Hello,
Suite a un demenagement (toujours chez Sosh / Orange), je n'arrive plus a re-configurer mon Mikrotik Cloud Router (CRS109-8G-1S-2HnD, RouterOS v6.48.2 (stable)) avec un TP Link MC220L en front, et un GPON SFP ONT Sercomm FGS202.
La Livebox 4 fonctionne correctement. Le mikrotik avec le TP Link MC 220 L fonctionnaient parfaitement a mon ancienne adresse.
Quelles que soit les configurations (DHCP ou PPPoE) que je mets en place, je ne vois pas de Rx sur l'ether1, rien... Les LEDs sur le TP Link sont bien vertes statiques (ne clignottent pas).
Avez vous une idee de comment regler la situation?
Voici la full configuration actuelle:
# dec/29/2021 14:29:46 by RouterOS 6.48.2
# software id = FMS1-XJ8N
#
# model = CRS109-8G-1S-2HnD
# serial number = 883E070BC618
/interface bridge
add admin-mac=64:D1:54:F9:FB:0D auto-mac=no comment=defconf name=bridge
add fast-forward=no name=orange-832 protocol-mode=none
/interface vlan
add interface=ether1 name=ether1.832 vlan-id=832
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
add authentication-types=wpa2-psk mode=dynamic-keys name=wifi-passphrase supplicant-identity=MikroTik wpa2-pre-shared-key=XXXXX
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-XX disabled=no distance=indoors frequency=auto installation=indoor mode=ap-bridge \
security-profile=wifi-passphrase ssid=MikroTik-F9FB15 wireless-protocol=802.11
/ip dhcp-client option
add code=90 name=authsend value=0x0000000000000000000000XXXXXXXXXXXXXXXXXXXXXX
add code=60 name=vendor-class-identifier value=0x736167656d
add code=77 name=userclass value=0x2b46535644534c5f6c697665626f782e496e7465726e65742e736f66746174686f6d652e4c697665626f7834
add code=61 name=vendor-client-identifier value=0x0887C63B2760
/ip pool
add name=default-dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=default-dhcp disabled=no interface=bridge name=defconf
/interface bridge filter
# no interface
add action=set-priority chain=output new-priority=6 out-interface=*C
add action=set-priority chain=output dst-port=67 ip-protocol=udp mac-protocol=ip new-priority=6 out-interface=ether1.832 src-port=68
add action=set-priority chain=output dst-port=547 ip-protocol=udp mac-protocol=ipv6 new-priority=6 out-interface=ether1.832 src-port=546
/interface bridge port
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
add bridge=bridge comment=defconf interface=ether6
add bridge=bridge comment=defconf interface=ether7
add bridge=bridge comment=defconf interface=ether8
add bridge=bridge comment=defconf interface=sfp1
add bridge=bridge comment=defconf interface=wlan1
add bridge=orange-832 interface=ether1.832
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=WAN
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge network=192.168.88.0
/ip dhcp-client
add dhcp-options=authsend,vendor-class-identifier,userclass disabled=no
add dhcp-options=authsend,userclass,vendor-class-identifier disabled=no interface=orange-832
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.88.1 comment=defconf name=router.lan
/ip firewall filter
add action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment="defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
add action=drop chain=input comment="defconf: drop all not coming from LAN" in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=out,none out-interface-list=WAN
/system clock
set time-zone-name=Europe/Paris
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN