-address=ppp name=profile#512 only-one=yes \
rate-limit="128k/512k 256k/1024k 50k/192k 20/20 7 50k/50k" \
remote-ipv6-prefix-pool=none use-compression=default use-encryption=\
default use-ipv6=yes use-mpls=default use-vj-compression=default
add change-tcp-mss=default local-address=ppp name=profile@128 only-one=yes \
rate-limit=64k/128k remote-ipv6-prefix-pool=none use-compression=default \
use-encryption=default use-ipv6=yes use-mpls=default use-vj-compression=\
default
add change-tcp-mss=default local-address=ppp name=profile@256 only-one=yes \
rate-limit=96k/256k remote-ipv6-prefix-pool=none use-compression=default \
use-encryption=default use-ipv6=yes use-mpls=default use-vj-compression=\
default
add change-tcp-mss=default local-address=ppp name=profile@512 only-one=yes \
rate-limit=128k/512k remote-ipv6-prefix-pool=none use-compression=default \
use-encryption=default use-ipv6=yes use-mpls=default use-vj-compression=\
default
add change-tcp-mss=default local-address=ppp name=profile@1024 only-one=yes \
rate-limit=256k/1024k remote-ipv6-prefix-pool=none use-compression=\
default use-encryption=default use-ipv6=yes use-mpls=default \
use-vj-compression=default
set default-encryption change-tcp-mss=yes name=default-encryption only-one=\
default remote-ipv6-prefix-pool=none use-compression=default \
use-encryption=yes use-ipv6=yes use-mpls=default use-vj-compression=\
default
/queue type
set default kind=pfifo name=default pfifo-limit=50
set ethernet-default kind=pfifo name=ethernet-default pfifo-limit=50
set wireless-default kind=sfq name=wireless-default sfq-allot=1514 \
sfq-perturb=5
set synchronous-default kind=red name=synchronous-default red-avg-packet=1000 \
red-burst=20 red-limit=60 red-max-threshold=50 red-min-threshold=10
set hotspot-default kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=\
5
add kind=pcq name=PCQ_upload pcq-burst-rate=0 pcq-burst-threshold=0 \
pcq-burst-time=10s pcq-classifier=src-address pcq-dst-address-mask=32 \
pcq-dst-address6-mask=128 pcq-limit=50 pcq-rate=128k \
pcq-src-address-mask=32 pcq-src-address6-mask=128 pcq-total-limit=2000
add kind=pcq name=PCQ_download pcq-burst-rate=0 pcq-burst-threshold=0 \
pcq-burst-time=10s pcq-classifier=dst-address pcq-dst-address-mask=32 \
pcq-dst-address6-mask=128 pcq-limit=50 pcq-rate=512k \
pcq-src-address-mask=32 pcq-src-address6-mask=128 pcq-total-limit=2000
set only-hardware-queue kind=none name=only-hardware-queue
set multi-queue-ethernet-default kind=mq-pfifo mq-pfifo-limit=50 name=\
multi-queue-ethernet-default
set default-small kind=pfifo name=default-small pfifo-limit=10
/queue simple
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \
disabled=no interface=all limit-at=0/0 max-limit=0/0 name=queue2 \
packet-marks=client_download,client_upload parent=none priority=8 queue=\
PCQ_upload/PCQ_download target-addresses=172.31.146.0/24 total-queue=\
default-small
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=queue2 packet-mark=client_download parent=global-in \
priority=8 queue=PCQ_download
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=queue3 packet-mark=client_upload parent=global-out \
priority=8 queue=PCQ_upload
/routing bgp instance
set default as=65530 client-to-client-reflection=yes disabled=no \
ignore-as-path-len=no name=default out-filter="" redistribute-connected=\
no redistribute-ospf=no redistribute-other-bgp=no redistribute-rip=no \
redistribute-static=no router-id=0.0.0.0 routing-table=""
/routing ospf instance
set default disabled=no distribute-default=never in-filter=ospf-in \
metric-bgp=auto metric-connected=20 metric-default=1 metric-other-ospf=\
auto metric-rip=20 metric-static=20 name=default out-filter=ospf-out \
redistribute-bgp=no redistribute-connected=no redistribute-other-ospf=no \
redistribute-rip=no redistribute-static=no router-id=0.0.0.0
/routing ospf area
set backbone area-id=0.0.0.0 disabled=no instance=default name=backbone type=\
default
/routing ospf-v3 instance
set default disabled=no distribute-default=never metric-bgp=auto \
metric-connected=20 metric-default=1 metric-other-ospf=auto metric-rip=20 \
metric-static=20 name=default redistribute-bgp=no redistribute-connected=\
no redistribute-other-ospf=no redistribute-rip=no redistribute-static=no \
router-id=0.0.0.0
/routing ospf-v3 area
set backbone area-id=0.0.0.0 disabled=no instance=default name=backbone type=\
default
/snmp
set contact="" enabled=no engine-id="" location="" trap-target=0.0.0.0 \
trap-version=1
/snmp community
set public address=0.0.0.0/0 authentication-password="" \
authentication-protocol=MD5 encryption-password="" encryption-protocol=\
DES name=public read-access=yes security=none write-access=no
/system logging action
set memory memory-lines=100 memory-stop-on-full=no name=memory target=memory
set disk disk-file-count=2 disk-file-name=log disk-lines-per-file=100 \
disk-stop-on-full=no name=disk target=disk
set echo name=echo remember=yes target=echo
set remote bsd-syslog=no name=remote remote=:: remote-port=514 src-address=\
0.0.0.0 syslog-facility=daemon syslog-severity=auto target=remote
/system routerboard settings
set boot-device=nand-if-fail-then-ethernet boot-protocol=bootp cpu-frequency=\
400MHz force-backup-booter=no silent-boot=no
set boot-device=nand-if-fail-then-ethernet boot-protocol=bootp cpu-frequency=\
400MHz force-backup-booter=no silent-boot=no
/tool user-manager profile
add name=profil1 name-for-users="" override-shared-users=unlimited price=0 \
starts-at=now validity=0s
add name=profile-256 name-for-users="" override-shared-users=1 price=0 \
starts-at=now validity=0s
add name=profile-512 name-for-users="" override-shared-users=1 price=0 \
starts-at=logon validity=0s
add name=profile256 name-for-users="" override-shared-users=1 price=0 \
starts-at=now validity=0s
add name=profile512 name-for-users="" override-shared-users=1 price=0 \
starts-at=now validity=0s
add name=profile128 name-for-users="" override-shared-users=1 price=0 \
starts-at=now validity=0s
/tool user-manager profile limitation
add address-list="" download-limit=0B group-name="" ip-pool="" name=limit-512 \
rate-limit-burst-rx=204800B rate-limit-burst-time-rx=20s \
rate-limit-burst-time-tx=20s rate-limit-burst-treshold-rx=81920B \
rate-limit-burst-treshold-tx=358400B rate-limit-burst-tx=819200B \
rate-limit-min-rx=51200B rate-limit-min-tx=61440B rate-limit-priority=8 \
rate-limit-rx=102400B rate-limit-tx=512000B transfer-limit=0B \
upload-limit=0B uptime-limit=0s
add address-list="" download-limit=0B group-name="" ip-pool="" name=limit-256 \
rate-limit-burst-rx=102400B rate-limit-burst-time-rx=20s \
rate-limit-burst-time-tx=20s rate-limit-burst-treshold-rx=51200B \
rate-limit-burst-treshold-tx=194560B rate-limit-burst-tx=512000B \
rate-limit-min-rx=40960B rate-limit-min-tx=61440B rate-limit-priority=8 \
rate-limit-rx=61440B rate-limit-tx=256000B transfer-limit=0B \
upload-limit=0B uptime-limit=0s
add address-list="" download-limit=0B group-name="" ip-pool="" name=limit-128 \
rate-limit-burst-rx=81920B rate-limit-burst-time-rx=30s \
rate-limit-burst-time-tx=30s rate-limit-burst-treshold-rx=40960B \
rate-limit-burst-treshold-tx=92160B rate-limit-burst-tx=524288B \
rate-limit-min-rx=40960B rate-limit-min-tx=51200B rate-limit-priority=7 \
rate-limit-rx=65536B rate-limit-tx=131072B transfer-limit=0B \
upload-limit=0B uptime-limit=0s
/user group
set read name=read policy="local,telnet,ssh,reboot,read,test,winbox,password,w\
eb,sniff,sensitive,api,!ftp,!write,!policy" skin=default
set write name=write policy="local,telnet,ssh,reboot,read,write,test,winbox,pa\
ssword,web,sniff,sensitive,api,!ftp,!policy" skin=default
set full name=full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,\
winbox,password,web,sniff,sensitive,api" skin=default
/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=\
no
/interface ethernet switch port
set ether1 vlan-mode=disabled
set ether2 vlan-mode=fallback
set ether3 vlan-mode=fallback
set ether4 vlan-mode=fallback
set ether5 vlan-mode=fallback
set switch1_cpu vlan-mode=fallback
/interface l2tp-server server
set authentication=pap,chap,mschap1,mschap2 default-profile=\
default-encryption enabled=no max-mru=1460 max-mtu=1460 mrru=disabled
/interface ovpn-server server
