Не работает Post-terminal для карточек

Обсуждение ПО и его настройки
psyho88
Сообщения: 6
Зарегистрирован: 18 ноя 2013, 09:02

Добрый день, суть проблемы такова не работает POST терминал. Брал терминал домой подключал его к роутеру все замечательно работает(то есть терминал точно рабочий). Через микротик идёт IPsec туннель. Настроен Nat для раздачи интернета. Может ли IPsec туннель мешать работе этого теминала?


vqd
Модератор
Сообщения: 3605
Зарегистрирован: 26 сен 2013, 14:20
Откуда: НСК
Контактная информация:

Да нет наверное


Есть интересная задача и бюджет? http://mikrotik.site
Vladimir22
Сообщения: 561
Зарегистрирован: 09 дек 2012, 17:12

разрешите терминалу создавать свой собственный туннель .


plin2s
Сообщения: 417
Зарегистрирован: 26 сен 2012, 16:17
Контактная информация:

Попытаюсь угадать.
Терминал сам должен создавать тунель. Для этого ему нужны открытые порты. На вашем домашнем роутере есть ipsec pass-through.
http://forum.mikrotik.com/viewtopic.php?f=2&t=52782

В заданном вопросе нет ни капли информации по теме.


psyho88
Сообщения: 6
Зарегистрирован: 18 ноя 2013, 09:02

По сути


ip ipsec policy print

Flags: T - template, X - disabled, D - dynamic, I - inactive
0 src-address=172.20.150.0/24 src-port=any dst-address=172.20.0.0/16
dst-port=any protocol=all action=encrypt level=require
ipsec-protocols=esp tunnel=yes sa-src-address=91.211.52.71
sa-dst-address=194.87.255.157 proposal=Offiice priority=0

1 src-address=172.20.150.0/24 src-port=any dst-address=172.20.150.0/24
dst-port=any protocol=all action=none level=use ipsec-protocols=esp
tunnel=no sa-src-address=91.211.52.71 sa-dst-address=194.87.255.157
proposal=default priority=1




ip firewall filter print

chain=forward action=accept src-address=212.176.15.119 in-interface=MK-net

1 chain=input action=drop protocol=tcp dst-port=22

2 chain=input action=drop protocol=tcp dst-port=21


vqd
Модератор
Сообщения: 3605
Зарегистрирован: 26 сен 2013, 14:20
Откуда: НСК
Контактная информация:

собственно ответ тот же :nez-nayu:

"Угадай мелодию" чем то напоминает. "А я угадаю мелодию с 3-х нот, а я с 2-х"

Если вам лень расписать чего куда и конфиг выложить то мы за вас это точно не сделаем


Есть интересная задача и бюджет? http://mikrotik.site
psyho88
Сообщения: 6
Зарегистрирован: 18 ноя 2013, 09:02

Приходить интернет на Ether 1 по pppoe, потом всё это дело идёт на Ether2 (в сеть)
Есть IPsec туннель (Для соединения с офисом).
И собственно конфиг.

