Hotspot with Vlan Ubiquiti AP doesn't work
Posted: Tue Aug 02, 2016 9:22 pm
I have a problem with Hotspot and VLANS using Ubiquiti UAPs here I show you my config in mikrotik, If i disable the hotspot I can use internet perfectly.
The UAPs in Ubiquiti Unifi software are in VLAN 100, 200, and 300 witohut problem with hotspot disabled.
I can reach gateway with hotspot enabled but any internet site. I cant see the hotpsot portal neither.
I have a problem with Hotspot and VLANS using Ubiquiti UAPs here I show you my config in mikrotik, If i disable the hotspot I can use internet perfectly.
The UAPs in Ubiquiti Unifi software are in VLAN 100, 200, and 300 witohut problem with hotspot disabled.
I can reach gateway with hotspot enabled but any internet site. I cant see the hotpsot portal neither.
Code: Select all
[admin@M1] > export
# aug/02/2016 15:02:41 by RouterOS 6.36
# software id = TSKM-G1B8
/interface bridge
add mtu=1500 name=UniFi priority=0xAAAA
add name=talleres_bridge
/interface ethernet
set [ find default-name=ether1 ] comment="Internet -TX(subida)" mac-address=\
set [ find default-name=ether2 ] comment="Servidor UniFi"
set [ find default-name=ether3 ] comment="UniFi WiFi - Switch TPLINK gigabit"
set [ find default-name=ether4 ] comment="Stand Chacra"
set [ find default-name=ether5 ] comment="Stand Agrositio"
set [ find default-name=ether6 ] comment="Stand Syngenta"
set [ find default-name=ether7 ] comment="Stand Minagro"
set [ find default-name=ether8 ] comment="Tecnica Congress Indep."
set [ find default-name=ether9 ] comment="Streaming Indep."
set [ find default-name=ether10 ] comment=\
"Roseta Cont. (Radio La Red y Chacra TV)"
set [ find default-name=ether11 ] comment="Streaming Cont."
set [ find default-name=ether12 ] comment="Talleres - Switch HP"
set [ find default-name=ether13 ] comment="Enlace M2"
/interface pptp-server
add name=pptp-in1 user=""
/ip neighbor discovery
set ether1 comment="Internet -TX(subida)"
set ether2 comment="Servidor UniFi"
set ether3 comment="UniFi WiFi - Switch TPLINK gigabit"
set ether4 comment="Stand Chacra"
set ether5 comment="Stand Agrositio"
set ether6 comment="Stand Syngenta"
set ether7 comment="Stand Minagro"
set ether8 comment="Tecnica Congress Indep."
set ether9 comment="Streaming Indep."
set ether10 comment="Roseta Cont. (Radio La Red y Chacra TV)"
set ether11 comment="Streaming Cont."