set auth=sha1,md5 certificate=none cipher=blowfish128,aes128 default-profile=\
default enabled=no keepalive-timeout=60 mac-address=FE:98:26:35:02:C9 \
max-mtu=1500 mode=ip netmask=24 port=1194 require-client-certificate=no
/interface pppoe-server server
add authentication=pap,chap,mschap1,mschap2 default-profile=default disabled=\
no interface=ether2 keepalive-timeout=10 max-mru=1480 max-mtu=1480 \
max-sessions=0 mrru=disabled one-session-per-host=no service-name=\
service1
/interface pptp-server server
set authentication=mschap1,mschap2 default-profile=default-encryption \
enabled=no keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=disabled
/interface sstp-server server
set authentication=pap,chap,mschap1,mschap2 certificate=none default-profile=\
default enabled=no keepalive-timeout=60 max-mru=1500 max-mtu=1500 mrru=\
disabled port=443 verify-client-certificate=no
/ip accounting
set account-local-traffic=no enabled=no threshold=256
/ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ip address
add address=172.31.146.1/24 disabled=no interface=ether2 network=172.31.146.0
/ip dhcp-client
add default-route-distance=0 disabled=no interface=ether1
/ip dhcp-server config
set store-leases-disk=5m
/ip dhcp-server network
add address=172.31.146.0/24 comment="hotspot network" gateway=172.31.146.1
/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=2048KiB \
max-udp-packet-size=512 servers=\
192.168.1.1,180.131.144.144,202.134.0.155,202.134.1.10
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
tcp-close-wait-timeout=10s tcp-established-timeout=1d \
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no \
tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
disabled=no src-address=172.31.146.0/24
add action=masquerade chain=srcnat disabled=no src-address=10.0.0.0/24
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061 sip-direct-media=yes
set pptp disabled=no
/ip hotspot ip-binding
add address=172.31.146.41 disabled=no mac-address=00:0F:FE:3C:28:12 server=\
hotspot1 to-address=172.31.146.41 type=bypassed
/ip hotspot service-port
set ftp disabled=no ports=21
/ip hotspot user
add disabled=no name=admin password=ndasem profile=default
add disabled=no name=user1 password=satu profile=profile4simple
add disabled=no name=user2 password=dua profile=profile4simple
add disabled=no name=user3 password=tiga profile=profile4simple-3
/ip neighbor discovery
set ether1 disabled=no
set ether2 disabled=no
set ether3 disabled=no
set ether4 disabled=no
set ether5 disabled=no
/ip proxy
set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 \
cache-on-disk=no enabled=no max-cache-size=none max-client-connections=\
600 max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0 \
parent-proxy-port=0 port=8080 serialize-connections=no src-address=\
0.0.0.0
/ip service
set telnet disabled=no port=23
set ftp disabled=no port=21
set www disabled=no port=81
set ssh disabled=yes port=22
set www-ssl certificate=none disabled=yes port=443
set api disabled=yes port=8728
set winbox disabled=no port=8291
/ip socks
set connection-idle-timeout=2m enabled=no max-connections=200 port=1080
/ip ssh
set forwarding-enabled=no
/ip traffic-flow
set active-flow-timeout=30m cache-entries=4k enabled=no \
inactive-flow-timeout=15s interfaces=all
/ip upnp
set allow-disable-external-interface=yes enabled=no show-dummy-rule=yes
/ipv6 nd
add advertise-dns=no advertise-mac-address=yes disabled=no hop-limit=\
unspecified interface=all managed-address-configuration=no mtu=\
unspecified other-configuration=no ra-delay=3s ra-interval=3m20s-10m \
ra-lifetime=30m reachable-time=unspecified retransmit-interval=\
unspecified
/ipv6 nd prefix default
set autonomous=yes preferred-lifetime=1w valid-lifetime=4w2d
/port firmware
set directory=firmware
/ppp aaa
set accounting=yes interim-update=0s use-radius=yes
/ppp secret
add caller-id="" disabled=no limit-bytes-in=0 limit-bytes-out=0 name=ppp \
password=111 profile=default routes="" service=any
add caller-id="" disabled=no limit-bytes-in=0 limit-bytes-out=0 name=ppp1 \
password=111 profile=profile#128 routes="" service=any
add caller-id="" disabled=no limit-bytes-in=0 limit-bytes-out=0 name=ppp2 \
password=222 profile=profile#256 routes="" service=any
add caller-id="" disabled=no limit-bytes-in=0 limit-bytes-out=0 name=ppp3 \
password=333 profile=profile#512 routes="" service=any
add caller-id="" disabled=no limit-bytes-in=0 limit-bytes-out=0 name=ppp4 \
password=444 profile=profile@1024 routes="" service=any
/queue interface
set ether1 queue=ethernet-default
set ether2 queue=ethernet-default
set ether3 queue=ethernet-default
set ether4 queue=ethernet-default
set ether5 queue=ethernet-default
/radius
add accounting-backup=no accounting-port=1813 address=127.0.0.1 \
authentication-port=1812 called-id="" disabled=no domain="" realm="" \
secret=1 service=ppp,hotspot timeout=300ms
/radius incoming
set accept=no port=3799
/routing bfd interface
set all disabled=no interface=all interval=0.2sec min-rx=0.2sec multiplier=5
/routing mme
set bidirectional-timeout=2 gateway-class=none gateway-keepalive=1m \
gateway-selection=no-gateway origination-interval=5s preferred-gateway=\
0.0.0.0 timeout=1m ttl=50
/routing rip
set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1 \
metric-default=1 metric-ospf=1 metric-static=1 redistribute-bgp=no \
redistribute-connected=no redistribute-ospf=no redistribute-static=no \
routing-table=main timeout-timer=3m update-timer=30s
/routing ripng
set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1 \
metric-default=1 metric-ospf=1 metric-static=1 redistribute-bgp=no \
redistribute-connected=no redistribute-ospf=no redistribute-static=no \
timeout-timer=3m update-timer=30s
/store
add disabled=no disk=system name=user-manager1 type=user-manager
add disabled=no disk=system name=web-proxy1 type=web-proxy
/system clock
set time-zone-name=Asia/Jakarta
/system clock manual
set dst-delta=+00:00 dst-end="jan/01/1970 00:00:00" dst-start=\
"jan/01/1970 00:00:00" time-zone=+00:00
/system health
set
/system identity
set name=MikroTik
/system logging
add action=memory disabled=no prefix="" topics=info
add action=memory disabled=no prefix="" topics=error
add action=memory disabled=no prefix="" topics=warning
add action=echo disabled=no prefix="" topics=critical
add action=memory disabled=no prefix="" topics=info
add action=memory disabled=no prefix="" topics=error
add action=memory disabled=no prefix="" topics=warning
add action=echo disabled=no prefix="" topics=critical
add action=memory disabled=no prefix="" topics=info
add action=memory disabled=no prefix="" topics=error
add action=memory disabled=no prefix="" topics=warning
add action=echo disabled=no prefix="" topics=critical
add action=memory disabled=no prefix="" topics=info
add action=memory disabled=no prefix="" topics=error
add action=memory disabled=no prefix="" topics=warning
add action=echo disabled=no prefix="" topics=critical
/system note
set note="" show-at-login=yes
/system ntp client
set enabled=yes mode=unicast primary-ntp=140.112.2.189 secondary-ntp=\
203.160.128.3
/system resource irq
set 0 cpu=auto
set 1 cpu=auto
/system upgrade mirror
set check-interval=1d enabled=no primary-server=0.0.0.0 secondary-server=\
0.0.0.0 user=""
/system watchdog
set auto-send-supout=no automatic-supout=yes no-ping-delay=5m watch-address=\
none watchdog-timer=yes
/tool bandwidth-server
set allocate-udp-ports-from=2000 authenticate=yes enabled=yes max-sessions=\
100
/tool e-mail
set address=0.0.0.0 from=<> password="" port=25 user=""
/tool graphing
set page-refresh=300 store-every=5min
/tool graphing interface
add allow-address=0.0.0.0/0 disabled=no interface=ether1 store-on-disk=yes
/tool mac-server
set (unknown) disabled=no interface=all
/tool mac-server ping
set enabled=yes
/tool sms
set allowed-number="" channel=0 keep-max-sms=0 receive-enabled=no secret=""
/tool sniffer
set file-limit=1000KiB file-name="" filter-stream=yes interface=all \
memory-limit=100KiB memory-scroll=yes only-headers=no streaming-enabled=\
no streaming-server=0.0.0.0
/tool traffic-generator
set latency-distribution-scale=10 test-id=0
/tool user-manager customer
add backup-allowed=yes disabled=no login=admin parent=admin password=dasekocl \
paypal-accept-pending=no paypal-allowed=no paypal-secure-response=no \
permissions=owner signup-allowed=no time-zone=-00:00
/tool user-manager profile profile-limitation
add from-time=0s limitation=limit-256 profile=profile-256 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-512 profile=profile-512 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-256 profile=profile256 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-512 profile=profile512 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-128 profile=profile128 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-256 profile=profile256 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-512 profile=profile512 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-128 profile=profile128 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-256 profile=profile256 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-512 profile=profile512 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-128 profile=profile128 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-256 profile=profile256 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-512 profile=profile512 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-128 profile=profile128 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-256 profile=profile256 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-512 profile=profile512 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-128 profile=profile128 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-256 profile=profile256 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-512 profile=profile512 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-128 profile=profile128 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-256 profile=profile256 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-512 profile=profile512 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-128 profile=profile128 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-256 profile=profile256 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-512 profile=profile512 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-128 profile=profile128 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-256 profile=profile256 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-512 profile=profile512 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
add from-time=0s limitation=limit-128 profile=profile128 till-time=23h59m59s \
weekdays=sunday,monday,tuesday,friday,saturday
/tool user-manager router
add coa-port=1700 customer=admin disabled=no ip-address=192.168.1.2 log=\
auth-fail name=router1 shared-secret=""
add coa-port=1700 customer=admin disabled=no ip-address=127.0.0.1 log="" \
name=rnet-userman shared-secret=1
/tool user-manager user
add customer=admin disabled=no name=admin password=dasekocl shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=radius password=radius shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=ale password=ale shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=echa password=echa shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=eca password=eca shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=alae password=alae shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=user1 password=111 shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=user2 password=222 shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=user3 password=333 shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=usman password=000 shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=usman2 password=222 shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=usman3 password=333 shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
add customer=admin disabled=no name=usman1 password=111 shared-users=1 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""
/user aaa
set accounting=yes default-group=read interim-update=0s use-radius=no:
- setelah selesai dan tidak ada yg error, reboot mikrotik
maka routerboard sdh terisi dengan setingan yang baru
port 1: untuk disambungkan ke modem speedy atau isp lain
port 2: untuk disambungkan ke aksess point
0 komentar:
Posting Komentar