Два канала интернета и два l2tp тунеля

Обсуждение ПО и его настройки
vqd
Модератор
Сообщения: 3605
Зарегистрирован: 26 сен 2013, 14:20
Откуда: НСК
Контактная информация:

ну причем тут форвард то? Ну уже на форуме это обсосали, пережевали и выплюнули ))
viewtopic.php?f=15&t=5183&start=10


Есть интересная задача и бюджет? http://mikrotik.site
wolf_ktl
Сообщения: 417
Зарегистрирован: 25 июн 2013, 18:12

vqd писал(а):ну причем тут форвард то? Ну уже на форуме это обсосали, пережевали и выплюнули ))
viewtopic.php?f=15&t=5183&start=10



 "/ip firewall mangle"
/ip firewall mangle> print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=forward action=change-mss new-mss=1420 passthrough=yes tcp-flags=syn
protocol=tcp in-interface=l2tp-beeline tcp-mss=1391-65535

1 chain=forward action=change-mss new-mss=1420 passthrough=yes tcp-flags=syn
protocol=tcp out-interface=l2tp-beeline tcp-mss=1391-65535

2 ;;; Mark Flex
chain=input action=mark-connection new-connection-mark=in_wan2
passthrough=yes in-interface=l2tp-flex

3 ;;; Mark Flex
chain=output action=mark-routing new-routing-mark=wan2 passthrough=yes
connection-mark=in_wan2

4 ;;; Mark Beeline
chain=input action=mark-connection new-connection-mark=in_wan1
passthrough=yes in-interface=l2tp-beeline

5 ;;; Mark Beeline
chain=output action=mark-routing new-routing-mark=wan1 passthrough=yes
connection-mark=in_wan1



Пакеты идут куда надо, но вот проблема с L2TP сервером и двойным к нему подключением не решено....


vqd
Модератор
Сообщения: 3605
Зарегистрирован: 26 сен 2013, 14:20
Откуда: НСК
Контактная информация:

покажите конфиги l2tp со стороны Клинта и сервера


Есть интересная задача и бюджет? http://mikrotik.site
wolf_ktl
Сообщения: 417
Зарегистрирован: 25 июн 2013, 18:12