/interface ethernet
set [ find default-name=ether1 ] comment="Wan \CF\EE\F0\F2"
set [ find default-name=ether2 ] comment="Lan \CF\EE\F0\F2"
/interface pppoe-client
add add-default-route=yes comment="\C8\ED\F2\E5\F0\ED\E5\F2 \EE\F2 MK-net" \
disabled=no interface=ether1 name=xxxxxt password=xxxxxx use-peer-dns=yes \
user=xxxxxx
/ip neighbor discovery
set ether1 comment="Wan \CF\EE\F0\F2"
set ether2 comment="Lan \CF\EE\F0\F2"
set MK-net comment="\C8\ED\F2\E5\F0\ED\E5\F2 \EE\F2 MK-net"
/ip dhcp-server
add disabled=no interface=ether2 name=DHCP_Clinika
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m \
mac-cookie-timeout=3d
/ip ipsec proposal
set [ find default=yes ] auth-algorithms=md5,sha1 enc-algorithms=\
des,3des,aes-128,aes-192,aes-256
add auth-algorithms=md5,sha1 enc-algorithms=des,3des,aes-128,aes-192,aes-256 \
name=Offiice
/ip pool
add name="Guest Pool" ranges=192.168.0.10-192.168.0.254
/ip dhcp-server
add address-pool="Guest Pool" disabled=no interface=ether3 name=DHCP_GUEST
/port
set 0 name=serial0
set 1 name=serial1
/system logging action
set 0 memory-lines=100
set 1 disk-lines-per-file=100
/ip address
add address=172.20.150.253/16 comment="LAN ip Address" interface=ether2 \
network=172.20.0.0
add address=192.168.0.1/24 comment="Wi-Fi Guest Lan IP" interface=ether3 \
network=192.168.0.0
/ip dhcp-server lease
add address=172.20.150.106 mac-address=00:30:67:ED:D7:DD server=DHCP_Clinika
add address=172.20.150.193 mac-address=B8:97:5A:19:6E:56 server=DHCP_Clinika
add address=172.20.150.107 mac-address=00:1E:8C:67:DE:BC server=DHCP_Clinika
add address=172.20.150.54 mac-address=00:15:F2:31:85:B2 server=DHCP_Clinika
add address=172.20.150.103 mac-address=90:2B:34:E4:D9:52 server=DHCP_Clinika
add address=172.20.150.108 mac-address=00:15:F2:30:45:C9 server=DHCP_Clinika
add address=172.20.150.180 mac-address=00:01:29:1A:CF:64 server=DHCP_Clinika
add address=172.20.150.109 mac-address=00:16:EC:5E:EC:59 server=DHCP_Clinika
add address=172.20.150.110 mac-address=00:15:F2:30:58:E8 server=DHCP_Clinika
add address=172.20.150.111 mac-address=00:15:F2:31:86:E2 server=DHCP_Clinika
add address=172.20.150.112 mac-address=1C:6F:65:5A:24:8D server=DHCP_Clinika
add address=172.20.150.113 mac-address=00:17:31:5F:65:D4 server=DHCP_Clinika
add address=172.20.150.114 mac-address=00:16:EC:68:46:96 server=DHCP_Clinika
add address=172.20.150.115 mac-address=00:15:F2:31:87:72 server=DHCP_Clinika
add address=172.20.150.116 mac-address=00:1E:8C:67:DE:B2 server=DHCP_Clinika
add address=172.20.150.181 mac-address=BC:5F:F4:04:3D:E1 server=DHCP_Clinika
add address=172.20.150.117 mac-address=00:1E:8C:67:DE:B5 server=DHCP_Clinika
add address=172.20.150.218 mac-address=00:15:F2:30:58:CF server=DHCP_Clinika
add address=172.20.150.120 mac-address=00:15:F2:31:85:DB server=DHCP_Clinika
add address=172.20.150.121 mac-address=00:15:F2:31:85:B1 server=DHCP_Clinika
add address=172.20.150.122 mac-address=1C:6F:65:5A:23:4F server=DHCP_Clinika
add address=172.20.150.175 mac-address=00:16:EC:68:47:E6 server=DHCP_Clinika
add address=172.20.150.177 mac-address=00:25:22:D6:E6:78 server=DHCP_Clinika
add address=172.20.150.178 mac-address=00:25:22:D2:77:39 server=DHCP_Clinika
add address=172.20.150.123 mac-address=00:15:F2:31:85:D9 server=DHCP_Clinika
add address=172.20.150.124 mac-address=00:16:EC:68:38:EE server=DHCP_Clinika
add address=172.20.150.183 mac-address=1C:6F:65:59:A4:CC server=DHCP_Clinika
add address=172.20.150.185 mac-address=00:15:F2:30:59:5C server=DHCP_Clinika
add address=172.20.150.125 mac-address=00:1E:8C:67:CA:B9 server=DHCP_Clinika
add address=172.20.150.128 mac-address=00:1E:8C:67:DD:07 server=DHCP_Clinika
add address=172.20.150.53 mac-address=AC:16:2D:01:64:54 server=DHCP_Clinika
add address=172.20.150.127 mac-address=00:1E:8C:67:DD:0E server=DHCP_Clinika
add address=172.20.150.52 mac-address=BC:5F:F4:06:E6:FF server=DHCP_Clinika
add address=172.20.150.147 mac-address=00:1E:8C:67:DA:25 server=DHCP_Clinika
add address=172.20.150.129 mac-address=E0:69:95:1F:CA:4F server=DHCP_Clinika
add address=172.20.150.130 mac-address=00:1E:8C:67:DE:B1 server=DHCP_Clinika
add address=172.20.150.131 mac-address=00:1E:8C:67:DE:BD server=DHCP_Clinika
add address=172.20.150.126 mac-address=00:1E:8C:67:D9:03 server=DHCP_Clinika
add address=172.20.150.133 mac-address=00:16:EC:68:43:61 server=DHCP_Clinika
add address=172.20.150.134 mac-address=00:15:F2:31:85:BE server=DHCP_Clinika
add address=172.20.150.135 mac-address=00:16:EC:68:45:23 server=DHCP_Clinika
add address=172.20.150.136 mac-address=00:15:F2:30:58:EB server=DHCP_Clinika
add address=172.20.150.159 mac-address=00:15:F2:31:85:E0 server=DHCP_Clinika
add address=172.20.150.137 mac-address=00:0C:6E:E4:54:2C server=DHCP_Clinika
add address=172.20.150.138 mac-address=00:17:31:21:83:6E server=DHCP_Clinika
add address=172.20.150.158 mac-address=BC:5F:F4:55:50:BB server=DHCP_Clinika
add address=172.20.150.140 mac-address=00:15:F2:31:85:D3 server=DHCP_Clinika
add address=172.20.150.141 mac-address=00:1E:8C:67:D8:9E server=DHCP_Clinika
add address=172.20.150.142 mac-address=00:30:67:FB:DA:89 server=DHCP_Clinika
add address=172.20.150.143 mac-address=00:1E:8C:67:CD:A4 server=DHCP_Clinika
add address=172.20.150.144 mac-address=00:19:66:0D:1D:6D server=DHCP_Clinika
add address=172.20.150.145 mac-address=00:1E:8C:67:DD:C2 server=DHCP_Clinika
add address=172.20.150.146 mac-address=00:E0:4C:50:59:77 server=DHCP_Clinika
add address=172.20.150.148 mac-address=00:15:F2:30:58:CD server=DHCP_Clinika
add address=172.20.150.149 mac-address=00:1E:8C:67:D8:C2 server=DHCP_Clinika
add address=172.20.150.150 mac-address=00:1E:8C:67:DA:A0 server=DHCP_Clinika
add address=172.20.150.151 mac-address=00:15:F2:30:45:D0 server=DHCP_Clinika
add address=172.20.150.152 mac-address=00:19:5B:86:0A:7B server=DHCP_Clinika
add address=172.20.150.153 mac-address=E0:69:95:03:82:1B server=DHCP_Clinika
add address=172.20.150.154 mac-address=00:1E:8C:67:E1:9B server=DHCP_Clinika
add address=172.20.150.155 mac-address=00:15:F2:30:59:58 server=DHCP_Clinika
add address=172.20.150.102 mac-address=AC:16:2D:10:7C:E7 server=DHCP_Clinika
add address=172.20.150.156 mac-address=00:1B:FC:1C:0B:B4 server=DHCP_Clinika
add address=172.20.150.157 mac-address=1C:6F:65:5A:24:9E server=DHCP_Clinika
add address=172.20.150.50 mac-address=00:1E:8C:67:DD:08 server=DHCP_Clinika
add address=172.20.150.182 mac-address=8C:89:A5:C9:17:FA server=DHCP_Clinika
add address=172.20.150.184 mac-address=8C:89:A5:C4:C6:E3 server=DHCP_Clinika
add address=172.20.150.105 mac-address=00:18:F3:A8:68:5D server=DHCP_Clinika
add address=172.20.150.56 mac-address=00:1D:92:DE:D1:38 server=DHCP_Clinika
add address=172.20.150.132 mac-address=00:30:67:D0:A2:0C server=DHCP_Clinika
add address=172.20.150.119 mac-address=00:1B:FC:34:0E:6B server=DHCP_Clinika
add address=172.20.150.160 mac-address=00:15:F2:30:59:5D server=DHCP_Clinika
add address=172.20.150.161 mac-address=00:1E:8C:67:D9:A3 server=DHCP_Clinika
add address=172.20.150.162 mac-address=00:16:EC:66:E4:C2 server=DHCP_Clinika
add address=172.20.150.176 mac-address=00:30:67:EF:DC:B0 server=DHCP_Clinika
add address=172.20.150.179 mac-address=00:30:67:D1:DD:A8 server=DHCP_Clinika
add address=172.20.150.186 mac-address=50:AF:73:19:40:09 server=DHCP_Clinika
add address=172.20.150.189 mac-address=E8:03:9A:95:E8:91 server=DHCP_Clinika
add address=172.20.150.163 mac-address=00:1E:8C:67:E1:83 server=DHCP_Clinika
add address=172.20.150.164 mac-address=00:16:EC:68:43:70 server=DHCP_Clinika
add address=172.20.150.174 mac-address=00:25:22:AE:5C:31 server=DHCP_Clinika
add address=172.20.150.196 mac-address=B8:97:5A:14:32:18 server=DHCP_Clinika
add address=172.20.150.167 mac-address=00:80:48:23:30:65 server=DHCP_Clinika
add address=172.20.150.190 mac-address=B8:97:5A:0C:D9:26 server=DHCP_Clinika
add address=172.20.150.168 mac-address=00:18:F3:85:D3:E6 server=DHCP_Clinika
add address=172.20.150.166 mac-address=00:1E:8C:67:E1:7A server=DHCP_Clinika
add address=172.20.150.187 mac-address=00:E0:4C:16:53:9A server=DHCP_Clinika
add address=172.20.150.192 mac-address=B8:97:5A:18:B7:F2 server=DHCP_Clinika
add address=172.20.150.194 mac-address=B8:97:5A:19:78:E8 server=DHCP_Clinika
add address=172.20.150.195 mac-address=70:71:BC:85:A4:C9 server=DHCP_Clinika
add address=172.20.150.165 mac-address=00:25:22:E4:DB:30 server=DHCP_Clinika
add address=172.20.150.198 mac-address=90:2B:34:E4:D9:AF server=DHCP_Clinika
add address=172.20.150.169 mac-address=00:1E:8C:67:E1:AB server=DHCP_Clinika
add address=172.20.150.170 mac-address=BC:5F:F4:03:E5:A9 server=DHCP_Clinika
add address=172.20.150.188 mac-address=00:A0:D1:A9:70:AA server=DHCP_Clinika
add address=172.20.150.171 always-broadcast=yes mac-address=1C:6F:65:5A:24:DB \
server=DHCP_Clinika
add address=172.20.150.3 mac-address=00:04:61:4B:C8:7E server=DHCP_Clinika
add address=172.20.150.191 mac-address=90:2B:34:E4:D9:50 server=DHCP_Clinika
add address=172.20.150.51 mac-address=BC:5F:F4:07:97:A4 server=DHCP_Clinika
add address=172.20.150.101 mac-address=B7:57:F7:07:97:A7 server=DHCP_Clinika
add address=172.20.150.118 mac-address=FC:99:47:25:9B:44 server=DHCP_Clinika
add address=172.20.150.197 mac-address=00:14:2A:EC:D1:CB server=DHCP_Clinika
add address=172.20.150.199 mac-address=00:E0:4C:49:F4:40 server=DHCP_Clinika
add address=172.20.150.200 mac-address=90:2B:34:45:77:C1 server=DHCP_Clinika
