Citiraj:
Autor Prezime
Nema na cemu 
Inace, preporuka je uvjek kad se radi nekakav update direktno zicom spajat router i komp... |
Uspio sam sloziti wan na portu 4 bez masquerade nat-a, routan na Mikrotik sa dhcp relayom tako da se na mikrotiku vide korisnici u dhcp serveru za guest network... I posto je promet routan moze se blokirat pristup kucnoj mrezi na mikrotiku...
Najviše sam oduševljen dhcp relayom na ovom ruteru....
na mikrotiku napravljen dhcp server sa mrezom 192.168.98.0/24 i stavljen relay 192.168.98.1
dodana ruta 192.168.98.0/24 na ST780 gate 192.168.88.4
Konfiguracija od ST780
Code:
:ppp relay flush
:ppp flush
:eth flush
:atm flush
:atm phonebook flush
:eth bridge ifdelete intf=ethport4
:eth ifadd intf=eth_wan
:eth ifconfig intf=eth_wan dest=ethif4 wan enabled
:eth ifattach intf=eth_wan
:ip ifadd intf=ip_wan_eth dest=eth_wan
:ip ifconfig intf=ip_wan_eth status=up
:ip ifattach intf=ip_wan_eth
:dhcp client ifadd intf=ip_wan_eth
:dhcp client ifconfig intf=ip_wan_eth metric=5 dnsmetric=5
:dhcp client rqoptions add intf=ip_wan_eth option=dhcp-lease-time
:dhcp client rqoptions add intf=ip_wan_eth option=dhcp-renewal-time
:dhcp client rqoptions add intf=ip_wan_eth option=dhcp-rebinding-time
:dhcp client rqoptions add intf=ip_wan_eth option=subnet-mask
:dhcp client rqoptions add intf=ip_wan_eth option=classless-static-routes
:dhcp client rqoptions add intf=ip_wan_eth option=default-routers
:dhcp client rqoptions add intf=ip_wan_eth option=classfull-static-routes
:dhcp client rqoptions add intf=ip_wan_eth option=domain-name-servers
:dhcp client ifattach intf=ip_wan_eth
:dhcp server config state disabled
:service system modify name DHCP-S state disabled
:dhcp relay modify name LocalNetwork_to_127.0.0.1 intf LocalNetwork addr 192.168.88.1
:dhcp relay ifconfig intf LocalNetwork relay enabled
:service system modify name DHCP-R state enabled
:service system ifadd name HTTP group wan
:service system ipadd name=HTTP ip=192.168.0.0/16
:service system ipadd name=HTTP ip=10.0.0.0/8
:service system modify name=HTTP state=enabled
:service system ifadd name HTTPs group wan
:service system ipadd name=HTTPs ip=192.168.0.0/16
:service system ipadd name=HTTPs ip=10.0.0.0/8
:service system modify name=HTTPs state=enabled
:service system ifadd name TELNET group wan
:service system ipadd name=TELNET ip=192.168.0.0/16
:service system ipadd name=TELNET ip=10.0.0.0/8
:service system ipdelete name=TELNET ip=172.[16-31].*.*
:service system ipdelete name=TELNET ip=194.126.117.170
:service system modify name=TELNET state=enabled
:service system ifadd name FTP group wan
:service system ipadd name=FTP ip=192.168.0.0/16
:service system ipadd name=FTP ip=10.0.0.0/8
:service system modify name=FTP state=enabled
:service system ifadd name PING_RESPONDER group wan
:service system ipadd name=PING_RESPONDER ip=192.168.0.0/16
:service system ipadd name=PING_RESPONDER ip=10.0.0.0/8
:service system modify name=PING_RESPONDER state=enabled
:firewall config tcpchecks none
:firewall config udpchecks disabled
:dsd config state=disabled
:ids config state=disabled
:env set var=SESSIONTIMEOUT value=0
:ip config natloopback=enabled
:saveall
da bi se moglo pristupit konfiguraciji wanom,moraju se flush-at useri i dodat administrator kao superuser ili root...
Hvala jos jednom, mozda i ovaj moj eksperiment nekome pomogne