vqd писал(а):покажите конфиги l2tp со стороны Клинта и сервера


 "сервер"
Mar/21/2014 09:56:51 l2tp,debug,packet tunnel-id=0, session-id=0, ns=0, nr=0
Mar/21/2014 09:56:51 l2tp,debug,packet (M) Message-Type=SCCRQ
Mar/21/2014 09:56:51 l2tp,debug,packet (M) Protocol-Version=0x01:00
Mar/21/2014 09:56:51 l2tp,debug,packet (M) Framing-Capabilities=0x1
Mar/21/2014 09:56:51 l2tp,debug,packet (M) Bearer-Capabilities=0x0
Mar/21/2014 09:56:51 l2tp,debug,packet Firmware-Revision=0x1
Mar/21/2014 09:56:51 l2tp,debug,packet (M) Host-Name="MikroTik"
Mar/21/2014 09:56:51 l2tp,debug,packet Vendor-Name="MikroTik"
Mar/21/2014 09:56:51 l2tp,debug,packet (M) Assigned-Tunnel-ID=48
Mar/21/2014 09:56:51 l2tp,debug,packet (M) Receive-Window-Size=4
Mar/21/2014 09:56:51 l2tp,info first L2TP UDP packet received from 176.100.221.4
Mar/21/2014 09:56:51 l2tp,debug tunnel 365 entering state: wait-ctl-conn
Mar/21/2014 09:56:51 l2tp,debug,packet sent control message to 176.100.221.4:1701
Mar/21/2014 09:56:51 l2tp,debug,packet tunnel-id=48, session-id=0, ns=0, nr=1
Mar/21/2014 09:56:51 l2tp,debug,packet (M) Message-Type=SCCRP
Mar/21/2014 09:56:51 l2tp,debug,packet (M) Protocol-Version=0x01:00
Mar/21/2014 09:56:51 l2tp,debug,packet (M) Framing-Capabilities=0x1
Mar/21/2014 09:56:51 l2tp,debug,packet (M) Bearer-Capabilities=0x0
Mar/21/2014 09:56:51 l2tp,debug,packet Firmware-Revision=0x1
Mar/21/2014 09:56:51 l2tp,debug,packet (M) Host-Name="MikroTik-Midas"
Mar/21/2014 09:56:51 l2tp,debug,packet Vendor-Name="MikroTik"
Mar/21/2014 09:56:51 l2tp,debug,packet (M) Assigned-Tunnel-ID=365
Mar/21/2014 09:56:51 l2tp,debug,packet (M) Receive-Window-Size=4
Mar/21/2014 09:56:51 l2tp,debug,packet rcvd control message from 176.100.221.4:1701
Mar/21/2014 09:56:51 l2tp,debug,packet tunnel-id=365, session-id=0, ns=1, nr=1
Mar/21/2014 09:56:51 l2tp,debug,packet (M) Message-Type=StopCCN
Mar/21/2014 09:56:51 l2tp,debug,packet (M) Result-Code=7
Mar/21/2014 09:56:51 l2tp,debug,packet (M) Assigned-Tunnel-ID=48
Mar/21/2014 09:56:51 l2tp,debug,packet sent control message (ack) to 176.100.221.4:1701
Mar/21/2014 09:56:51 l2tp,debug,packet tunnel-id=48, session-id=0, ns=1, nr=2
Mar/21/2014 09:56:51 l2tp,debug tunnel 365 entering state: dead
Mar/21/2014 09:56:52 l2tp,debug,packet rcvd control message from 176.100.221.4:1701
Mar/21/2014 09:56:52 l2tp,debug,packet tunnel-id=0, session-id=0, ns=0, nr=0
Mar/21/2014 09:56:52 l2tp,debug,packet (M) Message-Type=SCCRQ
Mar/21/2014 09:56:52 l2tp,debug,packet (M) Protocol-Version=0x01:00
Mar/21/2014 09:56:52 l2tp,debug,packet (M) Framing-Capabilities=0x1
Mar/21/2014 09:56:52 l2tp,debug,packet (M) Bearer-Capabilities=0x0
Mar/21/2014 09:56:52 l2tp,debug,packet Firmware-Revision=0x1
Mar/21/2014 09:56:52 l2tp,debug,packet (M) Host-Name="MikroTik"
Mar/21/2014 09:56:52 l2tp,debug,packet Vendor-Name="MikroTik"
Mar/21/2014 09:56:52 l2tp,debug,packet (M) Assigned-Tunnel-ID=48
Mar/21/2014 09:56:52 l2tp,debug,packet (M) Receive-Window-Size=4
Mar/21/2014 09:56:52 l2tp,info first L2TP UDP packet received from 176.100.221.4
Mar/21/2014 09:56:52 l2tp,debug tunnel 366 entering state: wait-ctl-conn
Mar/21/2014 09:56:52 l2tp,debug,packet sent control message to 176.100.221.4:1701
Mar/21/2014 09:56:52 l2tp,debug,packet tunnel-id=48, session-id=0, ns=0, nr=1
Mar/21/2014 09:56:52 l2tp,debug,packet (M) Message-Type=SCCRP
Mar/21/2014 09:56:52 l2tp,debug,packet (M) Protocol-Version=0x01:00
Mar/21/2014 09:56:52 l2tp,debug,packet (M) Framing-Capabilities=0x1
Mar/21/2014 09:56:52 l2tp,debug,packet (M) Bearer-Capabilities=0x0
Mar/21/2014 09:56:52 l2tp,debug,packet Firmware-Revision=0x1
Mar/21/2014 09:56:52 l2tp,debug,packet (M) Host-Name="MikroTik-Midas"
Mar/21/2014 09:56:52 l2tp,debug,packet Vendor-Name="MikroTik"
Mar/21/2014 09:56:52 l2tp,debug,packet (M) Assigned-Tunnel-ID=366
Mar/21/2014 09:56:52 l2tp,debug,packet (M) Receive-Window-Size=4
Mar/21/2014 09:56:52 l2tp,debug,packet rcvd control message from 176.100.221.4:1701
Mar/21/2014 09:56:52 l2tp,debug,packet tunnel-id=366, session-id=0, ns=1, nr=1
Mar/21/2014 09:56:52 l2tp,debug,packet (M) Message-Type=StopCCN
Mar/21/2014 09:56:52 l2tp,debug,packet (M) Result-Code=7
Mar/21/2014 09:56:52 l2tp,debug,packet (M) Assigned-Tunnel-ID=48
Mar/21/2014 09:56:52 l2tp,debug,packet sent control message (ack) to 176.100.221.4:1701
Mar/21/2014 09:56:52 l2tp,debug,packet tunnel-id=48, session-id=0, ns=1, nr=2
Mar/21/2014 09:56:52 l2tp,debug tunnel 366 entering state: dead
Mar/21/2014 09:56:53 l2tp,debug,packet rcvd control message from 176.100.221.4:1701
Mar/21/2014 09:56:53 l2tp,debug,packet tunnel-id=0, session-id=0, ns=0, nr=0
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Message-Type=SCCRQ
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Protocol-Version=0x01:00
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Framing-Capabilities=0x1
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Bearer-Capabilities=0x0
Mar/21/2014 09:56:53 l2tp,debug,packet Firmware-Revision=0x1
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Host-Name="MikroTik"
Mar/21/2014 09:56:53 l2tp,debug,packet Vendor-Name="MikroTik"
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Assigned-Tunnel-ID=48
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Receive-Window-Size=4
Mar/21/2014 09:56:53 l2tp,info first L2TP UDP packet received from 176.100.221.4
Mar/21/2014 09:56:53 l2tp,debug tunnel 367 entering state: wait-ctl-conn
Mar/21/2014 09:56:53 l2tp,debug,packet sent control message to 176.100.221.4:1701
Mar/21/2014 09:56:53 l2tp,debug,packet tunnel-id=48, session-id=0, ns=0, nr=1
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Message-Type=SCCRP
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Protocol-Version=0x01:00
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Framing-Capabilities=0x1
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Bearer-Capabilities=0x0
Mar/21/2014 09:56:53 l2tp,debug,packet Firmware-Revision=0x1
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Host-Name="MikroTik-Midas"
Mar/21/2014 09:56:53 l2tp,debug,packet Vendor-Name="MikroTik"
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Assigned-Tunnel-ID=367
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Receive-Window-Size=4
Mar/21/2014 09:56:53 l2tp,debug,packet rcvd control message from 176.100.221.4:1701
Mar/21/2014 09:56:53 l2tp,debug,packet tunnel-id=367, session-id=0, ns=1, nr=1
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Message-Type=StopCCN
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Result-Code=7
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Assigned-Tunnel-ID=48
Mar/21/2014 09:56:53 l2tp,debug,packet sent control message (ack) to 176.100.221.4:1701
Mar/21/2014 09:56:53 l2tp,debug,packet tunnel-id=48, session-id=0, ns=1, nr=2
Mar/21/2014 09:56:53 l2tp,debug tunnel 367 entering state: dead
Mar/21/2014 09:56:55 l2tp,debug,packet rcvd control message from 176.100.221.4:1701
Mar/21/2014 09:56:55 l2tp,debug,packet tunnel-id=0, session-id=0, ns=0, nr=0
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Message-Type=SCCRQ
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Protocol-Version=0x01:00
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Framing-Capabilities=0x1
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Bearer-Capabilities=0x0
Mar/21/2014 09:56:55 l2tp,debug,packet Firmware-Revision=0x1
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Host-Name="MikroTik"
Mar/21/2014 09:56:55 l2tp,debug,packet Vendor-Name="MikroTik"
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Assigned-Tunnel-ID=48
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Receive-Window-Size=4
Mar/21/2014 09:56:55 l2tp,info first L2TP UDP packet received from 176.100.221.4
Mar/21/2014 09:56:55 l2tp,debug tunnel 368 entering state: wait-ctl-conn
Mar/21/2014 09:56:55 l2tp,debug,packet sent control message to 176.100.221.4:1701
Mar/21/2014 09:56:55 l2tp,debug,packet tunnel-id=48, session-id=0, ns=0, nr=1
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Message-Type=SCCRP
