![]() ![]() ![]() Microcell mac-address=74:54:7D:FC:1B:F8 server=defaultĪdd address=192.168.88.0/24 comment="default configuration" gateway=\Īdd action=accept chain=forward comment="default configuration" \Ĭonnection-state=established,related disabled=yesĪdd action=drop chain=forward comment="default configuration" \Ĭonnection-nat-state=!dstnat connection-state=new disabled=yes \Īdd action=accept chain=input/forward fragment=yes protocol=tcpĪdd action=accept chain=input/forward fragment=yes protocol=udpĪdd action=masquerade chain=srcnat comment="default configuration" \Īdd action=accept chain=dstnat dst-port=8291 protocol=tcpĪdd action=src-nat chain=srcnat disabled=yes out-interface=ether1-gateway \ Set authentication-types=wpa-psk,wpa2-psk mode=\ĭynamic-keys supplicant-identity=MikroTik Set master-port=ether2-master-local name=\ Set arp=proxy-arp master-port=\Įther2-master-local name=ether3-slave-local Set arp=proxy-arp name=ether2-master-local Set band=2ghz-b/g/n channel-width=20/40mhz-Ce \Ĭountry="united states" distance=indoors frequency=auto mode=ap-bridge \ The other rules for port 4369 is for a "Home Automation" system unrelated and it's working without a hitch.Ĭode: Select all # sep/24/2016 07:08:45 by RouterOS 6.37Īdd admin-mac=E4:8D:8C:8B:07:6C auto-mac=no name=bridge-local You'll see the other rules I disabled trying different combinations. Right now I have it setup as a "DMZ" style which was what the last AT&T support suggested we try. ![]() AT&T said it was a hardened device and this is safe to do. I added another Public IP to try and bypass the Masquerade NAT and effectively DMZ the microcell. The router has a Static Public IP set static on the WAN gateway. The connection is a wISP fixed wireless, bridged UBNT 5GHz PtMP setup. This is a RB941 hAP Lite for the router, on the latest 6.7 Router OS and 3.33 Firmware. Ports show as opened only when not pointed to the Microcell. I checked the rules will work by forwarding to several other devices on the local network (also beyond whatever switch and wiring at the home) and scanning with NMAP. My NMAP says naughty even though they are nice. I have set my firewall rules and checked them twice.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |