Página 2 de 4 PrimeiroPrimeiro 1234 ÚltimoÚltimo
+ Responder ao Tópico



  1. Ta ai cara, eu tirei as entradas de ADD dos clientes.. e como eu ja avia falado, eu deixei o modem roteado, se por ventura é melhor eu fazer o pppoe e depois postar denovo eu faço.. obrigado.

    / interface ethernet
    set Internet name="Internet" mtu=1500 mac-address=00:0D:87:08:10:20 \
    arp=enabled disable-running-check=yes auto-negotiation=yes full-duplex=yes \
    cable-settings=default speed=100Mbps comment="" disabled=no
    set Clientes name="Clientes" mtu=1500 mac-address=00:B0:C4:C6:5F:1F \
    arp=enabled disable-running-check=yes auto-negotiation=yes full-duplex=yes \
    cable-settings=default speed=100Mbps comment="" disabled=no
    / interface bridge port
    set Internet bridge=none priority=128 path-cost=10
    set Clientes bridge=none priority=128 path-cost=10
    / interface l2tp-server server
    set enabled=no max-mtu=1460 max-mru=1460 \
    authentication=pap,chap,mschap1,mschap2 default-profile=default-encryption
    / interface pptp-server server
    set enabled=no max-mtu=1460 max-mru=1460 authentication=mschap1,mschap2 \
    keepalive-timeout=30 default-profile=default-encryption
    / ip accounting
    set enabled=no account-local-traffic=no threshold=256
    set enabled=no allow-disable-external-interface=yes show-dummy-rule=yes
    / ip traffic-flow
    set enabled=no interfaces=all cache-entries=4k active-flow-timeout=30m \
    inactive-flow-timeout=15s
    / ip dns
    set primary-dns=201.33.224.2 secondary-dns=201.33.224.3 \
    allow-remote-requests=no cache-size=2048KiB cache-max-ttl=1w
    / ip address
    add address=192.168.1.254/24 network=192.168.1.0 broadcast=192.168.1.255 \
    interface=Internet comment="" disabled=no
    add address=192.168.251.1/24 network=192.168.251.0 broadcast=192.168.251.255 \
    interface=Clientes comment="" disabled=no
    / ip proxy
    set enabled=no ports=8080 parent-proxy=0.0.0.0:0 \
    maximal-client-connecions=1000 maximal-server-connectons=1000 \
    cache-administrator="webmaster" max-object-size=4096KiB \
    max-disk-cache-size=none max-ram-cache-size=unlimited disk-database=yes
    / ip proxy drive
    set
    / ip proxy access
    add dst-port=23-25 action=deny comment="block telnet & spam e-mail relaying" \
    disabled=no
    add method=CONNECT dst-port=443 action=allow comment="allow CONNECT only to \
    SSL ports 443 \[https\] and 563 \[snews\]" disabled=no
    add method=CONNECT dst-port=563 action=allow comment="allow CONNECT only to \
    SSL ports 443 \[https\] and 563 \[snews\]" disabled=no
    add method=CONNECT action=deny comment="allow CONNECT only to SSL ports 443 \
    \[https\] and 563 \[snews\]" disabled=no
    / ip neighbor discovery
    set Internet discover=yes
    set Clientes discover=yes
    / ip route
    add dst-address=0.0.0.0/0 gateway=192.168.1.1 scope=255 target-scope=10 \
    comment="" disabled=no
    / ip firewall nat
    add chain=srcnat out-interface=Internet src-address=192.168.251.0/24 \
    action=masquerade comment="" disabled=no
    add chain=srcnat src-address=192.168.251.0/24 action=masquerade \
    comment="masquerade hotspot network" disabled=no
    / ip firewall connection tracking
    set enabled=yes tcp-syn-sent-timeout=2m tcp-syn-received-timeout=1m \
    tcp-established-timeout=5d tcp-fin-wait-timeout=2m \
    tcp-close-wait-timeout=1m tcp-last-ack-timeout=30s \
    tcp-time-wait-timeout=2m tcp-close-timeout=10s udp-timeout=30s \
