# dec/21/2021 11:55:37 by RouterOS 6.49.2
# software id = H7MZ-ZU62
#
# model = RB4011iGS+
# serial number = D4450D901185
/interface bridge
add name=bridge-LAN
add name=bridge-WAN
/interface ethernet
set [ find default-name=ether1 ] name=ether1-WAN
set [ find default-name=ether2 ] name=ether2-LAN
/interface pppoe-client
add add-default-route=yes allow=pap dial-on-demand=yes disabled=no interface=\
ether1-WAN name=pppoe-out1 password=******** use-peer-dns=yes user=\
********@ip.hinet.net
/interface ethernet switch port
set 0 default-vlan-id=0
set 1 default-vlan-id=0
set 2 default-vlan-id=0
set 3 default-vlan-id=0
set 4 default-vlan-id=0
set 5 default-vlan-id=0
set 6 default-vlan-id=0
set 7 default-vlan-id=0
set 8 default-vlan-id=0
set 9 default-vlan-id=0
set 10 default-vlan-id=0
set 11 default-vlan-id=0
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=Dhcp-pool1 ranges=192.168.0.21-192.168.0.254
add name=dhcp ranges=192.168.0.21-192.168.0.254
add name=vpn ranges=192.168.89.2-192.168.89.255
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge-LAN name=dhcp1
/ppp profile
set *FFFFFFFE dns-server=8.8.8.8,8.8.4.4 local-address=192.168.89.1 \
remote-address=vpn
/interface bridge port
add bridge=bridge-LAN interface=ether2-LAN
add bridge=bridge-LAN interface=ether3 trusted=yes
add bridge=bridge-LAN interface=ether4
add bridge=bridge-LAN interface=ether5
add bridge=bridge-LAN interface=ether10
/interface bridge settings
set allow-fast-path=no use-ip-firewall-for-pppoe=yes
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/interface l2tp-server server
set ipsec-secret=********* use-ipsec=yes
/interface list member
add interface=pppoe-out1 list=WAN
add interface=bridge-LAN list=LAN
/interface sstp-server server
set default-profile=default-encryption
/ip address
add address=192.168.0.1/24 interface=ether2-LAN network=192.168.0.0
add address=192.168.0.1/24 interface=bridge-LAN network=192.168.0.0
/ip cloud
set ddns-enabled=yes
/ip dhcp-server network
add address=192.168.0.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=192.168.0.1
/ip dns
set servers=8.8.8.8,8.8.4.4
/ip firewall nat
add action=dst-nat chain=dstnat comment=”Dsm****port” dst-address=\
*.*.*.* dst-port=**** protocol=tcp to-addresses=192.168.0.104 \
to-ports=****
add action=masquerade chain=srcnat comment=Initialize src-address=\
192.168.0.0/24
add action=dst-nat chain=dstnat comment=”Web Potr80-443″ dst-address=\
*.*.*.* dst-port=80 protocol=tcp to-addresses=192.168.0.104 \
to-ports=80
add action=dst-nat chain=dstnat dst-address=*.*.*.* dst-port=443 \
protocol=tcp to-addresses=192.168.0.104 to-ports=443
add action=masquerade chain=srcnat comment=”masq. vpn traffic” src-address=\
192.168.89.0/24
add action=masquerade chain=srcnat out-interface-list=WAN
/ip service
set telnet disabled=yes
set ftp disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/ppp secret
add name=vpn password=********
/system clock
set time-zone-name=Asia/Taipei
/system routerboard settings
set auto-upgrade=yes
/system scheduler
add comment=”\A4\E9\B1`\A4u\A7@” interval=1d name=Auto_shutdown on-event=\
“system shutdown” policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-date=dec/21/2021 start-time=23:59:00