Ильяс Тимир-Булатов
-
Posts
3 -
Joined
-
Last visited
Content Type
Profiles
Forums
Gallery
Downloads
Blogs
Events
Posts posted by Ильяс Тимир-Булатов
-
-
Здравствуйте, конечная задача у меня такая: настроить роутер Zyxel Keeneric Giga II на то чтобы он выполнял роль точки доступа, локальные клиенты заворачиваются в 111 влан и к нему был доступ из внешней сети по влану 1000 (управление) и чтобы он мог обновляться по влану 102, в общем и целом всё получилось кроме одного - он не хочет видеть интернет, шлюз (192.168.2.1) не пингуется(пинг 100% открыт).
Вот мой конфиг:
Скрытый текст! $$$ Model: ZyXEL Keenetic Giga II
! $$$ Version: 2.06.1
! $$$ Agent: http/ci
! $$$ Last change: Tue, 29 Oct 2013 00:00:39 GMT
! $$$ Md5 checksum: 3b393ed30e9804a5892d309374e08a29system
set net.ipv4.ip_forward 1
set net.ipv4.tcp_fin_timeout 30
set net.ipv4.tcp_keepalive_time 120
set net.ipv4.netfilter.ip_conntrack_tcp_timeout_established 1200
set net.ipv4.netfilter.ip_conntrack_max 10240
set vm.swappiness 100
clock timezone Europe/Moscow
domainname WORKGROUP
hostname Keenetic_Giga
!
ntp server 172.17.17.1
isolate-private
dyndns profile _WEBADMIN
!
interface GigabitEthernet0
up
!
interface GigabitEthernet0/1
name 1
switchport mode access
switchport access vlan 111
up
!
interface GigabitEthernet0/2
name 2
switchport mode access
switchport access vlan 111
up
!
interface GigabitEthernet0/3
name 3
switchport mode access
switchport access vlan 111
up
!
interface GigabitEthernet0/4
name 4
switchport mode access
switchport access vlan 111
up
!
interface GigabitEthernet0/Vlan102
name ISP
description "Broadband connection"
mac address factory wan
security-level public
ip address 192.168.2.20 255.255.255.0
ip dhcp client dns-routes
ip dhcp client name-servers
ip mtu 1500
ip global 700
igmp upstream
up
!
interface GigabitEthernet0/Vlan111
security-level private
ip dhcp client dns-routes
ip dhcp client name-servers
up
!
interface GigabitEthernet0/Vlan1000
name management
description "management port"
mac address factory wan
security-level private
ip address 172.17.17.40 255.255.255.0
ip dhcp client hostname Keenetic_Giga
ip dhcp client dns-routes
ip dhcp client name-servers
ip mtu 1500
up
!
interface GigabitEthernet0/0
name 0
role inet for ISP
switchport mode trunk
switchport access vlan 1
switchport trunk vlan 1000
switchport trunk vlan 111
switchport trunk vlan 102
up
!
interface WifiMaster0
country-code RU
compatibility BGN
channel width 40-below
power 100
up
!
interface WifiMaster0/AccessPoint0
name AccessPoint
description "Wi-Fi access point"
mac access-list type none
security-level private
authentication wpa-psk ns3 YicAYnD/DOsC53lfaMOPx7pG
encryption enable
encryption wpa2
ip dhcp client dns-routes
ip dhcp client name-servers
ssid Keenetic-6813
wmm
up
!
interface Bridge2
inherit GigabitEthernet0/Vlan111
include AccessPoint
security-level private
ip dhcp client dns-routes
ip dhcp client name-servers
up
!
ip route default 192.168.2.1 ISP
ip route 192.168.1.0 255.255.255.0 172.17.17.1 management
ip dhcp pool _WEBADMIN
enable
!
ip dhcp pool _WEBADMIN_GUEST_AP
enable
!
ip name-server 8.8.8.8 ""
ip name-server 77.88.8.8 ""
ppe software
ppe hardware
user admin
password nt 31d6cfe0d16ae931b73c59d7e0c089c0
tag cli
tag http
tag ftp
tag cifs
tag printers
!
service dhcp
service dns-proxy
service igmp-proxy
service cifs
service http
service telnet
service ntp-client
service upnp
cifs
automount
permissive
! -
21 минуту назад, TheBB сказал:
Да все из тех же, что и на "ВВ" (кампутирь). Встречный вопрос: от имени какого пользователя идет установка ОС на "ВВ"?
а что есть такое "ВВ"?