    udp-stream-timeout=3m icmp-timeout=30s generic-timeout=10m
    / ip firewall service-port
    set ftp ports=21 disabled=no
    set tftp ports=69 disabled=no
    set irc ports=6667 disabled=no
    set h323 disabled=yes
    set quake3 disabled=no
    set mms disabled=no
    set gre disabled=yes
    set pptp disabled=yes
    / ip dhcp-server
    add name="webbox" interface=Clientes lease-time=1d address-pool=webbox \
    bootp-support=static add-arp=yes disabled=no
    / ip dhcp-server config
    set store-leases-disk=5m
    / ip dhcp-server lease
    / ip dhcp-server network
    add address=192.168.251.0/24 gateway=192.168.251.1 \
    dns-server=201.33.224.2,201.33.224.3 comment=""
    / ip hotspot service-port
    set ftp ports=21 disabled=no
    / ip hotspot profile
    set default name="default" hotspot-address=0.0.0.0 dns-name="" \
    html-directory=hotspot rate-limit="" http-proxy=0.0.0.0:0 \
    smtp-server=0.0.0.0 login-by=cookie,http-chap http-cookie-lifetime=3d \
    split-user-domain=no use-radius=no
    add name="hsprof1" hotspot-address=192.168.251.1 dns-name="" \
    html-directory=hotspot rate-limit="" http-proxy=0.0.0.0:0 \
    smtp-server=0.0.0.0 login-by=cookie,http-chap http-cookie-lifetime=3d \
    split-user-domain=no use-radius=no
    / ip hotspot user profile
    set default name="default" idle-timeout=none keepalive-timeout=2m \
    status-autorefresh=1m shared-users=1 transparent-proxy=yes \
    open-status-page=always advertise=no
    / ip ipsec proposal
    add name="default" auth-algorithms=sha1 enc-algorithms=3des lifetime=30m \
    lifebytes=0 pfs-group=modp1024 disabled=no
    / system logging
    add topics=info prefix="" action=memory disabled=no
    add topics=error prefix="" action=memory disabled=no
    add topics=warning prefix="" action=memory disabled=no
    add topics=critical prefix="" action=echo disabled=no
    / system logging action
    set memory name="memory" target=memory memory-lines=100 memory-stop-on-full=no
    set disk name="disk" target=disk disk-lines=100 disk-stop-on-full=no
    set echo name="echo" target=echo remember=yes
    set remote name="remote" target=remote remote=0.0.0.0:514
    / system upgrade mirror
    set enabled=no primary-server=0.0.0.0 secondary-server=0.0.0.0 \
    check-interval=1d user=""
    / system clock dst
    set dst-delta=+01:00 dst-start="jan/01/1970 00:00:00" dst-end="jan/01/1970 \
    00:00:00"
    / system watchdog
    set reboot-on-failure=yes watch-address=none watchdog-timer=yes \
    no-ping-delay=5m automatic-supout=yes auto-send-supout=no
    / system console
    add port=serial0 term="" disabled=no
    set FIXME term="linux" disabled=no
    / system console screen
    set line-count=25
    / system identity
    set name="MikroTik"
    / system note
    set show-at-login=yes note=""
    / system gps
    set enabled=no set-system-time=no
    / system lcd
    set enabled=no type=24x4 port=parallel contrast=0
    / system lcd page
    set time display-time=5s disabled=yes
    set resources display-time=5s disabled=yes
    set uptime display-time=5s disabled=yes
    set packets display-time=5s disabled=yes
    set bits display-time=5s disabled=yes
    set version display-time=5s disabled=yes
    set Clientes display-time=5s disabled=yes
    set Internet display-time=5s disabled=yes
    / system ntp server
    set enabled=yes broadcast=no multicast=no manycast=no
    / system ntp client