set ether12 comment="Talleres - Switch HP"
set ether13 comment="Enlace M2"
/interface vlan
add comment="Enlace Mikrotik2" interface=ether13 name=ether13_vlan32 vlan-id=32
add disabled=yes interface=ether13 name=ether13_vlan400 vlan-id=400
add interface=ether13 name=vlan10_ether13 vlan-id=10
add interface=ether13 name=vlan20_ether13 vlan-id=20
add interface=ether13 name=vlan21_ether13 vlan-id=21
add interface=ether13 name=vlan22_ether13 vlan-id=22
add interface=ether13 name=vlan30_ether13 vlan-id=30
add interface=ether13 name=vlan31_ether13 vlan-id=31
add interface=ether13 name=vlan40_ether13 vlan-id=40
add interface=ether13 name=vlan50_ether13 vlan-id=50
add comment="TX(bajada)" interface=UniFi name=vlan100-UniFi vlan-id=100
add interface=UniFi name=vlan200-UniFi vlan-id=200
add interface=UniFi name=vlan300-UniFi vlan-id=300
add interface=UniFi name=vlan400-UniFi vlan-id=400
/ip neighbor discovery
set ether13_vlan32 comment="Enlace Mikrotik2"
set vlan100-UniFi comment="TX(bajada)"
/ip dhcp-server
add authoritative=yes bootp-lease-time=lease-time bootp-support=dynamic \
interface=ether13_vlan400 lease-time=1h name="Cableado vlan400"
/ip hotspot profile
set [ find default=yes ] login-by=http-chap
add hotspot-address= html-directory=\
hotspot_aapresid2016_username_AGROFINA http-cookie-lifetime=3h name=\
"agrofina visitantes"
add html-directory=hotspot_aapresid2016_username_AGROFINAPRENSA \
http-cookie-lifetime=3h name="agrofina prensa"
add hotspot-address= login-by=cookie,http-chap,http-pap,mac-cookie \
add hotspot-address= name=hsprof2
/ip hotspot user profile
set [ find default=yes ] add-mac-cookie=no transparent-proxy=yes
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=3des pfs-group=none
/ip pool
add name=Oficina ranges=
add name=Streaming0 ranges=
add name=Stands0 ranges=
add name=Enlace ranges=
add name=UniFi ranges=
add name="UniFi vlan100" ranges=
add name="UniFi vlan200" ranges=
add name="UniFi vlan300" ranges=
add name="UniFi vlan400" ranges=
add name=Streaming1 ranges=
add name=Streaming2 ranges=
add name=Streaming3 ranges=
add name=Stands1 ranges=
add name=Stands2 ranges=
add name=Stands3 ranges=
add name=Stands4 ranges=
add name=Stands5 ranges=
add name=Stands6 ranges=
add name=Radios0 ranges=
add name=Radios1 ranges=
add name=Radios2 ranges=
add name=Prensa ranges=
add name=Talleres ranges=
add name=dhcp_pool1 ranges=
add name=dhcp_pool2 ranges=
/ip dhcp-server
add address-pool=UniFi authoritative=yes bootp-lease-time=lease-time \
bootp-support=dynamic disabled=no interface=UniFi lease-time=3h name=UniFi
add address-pool=Enlace authoritative=yes bootp-lease-time=lease-time \
bootp-support=dynamic disabled=no interface=ether13 lease-time=1w name=\
"Enlace M2"
add address-pool=Oficina authoritative=yes bootp-lease-time=lease-time \
bootp-support=dynamic interface=ether10 lease-time=6h name=Oficina
add address-pool=Streaming0 bootp-lease-time=lease-time bootp-support=dynamic \
disabled=no interface=vlan10_ether13 lease-time=3h name="Streaming M2"
add address-pool=Stands0 bootp-lease-time=lease-time bootp-support=dynamic \
disabled=no interface=vlan20_ether13 lease-time=1h name="Stand Nufarm"
add address-pool=Stands1 bootp-lease-time=lease-time bootp-support=dynamic \
disabled=no interface=vlan21_ether13 lease-time=1h name="Cabina Aapresid"
add address-pool=Stands2 bootp-lease-time=lease-time bootp-support=dynamic \
disabled=no interface=vlan22_ether13 lease-time=1h name="Stand YPF"
add address-pool=Radios0 bootp-lease-time=lease-time bootp-support=dynamic \
disabled=no interface=vlan30_ether13 lease-time=1h name="Radio Continental"
add address-pool=Radios1 bootp-lease-time=lease-time bootp-support=dynamic \
disabled=no interface=vlan31_ether13 lease-time=1h name=\
"Sala de Radio y TV"
add address-pool=Prensa bootp-lease-time=lease-time bootp-support=dynamic \
disabled=no interface=vlan40_ether13 lease-time=1h name="Sala de Prensa"
add address-pool=Stands3 bootp-lease-time=lease-time bootp-support=dynamic \
disabled=no interface=ether4 lease-time=1h name="Stand Chacra"
add address-pool=Stands4 bootp-lease-time=lease-time bootp-support=dynamic \
disabled=no interface=ether5 lease-time=1h name="Stand Agrositio"
add address-pool=Stands5 bootp-lease-time=lease-time bootp-support=dynamic \
disabled=no interface=ether6 lease-time=1h name="Stand Syngenta"
add address-pool=Stands6 bootp-lease-time=lease-time bootp-support=dynamic \
disabled=no interface=ether7 lease-time=1h name="Stand Minagro"
add address-pool=Streaming1 bootp-lease-time=lease-time bootp-support=dynamic \
disabled=no interface=ether8 lease-time=1h name=\
"Streaming Tec. Congress Indep."
