Boa noite, meu problema é o seguinte, coloquei o pcc junto co hotspot na mesma rb, ate ai tudo bem, mas meus servidores que estão em paralelo pararam de pingar na rede interna, pra ser mais claro vou colocar a topologia da rede com ip ficiticios.
internet ==== Router Bord PCC + hotspot ======10.1.0/19
|
|
servidores
172.31.255.0/24
da rede interna eu ping em qualquer servidor, mas do servidor eu não ping em ninguém 10.1.0/19,
tente colocar a regra pra passar o rage 172.31.255.xxx por fora mas nada
quando vou no firewell conections e filtro a range 172.31.255.0/24 ele aparece vários conecções e as marcações do ppoe1 e ppoe2 e ppoe3, com isso sei que ele esta marcando e jogando ele pra saida de internet mas na verdade deveria deixa ele passar pois ele esta em paralelo, como eu resolvo isso???
meu pcc ta assim
/ip firewall mangle
add chain=prerouting comment="Permite destino SEM-LB" dst-address-list=SEM-LB
add action=mark-connection chain=prerouting comment=xxxxxx \
connection-state=new in-interface=pppoe-out1 new-connection-mark=\
connpppoe-out1
add action=mark-routing chain=output comment=xxxxxx connection-mark=\
connpppoe-out1 hotspot=auth new-routing-mark=to_pppoe-out1
add action=mark-connection chain=prerouting comment=xxxxxx \
connection-state=new dst-address-type=!local in-interface=!pppoe-out1 \
new-connection-mark=connpppoe-out1 per-connection-classifier=\
both-addresses:3/0
add action=mark-routing chain=prerouting comment=xxxxxx \
connection-mark=connpppoe-out1 in-interface=!pppoe-out1 new-routing-mark=\
to_pppoe-out1
add action=mark-connection chain=prerouting comment=xxxxxx \
connection-state=new in-interface=pppoe-out2 new-connection-mark=\
connpppoe-out2
add action=mark-routing chain=output comment=xxxxxx connection-mark=\
connpppoe-out2 hotspot=auth new-routing-mark=to_pppoe-out2
add action=mark-connection chain=prerouting comment=xxxxxx \
connection-state=new dst-address-type=!local in-interface=!pppoe-out2 \
new-connection-mark=connpppoe-out2 per-connection-classifier=\
both-addresses:3/1
add action=mark-routing chain=prerouting comment=Mxxxxxx \
connection-mark=connpppoe-out2 in-interface=!pppoe-out2 new-routing-mark=\
to_pppoe-out2
add action=mark-connection chain=prerouting comment=xxxxxx \
connection-state=new in-interface=pppoe-out3 new-connection-mark=\
connpppoe-out3
add action=mark-routing chain=output comment=xxxxxxconnection-mark=\
connpppoe-out3 hotspot=auth new-routing-mark=to_pppoe-out3
add action=mark-connection chain=prerouting comment=xxxxxx \
connection-state=new dst-address-type=!local in-interface=!pppoe-out3 \
new-connection-mark=connpppoe-out3 per-connection-classifier=\
both-addresses:3/2
add action=mark-routing chain=prerouting comment=xxxxxx \
connection-mark=connpppoe-out3 in-interface=!pppoe-out3 new-routing-mark=\
to_pppoe-out3
e addres-list
/ip firewall address-list
add address=172.31.255.201 list=SEM-LB