    set enabled=yes mode=unicast primary-ntp=200.160.7.186 \
    secondary-ntp=187.49.33.13
    / system routerboard bios
    set
    / system health
    set state-after-reboot=enabled
    / port
    set serial0 name="serial0" baud-rate=9600 data-bits=8 parity=none stop-bits=1 \
    flow-control=hardware
    / ppp profile
    set default name="default" use-compression=default use-vj-compression=default \
    use-encryption=default only-one=default change-tcp-mss=default comment=""
    set default-encryption name="default-encryption" use-compression=default \
    use-vj-compression=default use-encryption=yes only-one=default \
    change-tcp-mss=default comment=""
    / ppp aaa
    set use-radius=no accounting=yes interim-update=0s
    / queue type
    set default name="default" kind=pfifo pfifo-limit=50
    set ethernet-default name="ethernet-default" kind=pfifo pfifo-limit=50
    set wireless-default name="wireless-default" kind=sfq sfq-perturb=5 \
    sfq-allot=1514
    set synchronous-default name="synchronous-default" kind=red red-limit=60 \
    red-min-threshold=10 red-max-threshold=50 red-burst=20 red-avg-packet=1000
    set hotspot-default name="hotspot-default" kind=sfq sfq-perturb=5 \
    sfq-allot=1514
    / user
    add name="admin" group=full address=0.0.0.0/0 comment="system default user" \
    disabled=no
    / user group
    add name="read" policy=local,telnet,ssh,reboot,read,test,winbox,password,web,!f\
    tp,!write,!policy
    add name="write" policy=local,telnet,ssh,reboot,read,write,test,winbox,password\
    ,web,!ftp,!policy
    add name="full" policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbo\
    x,password,web
    / user aaa
    set use-radius=no accounting=yes interim-update=0s default-group=read
    / radius incoming
    set accept=no port=1700
    / driver
    / snmp
    set enabled=no contact="" location=""
    / snmp community
    set public name="public" address=0.0.0.0/0 read-access=yes
    / tool bandwidth-server
    set enabled=yes authenticate=yes allocate-udp-ports-from=2000 max-sessions=10
    / tool mac-server ping
    set enabled=yes
    / tool e-mail
    set server=0.0.0.0 from="<>"
    / tool sniffer
    set interface=all only-headers=no memory-limit=10 file-name="" file-limit=10 \
    streaming-enabled=no streaming-server=0.0.0.0 filter-stream=yes \
    filter-protocol=ip-only filter-address1=0.0.0.0/0:0-65535 \
    filter-address2=0.0.0.0/0:0-65535
    / tool graphing
    set store-every=5min
    / tool graphing interface
    add interface=all allow-address=0.0.0.0/0 store-on-disk=yes disabled=no
    / routing bgp instance
    set default as=65530 router-id=0.0.0.0 redistribute-static=no \
    redistribute-connected=no redistribute-rip=no redistribute-ospf=no \
    redistribute-other-bgp=no name="default" out-filter="" disabled=no
    / routing rip
    set redistribute-static=no redistribute-connected=no redistribute-ospf=no \
    redistribute-bgp=no metric-static=1 metric-connected=1 metric-ospf=1 \
    metric-bgp=1 update-timer=30s timeout-timer=3m garbage-timer=2m
    / routing ospf
    set router-id=0.0.0.0 distribute-default=never redistribute-connected=no \
    redistribute-static=no redistribute-rip=no redistribute-bgp=no \
    metric-default=1 metric-connected=20 metric-static=20 metric-rip=20 \
    metric-bgp=20
    / routing ospf area
    set backbone area-id=0.0.0.0 authentication=none prefix-list-import="" \
    prefix-list-export="" disabled=no

  2. Eu fiz certo pessoal? se não me instruam por favor!



  3. Citação Postado originalmente por ShiFT Ver Post
    Ta ai cara, eu tirei as entradas de ADD dos clientes.. e como eu ja avia falado, eu deixei o modem roteado, se por ventura é melhor eu fazer o pppoe e depois postar denovo eu faço.. obrigado.

    Código :
    / interface ethernet 
    set Internet name="Internet" mtu=1500 mac-address=00:0D:87:08:10:20 \
        arp=enabled disable-running-check=yes auto-negotiation=yes full-duplex=yes \
        cable-settings=default speed=100Mbps comment="" disabled=no 
    set Clientes name="Clientes" mtu=1500 mac-address=00:B0:C4:C6:5F:1F \
        arp=enabled disable-running-check=yes auto-negotiation=yes full-duplex=yes \
        cable-settings=default speed=100Mbps comment="" disabled=no 
     
    / interface bridge port 
    set Internet bridge=none priority=128 path-cost=10 
    set Clientes bridge=none priority=128 path-cost=10
    #Você pois ambas as interfaces em uma bridge?
    Código :
    / ip dns 
    set primary-dns=201.33.224.2 secondary-dns=201.33.224.3 \
        allow-remote-requests=no cache-size=2048KiB cache-max-ttl=1w 
     
    / ip address 
    add address=192.168.1.254/24 network=192.168.1.0 broadcast=192.168.1.255 \
        interface=Internet comment="" disabled=no 
    add address=192.168.251.1/24 network=192.168.251.0 broadcast=192.168.251.255 \
        interface=Clientes comment="" disabled=no 
     
    / ip proxy 
    set enabled=no ports=8080 parent-proxy=0.0.0.0:0 \
        maximal-client-connecions=1000 maximal-server-connectons=1000 \
        cache-administrator="webmaster" max-object-size=4096KiB \
        max-disk-cache-size=none max-ram-cache-size=unlimited disk-database=yes
    # Você esta usando o webproxy?
    Código :
    / ip proxy access 
    add dst-port=23-25 action=deny comment="block telnet & spam e-mail relaying" \
        disabled=no 
    add method=CONNECT dst-port=443 action=allow comment="allow CONNECT only to \
        SSL ports 443 \[https\] and 563 \[snews\]" disabled=no 
    add method=CONNECT dst-port=563 action=allow comment="allow CONNECT only to \
        SSL ports 443 \[https\] and 563 \[snews\]" disabled=no 
    add method=CONNECT action=deny comment="allow CONNECT only to SSL ports 443 \
        \[https\] and 563 \[snews\]" disabled=no 
    s 
    / ip route 
    add dst-address=0.0.0.0/0 gateway=192.168.1.1 scope=255 target-scope=10 \
        comment="" disabled=no 
     
    / ip firewall nat 
    add chain=srcnat out-interface=Internet src-address=192.168.251.0/24 \
        action=masquerade comment="" disabled=no
    #regra duplicada
    add chain=srcnat src-address=192.168.251.0/24 action=masquerade \
    comment="masquerade hotspot network" disabled=no
    Código :
    / ip dhcp-server 
    add name="webbox" interface=Clientes lease-time=1d address-pool=webbox \
        bootp-support=static add-arp=yes disabled=no
    #Vejo que vc configurou algumas coias pelo webbox é isso mesmo?
    Código :
    / ip dhcp-server network 
    add address=192.168.251.0/24 gateway=192.168.251.1 \
        dns-server=201.33.224.2,201.33.224.3 comment="" 
     
    / ip hotspot profile 
    set default name="default" hotspot-address=0.0.0.0 dns-name="" \
        html-directory=hotspot rate-limit="" http-proxy=0.0.0.0:0 \
        smtp-server=0.0.0.0 login-by=cookie,http-chap http-cookie-lifetime=3d \
        split-user-domain=no use-radius=no 
    add name="hsprof1" hotspot-address=192.168.251.1 dns-name="" \
        html-directory=hotspot rate-limit="" http-proxy=0.0.0.0:0 \
        smtp-server=0.0.0.0 login-by=cookie,http-chap http-cookie-lifetime=3d \
        split-user-domain=no use-radius=no
    #Você usa hostpot mesmo?
    Código :
    / ip hotspot user profile 
    set default name="default" idle-timeout=none keepalive-timeout=2m \
        status-autorefresh=1m shared-users=1 transparent-proxy=yes \
        open-status-page=always advertise=no 
     
