Configurare Nat Mikrotik
Last Updated: Feb 13 2018 20:30, Started by
NHT
, Feb 13 2018 08:42
·
0
#1
Posted 13 February 2018 - 08:42
Salut,
Am un Mikrotik pe care l-am folosit mai demult ca AP si acum vreau sa-l dau cuiva sa-l foloseasca ca router. Am uitat insa cum l-am setat acum cativa ani si nu pot sa-l fac sa mearga. Se conecteaza prin pppoe (ping wan, dwld firmware), functioneaza ca dhcp server (ping dg) dar nu functioneaza nat-ul (asta e parerea mea). Rog pe cineva care stie ROS sa se uite pe configuratie si sa ma lumineze daca se poate. in sectiunea de nat prima linie e default (din quick set - nu fct) iar celelalte doua sunt gasite de mine pe internet dar nu merge nici cu ele. Multumesc anticipat. [admin@MikroTik] > export compact # feb/12/2018 17:56:06 by RouterOS 6.41.2 # software id = VYRQ-KTYC # # model = 951G-2HnD # serial number = 4xxxx /interface bridge add admin-mac=D4:CA:6D:DA:CF:D5 auto-mac=no fast-forward=no mtu=1500 name=bridge-local /interface ethernet set [ find default-name=ether1 ] name=ether1-gateway set [ find default-name=ether2 ] name=ether2-master-local set [ find default-name=ether3 ] name=ether3-slave-local set [ find default-name=ether4 ] name=ether4-slave-local set [ find default-name=ether5 ] name=ether5-slave-local /interface wireless set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-Ce country=Romania disabled=no distance=indoors frequency=2432 mode=ap-bridge ssid=N wireless-protocol=802.11 /interface pppoe-client add add-default-route=yes disabled=no interface=ether1-gateway keepalive-timeout=disabled name=pppoe-out1 password=xxx use-peer-dns=yes user=xxx /interface list add exclude=dynamic name=discover add name=mactel add name=mac-winbox add name=WAN /interface wireless security-profiles set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk mode=dynamic-keys supplicant-identity=MikroTik wpa-pre-shared-key=extensionthree wpa2-pre-shared-key=extensionthree /ip ipsec proposal set [ find default=yes ] enc-algorithms=3des /ip pool add name=dhcp ranges=192.168.88.100-192.168.88.200 /ip dhcp-server add address-pool=dhcp authoritative=after-2sec-delay disabled=no interface=bridge-local lease-time=3d name=default /system logging action set 0 memory-lines=100 set 1 disk-lines-per-file=100 /tool user-manager customer set admin access=own-routers,own-users,own-profiles,own-limits,config-payment-gw /interface bridge port add bridge=bridge-local interface=ether2-master-local add bridge=bridge-local hw=no interface=wlan1 add bridge=bridge-local interface=ether3-slave-local add bridge=bridge-local interface=ether4-slave-local add bridge=bridge-local interface=ether5-slave-local /interface list member add interface=ether1-gateway list=discover add interface=ether2-master-local list=discover add interface=ether3-slave-local list=discover add interface=ether4-slave-local list=discover add interface=ether5-slave-local list=discover add interface=bridge-local list=discover add interface=ether2-master-local list=mactel add interface=ether3-slave-local list=mactel add interface=ether2-master-local list=mac-winbox add interface=ether4-slave-local list=mactel add interface=ether3-slave-local list=mac-winbox add interface=ether5-slave-local list=mactel add interface=ether4-slave-local list=mac-winbox add interface=wlan1 list=mactel add interface=ether5-slave-local list=mac-winbox add interface=bridge-local list=mactel add interface=wlan1 list=mac-winbox add interface=bridge-local list=mac-winbox add list=WAN add interface=pppoe-out1 list=WAN /ip address add address=192.168.88.254/24 comment="default configuration" interface=ether2-master-local network=192.168.88.0 /ip dhcp-client add comment="default configuration" dhcp-options=hostname,clientid interface=ether1-gateway /ip dhcp-server network add address=192.168.88.0/24 comment="default configuration" dns-server=192.168.88.1 gateway=192.168.88.254 netmask=24 /ip dns set allow-remote-requests=yes servers=8.8.8.8 /ip dns static add address=192.168.88.1 name=router /ip firewall filter add action=accept chain=forward comment="default