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Protocol-Version=0x01:00
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Framing-Capabilities=0x1
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Bearer-Capabilities=0x0
Mar/21/2014 09:56:55 l2tp,debug,packet Firmware-Revision=0x1
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Host-Name="MikroTik-Midas"
Mar/21/2014 09:56:55 l2tp,debug,packet Vendor-Name="MikroTik"
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Assigned-Tunnel-ID=368
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Receive-Window-Size=4
Mar/21/2014 09:56:55 l2tp,debug,packet rcvd control message from 176.100.221.4:1701
Mar/21/2014 09:56:55 l2tp,debug,packet tunnel-id=368, session-id=0, ns=1, nr=1
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Message-Type=StopCCN
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Result-Code=7
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Assigned-Tunnel-ID=48
Mar/21/2014 09:56:55 l2tp,debug,packet sent control message (ack) to 176.100.221.4:1701
Mar/21/2014 09:56:55 l2tp,debug,packet tunnel-id=48, session-id=0, ns=1, nr=2
Mar/21/2014 09:56:55 l2tp,debug tunnel 368 entering state: dead
Mar/21/2014 09:56:58 l2tp,ppp,debug,packet l2tp-beeline: rcvd LCP EchoReq id=0x66
Mar/21/2014 09:56:58 l2tp,ppp,debug,packet <magic 0x90fbb9f3>
Mar/21/2014 09:56:58 l2tp,ppp,debug,packet 35 33 6f 64
Mar/21/2014 09:56:58 l2tp,ppp,debug,packet l2tp-beeline: sent LCP EchoRep id=0x66
Mar/21/2014 09:56:58 l2tp,ppp,debug,packet <magic 0x35336f64>
Mar/21/2014 09:56:58 l2tp,ppp,debug,packet 35 33 6f 64
Mar/21/2014 09:56:59 l2tp,debug,packet rcvd control message from 176.100.221.4:1701
Mar/21/2014 09:56:59 l2tp,debug,packet tunnel-id=0, session-id=0, ns=0, nr=0
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Message-Type=SCCRQ
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Protocol-Version=0x01:00
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Framing-Capabilities=0x1
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Bearer-Capabilities=0x0
Mar/21/2014 09:56:59 l2tp,debug,packet Firmware-Revision=0x1
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Host-Name="MikroTik"
Mar/21/2014 09:56:59 l2tp,debug,packet Vendor-Name="MikroTik"
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Assigned-Tunnel-ID=48
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Receive-Window-Size=4
Mar/21/2014 09:56:59 l2tp,info first L2TP UDP packet received from 176.100.221.4
Mar/21/2014 09:56:59 l2tp,debug tunnel 369 entering state: wait-ctl-conn
Mar/21/2014 09:56:59 l2tp,debug,packet sent control message to 176.100.221.4:1701
Mar/21/2014 09:56:59 l2tp,debug,packet tunnel-id=48, session-id=0, ns=0, nr=1
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Message-Type=SCCRP
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Protocol-Version=0x01:00
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Framing-Capabilities=0x1
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Bearer-Capabilities=0x0
Mar/21/2014 09:56:59 l2tp,debug,packet Firmware-Revision=0x1
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Host-Name="MikroTik-Midas"
Mar/21/2014 09:56:59 l2tp,debug,packet Vendor-Name="MikroTik"
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Assigned-Tunnel-ID=369
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Receive-Window-Size=4
Mar/21/2014 09:56:59 l2tp,debug,packet rcvd control message from 176.100.221.4:1701
Mar/21/2014 09:56:59 l2tp,debug,packet tunnel-id=369, session-id=0, ns=1, nr=1
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Message-Type=StopCCN
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Result-Code=7
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Assigned-Tunnel-ID=48
Mar/21/2014 09:56:59 l2tp,debug,packet sent control message (ack) to 176.100.221.4:1701
Mar/21/2014 09:56:59 l2tp,debug,packet tunnel-id=48, session-id=0, ns=1, nr=2
Mar/21/2014 09:56:59 l2tp,debug tunnel 369 entering state: dead
Mar/21/2014 09:57:07 l2tp,debug,packet rcvd control message from 176.100.221.4:1701
Mar/21/2014 09:57:07 l2tp,debug,packet tunnel-id=0, session-id=0, ns=0, nr=0
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Message-Type=SCCRQ
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Protocol-Version=0x01:00
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Framing-Capabilities=0x1
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Bearer-Capabilities=0x0
Mar/21/2014 09:57:07 l2tp,debug,packet Firmware-Revision=0x1
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Host-Name="MikroTik"
Mar/21/2014 09:57:07 l2tp,debug,packet Vendor-Name="MikroTik"
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Assigned-Tunnel-ID=48
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Receive-Window-Size=4
Mar/21/2014 09:57:07 l2tp,info first L2TP UDP packet received from 176.100.221.4
Mar/21/2014 09:57:07 l2tp,debug tunnel 370 entering state: wait-ctl-conn
Mar/21/2014 09:57:07 l2tp,debug,packet sent control message to 176.100.221.4:1701
Mar/21/2014 09:57:07 l2tp,debug,packet tunnel-id=48, session-id=0, ns=0, nr=1
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Message-Type=SCCRP
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Protocol-Version=0x01:00
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Framing-Capabilities=0x1
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Bearer-Capabilities=0x0
Mar/21/2014 09:57:07 l2tp,debug,packet Firmware-Revision=0x1
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Host-Name="MikroTik-Midas"
Mar/21/2014 09:57:07 l2tp,debug,packet Vendor-Name="MikroTik"
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Assigned-Tunnel-ID=370
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Receive-Window-Size=4
Mar/21/2014 09:57:07 l2tp,debug,packet rcvd control message from 176.100.221.4:1701
Mar/21/2014 09:57:07 l2tp,debug,packet tunnel-id=370, session-id=0, ns=1, nr=1
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Message-Type=StopCCN
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Result-Code=7
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Assigned-Tunnel-ID=48
Mar/21/2014 09:57:07 l2tp,debug,packet sent control message (ack) to 176.100.221.4:1701
Mar/21/2014 09:57:07 l2tp,debug,packet tunnel-id=48, session-id=0, ns=1, nr=2
Mar/21/2014 09:57:07 l2tp,debug tunnel 370 entering state: dead
Mar/21/2014 09:57:08 l2tp,ppp,debug,packet l2tp-beeline: rcvd LCP EchoReq id=0x67
Mar/21/2014 09:57:08 l2tp,ppp,debug,packet <magic 0x90fbb9f3>
Mar/21/2014 09:57:08 l2tp,ppp,debug,packet 35 33 6f 64
Mar/21/2014 09:57:08 l2tp,ppp,debug,packet l2tp-beeline: sent LCP EchoRep id=0x67
Mar/21/2014 09:57:08 l2tp,ppp,debug,packet <magic 0x35336f64>
Mar/21/2014 09:57:08 l2tp,ppp,debug,packet 35 33 6f 64
Mar/21/2014 09:57:09 l2tp,debug,packet sent control message to 195.14.38.12:1701
Mar/21/2014 09:57:09 l2tp,debug,packet tunnel-id=7682, session-id=0, ns=533, nr=2
Mar/21/2014 09:57:09 l2tp,debug,packet (M) Message-Type=HELLO
Mar/21/2014 09:57:09 l2tp,debug,packet rcvd control message (ack) from 195.14.38.12:1701
Mar/21/2014 09:57:09 l2tp,debug,packet tunnel-id=303, session-id=0, ns=2, nr=534
Mar/21/2014 09:57:18 l2tp,debug,packet sent control message to 10.255.255.254:1701
Mar/21/2014 09:57:18 l2tp,debug,packet tunnel-id=62399, session-id=0, ns=851, nr=3
Mar/21/2014 09:57:18 l2tp,debug,packet (M) Message-Type=HELLO
Mar/21/2014 09:57:18 l2tp,debug,packet rcvd control message (ack) from 10.255.255.254:1701
Mar/21/2014 09:57:18 l2tp,debug,packet tunnel-id=1, session-id=0, ns=3, nr=852
Mar/21/2014 09:57:18 l2tp,ppp,debug,packet l2tp-beeline: rcvd LCP EchoReq id=0x68
Mar/21/2014 09:57:18 l2tp,ppp,debug,packet <magic 0x90fbb9f3>
Mar/21/2014 09:57:18 l2tp,ppp,debug,packet 35 33 6f 64
Mar/21/2014 09:57:18 l2tp,ppp,debug,packet l2tp-beeline: sent LCP EchoRep id=0x68
Mar/21/2014 09:57:18 l2tp,ppp,debug,packet <magic 0x35336f64>
Mar/21/2014 09:57:18 l2tp,ppp,debug,packet 35 33 6f 64




 "Клиент"
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Message-Type=StopCCN
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Result-Code=7
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Assigned-Tunnel-ID=48
Mar/21/2014 09:56:59 l2tp,debug,packet rcvd control message (ack) from 93.81.245.45:1701
Mar/21/2014 09:56:59 l2tp,debug,packet tunnel-id=48, session-id=0, ns=1, nr=2
Mar/21/2014 09:57:07 l2tp,debug,packet sent control message to 94.253.122.44:1701
Mar/21/2014 09:57:07 l2tp,debug,packet tunnel-id=0, session-id=0, ns=0, nr=0
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Message-Type=SCCRQ
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Protocol-Version=0x01:00
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Framing-Capabilities=0x1
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Bearer-Capabilities=0x0
Mar/21/2014 09:57:07 l2tp,debug,packet Firmware-Revision=0x1
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Host-Name="MikroTik"
Mar/21/2014 09:57:07 l2tp,debug,packet Vendor-Name="MikroTik"
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Assigned-Tunnel-ID=48
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Receive-Window-Size=4
Mar/21/2014 09:57:07 l2tp,debug,packet rcvd control message from 93.81.245.45:1701
Mar/21/2014 09:57:07 l2tp,debug,packet tunnel-id=48, session-id=0, ns=0, nr=1
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Message-Type=SCCRP
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Protocol-Version=0x01:00
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Framing-Capabilities=0x1
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Bearer-Capabilities=0x0
Mar/21/2014 09:57:07 l2tp,debug,packet Firmware-Revision=0x1
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Host-Name="MikroTik-Midas"
Mar/21/2014 09:57:07 l2tp,debug,packet Vendor-Name="MikroTik"
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Assigned-Tunnel-ID=370
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Receive-Window-Size=4
Mar/21/2014 09:57:07 l2tp,debug received SCCRP before SCCRQ, rejecting
Mar/21/2014 09:57:07 l2tp,debug,packet sent control message to 93.81.245.45:1701