add address=172.20.150.201 mac-address=00:F0:E0:16:F1:F2 server=DHCP_Clinika
/ip dhcp-server network
add address=172.20.150.0/24 gateway=172.20.150.253
/ip dns
set servers=8.8.8.8,8.8.4.4
/ip firewall filter
add chain=forward in-interface=MK-net src-address=212.176.15.119
add action=drop chain=input dst-port=22 protocol=tcp
add action=drop chain=input dst-port=21 protocol=tcp
/ip firewall nat
add chain=srcnat comment="\CF\F0\E0\E2\E8\EB\EE \C4\EB\FF \CE\F4\E8\F1\E0" \
dst-address=172.20.0.0/16 src-address=172.20.150.0/24
add action=masquerade chain=srcnat comment=\
"\CF\F0\E0\E2\E8\EB\EE \E4\EB\FF NAT" out-interface=MK-net src-address=\
172.20.150.0/24
add action=netmap chain=dstnat comment="\CF\F0\E0\E2\E8\EB\EE RDP \EA 172.20.1\
50.4 (\D2\E5\F0\EC\E8\ED\E0\EB\FC\ED\FB\E9 \F1\E5\F0\E2\E5\F0)" dst-port=\
3389 in-interface=MK-net protocol=tcp to-addresses=172.20.150.4 to-ports=\
3389
add action=netmap chain=dstnat comment="RDP \CA \EA\EE\EC\EF\F3 Admin" \
dst-port=3333 in-interface=MK-net protocol=tcp to-addresses=\
172.20.150.106 to-ports=3389
add action=netmap chain=dstnat comment=\
"\CF\F0\E0\E2\E8\EB\EE \C4\EB\FF radmin \ED\E0 172.20.150.1" dst-port=\
37891 in-interface=MK-net protocol=tcp to-addresses=172.20.150.1
add action=netmap chain=dstnat comment="\CF\F0\E0\E2\E8\EB\EE Radmin \E4\EB\FF\
\_\EE\F2\E4\E5\EB\E0 \EA\E0\E4\F0\EE\E2 172.20.150.167" dst-port=58999 \
in-interface=MK-net protocol=tcp to-addresses=172.20.150.167
/ip ipsec peer
add address=194.87.255.157/32 secret=xxxxxxx
/ip ipsec policy
add dst-address=172.20.0.0/16 proposal=Offiice sa-dst-address=194.87.255.157 \
sa-src-address=91.211.52.71 src-address=172.20.150.0/24 tunnel=yes
add action=none dst-address=172.20.150.0/24 level=use priority=1 \
sa-dst-address=194.87.255.157 sa-src-address=91.211.52.71 src-address=\
172.20.150.0/24
/lcd
set enabled=no
/lcd interface
add interface=sfp1
add interface=sfp2
add interface=sfp3
add interface=sfp4
add interface=ether1
add interface=ether2
add interface=ether3
add interface=ether4
add interface=ether5
add interface=ether6
add interface=ether7
add interface=ether8
add interface=ether9
add interface=ether10
add interface=ether11
add interface=ether12
/system identity
set name=RouterOS
/system routerboard settings
set cpu-frequency=1200MHz memory-frequency=1066DDR


vqd
Модератор
Сообщения: 3605
Зарегистрирован: 26 сен 2013, 14:20
Откуда: НСК
Контактная информация:

Когда я сталкивался с ПОС терминалами то они адрес брали с ДХЦП, и соединялись с площадкой банка по ДНС имени.

У вас я не вижу что бы ДХЦП раздавал ДНС

/ip dhcp-server network
add address=172.20.150.0/24 gateway=172.20.150.253

Может в этом проблема?


Есть интересная задача и бюджет? http://mikrotik.site
psyho88
Сообщения: 6
Зарегистрирован: 18 ноя 2013, 09:02

172.20.150.253 и есть mikrotik

В терминале Прописан статический IP и в настройках терминала ничего похожего на DNS у него нет. Терминал ingenico 5100


psyho88
Сообщения: 6
Зарегистрирован: 18 ноя 2013, 09:02

На домашнем роутере, все работает отлично, подключил к инету прописал нужный ip в самом терминале и всё, а тут танцы с бубном)))


Ответить