add address-pool=Streaming2 bootp-lease-time=lease-time bootp-support=dynamic \
disabled=no interface=ether9 lease-time=1h name="Streaming Indep."
add address-pool=Radios2 bootp-lease-time=lease-time bootp-support=dynamic \
disabled=no interface=ether10 lease-time=1h name=\
"Roseta Contemp. (Radio La Red y Chacra TV)"
add address-pool=Streaming3 bootp-lease-time=lease-time bootp-support=dynamic \
disabled=no interface=ether11 lease-time=1h name="Streaming Cont."
add address-pool=Talleres authoritative=yes bootp-lease-time=lease-time \
bootp-support=dynamic disabled=no interface=talleres_bridge lease-time=6h \
add address-pool="UniFi vlan300" authoritative=yes bootp-lease-time=lease-time \
bootp-support=dynamic disabled=no interface=vlan300-UniFi lease-time=1h \
name="Agrofina Organizacion"
add address-pool="UniFi vlan400" authoritative=yes bootp-lease-time=lease-time \
bootp-support=dynamic disabled=no interface=vlan400-UniFi lease-time=2h \
add address-pool="UniFi vlan100" bootp-support=dynamic disabled=no interface=\
vlan100-UniFi name="SSID Congreso Aapresid"
add address-pool="UniFi vlan200" disabled=no interface=vlan200-UniFi \
lease-time=1h name="SSID Prensa"
/ip hotspot
add address-pool="UniFi vlan100" disabled=no interface=vlan100-UniFi name=\
hotspot1 profile=hsprof2
/ip hotspot user profile
add address-pool="UniFi vlan100" keepalive-timeout=10m mac-cookie-timeout=2h \
name="Agrofina Visitantes" shared-users=250 transparent-proxy=yes
add address-pool="UniFi vlan200" keepalive-timeout=10m mac-cookie-timeout=4h \
name="Agrofina Prensa" shared-users=100 transparent-proxy=yes
/queue type
add kind=pcq name=pcq-download-visitantes pcq-classifier=dst-address pcq-rate=\
add kind=pcq name=pcq-upload-visitantes pcq-classifier=src-address pcq-rate=\
/queue tree
add max-limit=150M name="Descarga global" parent=global queue=default
add max-limit=150M name="Subida global" parent=global queue=default
add limit-at=10M max-limit=15M name="Talleres - Bajada" packet-mark=\
"Talleres - Bajada" parent="Descarga global" priority=6 queue=\
add limit-at=10M max-limit=20M name="Talleres - Subida" packet-mark=\
"Talleres - Subida" parent="Subida global" priority=7 queue=\
add limit-at=26M max-limit=40M name="Streaming - Descarga" parent=\
"Descarga global" priority=3 queue=default
add limit-at=20M max-limit=40M name="Stands - Descarga" parent=\
"Descarga global" priority=6 queue=default
add limit-at=14M max-limit=18M name="Radios - Descarga" parent=\
"Descarga global" priority=7 queue=default
add limit-at=3M max-limit=5M name="Stand/Cabina Aapresid" packet-mark=\
"Stands1 - Bajada" parent="Stands - Descarga" priority=4 queue=\
add limit-at=4M max-limit=10M name="Stand YPF" packet-mark="Stands2 - Bajada" \
parent="Stands - Descarga" priority=5 queue=pcq-download-default
add limit-at=3M max-limit=5M name="Stand Chacra" packet-mark="Stands3 - Bajada" \
parent="Stands - Descarga" queue=pcq-download-default
add limit-at=2M max-limit=5M name="Stand Agrositio" packet-mark=\
"Stands4 - Bajada" parent="Stands - Descarga" queue=pcq-download-default
add limit-at=3M max-limit=5M name="Stand Syngenta" packet-mark=\
"Stands5 - Bajada" parent="Stands - Descarga" priority=6 queue=\
add limit-at=2M max-limit=3M name="Stand Minagro" packet-mark=\
"Stands6 - Bajada" parent="Stands - Descarga" queue=pcq-download-default
add limit-at=1M max-limit=6M name="Radio Continental" packet-mark=\
"Radios0 - Bajada" parent="Radios - Descarga" queue=pcq-download-default
add limit-at=4M max-limit=6M name="Sala de Radio y TV" packet-mark=\
"Radios1 - Bajada" parent="Radios - Descarga" queue=pcq-download-default
add limit-at=6M max-limit=10M name="Radio La Red y Chacra TV" packet-mark=\
"Radios2 - Bajada" parent="Radios - Descarga" priority=3 queue=\
add limit-at=20M max-limit=40M name="Prensa - Descarga" packet-mark=\
"Prensa - Bajada" parent="Descarga global" priority=5 queue=\
add limit-at=60M max-limit=90M name="WiFi - Descarga" parent="Descarga global" \
priority=2 queue=default
add limit-at=20M max-limit=40M name="Agrofina Prensa" packet-mark=\
"UniFi .34 - Bajada" parent="WiFi - Descarga" priority=4 queue=\
add limit-at=14M max-limit=25M name="Agrofina Organizacion" packet-mark=\
"UniFi .35 - Bajada" parent="WiFi - Descarga" priority=2 queue=\
add limit-at=33M max-limit=45M name="Streaming - Subida" parent="Subida global" \
priority=2 queue=default
add limit-at=10M max-limit=14M name="Streaming M2 - Subida" packet-mark=\
"Streaming0 - Subida" parent="Streaming - Subida" priority=3 queue=\
add limit-at=3M max-limit=7M name="Streaming1 Tec. Congress Indep. - Subida" \
packet-mark="Streaming1 - Subida" parent="Streaming - Subida" queue=\
add limit-at=10M max-limit=14M name="Streaming Independencia - Subida" \
packet-mark="Streaming2 - Subida" parent="Streaming - Subida" priority=3 \
add limit-at=10M max-limit=14M name="Streaming Contemporaneo - Subida" \
packet-mark="Streaming3 - Subida" parent="Streaming - Subida" priority=3 \
add limit-at=22M max-limit=30M name="Stands - Subida" parent="Subida global" \
priority=6 queue=default
add limit-at=3M max-limit=5M name="Stand Agrositio - Subida" packet-mark=\
"Stands4 - Subida" parent="Stands - Subida" queue=pcq-upload-default
add limit-at=3M max-limit=5M name="Stand Chacra - Subida" packet-mark=\
"Stands3 - Subida" parent="Stands - Subida" queue=pcq-upload-default
add limit-at=2M max-limit=3M name="Stand Minagro - Subida" packet-mark=\
"Stands6 - Subida" parent="Stands - Subida" queue=pcq-upload-default
add limit-at=3M max-limit=5M name="Stand Nufarm - Subida" packet-mark=\
"Stands0 - Subida" parent="Stands - Subida" priority=7 queue=\
add limit-at=3M max-limit=5M name="Stand Syngenta - Subida" packet-mark=\
"Stands5 - Subida" parent="Stands - Subida" priority=6 queue=\
add limit-at=5M max-limit=10M name="Stand YPF - Subida" packet-mark=\
"Stands2 - Subida" parent="Stands - Subida" priority=5 queue=\
add limit-at=3M max-limit=5M name="Stand/Cabina Aapresid - Subida" packet-mark=\
"Stands1 - Subida" parent="Stands - Subida" priority=4 queue=\
add limit-at=15M max-limit=25M name="Radios - Subida" parent="Subida global" \
priority=5 queue=default
add limit-at=1M max-limit=8M name="Radio Continental - Subida" packet-mark=\
"Radios0 - Subida" parent="Radios - Subida" queue=pcq-upload-default
add limit-at=4M max-limit=10M name="Sala de Radio y TV - Subida" packet-mark=\
"Radios1 - Subida" parent="Radios - Subida" queue=pcq-upload-default
add limit-at=20M max-limit=50M name="Prensa - Subida" packet-mark=\
"Prensa - Subida" parent="Subida global" priority=4 queue=\
add limit-at=50M max-limit=80M name="WiFi - Subida" parent="Subida global" \
priority=3 queue=default
add limit-at=18M max-limit=40M name="Agrofina Prensa - Subida" packet-mark=\
"UniFi .34 - Subida" parent="WiFi - Subida" priority=3 queue=\
add limit-at=10M max-limit=20M name="Agrofina Organizacion - Subida" \
packet-mark="UniFi .35 - Subida" parent="WiFi - Subida" priority=2 queue=\
add limit-at=2M max-limit=10M name=Receptoria packet-mark="UniFi .36 - Bajada" \
parent="WiFi - Descarga" priority=3 queue=pcq-download-default
add limit-at=5M max-limit=10M name="Receptoria - Subida" packet-mark=\
