+7 (812) 929-8183,
+7 (812) 929-8283

Настройка бспроводного соединения мост Mikrotik

Базовая

Настраиваем два SXT5HpnD оба с Licence L3

настройки проверены на ROS 6.5-6.12

1 дивайс в режиме "bridge"

/interface wireless security-profiles add name="profile1" \
mode=dynamic-keys authentication-types=wpa2-psk \
unicast-ciphers=aes-ccm group-ciphers=aes-ccm wpa-pre-shared-key="" \
wpa2-pre-shared-key="987654321" supplicant-identity="" \
eap-methods="" tls-mode=no-certificates tls-certificate=none \
static-algo-0=none static-key-0="" static-algo-1=none static-key-1="" \
static-algo-2=none static-key-2="" static-algo-3=none static-key-3="" \
static-transmit-key=key-0 static-sta-private-algo=none \
static-sta-private-key="" radius-mac-authentication=no \
radius-mac-accounting=no radius-eap-accounting=no interim-update=0s \
radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username \
radius-mac-caching=disabled group-key-update=5m \
management-protection=allowed management-protection-key=""


/interface wireless set wlan1 mtu=1500 arp=enabled \
mode=bridge ssid="unisi br" frequency=5765 disabled=no \
band=5ghz-onlyn channel-width=20/40mhz-ht-above scan-list=default \
wireless-protocol=nv2 antenna-mode=ant-a wds-mode=disabled distance=dynamic \
wds-default-bridge=none wds-ignore-ssid=no bridge-mode=enabled ht-rxchains=0,1 ht-txchains=0,1 \
default-authentication=yes default-forwarding=yes default-ap-tx-limit=0 \
default-client-tx-limit=0 hide-ssid=no security-profile=profile1 compression=no \
frequency-mode=superchannel periodic-calibration=enabled \
periodic-calibration-interval=10 preamble-mode=both


/interface bridge add protocol-mode=rstp name=bridge1
/interface bridge port add bridge=bridge1 interface=ether1
/interface bridge port add bridge=bridge1 interface=wlan1


/ip address add address=192.168.1.78/24 interface=bridge1 comment="Local"

/ip service disable www
ip service disable ssh
ip service disable telnet
ip service disable ftp
ip service disable api-ssl

2 дивайс в режиме station-bridge

/interface wireless security-profiles add name="profile1" \
mode=dynamic-keys authentication-types=wpa2-psk \
unicast-ciphers=aes-ccm group-ciphers=aes-ccm wpa-pre-shared-key="" \
wpa2-pre-shared-key="987654321" supplicant-identity="" \
eap-methods="" tls-mode=no-certificates tls-certificate=none \
static-algo-0=none static-key-0="" static-algo-1=none static-key-1="" \
static-algo-2=none static-key-2="" static-algo-3=none static-key-3="" \
static-transmit-key=key-0 static-sta-private-algo=none \
static-sta-private-key="" radius-mac-authentication=no \
radius-mac-accounting=no radius-eap-accounting=no interim-update=0s \
radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username \
radius-mac-caching=disabled group-key-update=5m \
management-protection=allowed management-protection-key=""


/interface wireless set wlan1 mtu=1500 arp=enabled \
mode=station-bridge ssid="unisi br" frequency=5765 disabled=no \
band=5ghz-onlyn channel-width=20/40mhz-ht-above scan-list=5765 \
wireless-protocol=nv2 antenna-mode=ant-a wds-mode=disabled distance=dynamic \
wds-default-bridge=none wds-ignore-ssid=no bridge-mode=enabled ht-rxchains=0,1 ht-txchains=0,1 \
default-authentication=yes default-forwarding=yes default-ap-tx-limit=0 \
default-client-tx-limit=0 hide-ssid=no security-profile=profile1 compression=no \
frequency-mode=superchannel periodic-calibration=enabled \
periodic-calibration-interval=10 preamble-mode=both


/interface bridge add protocol-mode=rstp name=bridge1
/interface bridge port add bridge=bridge1 interface=ether1
/interface bridge port add bridge=bridge1 interface=wlan1


/ip address add address=192.168.1.77/24 interface=bridge1 comment="Local"

/ip service disable www
ip service disable ssh
ip service disable telnet
ip service disable ftp
ip service disable api-ssl

Расширенная настройка

подходит для большого кол-ва мелких пакетов благодаря включенной упаковке пакетов и некоторым дополнительным оптимизациям под режим моста

1 дивайс в режиме bridge

/system identity set name="unisi_bridge"
/interface bridge add protocol-mode=rstp name=bridge1
/interface bridge port add bridge=bridge1 interface=ether1
/interface bridge port add bridge=bridge1 interface=wlan1


/ip address add address=192.168.1.78/24 interface=bridge1 comment="Local"

