Jump to content
Калькуляторы

LDF Шифрование линка

Добрый всем.
Есть бридж из двух LDF 5AC. Бридж проработал 3 месяца и связь пропала. Шифрование стояло WPA2-aes. Проверил настройки, ничего не изменилось на первый взгляд. режим 802.11, без шифрования связь есть, с шифрованием связи нет. Сделал уже несколько профилей, с WPA-tkip, WPA-aes, WPA2-tkip, WPA2-AES. С ними связь так и небыло за пару минут, делал удаленно через ,безопасный режим.

Прошивку обновил, не помогло. 
Nv2 и nstream не пользуюсь, переключил на скорую руку на них, ключи задал, не заработало. 

Уже куча настроек изменил, голова так сказать идет кругом, думаю настройки сбросить и с нуля настроить, но только как будет доступ с другой стороны линка.

 

--Бридж Клиент

# dec/14/2018 13:04:21 by RouterOS 6.43.7

# model = RouterBOARD LDF G-5acD
/interface bridge
add fast-forward=no name=bridge1
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk eap-methods="" mode=\
    dynamic-keys supplicant-identity=MikroTik wpa-pre-shared-key=\
    Password12345 wpa2-pre-shared-key=Password12345
add authentication-types=wpa2-psk eap-methods="" name=profile-none-security \
    supplicant-identity=MikroTik wpa2-pre-shared-key=\
    Password12345
add authentication-types=wpa-psk eap-methods="" group-ciphers=tkip mode=\
    dynamic-keys name=profile1-wpa-tkip supplicant-identity="" \
    unicast-ciphers=tkip wpa-pre-shared-key=Password12345 \
    wpa2-pre-shared-key=Password12345
add authentication-types=wpa-psk eap-methods="" mode=dynamic-keys name=\
    profile2-wpa-aes supplicant-identity="" wpa-pre-shared-key=\
    Password12345 wpa2-pre-shared-key=Password12345
add authentication-types=wpa2-psk eap-methods="" group-ciphers=tkip mode=\
    dynamic-keys name=profile3-wpa2-tkip supplicant-identity="" \
    unicast-ciphers=tkip wpa-pre-shared-key=Password12345 \
    wpa2-pre-shared-key=Password12345
add authentication-types=wpa2-psk eap-methods="" mode=dynamic-keys name=\
    profile4-wpa2-aes supplicant-identity="" wpa-pre-shared-key=\
    Password12345 wpa2-pre-shared-key=Password12345
add authentication-types=wpa-psk,wpa2-psk eap-methods="" mode=dynamic-keys \
    name=profile5 supplicant-identity="" wpa-pre-shared-key=Password12345 \
    wpa2-pre-shared-key=Password12345
add authentication-types=wpa-psk,wpa2-psk eap-methods="" \
    management-protection=allowed management-protection-key=Password12345 \
    mode=dynamic-keys name=profile6_man_protect_enable supplicant-identity="" \
    wpa-pre-shared-key=Password12345 wpa2-pre-shared-key=Password12345
add authentication-types=wpa2-psk eap-methods="" mode=dynamic-keys name=\
    profile7 supplicant-identity="" wpa2-pre-shared-key=Password12345
/interface wireless
set [ find default-name=wlan1 ] allow-sharedkey=yes band=5ghz-n/ac disabled=\
    no distance=2 frequency=5200 guard-interval=long mode=station-bridge \
    multicast-buffering=disabled multicast-helper=disabled nv2-preshared-key=\
    Password12345 nv2-security=enabled preamble-mode=long scan-list=5200 \
    security-profile=profile-none-security ssid=SSID station-roaming=\
    disabled tx-power=10 tx-power-mode=all-rates-fixed wds-default-bridge=\
    bridge1 wds-mode=dynamic wireless-protocol=802.11
/interface wireless nstreme
set wlan1 enable-nstreme=yes
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/queue type
set 1 pfifo-limit=500
set 2 kind=pfifo pfifo-limit=2000
/user group
add name=bandwidth_test policy="test,winbox,!local,!telnet,!ssh,!ftp,!reboot,!\
    read,!write,!policy,!password,!web,!sniff,!sensitive,!api,!romon,!dude,!ti\
    kapp"
/interface bridge port
add bridge=bridge1 interface=wlan1
add bridge=bridge1 interface=ether1
/ip address
/ip dns
/ip route
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/system clock
set time-zone-name=Europe/Moscow
/system clock manual
set time-zone=+03:00
/system ntp client
/system package update
set channel=development

