RouterOS v6.2 Final y las nuevas redes Mikrotik-XXXXXX

Publicado por D3M0N, 04 de Agosto de 2013, 11:23:57 PM

Tema anterior - Siguiente tema

0 Miembros y 1 Visitante están viendo este tema.

D3M0N


Actualizando mi Mikrotik RB751U-2HnD me encontré con que ahora para la versión 6.2 de RouterOS ya la Red inalambrica no viene configurada abierta y con un SSID genérico. Al poner el Script por defecto se auto genera un SSID compuesto por la palabra "Mikrotik-" y los Últimos Dígitos de la MAC Address por defecto de la interfaz inalambrida dicha. Y Autoconfigura por defecto la contraseña: 2FF10121278B.

Miren el Script completo:

:global ssid;
#| Wireless Configuration:
#| 	security-key:	2FF10121278B;
#| 	mode:		ap-bridge;
#| 	band:		2ghz-b/g/n;
#| 	ht-chains:	two;
#| 	ht-extension:	20/40mhz-ht-above;
#| 
#| WAN (gateway) Configuration:
#| 	gateway:	ether1  (renamed with extension '-gateway');
#| 	firewall: 	enabled;
#| 	NAT:		enabled;
#| 	DHCP Client:	enabled;
#| 
#| LAN Configuration:
#| 	LAN Port:	bridge-local;
#| 	switch group:	ether2 (master), ether3, ether4, ether5
#| 		(renamed with extensions '-master-local' and '-slave-local')
#| 	LAN IP:		192.168.88.1;
#| 	DHCP Server:	enabled;

:global action;
:local dhcpEnabled 0;
:local wirelessEnabled 0;

#check for wireless and dhcp packages
:if ([:len [/system package find name="dhcp" !disabled]] != 0) do={
:set dhcpEnabled 1;
}
:if ([:len [/system package find name="wireless" !disabled]] != 0) do={
:set wirelessEnabled 1;
}

#-------------------------------------------------------------------------------
# Apply configuration.
# these commands are executed after installation or configuration reset
#-------------------------------------------------------------------------------
:if ($action = "apply") do={
# wait for interfaces
:while ([/interface ethernet find] = "") do={ :delay 1s; };

	:if ( $wirelessEnabled = 1) do={
		:local count 0;
		:while ([/interface wireless find] = "") do={ 
			:set count ($count +1);
			:if ($count = 60) do={
				:log warning "DefConf: Unable to find wireless interface"; 
				/ip address add address=192.168.88.1/24 interface=ether1;
				/quit
			}
			:delay 1s;
		};
		/interface wireless set wlan1 mode=ap-bridge band=2ghz-b/g/n ht-txchains=0,1 ht-rxchains=0,1 \
			disabled=no wireless-protocol=any distance=indoors
		:local wlanMac  [/interface wireless get wlan1 mac-address];
		:set ssid "MikroTik-$[:pick $wlanMac 9 11]$[:pick $wlanMac 12 14]$[:pick $wlanMac 15 17]"
		/interface wireless set wlan1 ssid=$ssid
		/interface wireless security-profiles set default wpa-pre-shared-key=2FF10121278B wpa2-pre-shared-key=2FF10121278B mode=dynamic-keys authentication-types=wpa-psk,wpa2-psk
		/interface wireless set wlan1 channel-width=20/40mhz-ht-above ;
	}

	/interface set ether1 name="ether1-gateway";
	:if ( $dhcpEnabled = 1) do={
		/ip dhcp-client add interface=ether1-gateway disabled=no comment="default configuration";
	}

	/interface {
		set ether2 name=ether2-master-local;
		set ether3 name=ether3-slave-local;
		set ether4 name=ether4-slave-local;
		set ether5 name=ether5-slave-local;
	}
	/interface ethernet {
		set ether3-slave-local master-port=ether2-master-local;
		set ether4-slave-local master-port=ether2-master-local;
		set ether5-slave-local master-port=ether2-master-local;
	}

