返回列表 發帖
角色

Rank: 2
1# 跳轉到 » 倒序看帖
打印
tT
發表於 2014-8-14 21:34 | 顯示全部帖子

【RouterOS】—— PPTP client and routing local packets to the remote server gateway

本帖最後由 角色 於 2014-8-17 15:22 編輯

Objectives:

1) Using RouterOS GUi (or Nat code) to program the device such that the local device can use the remote gateway.

The following post gives you the information of setting up a PPTP client on a Routerboard:
http://www.mikrotik.com/testdocs/ros/3.0/vpn/pptp.php

Also the following post provides a very practical example of setting up a PPTP client.

http://www.hkepc.com/forum/viewt ... ;highlight=mikrotik

The following wiki describes the step to mark which destination IP address has to go out via vpn tunnel (route packets to the remote VPN gateway) and the rest of destination IP addresses will use the local gateway.
http://wiki.mikrotik.com/wiki/Policy_Base_Routing
收藏 分享

角色

Rank: 2
2#
發表於 2014-8-15 00:32 | 顯示全部帖子
本帖最後由 角色 於 2014-8-19 01:20 編輯

The content of easy_setup.rsc
  1. :local username "test"
  2. :local password "1234"
  3. :local hostname "0.0.0.0"
  4. :local internal "192.168.88.0/24"
  5. /interface pptp-client
  6. add add-default-route=no allow=chap,mschap1,mschap2 connect-to=$hostname \
  7. dial-on-demand=no disabled=no keepalive-timeout=60 max-mru=1400 max-mtu=\
  8. 1400 mrru=disabled name=vpn_cn password=$password profile=\
  9. default-encryption user=$username
  10. /ip firewall mangle
  11. add action=mark-routing chain=prerouting dst-address-list=UnBlockIPList \
  12. port=80,443,8080 new-routing-mark=through_vpn_cn passthrough=no \
  13. protocol=tcp src-address-list=Internal-Nets disabled=no
  14. /ip firewall nat
  15. add action=masquerade chain=srcnat out-interface=vpn_cn disabled=no
  16. /ip route
  17. add distance=1 gateway=vpn_cn routing-mark=through_vpn_cn disabled=no \
  18. scope=255
  19. /ip dns
  20. set allow-remote-requests=yes servers=8.8.8.8,114.114.114.114
  21. /ip firewall address-list
  22. add list=Internal-Nets address=$internal comment="Internal-Nets"
  23. add list=UnBlockIPList address=103.7.28.0/24
  24. add list=UnBlockIPList address=103.7.30.0/24
  25. add list=UnBlockIPList address=103.7.31.0/24
  26. add list=UnBlockIPList address=107.21.213.0/24
  27. add list=UnBlockIPList address=111.161.48.0/24
  28. add list=UnBlockIPList address=115.182.93.0/24
  29. add list=UnBlockIPList address=117.121.54.0/24
  30. add list=UnBlockIPList address=118.244.244.0/24
  31. add list=UnBlockIPList address=119.147.19.0/24
  32. add list=UnBlockIPList address=119.188.40.0/24
  33. add list=UnBlockIPList address=123.125.195.0/24
  34. add list=UnBlockIPList address=123.125.89.0/24
  35. add list=UnBlockIPList address=123.126.48.0/24
  36. add list=UnBlockIPList address=123.126.53.0/24
  37. add list=UnBlockIPList address=123.126.98.0/24
  38. add list=UnBlockIPList address=123.126.99.0/24
  39. add list=UnBlockIPList address=123.58.180.0/24
  40. add list=UnBlockIPList address=125.39.70.0/24
  41. add list=UnBlockIPList address=125.39.95.0/24
  42. add list=UnBlockIPList address=125.89.72.0/24
  43. add list=UnBlockIPList address=163.177.71.0/24
  44. add list=UnBlockIPList address=163.177.79.0/24
  45. add list=UnBlockIPList address=163.177.89.0/24
  46. add list=UnBlockIPList address=180.153.106.0/24
  47. add list=UnBlockIPList address=180.153.21.0/24
  48. add list=UnBlockIPList address=180.153.225.0/24
  49. add list=UnBlockIPList address=180.76.2.0/24
  50. add list=UnBlockIPList address=182.16.230.0/24
  51. add list=UnBlockIPList address=183.61.119.0/24
  52. add list=UnBlockIPList address=184.51.15.0/24
  53. add list=UnBlockIPList address=192.241.222.0/24
  54. add list=UnBlockIPList address=202.108.14.0/24
  55. add list=UnBlockIPList address=202.108.23.0/24
  56. add list=UnBlockIPList address=202.108.37.0/24
  57. add list=UnBlockIPList address=202.108.5.0/24
  58. add list=UnBlockIPList address=202.55.10.0/24
  59. add list=UnBlockIPList address=202.55.12.0/24
  60. add list=UnBlockIPList address=210.129.145.0/24
  61. add list=UnBlockIPList address=211.151.181.0/24
  62. add list=UnBlockIPList address=218.205.72.0/24
  63. add list=UnBlockIPList address=218.30.66.0/24
  64. add list=UnBlockIPList address=218.77.91.0/24
  65. add list=UnBlockIPList address=220.181.109.0/24
  66. add list=UnBlockIPList address=220.181.118.0/24
  67. add list=UnBlockIPList address=220.181.153.0/24
  68. add list=UnBlockIPList address=220.181.154.0/24
  69. add list=UnBlockIPList address=220.181.185.0/24
  70. add list=UnBlockIPList address=220.181.19.0/24
  71. add list=UnBlockIPList address=220.181.61.0/2
  72. add list=UnBlockIPList address=220.181.74.0/24
  73. add list=UnBlockIPList address=220.181.90.0/24
  74. add list=UnBlockIPList address=220.181.94.0/24
  75. add list=UnBlockIPList address=220.194.199.0/24
  76. add list=UnBlockIPList address=221.238.18.0/24
  77. add list=UnBlockIPList address=42.156.140.0/24
  78. add list=UnBlockIPList address=42.62.20.0/24
  79. add list=UnBlockIPList address=42.62.49.0/24
  80. add list=UnBlockIPList address=54.243.116.0/24
  81. add list=UnBlockIPList address=58.215.179.0/24
  82. add list=UnBlockIPList address=58.222.17.0/24
  83. add list=UnBlockIPList address=58.63.237.0/24
  84. add list=UnBlockIPList address=58.83.190.0/24
  85. add list=UnBlockIPList address=59.151.12.0/24
  86. add list=UnBlockIPList address=60.217.235.0/24
  87. add list=UnBlockIPList address=60.28.164.0/24
  88. add list=UnBlockIPList address=61.135.132.0/24
  89. add list=UnBlockIPList address=61.135.181.0/24
  90. add list=UnBlockIPList address=61.135.183.0/24
  91. add list=UnBlockIPList address=61.135.196.0/24
  92. add list=UnBlockIPList address=61.135.253.0/24
  93. add list=UnBlockIPList address=66.102.246.0/24
複製代碼
Test

