diff --git a/mikrotik/mt-wap.ke.einsle.de b/mikrotik/mt-wap.ke.einsle.de
new file mode 100644
index 0000000..78031c1
--- /dev/null
+++ b/mikrotik/mt-wap.ke.einsle.de
@@ -0,0 +1,101 @@
+#        routerboard: yes
+#         board-name: wAP ac
+#              model: RouterBOARD wAP G-5HacT2HnD
+#      serial-number: 69A50527A67C
+#      firmware-type: qca9550L
+#   factory-firmware: 3.31
+#   current-firmware: 6.45.1
+#   upgrade-firmware: 6.45.1
+# 
+#             channel: stable
+#   installed-version: 6.45.1
+# 
+# Flags: U - undoable, R - redoable, F - floating-undo 
+#   ACTION                                   BY               POLICY             
+# U user oxidized added                      admin            write              
+#                                                             policy             
+# 
+# software id = 0ABG-FSCM
+#
+# model = RouterBOARD wAP G-5HacT2HnD
+# serial number = 69A50527A67C
+/interface bridge
+add fast-forward=no name=br_vlan42 protocol-mode=none
+add fast-forward=no name=br_vlan50 protocol-mode=none
+add fast-forward=no name=br_vlan51 protocol-mode=none
+add fast-forward=no name=br_vlan52 protocol-mode=none
+add fast-forward=no name=br_vlan99 protocol-mode=none
+add fast-forward=no name=br_wlan protocol-mode=none
+/interface ethernet
+set [ find default-name=ether1 ] speed=100Mbps
+/interface wireless
+# managed by CAPsMAN
+# channel: 2412/20/gn(10dBm), SSID: wifis.org/ke/bertling, CAPsMAN forwarding
+set [ find default-name=wlan1 ] ssid=MikroTik
+/interface vlan
+add interface=br_wlan loop-protect-disable-time=0s loop-protect-send-interval=0s name=br_wlan_vlan42 vlan-id=42
+add interface=br_wlan loop-protect-disable-time=0s loop-protect-send-interval=0s name=br_wlan_vlan50 vlan-id=50
+add interface=br_wlan loop-protect-disable-time=0s loop-protect-send-interval=0s name=br_wlan_vlan51 vlan-id=51
+add interface=br_wlan loop-protect-disable-time=0s loop-protect-send-interval=0s name=br_wlan_vlan52 vlan-id=52
+add interface=br_wlan loop-protect-disable-time=0s loop-protect-send-interval=0s name=br_wlan_vlan99 vlan-id=99
+add interface=ether1 name=vlan1 vlan-id=1
+add interface=ether1 name=vlan10 vlan-id=10
+add interface=ether1 loop-protect-disable-time=0s loop-protect-send-interval=0s name=vlan15 vlan-id=15
+add interface=ether1 name=vlan42 vlan-id=42
+add interface=ether1 name=vlan50 vlan-id=50
+add interface=ether1 name=vlan51 vlan-id=51
+add interface=ether1 name=vlan52 vlan-id=52
+add interface=ether1 name=vlan99 vlan-id=99
+/interface wireless security-profiles
+set [ find default=yes ] supplicant-identity=MikroTik
+add authentication-types=wpa2-eap management-protection=allowed mode=dynamic-keys name=sec_radius radius-mac-accounting=yes radius-mac-authentication=yes radius-mac-mode=as-username-and-password supplicant-identity=mt-wap
+/interface wireless
+# managed by CAPsMAN
+# channel: 5180/20/ac(18dBm), SSID: wifis.org/ke/bertling, CAPsMAN forwarding
+set [ find default-name=wlan2 ] antenna-gain=2 band=5ghz-a/n/ac channel-width=20/40/80mhz-eeeC country=germany frequency=auto frequency-mode=regulatory-domain security-profile=sec_radius ssid=MikroTik
+/ip hotspot profile
+set [ find default=yes ] html-directory=flash/hotspot
+/routing ospf instance
+set [ find default=yes ] disabled=yes
+/snmp community
+set [ find default=yes ] addresses=172.24.0.0/16 authentication-password=nUTIRozDeJMiQ2Goj8BR authentication-protocol=SHA1 encryption-password=nUTIRozDeJMiQ2Goj8BR encryption-protocol=AES name=jie6Wao5weeSahs
+add addresses=172.24.1.0/24,172.24.10.0/24 authentication-password=nUTIRozDeJMiQ2Goj8BR authentication-protocol=SHA1 encryption-password=nUTIRozDeJMiQ2Goj8BR encryption-protocol=AES name=monitor security=private
+/interface bridge port
+add bridge=br_vlan42 interface=br_wlan_vlan42
+add bridge=br_vlan42 interface=vlan42
+add bridge=br_vlan50 interface=br_wlan_vlan50
+add bridge=br_vlan50 interface=vlan50
+add bridge=br_vlan51 interface=br_wlan_vlan51
+add bridge=br_vlan51 interface=vlan51
+add bridge=br_vlan52 interface=br_wlan_vlan52
+add bridge=br_vlan52 interface=vlan52
+add bridge=br_vlan99 interface=br_wlan_vlan99
+add bridge=br_vlan99 interface=vlan99
+/interface wireless cap
+# 
+set bridge=br_wlan caps-man-addresses=172.24.1.97 enabled=yes interfaces=wlan1,wlan2
+/ip address
+add address=172.24.1.92/24 interface=vlan1 network=172.24.1.0
+add address=172.24.10.92/24 interface=vlan10 network=172.24.10.0
+add address=172.24.42.92/24 interface=vlan42 network=172.24.42.0
+add address=172.24.15.92/24 interface=vlan15 network=172.24.15.0
+/ip dns
+set servers=172.24.10.11,172.24.10.12
+/ip route
+add distance=1 gateway=172.24.1.1
+/ip smb shares
+set [ find default=yes ] directory=/pub
+/ip ssh
+set allow-none-crypto=yes forwarding-enabled=remote
+/radius
+add address=172.24.10.16 secret=Ofooza9fugee service=wireless
+/snmp
+set contact="Robert Einsle" enabled=yes location="Kempten, Keller Flur"
+/system clock
+set time-zone-name=Europe/Berlin
+/system identity
+set name=mt-wap
+/system ntp client
+set enabled=yes primary-ntp=172.24.10.13 secondary-ntp=172.24.10.12
+/tool romon
+set enabled=yes id=E4:8D:8C:4B:30:74 secrets=78f244b59c