    / ppp profile 
    set default name="default" use-compression=default use-vj-compression=default \
        use-encryption=default only-one=default change-tcp-mss=default comment="" 
    set default-encryption name="default-encryption" use-compression=default \
        use-vj-compression=default use-encryption=yes only-one=default \
        change-tcp-mss=default comment="" 
    / ppp aaa 
    set use-radius=no accounting=yes interim-update=0s
    Dei uma filtrada no que realmente nao interessava!
    Última edição por Geeek; 23-10-2010 às 00:22.

  4. Citação Postado originalmente por Geeek Ver Post
    Dei uma filtrada no que realmente nao interessava!
    #Você pois ambas as interfaces em uma bridge?
    Não cara, cada interface tem uma função, 1 com ip 192.168.1.254 que é a placa de internet, pois o modem esta com o ip 192.168.1.1, ai a faixa de ip da ether do cliente é 192.168.251.1, meus clientes tem ip fixo, apartir do 192.168.251.2
    # Você esta usando o webproxy?
    Eu não sei o que é webproxy cara, o que eu fiz foi colocar a Nat do ip do modem para poder ter acesso a internet. Adicionei a Nat conforme os tutoriais, 192.168.1.0/24, mascarade, srcnat

    #regra duplicada
    Me diz onde fica a regra duplicada que eu tiro.

    #Vejo que vc configurou algumas coias pelo webbox é isso mesmo?
    Configurei sim, só o servidor DHCP, mais nada..

    #Você usa hostpot mesmo?
    Não cara..

    Obrigado pela ajuda, se quiser que eu de um default no mk e depois fazer tudo denovo com pppoe eu faço, ai posto as config..



  5. Citação Postado originalmente por ShiFT Ver Post
    #Você pois ambas as interfaces em uma bridge?
    Não cara, cada interface tem uma função, 1 com ip 192.168.1.254 que é a placa de internet, pois o modem esta com o ip 192.168.1.1, ai a faixa de ip da ether do cliente é 192.168.251.1, meus clientes tem ip fixo, apartir do 192.168.251.2
    # Você esta usando o webproxy?
    Eu não sei o que é webproxy cara, o que eu fiz foi colocar a Nat do ip do modem para poder ter acesso a internet. Adicionei a Nat conforme os tutoriais, 192.168.1.0/24, mascarade, srcnat

    #regra duplicada
    Me diz onde fica a regra duplicada que eu tiro.

    #Vejo que vc configurou algumas coias pelo webbox é isso mesmo?
    Configurei sim, só o servidor DHCP, mais nada..

    #Você usa hostpot mesmo?
    Não cara..

    Obrigado pela ajuda, se quiser que eu de um default no mk e depois fazer tudo denovo com pppoe eu faço, ai posto as config..
    Faz o seguinte amigo reseta o mk e faz seguindo esses passos:
    Mikrotik - Under-Linux.Org Wiki






Tópicos Similares

  1. Sobre como inserir clientes no Mk
    Por pedrokampos no fórum Redes
    Respostas: 4
    Último Post: 05-11-2009, 14:49
  2. Respostas: 7
    Último Post: 18-01-2008, 21:57
  3. PPPoE Relay no MK???
    Por ricardoandre no fórum Redes
    Respostas: 1
    Último Post: 10-01-2008, 02:30
  4. Ap aprouter como cliente no mk
    Por harrypotheard no fórum Redes
    Respostas: 2
    Último Post: 12-12-2007, 11:22
  5. AP como cliente no MK ñ consigo logar...
    Por faieppi no fórum Redes
    Respostas: 4
    Último Post: 15-10-2007, 07:42

Visite: BR-Linux ·  VivaOLinux ·  Dicas-L