http://www.hkepc.com/forum/redir ... 57&pid=31963296

TOP

角色

Rank: 2
3#
發表於 2014-8-19 01:39 | 顯示全部帖子
本帖最後由 角色 於 2014-8-19 02:40 編輯

http://www.hkepc.com/forum/viewt ... page=13#pid31614526

http://www.hkepc.com/forum/redir ... 57&pid=31963296

http://www.hkepc.com/forum/redir ... 51&pid=31614526

Temp links:
http://www.hkepc.com/forum/viewt ... =239887&page=14
http://www.hkepc.com/forum/viewt ... ice&tid=2069651
http://www.hkepc.com/forum/viewt ... page=13#pid31614526

TOP

角色

Rank: 2
4#
發表於 2014-8-27 00:33 | 顯示全部帖子
终于搞定,都是按照下面的帖子去做。

http://www.hkepc.com/forum/viewt ... page=13#pid31614526

TOP

角色

Rank: 2
5#
發表於 2014-12-29 17:40 | 顯示全部帖子
都是一样,你到过来做就可以。

TOP

角色

Rank: 2
6#
發表於 2014-12-30 00:11 | 顯示全部帖子
unblockIPList里内容当然不一样,你要log,一个一个找出来。

TOP

角色

Rank: 2
7#
發表於 2015-1-1 20:06 | 顯示全部帖子
你的问题太少信息!
你好想说过RB与Draytek连,但是两边的network addresses是什么我们都不知道。

TOP

角色

Rank: 2
8#
發表於 2015-1-1 23:34 | 顯示全部帖子
最初你说,RB在大陆,但是在ADSL modem后的Router接着,理应可以连接香港的Draytek的VPN Server。
我的Script是用于香港,所以可能某些问题不能预先处理好。

(如果你有兴趣,我们可以一起来研究)

TOP

角色

Rank: 2
9#
發表於 2015-1-3 22:08 | 顯示全部帖子
你可以试试看tracert www.netvigator.com

TOP

返回列表