"UniFi .36 - Subida" parent="WiFi - Subida" priority=4 queue=\
add limit-at=24M max-limit=50M name="Agrofina Visitantes" packet-mark=\
"UniFi .33 - Bajada" parent="WiFi - Descarga" priority=6 queue=\
add limit-at=17M max-limit=50M name="Agrofina Visitantes - Subida" packet-mark=\
"UniFi .33 - Subida" parent="WiFi - Subida" priority=5 queue=\
add limit-at=6M max-limit=10M name="Radio La Red y Chacra TV - Subida" \
packet-mark="Radios2 - Subida" parent="Radios - Subida" priority=3 queue=\
add limit-at=3M max-limit=5M name="Continental Streaming" packet-mark=\
"Radios0 ST - Bajada" parent="Radios - Descarga" priority=3 queue=\
add limit-at=3M max-limit=6M name="Continental - Subida" packet-mark=\
"Radios0 ST - Subida" parent="Radios - Subida" priority=3 queue=\
add limit-at=8M max-limit=12M name="Streaming M2" packet-mark=\
"Streaming0 - Bajada" parent="Streaming - Descarga" priority=3 queue=\
add limit-at=2M max-limit=5M name="Streaming Tec. Congress Indep." packet-mark=\
"Streaming1 - Bajada" parent="Streaming - Descarga" queue=\
add limit-at=8M max-limit=12M name="Streaming Independencia" packet-mark=\
"Streaming2 - Bajada" parent="Streaming - Descarga" priority=3 queue=\
add limit-at=8M max-limit=12M name="Streaming Contemporaneo" packet-mark=\
"Streaming3 - Bajada" parent="Streaming - Descarga" priority=3 queue=\
add limit-at=3M max-limit=5M name="Stand Nufarm" packet-mark="Stands0 - Bajada" \
parent="Stands - Descarga" priority=7 queue=pcq-download-default
/system logging action
set 1 disk-file-name=""
/tool user-manager customer
set admin access=\
own-routers,own-users,own-profiles,own-limits,config-payment-gw password=\
/interface bridge port
add bridge=UniFi interface=ether2
add bridge=UniFi interface=ether3
add bridge=UniFi interface=ether13_vlan32
add bridge=talleres_bridge interface=ether12
add bridge=talleres_bridge interface=vlan50_ether13
/interface l2tp-server server
set authentication=mschap2 default-profile=default ipsec-secret=whchamamjo \
/interface pptp-server server
set enabled=yes
/interface sstp-server server
set default-profile=default-encryption
/ip address
add address= comment="UniFi Bridge" interface=UniFi network=\
add address= comment="Enlace Mikrotik2" interface=ether13 network=\
add address= comment="Server UniFi" interface=ether2 network=\
add address= disabled=yes interface=ether13_vlan400 network=\
add address= comment=Oficina disabled=yes interface=ether10 \
add address= interface=vlan100-UniFi network=
add address= comment="Server UniFi" interface=ether2 network=\
add address= interface=vlan10_ether13 network=
add address= interface=vlan20_ether13 network=
add address= interface=vlan21_ether13 network=
add address= interface=vlan22_ether13 network=
add address= interface=vlan30_ether13 network=
add address= interface=vlan31_ether13 network=
add address= interface=talleres_bridge network=
add address= interface=ether4 network=
add address= interface=ether5 network=
add address= interface=ether6 network=
add address= interface=ether7 network=
add address= interface=ether8 network=
add address= interface=ether9 network=
add address= interface=ether11 network=
add address= interface=ether10 network=
add address= interface=vlan40_ether13 network=
add address= interface=vlan200-UniFi network=
add address= interface=vlan300-UniFi network=
add address= interface=vlan400-UniFi network=
/ip cloud
set ddns-enabled=yes
/ip dhcp-client
add default-route-distance=0 dhcp-options=hostname,clientid disabled=no \
/ip dhcp-server lease
add address= client-id=4431.9212.e078-Vlan-interface1 mac-address=\
44:31:92:12:E0:78 server=UniFi
add address= client-id=1:0:1c:77:7:83:20 mac-address=\
00:1C:77:07:83:20 server="Radio Continental"
/ip dhcp-server network
add address= dns-server=, gateway= netmask=30 \
ntp-server= wins-server=
add address= dns-server=, gateway= \
ntp-server= wins-server=
add address= dns-server=, gateway= \
ntp-server= wins-server=
add address= dns-server=, gateway= \
ntp-server= wins-server=
add address= dns-server=, gateway= \
ntp-server= wins-server=
add address= dns-server=, gateway= \
ntp-server= wins-server=
add address= dns-server=, gateway= \
ntp-server= wins-server=
add address= dns-server=, gateway= \
ntp-server= wins-server=
add address= dns-server=, gateway= \
ntp-server= wins-server=
add address= dns-server=, gateway= \
ntp-server= wins-server=
add address= dns-server=, gateway= \
ntp-server= wins-server=
add address= dns-server=, gateway= \
ntp-server= wins-server=
add address= dns-server=, gateway= \
ntp-server= wins-server=
add address= dns-server= gateway= netmask=24 \
ntp-server= wins-server=
add address= dns-server=, gateway= \
ntp-server= wins-server=
add address= dns-server=, gateway= \
ntp-server= wins-server=
add address= dns-server=, gateway= \
ntp-server= wins-server=
add address= dns-server=, gateway= \
ntp-server= wins-server=
add address= dns-server=, gateway= \
netmask=24 ntp-server= wins-server=
add address= dns-server=, gateway= \
netmask=24 ntp-server= wins-server=
add address= dns-server=, gateway= \
netmask=24 ntp-server= wins-server=
add address= dns-server=, gateway= \
netmask=24 ntp-server= wins-server=
add address= dns-server=, gateway= \
netmask=24 ntp-server= wins-server=
/ip dns
set allow-remote-requests=yes cache-size=12000KiB servers=,
/ip firewall address-list
add address= list=management
add address= list=management
add address= list="UniFi .32"
add address= list=Oficina
add address= list="UniFi .34"
add address= list="UniFi .33"
add address= list="UniFi .35"
add address= list=management
add address= list="UniFi .36"
add address= list=management
add address= list=management
add address= list=management
add address= list=Streaming0
add address= list=Streaming1
add address= list=Streaming2
add address= list=Streaming3
add address= list=Stands0
add address= list=Stands1
add address= list=Prensa
add address= list=Talleres
add address= list=management
add address= list=Stands2
add address= list=Stands3
add address= list=Stands4
add address= list=Stands5
add address= list=Stands6
add address= list=Radios0
add address= list=Radios1
add address= list=Radios2
add address= list=management
add address= list="Radio0 Equipo Streaming"
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" \
disabled=yes log-prefix=""
add action=accept chain=input comment=Establecidas connection-state=established \
add action=accept chain=input comment=Relacionadas connection-state="" \
add action=accept chain=input comment=Management log-prefix="" \
add action=accept chain=input comment=ICMP log-prefix="" protocol=icmp
add action=accept chain=input comment=DHCP dst-port=67-68 log-prefix="" \
add action=accept chain=input comment="Acceso PPTP" log-prefix="" protocol=gre
add action=accept chain=input comment="Acceso PPTP" dst-port=1723 log-prefix="" \
add action=drop chain=input comment=Dropeo log-prefix=""
/ip firewall mangle
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
"Streaming0 - Subida" passthrough=no src-address-list=Streaming0
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
"Streaming1 - Subida" passthrough=no src-address-list=Streaming1
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
"Streaming2 - Subida" passthrough=no src-address-list=Streaming2
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
"Streaming3 - Subida" passthrough=no src-address-list=Streaming3
add action=mark-packet chain=postrouting dst-address-list=Streaming0 \
log-prefix="" new-packet-mark="Streaming0 - Bajada" passthrough=no
add action=mark-packet chain=postrouting dst-address-list=Streaming1 \
log-prefix="" new-packet-mark="Streaming1 - Bajada" passthrough=no
add action=mark-packet chain=postrouting dst-address-list=Streaming2 \
log-prefix="" new-packet-mark="Streaming2 - Bajada" passthrough=no
add action=mark-packet chain=postrouting dst-address-list=Streaming3 \
log-prefix="" new-packet-mark="Streaming3 - Bajada" passthrough=no
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
"Oficina - Subida" passthrough=yes src-address-list=Oficina
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
"UniFi .35 - Subida" passthrough=yes src-address-list="UniFi .35"
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
"UniFi .36 - Subida" passthrough=yes src-address-list="UniFi .36"
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
"UniFi .34 - Subida" passthrough=yes src-address-list="UniFi .34"
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
"UniFi .33 - Subida" passthrough=yes src-address-list="UniFi .33"
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
"UniFi .32 - Subida" passthrough=yes src-address-list="UniFi .32"
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
"Talleres - Subida" passthrough=yes src-address-list=Talleres
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
"Prensa - Subida" passthrough=yes src-address-list=Prensa
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
"Radios2 - Subida" passthrough=no src-address-list=Radios2
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
"Radios1 - Subida" passthrough=yes src-address-list=Radios1
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
"Radios0 - Subida" passthrough=yes src-address-list=Radios0
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
"Radios0 ST - Subida" passthrough=no src-address-list=\
"Radio0 Equipo Streaming"
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
"Stands6 - Subida" passthrough=yes src-address-list=Stands6
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
"Stands5 - Subida" passthrough=yes src-address-list=Stands5
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
"Stands4 - Subida" passthrough=yes src-address-list=Stands4
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
"Stands3 - Subida" passthrough=yes src-address-list=Stands3
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
"Stands2 - Subida" passthrough=yes src-address-list=Stands2
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
"Stands1 - Subida" passthrough=yes src-address-list=Stands1
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
"Stands0 - Subida" passthrough=yes src-address-list=Stands0
add action=mark-packet chain=postrouting dst-address-list=Oficina log-prefix="" \
new-packet-mark="Oficina - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list="UniFi .35" \
log-prefix="" new-packet-mark="UniFi .35 - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list="UniFi .34" \
log-prefix="" new-packet-mark="UniFi .34 - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list="UniFi .36" \
log-prefix="" new-packet-mark="UniFi .36 - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list="UniFi .33" \