/interface wireless security-profiles add name="profile1" \
mode=dynamic-keys authentication-types=wpa2-psk \
unicast-ciphers=aes-ccm group-ciphers=aes-ccm wpa-pre-shared-key="" \
wpa2-pre-shared-key="987654321" supplicant-identity="" \
eap-methods="" tls-mode=no-certificates tls-certificate=none \
static-algo-0=none static-key-0="" static-algo-1=none static-key-1="" \
static-algo-2=none static-key-2="" static-algo-3=none static-key-3="" \
static-transmit-key=key-0 static-sta-private-algo=none \
static-sta-private-key="" radius-mac-authentication=no \
radius-mac-accounting=no radius-eap-accounting=no interim-update=0s \
radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username \
radius-mac-caching=disabled group-key-update=5m \
management-protection=allowed management-protection-key=""


/interface wireless set wlan1 mtu=1500 arp=enabled \
mode=bridge ssid="unisi br" frequency=5765 disabled=no \
band=5ghz-onlyn channel-width=20/40mhz-ht-above scan-list=5765 \
wireless-protocol=nv2 antenna-mode=ant-a wds-mode=dynamic distance=dynamic \
wds-default-bridge=bridge1 wds-ignore-ssid=no bridge-mode=enabled ht-rxchains=0,1 ht-txchains=0,1 \
default-authentication=yes default-forwarding=yes default-ap-tx-limit=0 \
default-client-tx-limit=0 hide-ssid=no security-profile=profile1 compression=no \
frequency-mode=superchannel periodic-calibration=enabled \
periodic-calibration-interval=10 preamble-mode=both \
nv2-cell-radius=10 nv2-security=enabled nv2-preshared-key=9876543210 \
hw-protection-mode=rts-cts


/interface wireless nstreme set wlan1 enable-nstreme=yes enable-polling=yes disable-csma=yes \
framer-policy=dynamic-size framer-limit=3200


/queue type
set 1 kind=pfifo pfifo-limit=500 name="ethernet-default"
set 2 kind=pfifo pfifo-limit=500 name="wireless-default"


/ip service disable www
/ip service disable ssh
/ip service disable telnet
/ip service disable ftp
/ip service disable api-ssl


/ip packing add interface=bridge1 aggregated-size=1500 packing=simple unpacking=simple

2 дивайс в режиме station-bridge

/system identity set name="unisi_station-bridge"

/interface bridge add protocol-mode=rstp name=bridge1
/interface bridge port add bridge=bridge1 interface=ether1
/interface bridge port add bridge=bridge1 interface=wlan1


/ip address add address=192.168.1.77/24 interface=bridge1 comment="Local"

/interface wireless security-profiles add name="profile1" \
mode=dynamic-keys authentication-types=wpa2-psk \
unicast-ciphers=aes-ccm group-ciphers=aes-ccm wpa-pre-shared-key="" \
wpa2-pre-shared-key="987654321" supplicant-identity="" \
eap-methods="" tls-mode=no-certificates tls-certificate=none \
static-algo-0=none static-key-0="" static-algo-1=none static-key-1="" \
static-algo-2=none static-key-2="" static-algo-3=none static-key-3="" \
static-transmit-key=key-0 static-sta-private-algo=none \
static-sta-private-key="" radius-mac-authentication=no \
radius-mac-accounting=no radius-eap-accounting=no interim-update=0s \
radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username \
radius-mac-caching=disabled group-key-update=5m \
management-protection=allowed management-protection-key=""


/interface wireless set wlan1 mtu=1500 arp=enabled \
mode=station-bridge ssid="unisi br" frequency=5765 disabled=no \
band=5ghz-onlyn channel-width=20/40mhz-ht-above scan-list=5765 \
wireless-protocol=nv2 antenna-mode=ant-a wds-mode=dynamic distance=dynamic \
wds-default-bridge=bridge1 wds-ignore-ssid=no bridge-mode=enabled ht-rxchains=0,1 ht-txchains=0,1 \
default-authentication=yes default-forwarding=yes default-ap-tx-limit=0 \
default-client-tx-limit=0 hide-ssid=no security-profile=profile1 compression=no \
frequency-mode=superchannel periodic-calibration=enabled \
periodic-calibration-interval=10 preamble-mode=both \
nv2-cell-radius=10 nv2-security=enabled nv2-preshared-key=9876543210 \
hw-protection-mode=rts-cts


/interface wireless nstreme set wlan1 enable-nstreme=yes enable-polling=yes disable-csma=yes \
framer-policy=dynamic-size framer-limit=3200


/queue type
set 1 kind=pfifo pfifo-limit=500 name="ethernet-default"
set 2 kind=pfifo pfifo-limit=500 name="wireless-default"


/ip service disable www
/ip service disable ssh
/ip service disable telnet
/ip service disable ftp
/ip service disable api-ssl


/ip packing add interface=bridge1 aggregated-size=1500 packing=simple unpacking=simple
23.10.2013

Возврат к списку