PPTP+EoIP подняли для шифрования канала;
Каналы организованы путем аренды каналов у оператора интернета;
Главный офис - CCR1009;
Дополнительные офисы (5 штук) RB850Gx2;
CCR1009
Код: Выделить всё
# oct/18/2016 09:44:29 by RouterOS 6.36.3
# software id = W5P5-7SDN
#
/interface bridge
add name=ria-bridge
/interface eoip
add !keepalive mac-address=bl:ab:la:bl:ab:la name=ria-EoIP-A remote-address=192.168.100.3 tunnel-id=513
add !keepalive mac-address=bl:ab:la:bl:ab:la name=ria-EoIP-D remote-address=192.168.100.2 tunnel-id=512
add !keepalive mac-address=bl:ab:la:bl:ab:la name=ria-EoIP-R remote-address=192.168.100.5 tunnel-id=515
add !keepalive mac-address=bl:ab:la:bl:ab:la name=ria-EoIP-X remote-address=192.168.100.6 tunnel-id=516
add !keepalive mac-address=bl:ab:la:bl:ab:la name=ria-EoIP-Y remote-address=192.168.100.4 tunnel-id=514
/ppp profile
set *0 bridge=ria-bridge dns-server=192.168.100.66 local-address=192.168.1.222
/interface bridge port
add bridge=ria-bridge interface=ether2
add bridge=ria-bridge interface=ether3
add bridge=ria-bridge interface=ether4
add bridge=ria-bridge interface=ether5
add bridge=ria-bridge interface=ether6
add bridge=ria-bridge interface=ether7
add bridge=ria-bridge interface=ether8
/interface pppoe-server server
add disabled=no interface=<l2tp> service-name=service1
/interface pptp-server server
set enabled=yes
/ip address
add address=192.168.100.1/24 interface=ether1 network=192.168.100.0
/ip dns
set allow-remote-requests=yes servers=192.168.100.66
/ip route
add distance=1 gateway=192.168.100.66
/ppp secret
add local-address=192.168.100.1 name=ria-D password=ytw remote-address=192.168.100.2 service=pptp
add local-address=192.168.100.1 name=ria-A password=ytw remote-address=192.168.100.3 service=pptp
add local-address=192.168.100.1 name=ria-Y password=ytw remote-address=192.168.100.4 service=pptp
add local-address=192.168.100.1 name=ria-R password=ytw remote-address=192.168.100.5 service=pptp
add local-address=192.168.100.1 name=ria-X password=ytw remote-address=192.168.100.6 service=pptp
/system clock
set time-zone-name=Asia/Krasnoyarsk
/system identity
set name=OWNER
/system routerboard settings
set protected-routerboot=disabled
/tool graphing interface
add
/tool graphing queue
add
/tool graphing resource
add
На всех остальных офисах RB850Gx2 cfg (соответственно IP адреса и номера туннелей разные, а все остальное одинаковое):
Код: Выделить всё
[admin@Y] > export compact
# oct/18/2016 09:51:43 by RouterOS 6.34.3
# software id = 7DCC-FYUS
#
/interface bridge
add name=ria-bridge
/interface ethernet
set [ find default-name=ether2 ] name=ether2-master
/interface pptp-client
add connect-to=192.168.100.1 disabled=no name=ria-tunnel password=ytw user=ria-Y
/interface eoip
add !keepalive mac-address=bl:ab:la:bl:ab:la name=ria-EoIP remote-address=192.168.100.1 tunnel-id=514
/ip neighbor discovery
set ether1 discover=no
/interface bridge port
add bridge=ria-bridge interface=ether1
add bridge=ria-bridge interface=ether2-master
add bridge=ria-bridge interface=ether3
add bridge=ria-bridge interface=ether4
add bridge=ria-bridge interface=ether5
add bridge=ria-bridge interface=ria-EoIP
/ip address
add address=192.168.100.4/24 comment=defconf interface=ether2-master network=192.168.100.0
/ip dns
set allow-remote-requests=yes servers=192.168.100.66,192.168.1.66
/ip route
add distance=1 gateway=192.168.100.66
/system clock
set time-zone-autodetect=no time-zone-name=Asia/Krasnoyarsk
/system identity
set name=Y
/system routerboard settings
set cpu-frequency=533MHz protected-routerboot=disabled
/tool mac-server
set [ find default=yes ] disabled=yes
add interface=ether2-master
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes
add interface=ether2-master
При этом клиент PPTP (RB) все время реконнектиться к серверу PPTP (CCR1009)
И вообще почему-то CCR1009 не пингуется когда PPTP-Client подключен, пингуется когда отключается PPTP-Client от сервера:
Код: Выделить всё
[admin@A] > ping 192.168.100.1
SEQ HOST SIZE TTL TIME STATUS
0 192.168.100.1 timeout
1 192.168.100.1 timeout
2 192.168.100.1 timeout
3 192.168.100.1 56 64 0ms
4 192.168.100.1 56 64 0ms
5 192.168.100.1 56 64 0ms
sent=6 received=3 packet-loss=50%
ОТОРВИТЕ МНЕ РУКИ, ЕСЛИ ЧТО НЕ ТАК!!!