Jump to content
Калькуляторы

LDF Шифрование линка

Добрый всем.
Есть бридж из двух LDF 5AC. Бридж проработал 3 месяца и связь пропала. Шифрование стояло WPA2-aes. Проверил настройки, ничего не изменилось на первый взгляд. режим 802.11, без шифрования связь есть, с шифрованием связи нет. Сделал уже несколько профилей, с WPA-tkip, WPA-aes, WPA2-tkip, WPA2-AES. С ними связь так и небыло за пару минут, делал удаленно через ,безопасный режим.

Прошивку обновил, не помогло. 
Nv2 и nstream не пользуюсь, переключил на скорую руку на них, ключи задал, не заработало. 

Уже куча настроек изменил, голова так сказать идет кругом, думаю настройки сбросить и с нуля настроить, но только как будет доступ с другой стороны линка.

 

--Бридж Клиент

# dec/14/2018 13:04:21 by RouterOS 6.43.7

# model = RouterBOARD LDF G-5acD
/interface bridge
add fast-forward=no name=bridge1
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk eap-methods="" mode=\
    dynamic-keys supplicant-identity=MikroTik wpa-pre-shared-key=\
    Password12345 wpa2-pre-shared-key=Password12345
add authentication-types=wpa2-psk eap-methods="" name=profile-none-security \
    supplicant-identity=MikroTik wpa2-pre-shared-key=\
    Password12345
add authentication-types=wpa-psk eap-methods="" group-ciphers=tkip mode=\
    dynamic-keys name=profile1-wpa-tkip supplicant-identity="" \
    unicast-ciphers=tkip wpa-pre-shared-key=Password12345 \
    wpa2-pre-shared-key=Password12345
add authentication-types=wpa-psk eap-methods="" mode=dynamic-keys name=\
    profile2-wpa-aes supplicant-identity="" wpa-pre-shared-key=\
    Password12345 wpa2-pre-shared-key=Password12345
add authentication-types=wpa2-psk eap-methods="" group-ciphers=tkip mode=\
    dynamic-keys name=profile3-wpa2-tkip supplicant-identity="" \
    unicast-ciphers=tkip wpa-pre-shared-key=Password12345 \
    wpa2-pre-shared-key=Password12345
add authentication-types=wpa2-psk eap-methods="" mode=dynamic-keys name=\
    profile4-wpa2-aes supplicant-identity="" wpa-pre-shared-key=\
    Password12345 wpa2-pre-shared-key=Password12345
add authentication-types=wpa-psk,wpa2-psk eap-methods="" mode=dynamic-keys \
    name=profile5 supplicant-identity="" wpa-pre-shared-key=Password12345 \
    wpa2-pre-shared-key=Password12345
add authentication-types=wpa-psk,wpa2-psk eap-methods="" \
    management-protection=allowed management-protection-key=Password12345 \
    mode=dynamic-keys name=profile6_man_protect_enable supplicant-identity="" \
    wpa-pre-shared-key=Password12345 wpa2-pre-shared-key=Password12345
add authentication-types=wpa2-psk eap-methods="" mode=dynamic-keys name=\
    profile7 supplicant-identity="" wpa2-pre-shared-key=Password12345
/interface wireless
set [ find default-name=wlan1 ] allow-sharedkey=yes band=5ghz-n/ac disabled=\
    no distance=2 frequency=5200 guard-interval=long mode=station-bridge \
    multicast-buffering=disabled multicast-helper=disabled nv2-preshared-key=\
    Password12345 nv2-security=enabled preamble-mode=long scan-list=5200 \
    security-profile=profile-none-security ssid=SSID station-roaming=\
    disabled tx-power=10 tx-power-mode=all-rates-fixed wds-default-bridge=\
    bridge1 wds-mode=dynamic wireless-protocol=802.11
/interface wireless nstreme
set wlan1 enable-nstreme=yes
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/queue type
set 1 pfifo-limit=500
set 2 kind=pfifo pfifo-limit=2000
/user group
add name=bandwidth_test policy="test,winbox,!local,!telnet,!ssh,!ftp,!reboot,!\
    read,!write,!policy,!password,!web,!sniff,!sensitive,!api,!romon,!dude,!ti\
    kapp"
/interface bridge port
add bridge=bridge1 interface=wlan1
add bridge=bridge1 interface=ether1
/ip address
/ip dns
/ip route
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/system clock
set time-zone-name=Europe/Moscow
/system clock manual
set time-zone=+03:00
/system ntp client
/system package update
set channel=development

--Бридж

# dec/14/2018 13:07:15 by RouterOS 6.43.7
#
# model = RouterBOARD LDF G-5acD
/interface bridge
add fast-forward=no name=bridge1
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk eap-methods="" mode=\
    dynamic-keys supplicant-identity=MikroTik wpa2-pre-shared-key=\
    Password12345
add authentication-types=wpa2-psk eap-methods="" name=profile-none-security \
    supplicant-identity=MikroTik wpa2-pre-shared-key=\
    Password12345
add authentication-types=wpa-psk eap-methods="" group-ciphers=tkip mode=\
    dynamic-keys name=profile1-wpa-tkip supplicant-identity="" \
    unicast-ciphers=tkip wpa-pre-shared-key=Password12345 \
    wpa2-pre-shared-key=Password12345
add authentication-types=wpa-psk eap-methods="" mode=dynamic-keys name=\
    profile2-wpa-aes supplicant-identity="" wpa-pre-shared-key=\
    Password12345 wpa2-pre-shared-key=Password12345
add authentication-types=wpa2-psk eap-methods="" group-ciphers=tkip mode=\
    dynamic-keys name=profile3-wpa2-tkip supplicant-identity="" \
    unicast-ciphers=tkip wpa-pre-shared-key=Password12345 \
    wpa2-pre-shared-key=Password12345
add authentication-types=wpa2-psk eap-methods="" mode=dynamic-keys name=\
    profile4-wpa2-aes supplicant-identity="" wpa-pre-shared-key=\
    Password12345 wpa2-pre-shared-key=Password12345
add authentication-types=wpa-psk,wpa2-psk eap-methods="" mode=dynamic-keys \
    name=profile5 supplicant-identity="" wpa-pre-shared-key=Password12345 \
    wpa2-pre-shared-key=Password12345
add authentication-types=wpa-psk,wpa2-psk eap-methods="" \
    management-protection=allowed management-protection-key=Password12345 \
    mode=dynamic-keys name=profile6_man_protect_enable supplicant-identity="" \
    wpa-pre-shared-key=Password12345 wpa2-pre-shared-key=Password12345
add authentication-types=wpa2-psk eap-methods="" mode=dynamic-keys name=\
    profile7 supplicant-identity="" wpa2-pre-shared-key=fg6yDFDdf
/interface wireless
set [ find default-name=wlan1 ] allow-sharedkey=yes band=5ghz-n/ac \
    default-forwarding=no disabled=no distance=2 frequency=5200 \
    guard-interval=long hw-retries=15 max-station-count=5 mode=bridge \
    nv2-preshared-key=Password12345 nv2-security=enabled \
    preamble-mode=long scan-list=5200 security-profile=profile-none-security \
    ssid=SSID supported-rates-a/g=6Mbps,9Mbps,12Mbps,18Mbps,24Mbps \
    tx-power=11 tx-power-mode=all-rates-fixed wds-default-bridge=bridge1 \
    wds-mode=dynamic wireless-protocol=802.11 wps-mode=disabled
/interface wireless nstreme
set wlan1 enable-nstreme=yes enable-polling=no
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/queue type
set 1 pfifo-limit=500
set 2 kind=pfifo pfifo-limit=2000
/user group
add name=bandwidth_test policy="test,winbox,!local,!telnet,!ssh,!ftp,!reboot,!\
    read,!write,!policy,!password,!web,!sniff,!sensitive,!api,!romon,!dude,!ti\
    kapp"
/interface bridge port
add bridge=bridge1 interface=wlan1
add bridge=bridge1 interface=ether1
/ip address
/ip dns
/ip route
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/system clock
set time-zone-name=Europe/Moscow
/system clock manual
set time-zone=+03:00
/system ntp client

 

Edited by vadya

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.