--Бридж

# dec/14/2018 13:07:15 by RouterOS 6.43.7
#
# model = RouterBOARD LDF G-5acD
/interface bridge
add fast-forward=no name=bridge1
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk eap-methods="" mode=\
    dynamic-keys supplicant-identity=MikroTik wpa2-pre-shared-key=\
    Password12345
add authentication-types=wpa2-psk eap-methods="" name=profile-none-security \
    supplicant-identity=MikroTik wpa2-pre-shared-key=\
    Password12345
add authentication-types=wpa-psk eap-methods="" group-ciphers=tkip mode=\
    dynamic-keys name=profile1-wpa-tkip supplicant-identity="" \
    unicast-ciphers=tkip wpa-pre-shared-key=Password12345 \
    wpa2-pre-shared-key=Password12345
add authentication-types=wpa-psk eap-methods="" mode=dynamic-keys name=\
    profile2-wpa-aes supplicant-identity="" wpa-pre-shared-key=\
    Password12345 wpa2-pre-shared-key=Password12345
add authentication-types=wpa2-psk eap-methods="" group-ciphers=tkip mode=\
    dynamic-keys name=profile3-wpa2-tkip supplicant-identity="" \
    unicast-ciphers=tkip wpa-pre-shared-key=Password12345 \
    wpa2-pre-shared-key=Password12345
add authentication-types=wpa2-psk eap-methods="" mode=dynamic-keys name=\
    profile4-wpa2-aes supplicant-identity="" wpa-pre-shared-key=\
    Password12345 wpa2-pre-shared-key=Password12345
add authentication-types=wpa-psk,wpa2-psk eap-methods="" mode=dynamic-keys \
    name=profile5 supplicant-identity="" wpa-pre-shared-key=Password12345 \
    wpa2-pre-shared-key=Password12345
add authentication-types=wpa-psk,wpa2-psk eap-methods="" \
    management-protection=allowed management-protection-key=Password12345 \
    mode=dynamic-keys name=profile6_man_protect_enable supplicant-identity="" \
    wpa-pre-shared-key=Password12345 wpa2-pre-shared-key=Password12345
add authentication-types=wpa2-psk eap-methods="" mode=dynamic-keys name=\
    profile7 supplicant-identity="" wpa2-pre-shared-key=fg6yDFDdf
/interface wireless
set [ find default-name=wlan1 ] allow-sharedkey=yes band=5ghz-n/ac \
    default-forwarding=no disabled=no distance=2 frequency=5200 \
    guard-interval=long hw-retries=15 max-station-count=5 mode=bridge \
    nv2-preshared-key=Password12345 nv2-security=enabled \
    preamble-mode=long scan-list=5200 security-profile=profile-none-security \
    ssid=SSID supported-rates-a/g=6Mbps,9Mbps,12Mbps,18Mbps,24Mbps \
    tx-power=11 tx-power-mode=all-rates-fixed wds-default-bridge=bridge1 \
    wds-mode=dynamic wireless-protocol=802.11 wps-mode=disabled
/interface wireless nstreme
set wlan1 enable-nstreme=yes enable-polling=no
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/queue type
set 1 pfifo-limit=500
set 2 kind=pfifo pfifo-limit=2000
/user group
add name=bandwidth_test policy="test,winbox,!local,!telnet,!ssh,!ftp,!reboot,!\
    read,!write,!policy,!password,!web,!sniff,!sensitive,!api,!romon,!dude,!ti\
    kapp"
/interface bridge port
add bridge=bridge1 interface=wlan1
add bridge=bridge1 interface=ether1
/ip address
/ip dns
/ip route
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/system clock
set time-zone-name=Europe/Moscow
/system clock manual
set time-zone=+03:00
/system ntp client

 

Edited by vadya

Share this post


Link to post
Share on other sites

И отключите шифрование wpa-psk,wpa2-psk,  у вас nv2-preshared-key=Password12345 nv2-security=enabled \

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now