Mar/21/2014 09:57:07 l2tp,debug,packet tunnel-id=370, session-id=0, ns=1, nr=1
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Message-Type=StopCCN
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Result-Code=7
Mar/21/2014 09:57:07 l2tp,debug,packet (M) Assigned-Tunnel-ID=48
Mar/21/2014 09:57:07 l2tp,debug,packet rcvd control message (ack) from 93.81.245.45:1701
Mar/21/2014 09:57:07 l2tp,debug,packet tunnel-id=48, session-id=0, ns=1, nr=2
Mar/21/2014 09:57:13 l2tp,ppp,info l2tp-office_midasflex: terminating...
Mar/21/2014 09:57:13 l2tp,debug session 1 entering state: stopping
Mar/21/2014 09:57:13 l2tp,ppp,debug l2tp-office_midasflex: LCP lowerdown
Mar/21/2014 09:57:13 l2tp,ppp,debug l2tp-office_midasflex: LCP down event in initial state
Mar/21/2014 09:57:13 l2tp,ppp,info l2tp-office_midasflex: disabled
Mar/21/2014 09:57:15 l2tp,debug tunnel 48 received no replies, disconnecting
Mar/21/2014 09:57:15 l2tp,debug tunnel 48 entering state: dead
Mar/21/2014 09:57:15 l2tp,debug session 1 entering state: dead
Mar/21/2014 09:56:52 l2tp,debug,packet (M) Framing-Capabilities=0x1
Mar/21/2014 09:56:52 l2tp,debug,packet (M) Bearer-Capabilities=0x0
Mar/21/2014 09:56:52 l2tp,debug,packet Firmware-Revision=0x1
Mar/21/2014 09:56:52 l2tp,debug,packet (M) Host-Name="MikroTik-Midas"
Mar/21/2014 09:56:52 l2tp,debug,packet Vendor-Name="MikroTik"
Mar/21/2014 09:56:52 l2tp,debug,packet (M) Assigned-Tunnel-ID=366
Mar/21/2014 09:56:52 l2tp,debug,packet (M) Receive-Window-Size=4
Mar/21/2014 09:56:52 l2tp,debug received SCCRP before SCCRQ, rejecting
Mar/21/2014 09:56:52 l2tp,debug,packet sent control message to 93.81.245.45:1701
Mar/21/2014 09:56:52 l2tp,debug,packet tunnel-id=366, session-id=0, ns=1, nr=1
Mar/21/2014 09:56:52 l2tp,debug,packet (M) Message-Type=StopCCN
Mar/21/2014 09:56:52 l2tp,debug,packet (M) Result-Code=7
Mar/21/2014 09:56:52 l2tp,debug,packet (M) Assigned-Tunnel-ID=48
Mar/21/2014 09:56:52 l2tp,debug,packet rcvd control message (ack) from 93.81.245.45:1701
Mar/21/2014 09:56:52 l2tp,debug,packet tunnel-id=48, session-id=0, ns=1, nr=2
Mar/21/2014 09:56:53 l2tp,debug,packet sent control message to 94.253.122.44:1701
Mar/21/2014 09:56:53 l2tp,debug,packet tunnel-id=0, session-id=0, ns=0, nr=0
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Message-Type=SCCRQ
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Protocol-Version=0x01:00
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Framing-Capabilities=0x1
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Bearer-Capabilities=0x0
Mar/21/2014 09:56:53 l2tp,debug,packet Firmware-Revision=0x1
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Host-Name="MikroTik"
Mar/21/2014 09:56:53 l2tp,debug,packet Vendor-Name="MikroTik"
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Assigned-Tunnel-ID=48
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Receive-Window-Size=4
Mar/21/2014 09:56:53 l2tp,debug,packet rcvd control message from 93.81.245.45:1701
Mar/21/2014 09:56:53 l2tp,debug,packet tunnel-id=48, session-id=0, ns=0, nr=1
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Message-Type=SCCRP
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Protocol-Version=0x01:00
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Framing-Capabilities=0x1
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Bearer-Capabilities=0x0
Mar/21/2014 09:56:53 l2tp,debug,packet Firmware-Revision=0x1
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Host-Name="MikroTik-Midas"
Mar/21/2014 09:56:53 l2tp,debug,packet Vendor-Name="MikroTik"
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Assigned-Tunnel-ID=367
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Receive-Window-Size=4
Mar/21/2014 09:56:53 l2tp,debug received SCCRP before SCCRQ, rejecting
Mar/21/2014 09:56:53 l2tp,debug,packet sent control message to 93.81.245.45:1701
Mar/21/2014 09:56:53 l2tp,debug,packet tunnel-id=367, session-id=0, ns=1, nr=1
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Message-Type=StopCCN
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Result-Code=7
Mar/21/2014 09:56:53 l2tp,debug,packet (M) Assigned-Tunnel-ID=48
Mar/21/2014 09:56:53 l2tp,debug,packet rcvd control message (ack) from 93.81.245.45:1701
Mar/21/2014 09:56:53 l2tp,debug,packet tunnel-id=48, session-id=0, ns=1, nr=2
Mar/21/2014 09:56:55 l2tp,debug,packet sent control message to 94.253.122.44:1701
Mar/21/2014 09:56:55 l2tp,debug,packet tunnel-id=0, session-id=0, ns=0, nr=0
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Message-Type=SCCRQ
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Protocol-Version=0x01:00
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Framing-Capabilities=0x1
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Bearer-Capabilities=0x0
Mar/21/2014 09:56:55 l2tp,debug,packet Firmware-Revision=0x1
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Host-Name="MikroTik"
Mar/21/2014 09:56:55 l2tp,debug,packet Vendor-Name="MikroTik"
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Assigned-Tunnel-ID=48
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Receive-Window-Size=4
Mar/21/2014 09:56:55 l2tp,debug,packet rcvd control message from 93.81.245.45:1701
Mar/21/2014 09:56:55 l2tp,debug,packet tunnel-id=48, session-id=0, ns=0, nr=1
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Message-Type=SCCRP
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Protocol-Version=0x01:00
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Framing-Capabilities=0x1
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Bearer-Capabilities=0x0
Mar/21/2014 09:56:55 l2tp,debug,packet Firmware-Revision=0x1
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Host-Name="MikroTik-Midas"
Mar/21/2014 09:56:55 l2tp,debug,packet Vendor-Name="MikroTik"
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Assigned-Tunnel-ID=368
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Receive-Window-Size=4
Mar/21/2014 09:56:55 l2tp,debug received SCCRP before SCCRQ, rejecting
Mar/21/2014 09:56:55 l2tp,debug,packet sent control message to 93.81.245.45:1701
Mar/21/2014 09:56:55 l2tp,debug,packet tunnel-id=368, session-id=0, ns=1, nr=1
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Message-Type=StopCCN
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Result-Code=7
Mar/21/2014 09:56:55 l2tp,debug,packet (M) Assigned-Tunnel-ID=48
Mar/21/2014 09:56:55 l2tp,debug,packet rcvd control message (ack) from 93.81.245.45:1701
Mar/21/2014 09:56:55 l2tp,debug,packet tunnel-id=48, session-id=0, ns=1, nr=2
Mar/21/2014 09:56:59 l2tp,debug,packet sent control message to 94.253.122.44:1701
Mar/21/2014 09:56:59 l2tp,debug,packet tunnel-id=0, session-id=0, ns=0, nr=0
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Message-Type=SCCRQ
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Protocol-Version=0x01:00
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Framing-Capabilities=0x1
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Bearer-Capabilities=0x0
Mar/21/2014 09:56:59 l2tp,debug,packet Firmware-Revision=0x1
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Host-Name="MikroTik"
Mar/21/2014 09:56:59 l2tp,debug,packet Vendor-Name="MikroTik"
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Assigned-Tunnel-ID=48
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Receive-Window-Size=4
Mar/21/2014 09:56:59 l2tp,debug,packet rcvd control message from 93.81.245.45:1701
Mar/21/2014 09:56:59 l2tp,debug,packet tunnel-id=48, session-id=0, ns=0, nr=1
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Message-Type=SCCRP
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Protocol-Version=0x01:00
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Framing-Capabilities=0x1
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Bearer-Capabilities=0x0
Mar/21/2014 09:56:59 l2tp,debug,packet Firmware-Revision=0x1
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Host-Name="MikroTik-Midas"
Mar/21/2014 09:56:59 l2tp,debug,packet Vendor-Name="MikroTik"
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Assigned-Tunnel-ID=369
Mar/21/2014 09:56:59 l2tp,debug,packet (M) Receive-Window-Size=4
Mar/21/2014 09:56:59 l2tp,debug received SCCRP before SCCRQ, rejecting
Mar/21/2014 09:56:59 l2tp,debug,packet sent control message to 93.81.245.45:1701
Mar/21/2014 09:56:59 l2tp,debug,packet tunnel-id=369, session-id=0, ns=1, nr=1



В клиенте красным отмечен ip не того канала к которому конектиться клиент
Последний раз редактировалось wolf_ktl 21 мар 2014, 08:58, всего редактировалось 1 раз.


vqd
Модератор
Сообщения: 3605
Зарегистрирован: 26 сен 2013, 14:20
Откуда: НСК
Контактная информация:

я конфиги просил, а не логи


Есть интересная задача и бюджет? http://mikrotik.site
wolf_ktl
Сообщения: 417
Зарегистрирован: 25 июн 2013, 18:12

vqd писал(а):я конфиги просил, а не логи


Полный конфиг нужен ?


wolf_ktl
Сообщения: 417
Зарегистрирован: 25 июн 2013, 18:12

wolf_ktl писал(а):
vqd писал(а):я конфиги просил, а не логи


Полный конфиг нужен ?




 "Server"
# mar/21/2014 12:13:06 by RouterOS 6.7
# software id = A2AN-L463
#
/interface bridge
add name=bridge_hotspot
add admin-mac=D4:CA:6D:4C:10:E6 auto-mac=no l2mtu=1598 name=bridge_lan \
protocol-mode=rstp
/interface ethernet
set [ find default-name=ether1 ] comment=LAN1 mac-address=00:0C:42:B7:C0:98 \
name=LAN-beeline
set [ find default-name=ether2 ] arp=proxy-arp comment=LAN2 name=LAN2
set [ find default-name=ether3 ] comment="LAN Flex" mac-address=\
D4:CA:6D:4C:10:E6 name=WAN-FLEXLAN3
set [ find default-name=ether4 ] arp=proxy-arp
set [ find default-name=ether5 ] arp=proxy-arp
set [ find default-name=ether6 ] name=ether6-master-local
set [ find default-name=ether7 ] master-port=ether6-master-local name=\
ether7-slave-local
set [ find default-name=ether8 ] master-port=ether6-master-local name=\
ether8-slave-local
set [ find default-name=ether9 ] name=ether9-slave-local
set [ find default-name=ether10 ] disabled=yes name=ether10-slave-local
set [ find default-name=sfp1 ] name=sfp1-gateway
/interface l2tp-server
add name=l2tp-Brize user=brize
add name=l2tp-lenina125 user=lenina125
add name=l2tp-lifter user=lifter
add name=l2tp-wolfhome user=wolfhome
add name=l2tp-ykdav user=ykdav
/ip neighbor discovery
set LAN-beeline comment=LAN1 discover=no
set LAN2 comment=LAN2
set WAN-FLEXLAN3 comment="LAN Flex"
set sfp1-gateway discover=no
/interface wireless security-profiles
set [ find default=yes ] authentication-types=\
wpa-psk,wpa2-psk,wpa-eap,wpa2-eap eap-methods="" mode=dynamic-keys \
supplicant-identity=MikroTik wpa-pre-shared-key=************ \
wpa2-pre-shared-key=************
add authentication-types=wpa-psk,wpa2-psk eap-methods="" \
management-protection=allowed name=hotpost supplicant-identity=""
add authentication-types=wpa-psk,wpa2-psk eap-methods="" \
management-protection=allowed mode=dynamic-keys name=midas2013 \
supplicant-identity="" wpa-pre-shared-key=************ \
wpa2-pre-shared-key=************
/interface wireless
set [ find default-name=wlan1 ] adaptive-noise-immunity=ap-and-client-mode \
band=2ghz-b/g/n country=russia default-authentication=no \
default-forwarding=no disabled=no distance=indoors ht-rxchains=0 \
ht-txchains=0 l2mtu=2290 mode=ap-bridge name=wlan_wifi security-profile=\
hotpost ssid=MIDAS_WI-FI_FREE tx-power=15 tx-power-mode=all-rates-fixed \
wireless-protocol=802.11
add default-authentication=no default-forwarding=no disabled=no l2mtu=2290 \
mac-address=D6:CA:6D:04:AA:7A master-interface=wlan_wifi name=wlan_work \
security-profile=midas2013 ssid=MIDAS wds-cost-range=0 wds-default-cost=0
/ip hotspot profile
add hotspot-address=10.5.50.1 login-by=http-chap,trial name=hsprof1
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m \
mac-cookie-timeout=3d rate-limit=3m/3m shared-users=unlimited
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=3des
/ip pool
add name=dhcp_pool1 ranges=192.168.3.145-192.168.3.200
add name=hs-pool-27 ranges=10.5.50.2-10.5.50.254
add name=dhcp_pool2 next-pool=dhcp_pool1 ranges=192.168.3.20-192.168.3.70
add name=vpnserverusers ranges=192.168.99.2-192.168.99.99
/ip dhcp-server
add address-pool=dhcp_pool2 disabled=no interface=bridge_lan name=dhcp1
add address-pool=hs-pool-27 disabled=no interface=wlan_wifi lease-time=1h \
name=dhcp4
/ip hotspot
add address-pool=hs-pool-27 disabled=no interface=wlan_wifi name=hotspot1 \
profile=hsprof1
/port
set 0 name=serial0
/ppp profile
add change-tcp-mss=yes name=flex remote-address=127.0.1.3 wins-server=0.0.0.0
add change-tcp-mss=no name=beeline remote-address=127.0.1.2 use-compression=\
no use-encryption=no use-vj-compression=no
add change-tcp-mss=no name=vpn use-compression=no use-encryption=no \
use-vj-compression=no
add change-tcp-mss=yes dns-server=192.168.3.93,192.168.3.1 local-address=\
192.168.99.1 name=vpnserverhome remote-address=vpnserverusers \
use-encryption=yes
/interface l2tp-client
add connect-to=195.14.38.12 disabled=no max-mru=1460 max-mtu=1460 name=\
l2tp-beeline password=******** profile=beeline user=*****
add connect-to=10.255.255.254 disabled=no max-mru=1500 max-mtu=1460 name=\
l2tp-flex password=***** profile=flex user=*******
/interface bridge port
add bridge=bridge_lan interface=LAN2
add bridge=bridge_lan interface=wlan_work
add bridge=bridge_hotspot interface=ether9-slave-local
/interface l2tp-server server
set default-profile=vpn enabled=yes max-mru=1420 max-mtu=1460
/interface pptp-server server
set default-profile=vpnserverhome enabled=yes max-mru=1500 max-mtu=1500
/interface wireless access-list
add forwarding=no signal-range=-90..120
/ip address
add address=192.168.3.1/24 comment="default configuration" interface=\
bridge_lan network=192.168.3.0
add address=10.224.122.7/24 interface=WAN-FLEXLAN3 network=10.224.122.0
add address=10.5.50.1/24 comment="hotspot network" interface=wlan_wifi \
network=10.5.50.0
/ip dhcp-client
add add-default-route=no comment=beeline dhcp-options=hostname,clientid \
disabled=no interface=LAN-beeline
/ip dhcp-server network
add address=10.5.50.0/24 comment="hotspot network" dns-server=10.5.50.1 \
gateway=10.5.50.1
add address=192.168.3.0/24 comment="default configuration" dns-server=\
192.168.3.93,192.168.3.1 gateway=192.168.3.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,4.2.2.4
/ip dns static
add address=192.168.88.1 name=router
/ip firewall address-list
add address=192.168.3.0/24 list=!LocalNet
add address=192.168.3.166 list=flex
add address=10.0.18.2-10.0.18.99 list=VPN_office
add address=176.100.223.103 list=white_list_ssh
/ip firewall filter
add chain=input comment=icmp in-interface=l2tp-beeline protocol=icmp
add chain=input comment="icmp Flex\r\
\n " in-interface=l2tp-flex protocol=icmp
add chain=output dst-port=3333 protocol=tcp
add chain=input protocol=tcp src-port=3333
add chain=input comment=RDP dst-port=5555 protocol=tcp
add chain=forward comment=443 disabled=yes dst-port=443 protocol=tcp
add chain=forward comment=TimeSinc dst-port=123 protocol=udp
add chain=forward comment="Allow smtp for server (in)" protocol=tcp src-port=\
25
add chain=forward comment="Allow smtp for server (out)" dst-port=25 protocol=\
tcp
add chain=forward comment="Allow pop for server (in)" protocol=tcp src-port=\
110
add chain=forward comment="Allow pop for server (out)" dst-port=110 protocol=\
tcp
add chain=input comment="L2TP Beeline" in-interface=l2tp-beeline port=\
1701,500,4500 protocol=udp
add chain=input comment="L2TP Flex" connection-state=new in-interface=\
l2tp-flex port=1701,500,4500 protocol=udp
add chain=input comment="1723 (PPTP) Flex" dst-port=1723 in-interface=\
l2tp-flex protocol=tcp
add chain=input comment="1723 (PPTP) Beeline" dst-port=1723 in-interface=\
l2tp-beeline protocol=tcp
add chain=forward comment=\
"\C7\E0 \F7\E5\EC \EE\ED \ED\E5 \EF\EE\ED\FF\F2\ED\EE " disabled=yes
add action=drop chain=input comment=Atack dst-port=53 in-interface=\
l2tp-beeline protocol=udp
add action=drop chain=input dst-port=53 in-interface=l2tp-flex protocol=udp
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here"
/ip firewall mangle
add action=change-mss chain=forward in-interface=l2tp-beeline new-mss=1420 \
protocol=tcp tcp-flags=syn tcp-mss=1391-65535
add action=change-mss chain=forward new-mss=1420 out-interface=l2tp-beeline \
protocol=tcp tcp-flags=syn tcp-mss=1391-65535
add action=mark-connection chain=input comment="Mark Flex" in-interface=\
l2tp-flex new-connection-mark=in_wan2
add action=mark-routing chain=output comment="Mark Flex" connection-mark=\
in_wan2 new-routing-mark=wan2
add action=mark-connection chain=input comment="Mark Beeline" in-interface=\
l2tp-beeline new-connection-mark=in_wan1
add action=mark-routing chain=output comment="Mark Beeline" connection-mark=\
in_wan1 new-routing-mark=wan1
/ip firewall nat
add action=dst-nat chain=dstnat comment="mail 443" dst-port=443 in-interface=\
l2tp-beeline protocol=tcp to-addresses=192.168.3.96 to-ports=443
add action=dst-nat chain=dstnat comment="mail local 443" dst-address=\
93.81.245.45 dst-port=443 protocol=tcp to-addresses=192.168.3.96 \
to-ports=443
add action=dst-nat chain=dstnat comment="web mail" dst-port=80 in-interface=\
l2tp-beeline protocol=tcp to-addresses=192.168.3.96 to-ports=80
add action=dst-nat chain=dstnat comment="web mail local" dst-address=\
93.81.245.45 dst-port=80 protocol=tcp to-addresses=192.168.3.96 to-ports=\
80
add action=dst-nat chain=dstnat comment="NAT for smtp local" dst-address=\
93.81.245.45 dst-port=25 protocol=tcp to-addresses=192.168.3.96 to-ports=\
25
add action=dst-nat chain=dstnat comment="Nat fo smtp 25 " dst-port=25 \
in-interface=l2tp-beeline protocol=tcp to-addresses=192.168.3.96 \
to-ports=25
add action=dst-nat chain=dstnat comment="Nat fo smtp pop3 local" dst-address=\
93.81.245.45 dst-port=110 protocol=tcp to-addresses=192.168.3.96 \
to-ports=110
add action=dst-nat chain=dstnat comment="Nat fo pop3" dst-port=110 \
in-interface=l2tp-beeline protocol=tcp to-addresses=192.168.3.96 \
to-ports=110
add action=dst-nat chain=dstnat comment=jabber dst-port=5222 in-interface=\
l2tp-beeline protocol=tcp to-addresses=192.168.3.97 to-ports=5222
add action=dst-nat chain=dstnat comment="jabber 2" disabled=yes dst-port=5269 \
protocol=tcp to-addresses=192.168.3.96 to-ports=5269
add action=dst-nat chain=dstnat comment="Server GLAVSERVER Port=3389 " \
dst-port=5555 in-interface=l2tp-beeline protocol=tcp to-addresses=\
192.168.3.94 to-ports=3389
add action=dst-nat chain=dstnat comment="Server GLAVSERVER Port=3389 " \
dst-port=5555 in-interface=l2tp-flex protocol=tcp to-addresses=\
192.168.3.94 to-ports=3389
add action=dst-nat chain=dstnat dst-port=9999 protocol=tcp to-addresses=\
192.168.3.100 to-ports=5900
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
src-address=192.168.3.0/24 to-addresses=0.0.0.0
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
src-address=10.5.50.0/24
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes to-addresses=0.0.0.0
add action=masquerade chain=srcnat comment="ISP 1" out-interface=l2tp-beeline
add action=masquerade chain=srcnat comment="ISP 2" out-interface=l2tp-flex
/ip firewall service-port
set sip disabled=yes
/ip hotspot user
add name=admin
/ip route
add distance=1 gateway=127.0.1.2 routing-mark=wan1
add comment="Flex marc" distance=1 gateway=127.0.1.3 routing-mark=wan2
add comment=beeline distance=4 gateway=127.0.1.2
add comment=Flex distance=5 gateway=127.0.1.3
add comment="\ED\E5 \F3\E4\E0\EB\FF\F2\FC" distance=1 dst-address=8.8.8.8/32 \
gateway=127.0.1.2
add distance=1 dst-address=10.224.87.0/24 gateway=WAN-FLEXLAN3
add comment=flex distance=10 dst-address=10.255.255.254/32 gateway=\
10.224.122.1
add comment=beeline_vpnserber distance=10 dst-address=195.14.38.0/24 gateway=\
10.88.88.1
add comment=" http://maps.rosreestr.ru/PortalOnline/" disabled=yes distance=1 \
dst-address=195.161.118.12/32 gateway=127.0.1.3
/ip route rule
add action=unreachable comment="Block Hostpot" dst-address=10.5.50.0/24 \
src-address=192.168.3.0/24
add action=unreachable comment="Block Hostpot" dst-address=192.168.3.0/24 \
src-address=10.5.50.0/24
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www port=9090
set ssh disabled=yes
/lcd interface
set sfp1-gateway interface=sfp1-gateway
set LAN-beeline interface=LAN-beeline
set LAN2 interface=LAN2
set WAN-FLEXLAN3 interface=WAN-FLEXLAN3
set ether4 interface=ether4
set ether5 interface=ether5
set ether6-master-local interface=ether6-master-local
set ether7-slave-local interface=ether7-slave-local
set ether8-slave-local interface=ether8-slave-local
set ether9-slave-local interface=ether9-slave-local
set ether10-slave-local interface=ether10-slave-local
set wlan_wifi interface=wlan_wifi
/lcd interface pages
set 0 interfaces="sfp1-gateway,LAN-beeline,LAN2,WAN-FLEXLAN3,ether4,ether5,eth\
er6-master-local,ether7-slave-local,ether8-slave-local,ether9-slave-local,\
ether10-slave-local,wlan_wifi"
/ppp aaa
set use-radius=yes
/ppp secret
add local-address=192.168.3.1 name=svarceh password=****** \
remote-address=192.168.3.223 service=pptp
add comment="VPN Mikrotik" local-address=192.168.222.1 name=ykdav password=\
**** remote-address=192.168.222.5 service=l2tp
add local-address=192.168.99.1 name=drezna password=**** remote-address=\
192.168.99.224 service=pptp
add local-address=192.168.3.1 name=alex password=***** remote-address=\
192.168.3.225 service=pptp
add local-address=192.168.99.1 name=irina password=****** \
remote-address=192.168.99.226 routes=192.168.3.93 service=pptp
add local-address=192.168.3.1 name=buh password=**** remote-address=\
192.168.3.220
add local-address=192.168.222.1 name=brize password=****** \
remote-address=192.168.222.4 service=l2tp
add local-address=192.168.222.1 name=lenina125 password=**** \
remote-address=192.168.222.8 service=l2tp
add local-address=192.168.99.1 name=Wolf password=******* remote-address=\
192.168.99.227 routes=192.168.3.93 service=pptp
add disabled=yes local-address=192.168.222.1 name=ozruk password=***** \
remote-address=192.168.222.5 service=l2tp
add local-address=192.168.222.1 name=wolfhome password=***** \
remote-address=192.168.222.10
add local-address=192.168.3.1 name=kiril password=****** remote-address=\
192.168.3.229 routes=192.168.3.1 service=pptp
add local-address=192.168.222.1 name=lifter password=******* \
remote-address=192.168.222.6 service=l2tp
add local-address=192.168.99.1 name=sergey password=******* \
remote-address=192.168.99.100 service=pptp
add local-address=192.168.3.1 name=gulyanina password=****** \
remote-address=192.168.3.222 service=pptp
add local-address=192.168.222.1 name=wolfhome2 password=****** \
remote-address=192.168.222.11
/radius
add address=192.168.3.93 secret=********* service=ppp
/routing rip neighbor
add address=192.168.222.10
add address=192.168.222.4
add address=192.168.222.8
add address=192.168.222.5
add address=192.168.222.6
add address=192.168.222.11
/routing rip network
add network=192.168.3.0/24
add network=192.168.222.0/24
add network=192.168.99.0/24
/system clock
set time-zone-name=Europe/Moscow
/system identity
set name=MikroTik-Midas
/system logging
set 2 action=disk
add action=disk topics=l2tp
/system ntp client
set enabled=yes mode=unicast primary-ntp=62.149.2.1 secondary-ntp=62.149.2.2
/system scheduler
add disabled=yes interval=27s name=sch_main_if_ip on-event=\
"/system script run define_main_if_ip" policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
start-date=jan/01/1970 start-time=07:04:44
add disabled=yes interval=27s name=sch_reserved_if_ip on-event=\
"/system script run define_reserved_if_ip" policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
start-date=jan/01/1970 start-time=07:04:54
add disabled=yes interval=1m name=connection_check on-event=\
"/system script run connection_check" policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
start-date=jan/01/1970 start-time=07:05:26
add disabled=yes name=set_global_parameters on-event=\
"/system script run set_global_parameters" policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
start-time=startup
add disabled=yes interval=1s name=corbina-l2tp_soft_refresh on-event=\
"/system script run corbina-l2tp_soft_refresh" policy=\
reboot,read,write,policy,test start-time=startup
add disabled=yes name=corbina-l2tp_refresh on-event=\
"/system script run corbina-l2tp_refresh" policy=\
reboot,read,write,policy,test start-date=aug/14/2013 start-time=04:30:00
add interval=5m name=no-ip_flex_midasflex on-event=\
"/system script run no-ip_flex_midasflex" policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
start-time=startup
add disabled=yes interval=5m name=ScSetL2TPstart2 on-event=\
"/system script run no-ip_flex2" policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
start-date=dec/26/2013 start-time=08:17:46
add interval=5m name=no-ip_beeline on-event=\
"/system script run no-ip_beeline" policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
start-time=startup
/tool bandwidth-server
set allocate-udp-ports-from=1000 max-sessions=1
/tool mac-server
set [ find default=yes ] disabled=yes
add interface=LAN2
add interface=WAN-FLEXLAN3
add interface=ether4
add interface=ether5
add interface=ether6-master-local
add interface=ether7-slave-local
add interface=ether8-slave-local
add interface=ether9-slave-local
add interface=wlan_wifi
add interface=bridge_lan
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes
add interface=LAN2
add interface=WAN-FLEXLAN3
add interface=ether4
add interface=ether5
add interface=ether6-master-local
add interface=ether7-slave-local
add interface=ether8-slave-local
add interface=ether9-slave-local
add interface=wlan_wifi
add interface=bridge_lan
/tool netwatch
add down-script="ip route disable numbers=[find comment=beeline]\r\
\n" host=8.8.8.8 interval=10s up-script=\
"ip route enable numbers=[find comment=beeline]\r\
\n"



