Rozdíly
Zde můžete vidět rozdíly mezi vybranou verzí a aktuální verzí dané stránky.
| Následující verze | Předchozí verze | ||
|
mikrotik [2019/05/05 23:50] 0.0.0.0 vytvořeno |
mikrotik [2024/11/15 15:35] (aktuální) simandl [Port forward] |
||
|---|---|---|---|
| Řádek 3: | Řádek 3: | ||
| = Mikrotik = | = Mikrotik = | ||
| - | telnet 192.168.88.3 | + | telnet 192.168.88.3 |
| - | admin password | + | admin password |
| - | /ip address add address=10.33.X.226/30 interface=bridge | + | /ip address add address=10.33.X.226/30 interface=bridge |
| - | /ip route add gateway=10.33.X.225 | + | /ip route add gateway=10.33.X.225 |
| + | |||
| + | = NAT = | ||
| + | |||
| + | [admin@kostko] > /export terse | ||
| + | # mar/31/2023 12:59:14 by RouterOS 6.48.6 | ||
| + | # software id = 0G0N-RD87 | ||
| + | # | ||
| + | # model = RBwAPG-60ad | ||
| + | # serial number = HD8dddddd | ||
| + | /interface w60g set [ find ] disabled=no mode=station-bridge name=wlan60-1 password=password region=eu ssid=AP60G | ||
| + | /interface list add name=WAN | ||
| + | /interface list add name=LAN | ||
| + | /interface wireless security-profiles set [ find default=yes ] supplicant-identity=MikroTik | ||
| + | /ip pool add name=dhcp ranges=192.168.88.100-192.168.88.200 | ||
| + | /ip dhcp-server add address-pool=dhcp disabled=no interface=ether1 name=default | ||
| + | /interface list member add interface=wlan60-1 list=WAN | ||
| + | /interface list member add interface=ether1 list=LAN | ||
| + | /ip address add address=192.168.88.1/24 interface=ether1 network=192.168.88.0 | ||
| + | /ip dhcp-client add disabled=no interface=wlan60-1 | ||
| + | /ip dhcp-server network add address=192.168.88.0/24 gateway=192.168.88.1 netmask=24 | ||
| + | /ip dns set allow-remote-requests=yes | ||
| + | /ip firewall nat add action=masquerade chain=srcnat ipsec-policy=out,none out-interface-list=WAN | ||
| + | /system clock set time-zone-name=Europe/Prague | ||
| + | /system identity set name=kostko | ||
| ====== NetBox 5 alias [[http://wifi.aspa.cz/mikrotik-routerboard-netbox-5-rb911g-5hpacd-nb-802-11ac-2x2mimo-1xglan-routeros-l4-poe-z106325/|RB911G-5HPacD-NB]], RB911G-5HPacD ====== | ====== NetBox 5 alias [[http://wifi.aspa.cz/mikrotik-routerboard-netbox-5-rb911g-5hpacd-nb-802-11ac-2x2mimo-1xglan-routeros-l4-poe-z106325/|RB911G-5HPacD-NB]], RB911G-5HPacD ====== | ||
| Řádek 100: | Řádek 124: | ||
| |} | |} | ||
| <nowiki />* K oběma zařízením připojeno PC s gigabitovou síťovkou, rychlost testována z PC na PC pomocí iperf, TCP window size: 43.8 KByte (default). TX power 6dBm. Protokol 802.11 (tj. ne nv2 nebo nstreme, pro AC hardware to zatím nemají odladěné a jede to pomaleji než 802.11). Zařízení v režimu AP bridge a Station Bridge. | <nowiki />* K oběma zařízením připojeno PC s gigabitovou síťovkou, rychlost testována z PC na PC pomocí iperf, TCP window size: 43.8 KByte (default). TX power 6dBm. Protokol 802.11 (tj. ne nv2 nebo nstreme, pro AC hardware to zatím nemají odladěné a jede to pomaleji než 802.11). Zařízení v režimu AP bridge a Station Bridge. | ||
| + | |||
| + | ===== Wireguard klient ===== | ||
| + | |||
| + | /interface wireguard add listen-port=25951 mtu=1420 name=wireguard-client-jab | ||
| + | /interface list member add interface=wireguard-client-jab list=LAN | ||
| + | /interface wireguard peers add allowed-address=10.33.0.47/32,192.168.12.0/24 endpoint-address=wg.jablonka.cz endpoint-port=51820 interface=wireguard-client-jab name=jabwg persistent-keepalive=25s public-key="..." | ||
| + | /ip address add address=192.168.12.22/24 interface=wireguard-client-jab network=192.168.12.0 | ||
| + | /ip route add dst-address=10.33.0.47/32 gateway=wireguard-client-jab | ||
| + | |||
| + | |||
| + | ===== Port forward na interní IPéčko===== | ||
| + | |||
| + | /ip firewall filter add action=accept chain=forward dst-port=8080 in-interface=wireguard-client-jab protocol=tcp | ||
| + | /ip firewall nat add action=dst-nat chain=dstnat dst-address=192.168.12.22 dst-port=8080 protocol=tcp to-addresses=192.168.88.254 to-ports=80 | ||
| + | |||
| + | |||