	/interface bridge
		add name=bridge-local disabled=no auto-mac=no protocol-mode=rstp;
	:local bMACIsSet 0;
	:foreach k in=[/interface find] do={
		:local tmpPortName [/interface get $k name];
		:if (!($tmpPortName~"bridge"  || $tmpPortName~"ether1"|| $tmpPortName~"slave")) do={
			:if ($bMACIsSet = 0) do={
				:if ([/interface get $k type] = "ether") do={
					/interface bridge set "bridge-local" admin-mac=[/interface ethernet get $tmpPortName mac-address];
					:set bMACIsSet 1;
				}
			}
			/interface bridge port
				add bridge=bridge-local interface=$tmpPortName;
		}
	}
	/ip address add address=192.168.88.1/24 interface=bridge-local comment="default configuration";
	:if ($dhcpEnabled = 1) do={
		/ip pool add name="default-dhcp" ranges=192.168.88.10-192.168.88.254;
		/ip dhcp-server
			add name=default address-pool="default-dhcp" interface=bridge-local disabled=no;
		/ip dhcp-server network
			add address=192.168.88.0/24 gateway=192.168.88.1 dns-server=192.168.88.1 comment="default configuration";
	}
	/ip firewall nat add chain=srcnat out-interface=ether1-gateway action=masquerade comment="default configuration"
	/ip firewall {
		filter add chain=input action=accept protocol=icmp comment="default configuration"
		filter add chain=input action=accept connection-state=established comment="default configuration"
		filter add chain=input action=accept connection-state=related comment="default configuration"
		filter add chain=input action=drop in-interface=ether1-gateway comment="default configuration"
              filter add chain=forward action=accept connection-state=established comment="default configuration"
              filter add chain=forward action=accept connection-state=related comment="default configuration"
              filter add chain=forward action=drop connection-state=invalid comment="default configuration"
	}
	/tool mac-server disable [find];
	/tool mac-server mac-winbox disable [find];
	:foreach k in=[/interface find] do={
		:local tmpName [/interface get $k name];
		:if (!($tmpName~"ether1")) do={
			/tool mac-server add interface=$tmpName disabled=no;
			/tool mac-server mac-winbox add interface=$tmpName disabled=no;
		}
	}
	/ip neighbor discovery set [find name="ether1-gateway"] discover=no
	/ip dns {
		set allow-remote-requests=yes
		static add name=router address=192.168.88.1
	}

}

#-------------------------------------------------------------------------------
# Revert configuration.
# these commands are executed if user requests to remove default configuration
#-------------------------------------------------------------------------------
:if ($action = "revert") do={
# remove wan port protection
	/ip firewall {
		:local o [nat find comment="default configuration"]
		:if ([:len $o] != 0) do={ nat remove $o }
		:local o [filter find comment="default configuration"]
		:if ([:len $o] != 0) do={ filter remove $o }
	}
	/tool mac-server remove [find interface!=all]
	/tool mac-server set [find] disabled=no
	/tool mac-server mac-winbox remove [find interface!=all]
	/tool mac-server mac-winbox set [find] disabled=no
# reset wan ports;
	/ip neighbor discovery set [find name="ether1-gateway"] discover=yes
	/interface set "ether1-gateway" name=ether1;
	:if ($dhcpEnabled = 1) do={
		:local o [/ip dhcp-server network find comment="default configuration"]
		:if ([:len $o] != 0) do={ /ip dhcp-server network remove $o }
		:local o [/ip dhcp-server find name="default" address-pool="default-dhcp" interface="bridge-local" !disabled]
		:if ([:len $o] != 0) do={ /ip dhcp-server remove $o }
		/ip pool {
			:local o [find name="default-dhcp" ranges=192.168.88.10-192.168.88.254]
			:if ([:len $o] != 0) do={ remove $o }
		}
		:local o [/ip dhcp-client find comment="default configuration"]
		:if ([:len $o] != 0) do={ /ip dhcp-client remove $o }
	}
	/ip dns {
		set allow-remote-requests=no
		:local o [static find name=router address=192.168.88.1]
		:if ([:len $o] != 0) do={ static remove $o }
	}
	/ip address {
		:local o [find comment="default configuration"]
		:if ([:len $o] != 0) do={ remove $o }
	}
# remove switch
	/interface set ether2-master-local name=ether2;
	/interface ethernet set ether3-slave-local master-port=none;
	/interface set ether3-slave-local name=ether3;
	/interface ethernet set ether4-slave-local master-port=none;
	/interface set ether4-slave-local name=ether4;
	/interface ethernet set ether5-slave-local master-port=none;
	/interface set ether5-slave-local name=ether5;
	/interface bridge port remove [find bridge="bridge-local"]
	/interface bridge remove [find name="bridge-local"]
	:if ($wirelessEnabled = 1) do={
		/interface set [find name~"wlan1"] name=wlan1
		/interface wireless reset-configuration wlan1
	}
}


Apartado Inalambrico:

/interface wireless set wlan1 mode=ap-bridge band=2ghz-b/g/n ht-txchains=0,1 ht-rxchains=0,1 \
			disabled=no wireless-protocol=any distance=indoors
		:local wlanMac  [/interface wireless get wlan1 mac-address];
		:set ssid "MikroTik-$[:pick $wlanMac 9 11]$[:pick $wlanMac 12 14]$[:pick $wlanMac 15 17]"
		/interface wireless set wlan1 ssid=$ssid
		/interface wireless security-profiles set default wpa-pre-shared-key=2FF10121278B wpa2-pre-shared-key=2FF10121278B mode=dynamic-keys authentication-types=wpa-psk,wpa2-psk
		/interface wireless set wlan1 channel-width=20/40mhz-ht-above ;


La parte del SSID:

:set ssid "MikroTik-$[:pick $wlanMac 9 11]$[:pick $wlanMac 12 14]$[:pick $wlanMac 15 17]"

y la seguridad:

/interface wireless security-profiles set default wpa-pre-shared-key=2FF10121278B wpa2-pre-shared-key=2FF10121278B mode=dynamic-keys authentication-types=wpa-psk,wpa2-psk

Así que si ven una RED "Mikrotik-XXXXXX" posiblemente su contraseña por defecto seria: 2FF10121278B siempre que sea un RB751U-2HnD.