 "Client"
# mar/21/2014 12:12:16 by RouterOS 6.10
# software id = AMBU-3DVA
#
/interface bridge
add admin-mac=D4:CA:6D:EB:D4:87 auto-mac=no l2mtu=1598 name=bridge-local
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=\
20/40mhz-ht-above disabled=no distance=indoors l2mtu=2290 mode=ap-bridge \
ssid=homewifi
/interface ethernet
set [ find default-name=ether1 ] name=ether1-gateway
set [ find default-name=ether2 ] name=ether2-master-local
set [ find default-name=ether3 ] master-port=ether2-master-local name=\
ether3-slave-local
set [ find default-name=ether4 ] master-port=ether2-master-local name=\
ether4-slave-local
set [ find default-name=ether5 ] master-port=ether2-master-local name=\
ether5-slave-local
/ip neighbor discovery
set wlan1 discover=no
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk eap-methods="" \
mode=dynamic-keys wpa-pre-shared-key=******** wpa2-pre-shared-key=\
********
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m \
mac-cookie-timeout=3d
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=3des
/ip pool
add name=default-dhcp ranges=192.168.10.10-192.168.10.254
/ip dhcp-server
add address-pool=default-dhcp disabled=no interface=bridge-local name=default
/port
set 0 baud-rate=9600 data-bits=8 flow-control=none name=usb1 parity=none \
stop-bits=1
/ppp profile
add change-tcp-mss=no name=vpn use-compression=no use-encryption=no \
use-vj-compression=no
add change-tcp-mss=yes name=vpn2
/interface pppoe-client
add ac-name=oz-bras-02-7201 add-default-route=yes allow=\
pap,chap,mschap1,mschap2 default-route-distance=1 dial-on-demand=yes \
disabled=no interface=ether1-gateway keepalive-timeout=60 max-mru=1480 \
max-mtu=1480 mrru=disabled name=SmartIntel password=******* profile=\
default service-name="" use-peer-dns=no user=***********
/interface l2tp-client
add add-default-route=no allow=pap,chap,mschap1,mschap2 connect-to=\
93.81.245.45 dial-on-demand=no disabled=no keepalive-timeout=60 max-mru=\
1420 max-mtu=1460 mrru=disabled name=l2tp-office password=*********** \
profile=vpn user=wolfhome
add add-default-route=no allow=pap,chap,mschap1,mschap2 connect-to=\
officeinet2.no-ip.org dial-on-demand=no disabled=yes keepalive-timeout=60 \
max-mru=1390 max-mtu=1390 mrru=disabled name=l2tp-office_officeinet2 \
password=******** profile=vpn user=********
/interface pptp-client
add add-default-route=no allow=pap,chap,mschap1,mschap2 connect-to=\
officeinet.no-ip.org dial-on-demand=no disabled=yes keepalive-timeout=\
60 max-mru=1450 max-mtu=1450 mrru=1600 name=pptp-out_beeline password=\
******** profile=default-encryption user=********
add add-default-route=no allow=pap,chap,mschap1,mschap2 connect-to=\
officeinet2.no-ip.org dial-on-demand=no disabled=yes keepalive-timeout=60 \
max-mru=1450 max-mtu=1450 mrru=1600 name=pptp-out_flex password=******** \
profile=vpn user=wolfhome
/ip neighbor discovery
set SmartIntel discover=no
set l2tp-office discover=no
set l2tp-office_officeinet2 discover=no
/system logging action
set 0 memory-lines=100
set 1 disk-lines-per-file=100
/interface bridge port
add bridge=bridge-local interface=ether2-master-local
add bridge=bridge-local interface=wlan1
/ip address
add address=192.168.10.1/24 comment="default configuration" interface=\
bridge-local network=192.168.10.0
/ip dhcp-server network
add address=192.168.10.0/24 comment="default configuration" dns-server=\
192.168.3.93,192.168.10.1 gateway=192.168.10.1
/ip dns
set allow-remote-requests=yes servers=192.168.3.93,8.8.8.8,4.2.2.4
/ip dns static
add address=192.168.88.1 name=router
/ip firewall filter
add chain=input comment=time disabled=yes protocol=udp src-port=123
add chain=input comment="default configuration" disabled=yes protocol=icmp
add chain=input comment="default configuration" connection-state=established \
disabled=yes
add chain=input comment="default configuration" connection-state=related \
disabled=yes
add action=drop chain=input comment="default configuration" disabled=yes \
in-interface=ether1-gateway
add chain=forward comment="default configuration" connection-state=\
established disabled=yes
add chain=forward comment="default configuration" connection-state=related \
disabled=yes
add action=drop chain=forward comment="default configuration" \
connection-state=invalid disabled=yes
/ip firewall nat
add action=masquerade chain=srcnat comment="default configuration" \
out-interface=ether1-gateway
add action=masquerade chain=srcnat out-interface=SmartIntel to-addresses=\
0.0.0.0
/ip proxy
set parent-proxy=0.0.0.0
/ip route
add distance=1 dst-address=192.168.222.0/24 gateway=l2tp-office
/ip service
set telnet disabled=yes
set ftp disabled=yes
set ssh disabled=yes
set api disabled=yes
/ip upnp
set allow-disable-external-interface=no
/routing rip neighbor
add address=192.168.222.1
add address=192.168.99.1
/routing rip network
add network=192.168.10.0/24
/system clock
set time-zone-name=Europe/Moscow
/system leds
set 0 interface=wlan1
/system logging
add action=disk topics=l2tp
/system ntp client
set enabled=yes mode=unicast primary-ntp=62.149.2.1 secondary-ntp=62.149.2.2
/system scheduler
add disabled=yes interval=5m name=sche_SetL2TP_midasoz on-event=\
"/system script run SetL2TP_midasoz" policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
start-time=startup
add disabled=yes interval=10s name=sche_SetL2TP_midasoz on-event=\
"/system script run SetL2TP_midasoz" policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
start-date=dec/15/2013 start-time=09:52:11
add interval=5m name=schedule1 on-event="/system script run no-ip_flex" \
policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
start-time=startup
/tool mac-server
set [ find default=yes ] disabled=yes
add interface=ether2-master-local
add interface=ether3-slave-local
add interface=ether4-slave-local
add interface=ether5-slave-local
add interface=wlan1
add interface=bridge-local
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes
add interface=ether2-master-local
add interface=ether3-slave-local
add interface=ether4-slave-local
add interface=ether5-slave-local
add interface=wlan1
add interface=bridge-local
/tool netwatch
add down-script=":log info \"VPN-reset\"\r\
\n/system script run SetL2TP" host=192.168.3.1 interval=5s timeout=9s \
up-script=":log info \"VPN-horosho\""


vqd
Модератор
Сообщения: 3605
Зарегистрирован: 26 сен 2013, 14:20
Откуда: НСК
Контактная информация:

У вас на сервере PPTP на втором канале разрешен полностью, а L2TP только new


Есть интересная задача и бюджет? http://mikrotik.site
wolf_ktl
Сообщения: 417
Зарегистрирован: 25 июн 2013, 18:12

vqd писал(а):У вас на сервере PPTP на втором канале разрешен полностью, а L2TP только new



Простите а поподробнее можно? что ты имеешь ввиду?


vqd
Модератор
Сообщения: 3605
Зарегистрирован: 26 сен 2013, 14:20
Откуда: НСК
Контактная информация:

все правила в фильтрах отключите и попробуйте


Есть интересная задача и бюджет? http://mikrotik.site
Ответить