configuration" connection-state=established add action=accept chain=forward comment="default configuration" connection-state=related add action=drop chain=forward comment="default configuration" connection-state=invalid add action=accept chain=input protocol=icmp add action=accept chain=input connection-state=established add action=accept chain=input connection-state=related add action=drop chain=input in-interface-list=!mactel /ip firewall nat add action=masquerade chain=srcnat comment="default configuration" out-interface=ether1-gateway out-interface-list=WAN add action=masquerade chain=scrnat out-interface=pppoe-out1 add action=masquerade chain=srcnat out-interface=ether1-gateway to-addresses=0.0.0.0 /ip route add disabled=yes distance=1 gateway=ether1-gateway /ip service set api disabled=yes /ip upnp set enabled=yes /ip upnp interfaces add interface=bridge-local type=internal add interface=pppoe-out1 type=external /system clock set time-zone-name=Europe/Bucharest /system lcd set contrast=0 enabled=no port=parallel type=24x4 /system lcd page set time disabled=yes display-time=5s set resources disabled=yes display-time=5s set uptime disabled=yes display-time=5s set packets disabled=yes display-time=5s set bits disabled=yes display-time=5s set version disabled=yes display-time=5s set identity disabled=yes display-time=5s set pppoe-out1 disabled=yes display-time=5s set bridge-local disabled=yes display-time=5s set wlan1 disabled=yes display-time=5s set ether1-gateway disabled=yes display-time=5s set ether2-master-local disabled=yes display-time=5s set ether3-slave-local disabled=yes display-time=5s set ether4-slave-local disabled=yes display-time=5s set ether5-slave-local disabled=yes display-time=5s /system leds set 0 interface=wlan1 /tool mac-server set allowed-interface-list=mactel /tool mac-server mac-winbox set allowed-interface-list=mac-winbox /tool user-manager database set db-path=user-manager1 [admin@MikroTik] > sau problema e la ip route cu acel disable=yes ? care sunt comenzile pt vizualizarea rutelor? Edited by NHT, 13 February 2018 - 08:45. |
#2
Posted 13 February 2018 - 09:11
Da-i un factory defaults si fa-i upgrade la 6.41.x deoarece de la versiunea asta nu mai exista un master-port, el default are NAT, pleaca de la un start fresh. Chiar nu vad rostul pentru cmd line cand ai WinBox, da, stiu ca suna neprofesional dar nu are bash sau alt shell de linux si pentru necunoscatori, mai rau se leaga la cap.
Deci, factory default, seteaza IP-urile pentru wan si lan (daca nu iti place clasa default) si aia e. Edited by ct03nut, 13 February 2018 - 09:12. |
#3
Posted 13 February 2018 - 09:14
prima oara i-am dat factory default din jumperul exterior si apoi upgrade la 6.41.2 dar nu a mers.
|
#4
Posted 13 February 2018 - 09:16
Si folosesti Quick set pentru configurare . E mult mai simplu
System -> Reset cofiguration Inainte de a face upgrade de OS vezi daca e nevoie sa faci upgrade de FW. System -> Routerboard -> Upgrade si apoi Reboot Edited by ndor, 13 February 2018 - 09:21. |
#5
Posted 13 February 2018 - 09:17
Quick pentru o configuratie aproape default e ok, daca vrei ceva mai avansat, iti da peste cap configuratia. Ce mikrotik e ?
|
#6
Posted 13 February 2018 - 09:26
# model = 951G-2HnD
ok, o sa ma uit diseara si revin cu update. multumesc. |
#7
Posted 13 February 2018 - 09:27
Pai ia-o pas cu pas, pune serverul dns 8.8.8.8 pe clientii din spatele NAT si vezi daca raspund adresele.
|
#8
Posted 13 February 2018 - 09:28
In quick set il pui in mod Home AP aoi in partea dreapta bifezi pppoe si completezi campurile goale .
La Local Network bifezi NAT |
#9
Posted 13 February 2018 - 09:35
din router merge pingul in wan - am facut download la ROS nu la FW cum gresit am scris sus. o sa fac upgrade si la FW si apoi o sa incerc quick-set-ul. randul trecut am facut in CLI si am scris asta undeva doar ca nu mai gasesc documentul.
|
#10
Posted 13 February 2018 - 20:30
A mers dupa upgrade.ul la firmware. Multumesc mult pentru sugestii.
|
|
Anunturi
Bun venit pe Forumul Softpedia!
▶ 0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users