Jump to content
Local

vegas.firestorm

Muggles
  • Content Count

    3
  • Joined

  • Last visited

Community Reputation

0 Обычный

About vegas.firestorm

  • Rank
    Пролетал Мимо

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Kто имел дело с памятью в Микротиковских CCR роутерах? А конкретно с CCR1016-12g? Там установлено две планки 1GB 10600 (1333) DDR3 ноутбучного формата. Заведётся ли роутер с модулями памяти 12800 (1600) DDR3? Или таки искать 1333?
  2. Ок, поменял на бридж - http://prntscr.com/r3skzn Вроди ничего не поменялось, но, проверял с телефона, завтра проверю с компа на работе. Что меня смущает - айпишник ВПН-а выдается с 32й подсетью, т.е. только один айпи в сети. может ли это быть проблемой?
  3. Добрый день! решил поднять на своем Микротике PPTP Всё делал по этой инструкции - https://howitmake.ru/blog/waildhand/176.html Разве что в правиле на файрволе для порта 1723 указал In. Interface List - WAN К ВПН-у конектится, но не видит никаких ресурсов внутри сети. Можете подсказать, что нужно ещё сделать, чтобы пользователь, который конектится по ВПН, видел всё внутри сети? Конфиг роутера: /interface bridge add arp=proxy-arp name=bridge1 /interface pptp-server add name=pptp-in1 user="" /interface list add name=WAN add name=LAN /interface wireless security-profiles set [ find default=yes ] supplicant-identity=MikroTik /ip pool add name=dhcp ranges=192.168.77.10-192.168.77.154 add name=vpn ranges=192.168.77.200-192.168.77.250 /ip dhcp-server add address-pool=dhcp disabled=no interface=bridge1 name=dhcp1 /interface bridge port add bridge=bridge1 interface=ether2 add bridge=bridge1 interface=ether3 add bridge=bridge1 interface=ether4 add bridge=bridge1 interface=ether5 add bridge=bridge1 interface=ether6 add bridge=bridge1 interface=ether7 add bridge=bridge1 interface=ether8 add bridge=bridge1 interface=ether9 add bridge=bridge1 interface=ether10 add bridge=bridge1 interface=ether11 add bridge=bridge1 interface=ether12 /interface l2tp-server server set enabled=yes ipsec-secret=(IPSECSecret) use-ipsec=yes /interface list member add interface=ether1 list=WAN add interface=bridge1 list=LAN /interface pptp-server server set enabled=yes /interface sstp-server server set default-profile=default-encryption enabled=yes /ip address add address=111.111.55.102/24 comment=defconf interface=ether1 network=\ 111.111.55.0 add address=192.168.77.1/24 interface=ether2 network=192.168.77.0 /ip cloud set ddns-enabled=yes ddns-update-interval=1h /ip dhcp-client add dhcp-options=hostname,clientid interface=ether1 add dhcp-options=hostname,clientid interface=ether1 /ip dhcp-server network add address=192.168.77.0/24 gateway=192.168.77.1 netmask=24 /ip dns set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4,9.9.9.9,1.1.1.1 /ip firewall filter add action=accept chain=input comment=\ "defconf: accept established,related,untracked" connection-state=\ established,related,untracked add action=accept chain=input comment="allow sstp" dst-port=443 \ in-interface-list=WAN protocol=tcp add action=accept chain=input comment="allow l2tp" dst-port=1701 \ in-interface-list=WAN protocol=udp add action=accept chain=input comment="allow pptp" dst-port=1723 \ in-interface-list=WAN log=yes log-prefix=VPN-TEST protocol=tcp add action=accept chain=input protocol=gre add action=accept chain=forward dst-port=445 protocol=tcp add action=accept chain=input dst-port=80 protocol=tcp add action=accept chain=input comment="allow IPsec NAT" dst-port=4500 \ protocol=udp add action=accept chain=input comment="allow IKE" dst-port=500 protocol=udp add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp add action=accept chain=forward comment="defconf: accept in ipsec policy" \ ipsec-policy=in,ipsec add action=accept chain=forward comment="defconf: accept out ipsec policy" \ ipsec-policy=out,ipsec add action=accept chain=forward comment=\ "defconf: accept established,related, untracked" connection-state=\ established,related,untracked add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \ connection-state=established,related add action=drop chain=forward comment="defconf: drop invalid" \ connection-state=invalid add action=drop chain=input comment="defconf: drop invalid" connection-state=\ invalid add action=drop chain=input comment="defconf: drop all not coming from LAN" \ in-interface-list=!LAN add action=drop chain=forward comment=\ "defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \ connection-state=new in-interface-list=WAN add action=accept chain=input comment=\ "defconf: accept established,related,untracked" connection-state=\ established,related,untracked add action=accept chain=input comment="allow sstp" dst-port=443 \ in-interface-list=WAN protocol=tcp add action=accept chain=input comment="allow l2tp" dst-port=1701 \ in-interface-list=WAN protocol=udp add action=accept chain=input comment="allow pptp" dst-port=1723 \ in-interface-list=WAN log=yes log-prefix=VPN-TEST protocol=tcp add action=accept chain=input protocol=gre add action=accept chain=forward dst-port=445 protocol=tcp add action=accept chain=input dst-port=80 protocol=tcp add action=accept chain=input comment="allow IPsec NAT" dst-port=4500 \ protocol=udp add action=accept chain=input comment="allow IKE" dst-port=500 protocol=udp add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp add action=accept chain=forward comment="defconf: accept in ipsec policy" \ ipsec-policy=in,ipsec add action=accept chain=forward comment="defconf: accept out ipsec policy" \ ipsec-policy=out,ipsec add action=accept chain=forward comment=\ "defconf: accept established,related, untracked" connection-state=\ established,related,untracked add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \ connection-state=established,related add action=drop chain=forward comment="defconf: drop invalid" \ connection-state=invalid add action=drop chain=input comment="defconf: drop invalid" connection-state=\ invalid add action=drop chain=input comment="defconf: drop all not coming from LAN" \ in-interface-list=!LAN add action=drop chain=forward comment=\ "defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \ connection-state=new in-interface-list=WAN /ip firewall nat add action=masquerade chain=srcnat comment="defconf: masquerade" \ ipsec-policy=out,none out-interface-list=WAN add action=masquerade chain=srcnat comment="masq. vpn traffic" src-address=\ 192.168.89.0/24 add action=masquerade chain=srcnat comment="defconf: masquerade" \ ipsec-policy=out,none out-interface-list=WAN add action=masquerade chain=srcnat comment="masq. vpn traffic" src-address=\ 192.168.89.0/24 /ip route add distance=1 gateway=111.111.55.254 add distance=1 gateway=111.111.55.254 /lcd set backlight-timeout=2m /lcd pin set pin-number=1111 /ppp secret add local-address=192.168.77.1 name=vpn password=vpnvpn profile=\ default-encryption remote-address=192.168.77.200 service=pptp /system clock set time-zone-name=Europe/Kiev
  4. vegas.firestorm

    Продам Mikrotik RB3011UiAS-RM

    2900
  5. Куплю новый Mikrotik CCR1016-12G по адекватной цене, не убитый, не паяный со всеми рабочими портами и полностью рабочий. Интересует в Киеве.
  6. vegas.firestorm

    Продам Mikrotik RB3011UiAS-RM

    +
  7. vegas.firestorm

    Продам Mikrotik RB3011UiAS-RM

    Продам БУ роутер RB3011UiAS-RM. 3000 грн
×