Настройка внешней сети
in Обмен опытом
Posted
решил, вот рабочий конфиг:
! $$$ Model: ZyXEL Keenetic Giga II
! $$$ Version: 2.06.1
! $$$ Agent: http/ci
! $$$ Last change: Mon, 6 Feb 2017 09:39:58 GMT
! $$$ Md5 checksum: 1242badabfedd537760146808c66090c
system
set net.ipv4.ip_forward 1
set net.ipv4.tcp_fin_timeout 30
set net.ipv4.tcp_keepalive_time 120
set net.ipv4.netfilter.ip_conntrack_tcp_timeout_established 1200
set net.ipv4.netfilter.ip_conntrack_max 10240
set vm.swappiness 100
clock timezone Europe/Moscow
clock date 6 Feb 2017 12:40:31
domainname WORKGROUP
hostname Keenetic_Giga
!
ntp server 172.17.17.1
isolate-private
dyndns profile _WEBADMIN
!
interface GigabitEthernet0
up
!
interface GigabitEthernet0/1
name 1
switchport mode access
switchport access vlan 111
up
!
interface GigabitEthernet0/2
name 2
switchport mode access
switchport access vlan 111
up
!
interface GigabitEthernet0/3
name 3
switchport mode access
switchport access vlan 111
up
!
interface GigabitEthernet0/4
name 4
switchport mode access
switchport access vlan 111
up
!
interface GigabitEthernet0/Vlan1
description "Home VLAN"
security-level private
ip dhcp client dns-routes
ip dhcp client name-servers
up
!
interface GigabitEthernet0/Vlan3
description "Guest VLAN"
security-level public
ip address 10.1.30.1 255.255.255.0
ip dhcp client dns-routes
ip dhcp client name-servers
up
!
interface GigabitEthernet0/Vlan102
security-level public
ip address 192.168.2.20 255.255.255.0
ip dhcp client hostname Keenetic_Giga
ip dhcp client dns-routes
ip dhcp client name-servers
ip mtu 1500
ip global 700
up
!
interface GigabitEthernet0/0
name 0
role inet for GigabitEthernet0/Vlan102
switchport mode trunk
switchport trunk vlan 102
switchport trunk vlan 1000
switchport trunk vlan 111
up
!
interface GigabitEthernet0/Vlan111
security-level private
ip dhcp client dns-routes
ip dhcp client name-servers
up
!
interface GigabitEthernet0/Vlan1000
name management
description "management port"
security-level private
ip address 172.17.17.40 255.255.255.0
ip dhcp client dns-routes
ip dhcp client name-servers
up
!
interface WifiMaster0
country-code RU
compatibility BGN
up
!
interface WifiMaster0/AccessPoint0
name AccessPoint
description "Wi-Fi access point"
mac access-list type deny
mac access-list address 9c:b7:0d:4c:b2:cf
security-level private
authentication wpa-psk ns3 s7qihf7q3BO1FxvNiDcA7rS8kbrjZdOm4Q+6rM+f/+xJn1XO
encryption enable
encryption wpa2
ip dhcp client dns-routes
ip dhcp client name-servers
ssid retro44
wmm
up
!
interface WifiMaster0/AccessPoint1
name GuestWiFi
description "Guest access point"
mac access-list type none
security-level private
ip dhcp client dns-routes
ip dhcp client name-servers
ssid Guest
wmm
down
!
interface WifiMaster0/AccessPoint2
mac access-list type none
security-level private
ip dhcp client dns-routes
ip dhcp client name-servers
down
!
interface WifiMaster0/AccessPoint3
mac access-list type none
security-level private
ip dhcp client dns-routes
ip dhcp client name-servers
down
!
interface WifiMaster0/WifiStation0
security-level public
encryption disable
ip address dhcp
ip dhcp client dns-routes
ip dhcp client name-servers
down
!
interface Bridge0
name Home
description "Wi-Fi and Local network"
inherit GigabitEthernet0/Vlan111
include AccessPoint
security-level private
ip dhcp client dns-routes
ip dhcp client name-servers
up
!
interface Bridge1
name Guest
description "Guest network"
include GuestWiFi
security-level protected
ip dhcp client dns-routes
ip dhcp client name-servers
up
!
ip route 192.168.1.0 255.255.255.0 172.17.17.1 management
ip route default 192.168.2.1 GigabitEthernet0/Vlan102
ip dhcp pool _WEBADMIN_GUEST_AP
bind Guest
enable
!
ip name-server 8.8.8.8 ""
ip name-server 77.88.8.8 ""
ip name-server 8.8.8.8 "" on GigabitEthernet0/Vlan102
ip name-server 8.8.4.4 "" on GigabitEthernet0/Vlan102
ip nat Guest
ppe software
ppe hardware
user admin
password nt 31d6cfe0d16ae931b73c59d7e0c089c0
tag cli
tag http
tag ftp
tag cifs
tag printers
!
service dhcp
service dns-proxy
service igmp-proxy
service cifs
service http
service telnet
service ntp-client
service upnp
cifs
automount
permissive
!
!