# 2026-02-18 22:32:59 by RouterOS 7.19.3 # software id = 0V5S-56MC # version: 7.12 # model = C52iG-5HaxD2HaxD # serial number = HE108BBGW0B /interface bridge add name=bridge.LAN /interface ethernet set [ find default-name=ether1 ] mac-address=C4:AD:32:B2:A1:9A poe-out=off set [ find default-name=ether4 ] comment=test /interface vlan add comment="super test vlan" interface=ether4 name="test vlan" vlan-id=255 add disabled=yes interface=ether5 name="test test vlan" vlan-id=254 /interface list add name=LAN add name=WAN /interface wifi channel add band=2ghz-ax disabled=no name=ch-2ghz width=20/40mhz add band=5ghz-ax disabled=no name=ch-5ghz width=20/40mhz /interface wifi security add authentication-types=wpa2-psk name=common-auth wps=disable /interface wifi configuration add name=common-auth security=common-auth ssid=test_HW /interface wifi set [ find default-name=wifi1 ] channel=ch-5ghz configuration=common-auth configuration.mode=ap disabled=no set [ find default-name=wifi2 ] channel=ch-2ghz configuration=common-auth configuration.mode=ap disabled=no /ip pool add name=dhcp_pool0 ranges=172.16.3.2-172.16.3.254 add name=dhcp_pool1 ranges=192.168.3.2-192.168.3.254 /ip dhcp-server add address-pool=dhcp_pool0 interface=bridge.LAN lease-time=10h name=dhcp1 /ppp profile add name=new_antizapret on-down="/ip dns cache flush\r\ \n" on-up="/ip dns cache flush\r\ \n" add name=robovps on-down="/ip dns cache flush" on-up="/ip dns cache flush" use-ipv6=no /routing table add disabled=no fib name=test_HW_table /interface bridge port add bridge=bridge.LAN interface=ether2 learn=yes add bridge=bridge.LAN interface=ether3 add bridge=bridge.LAN interface=ether4 add bridge=bridge.LAN interface=ether5 add bridge=bridge.LAN interface=wifi1 add bridge=bridge.LAN interface=wifi2 /ipv6 settings set disable-ipv6=yes forward=no /interface detect-internet set detect-interface-list=all /interface list member add interface=bridge.LAN list=LAN add interface=ether1 list=WAN /interface ovpn-server server add mac-address=FE:25:E0:B8:66:01 name=ovpn-server1 /ip address add address=172.16.3.1/24 interface=bridge.LAN network=172.16.3.0 add address=10.38.3.245/24 interface=ether1 network=10.38.3.0 add address=10.1.100.2/24 interface=wireguard2 network=10.1.100.0 add address=100.10.10.1/24 disabled=yes interface=ether4 network=100.10.10.0 /ip dhcp-server lease add address=172.16.3.20 client-id=1:d8:3a:dd:22:28:1d mac-address=D8:3A:DD:21:28:1D server=dhcp1 add address=172.16.3.4 client-id=1:2c:cd:29:1a:ea:6d comment=test_HW mac-address=1E:CD:29:8A:EA:6D server=dhcp1 /ip dhcp-server network add address=172.16.3.0/24 dns-server=172.16.3.1 gateway=172.16.3.1 /ip dns set allow-remote-requests=yes servers=217.10.44.35 /ip dns static add address=172.16.3.20 regexp=".*\\.home\$" type=A add address=172.16.3.20 regexp=".*\\.home.uk\$" type=A add address=172.16.3.20 disabled=yes regexp=".*\\.home.uk\$" type=A /ip firewall address-list add address=172.16.3.0/24 list=test_HW add address=172.16.2.0/24 list=test_HW add address=172.16.1.0/24 list=test_HW add address=255.255.255.255 list=test_HW /ip firewall filter add action=drop chain=forward out-interface=ether1 src-address=172.16.3.11 add action=accept chain=input src-address=255.255.255.255 add action=accept chain=forward in-interface=wireguard2 add action=accept chain=forward connection-state=established,related in-interface=ether1 add action=accept chain=input connection-state=established,related in-interface=ether1 add action=accept chain=input in-interface=bridge.LAN add action=drop chain=input in-interface=ether1 add action=drop chain=forward in-interface=ether1 /ip firewall mangle add action=passthrough chain=prerouting connection-mark=test_HW src-address=172.16.3.20 /ip firewall nat add action=masquerade chain=srcnat out-interface=ether1 add action=masquerade chain=srcnat comment=test_HW out-interface=test_HW /ip firewall service-port set ftp disabled=yes set tftp disabled=yes set h323 disabled=yes /ip route add disabled=no distance=1 dst-address=172.16.1.0/24 gateway=10.1.100.1 add disabled=no distance=1 dst-address=172.16.2.0/24 gateway=10.1.100.1 add disabled=no distance=1 dst-address=255.255.255.255/32 gateway=10.38.3.1 add disabled=no distance=3 dst-address=0.0.0.0/0 gateway=10.38.3.1 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add disabled=yes distance=2 dst-address=0.0.0.0/0 gateway=10.38.3.1 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add comment=test_HW disabled=no distance=1 dst-address=185.255.255.255/32 gateway=10.38.3.1 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 add comment=test_HW disabled=no distance=1 dst-address=192.168.255.255/32 gateway=10.38.3.1 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 /ip service set telnet disabled=yes /system clock set time-zone-name=Europe/Berlin /system identity set name=test_HW /system logging set 0 topics=info,!wireless /system note set show-at-login=no /system ntp client set enabled=yes /system ntp client servers add address=pool.ntp.org /tool mac-server set allowed-interface-list=LAN /tool mac-server mac-winbox set allowed-interface-list=LAN /tool mac-server ping set enabled=no /user aaa set default-group=full use-radius=yes