Página 1 de 2 12 ÚltimoÚltimo
+ Responder ao Tópico



  1. Senhores, boa noite.

    Configurei um RB750 com dois links ADLS em loadbalance pcc e uma VPN PPTP.

    Quando estou no host remoto, consigo fechar a VPN, "pingo" o gateway porém não consigo acessar nenhum equipamento de dentro da lan.

    Alguém consegue me ajudar?
    Agradeço desde já.
    Abraço
    Fabiano

  2. Não criei rotas staticas. Devo?



  3. Caro Arthur, fiz o que pediu mas não deu certo.

  4. Seguem os codigos:

    Código :
    #   ADDRESS            NETWORK         INTERFACE                                
     0   10.5.1.1/24        10.5.1.0        br-cliente1                                  
     1   10.5.2.1/24        10.5.2.0        br-cliente2                                   
     2   192.168.1.2/24     192.168.1.0     ether1-WAN1                              
     3   192.168.0.2/24     192.168.0.0     ether2-WAN2                              
     4   192.168.2.2/24     192.168.2.0     ether3-WAN3
     
     
    Flags: X - disabled, D - dynamic 
     #   LIST                    ADDRESS                         TIMEOUT             
     
     
    Flags: X - disabled, I - invalid, D - dynamic 
     0    chain=prerouting action=accept protocol=tcp dst-port=443 log=no 
          log-prefix="" 
     
     
     1    chain=prerouting action=accept protocol=tcp dst-port=8291 log=no 
          log-prefix="" 
     
     
     2    ;;; VPN
          chain=prerouting action=accept protocol=tcp dst-port=1723 log=no 
          log-prefix="" 
     
     
     3    chain=prerouting action=accept protocol=gre log=no log-prefix="" 
     
     
     4    ;;; **********************************************************************>
    *****************************
          chain=prerouting action=accept src-address=10.5.1.0/24 
          dst-address=10.5.1.0/24 log=no log-prefix="" 
     
     
     5    chain=prerouting action=accept src-address=10.5.1.0/24 
          dst-address=192.168.2.0/24 log=no log-prefix="" 
     
     
     6    chain=prerouting action=accept src-address=10.5.1.0/24 
          dst-address=192.168.1.0/24 log=no log-prefix="" 
     
     
     7    chain=prerouting action=accept src-address=10.5.1.0/24 
          dst-address=192.168.0.0/24 log=no log-prefix="" 
     
     
     8    ;;; **********************************************************************>
    *****************************
          chain=prerouting action=mark-connection new-connection-mark=wan3_conn 
          passthrough=yes in-interface=ether3-WAN3 connection-mark=no-mark log=no 
          log-prefix="" 
     
     
     9    chain=prerouting action=mark-connection new-connection-mark=wan2_conn 
          passthrough=yes in-interface=ether2-WAN2 connection-mark=no-mark log=no 
          log-prefix="" 
     
     
    10    chain=prerouting action=mark-connection new-connection-mark=wan1_conn 
          passthrough=yes in-interface=ether1-WAN1 connection-mark=no-mark log=no 
          log-prefix="" 
     
     
    11    ;;; **********************************************************************>
    *****************************
     chain=prerouting action=jump jump-target=policy_router 
          in-interface=br-PLUG connection-mark=no-mark log=no log-prefix="" 
     
     
    12    ;;; **********************************************************************>
    *****************************
          chain=prerouting action=mark-routing new-routing-mark=to_WAN3 
          passthrough=yes src-address=10.5.1.0/24 connection-mark=wan3_conn log=no 
          log-prefix="" 
     
     
    13    chain=prerouting action=mark-routing new-routing-mark=to_WAN2 
          passthrough=yes src-address=10.5.1.0/24 connection-mark=wan2_conn log=no 
          log-prefix="" 
     
     
    14    chain=prerouting action=mark-routing new-routing-mark=to_WAN1 
          passthrough=yes src-address=10.5.1.0/24 connection-mark=wan1_conn log=no 
          log-prefix="" 
     
     
    15    ;;; **********************************************************************>
    *****************************
          chain=output action=mark-routing new-routing-mark=to_WAN2 passthrough=yes 
          connection-mark=wan2_conn log=no log-prefix="" 
     
     
    16    chain=output action=mark-routing new-routing-mark=to_WAN3 passthrough=yes 
          connection-mark=wan3_conn log=no log-prefix="" 
     
     
    17    chain=output action=mark-routing new-routing-mark=to_WAN1 passthrough=yes 
          connection-mark=wan1_conn log=no log-prefix="" 
     
     
    18    ;;; **********************************************************************>
    *****************************
          chain=policy_router action=mark-connection new-connection-mark=wan3_conn 
          passthrough=yes dst-address-type=!local 
          per-connection-classifier=both-addresses:3/2 log=no log-prefix="" 
     
     
    19    chain=policy_router action=mark-connection new-connection-mark=wan2_conn 
          passthrough=yes dst-address-type=!local 
          per-connection-classifier=both-addresses:3/1 log=no log-prefix="" 
     
     
    21    ;;; P2P_IN
          chain=prerouting action=mark-connection new-connection-mark=conn_p2p_in 
          passthrough=yes p2p=all-p2p protocol=tcp log=no log-prefix="" 
     
     
    22    chain=prerouting action=mark-packet new-packet-mark=p2p_in passthrough=yes 
          connection-mark=conn_p2p_in log=no log-prefix="" 
     
     
    23    ;;; P2P_OUT
          chain=postrouting action=mark-connection new-connection-mark=conn_p2p_out 
          passthrough=yes p2p=all-p2p protocol=tcp log=no log-prefix="" 
     
     
    24    chain=postrouting action=mark-packet new-packet-mark=p2p_out 
          passthrough=yes connection-mark=conn_p2p_out log=no log-prefix=""
     
     
     
     
    Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit 
     #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
     0 A S  0.0.0.0/0                          192.168.0.1               1
     1   S  ;;; ==== REGRAS DO FAIL OVER ====
            0.0.0.0/0                          8.8.8.8                   1
     2   S  0.0.0.0/0                          10.0.0.3                  1
     3 A S  0.0.0.0/0                          192.168.0.1               1
     4   S  0.0.0.0/0                          221.132.112.8             2
     5   S  0.0.0.0/0                          10.0.0.2                  2
     6 A S  0.0.0.0/0                          192.168.0.1               1
     7   S  0.0.0.0/0                          208.84.244.116            3
     8   S  0.0.0.0/0                          10.0.0.1                  3
     9 A S  0.0.0.0/0                          10.0.0.3                  1
    10   S  0.0.0.0/0                          10.0.0.2                  2
    11   S  0.0.0.0/0                          192.168.2.1               2
    12   S  0.0.0.0/0                          192.168.0.1               3
    13   S  0.0.0.0/0                          10.0.0.1                  3
    14   S  0.0.0.0/0                          192.168.1.1               4
    15 A S  8.8.8.8/32                         192.168.2.1               1
    16   S  10.0.0.1/32                        208.84.244.116            1
    17   S  10.0.0.2/32                        221.132.112.8             1
    18 A S  10.0.0.3/32                        8.8.8.8                   1
    19 ADC  10.5.1.0/24        10.5.1.1        cliente 1                 0
    20 ADC  10.5.2.0/24        10.5.2.1        cliente 2                 0
    21 ADC  192.168.0.0/24     192.168.0.2     ether2-WAN2               0
    22 ADC  192.168.1.0/24     192.168.1.2     ether1-WAN1               0
    23 ADC  192.168.2.0/24     192.168.2.2     ether3-WAN3               0
    24 A S  ;;; ==== REGRAS DO FAIL OVER ====
            208.84.244.116/32                  192.168.1.1               1
    25 A S  221.132.112.8/32                   192.168.0.1               1



  5. Arthur,

    Eu fiz mas como não deu certo, eu removi. Vou fazer novamente e envio em seguida.

    Obrigado.






Tópicos Similares

  1. [Mikrotik] VPN PPTP com Criptografia
    Por Magazine no fórum Segurança
    Respostas: 7
    Último Post: 01-07-2015, 15:44
  2. VPN PPTP com load balance tem como?
    Por claudinhohw no fórum Servidores de Rede
    Respostas: 25
    Último Post: 26-01-2014, 16:28
  3. Servidor VPN (PPTP) com 4 localip
    Por fsoaress76 no fórum Servidores de Rede
    Respostas: 0
    Último Post: 24-04-2010, 11:17
  4. VPN PPTP com autenticação em LDAP
    Por cassio no fórum Servidores de Rede
    Respostas: 0
    Último Post: 27-12-2007, 16:52
  5. VPN PPTP com criptografia
    Por fdotta no fórum Servidores de Rede
    Respostas: 2
    Último Post: 13-04-2005, 15:58

Visite: BR-Linux ·  VivaOLinux ·  Dicas-L