log-prefix="" new-packet-mark="UniFi .33 - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list="UniFi .32" \
log-prefix="" new-packet-mark="UniFi .32 - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list=Talleres log-prefix=\
"" new-packet-mark="Talleres - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list=Prensa log-prefix="" \
new-packet-mark="Prensa - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list=Radios2 log-prefix="" \
new-packet-mark="Radios2 - Bajada" passthrough=no
add action=mark-packet chain=postrouting dst-address-list=Radios1 log-prefix="" \
new-packet-mark="Radios1 - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list=Radios0 log-prefix="" \
new-packet-mark="Radios0 - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list=\
"Radio0 Equipo Streaming" log-prefix="" new-packet-mark=\
"Radios0 ST - Bajada" passthrough=no
add action=mark-packet chain=postrouting dst-address-list=Stands6 log-prefix="" \
new-packet-mark="Stands6 - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list=Stands5 log-prefix="" \
new-packet-mark="Stands5 - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list=Stands4 log-prefix="" \
new-packet-mark="Stands4 - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list=Stands3 log-prefix="" \
new-packet-mark="Stands3 - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list=Stands2 log-prefix="" \
new-packet-mark="Stands2 - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list=Stands1 log-prefix="" \
new-packet-mark="Stands1 - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list=Stands0 log-prefix="" \
new-packet-mark="Stands0 - Bajada" passthrough=yes
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" \
disabled=yes log-prefix=""
add action=masquerade chain=srcnat log-prefix="" out-interface=ether1
/ip hotspot ip-binding
add address= type=bypassed
add address= type=bypassed
/ip hotspot user
add name=AGROFINA password=Agrofina profile="Agrofina Visitantes" server=\
add name=AGROFINAPRENSA password=PROBALATRILOGIA profile="Agrofina Prensa"
/ip hotspot walled-garden
add dst-host= server=hotspot1
add dst-host="\?\?" server=hotspot1
add dst-host="\?\?" server=hotspot1
add dst-host="\?\?" server=hotspot1
add dst-host= server=hotspot1
/ip ipsec peer
add address= enc-algorithm=3des exchange-mode=main-l2tp \
generate-policy=port-override local-address= secret=whchamamjo
/ip proxy
set enabled=yes max-cache-size=1000000KiB
/ip route
add check-gateway=arp comment=M2 distance=1 dst-address= gateway=\
/ip smb
set allow-guests=no comment=Compartido domain=WORKGROUP enabled=yes interfaces=\
/ip smb shares
set [ find default=yes ] disabled=yes
add directory=/disk1 name="carpeta compartida mikrotik"
/ip smb users
add name=cfede password=1234 read-only=no
add name=cjulia password=1234 read-only=no
add name=amariano password=1234 read-only=no
/system clock
set time-zone-autodetect=no time-zone-name=America/Argentina/Buenos_Aires
/system identity
set name=M1
/system ntp client
set enabled=yes primary-ntp=
/system script
add name="agregar address list" owner=dnaredo policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive source=":for e fr\
om=1 to=254 do={/ip firewall address-list add address=\"192.168.35.\$e\" lis\
/tool bandwidth-server
set authenticate=no
/tool graphing interface
add allow-address=
add allow-address=
/tool graphing queue
add allow-address= allow-target=no
/tool graphing resource
add allow-address=
add allow-address=
/tool romon
set enabled=yes id=4C:5E:0C:48:5F:E4 secrets=08540056E
/tool romon port
/tool user-manager database
set db-path=user-manager
[admin@M1] >