Здравствуйте, конечная задача у меня такая: настроить роутер Zyxel Keeneric Giga II на то чтобы он выполнял роль точки доступа, локальные клиенты заворачиваются в 111 влан и к нему был доступ из внешней сети по влану 1000 (управление) и чтобы он мог обновляться по влану 102, в общем и целом всё получилось кроме одного - он не хочет видеть интернет, шлюз (192.168.2.1) не пингуется(пинг 100% открыт).
Вот мой конфиг:
Скрытый текст
! $$$ Model: ZyXEL Keenetic Giga II
! $$$ Version: 2.06.1
! $$$ Agent: http/ci
! $$$ Last change: Tue, 29 Oct 2013 00:00:39 GMT
! $$$ Md5 checksum: 3b393ed30e9804a5892d309374e08a29
system
set net.ipv4.ip_forward 1
set net.ipv4.tcp_fin_timeout 30
set net.ipv4.tcp_keepalive_time 120
set net.ipv4.netfilter.ip_conntrack_tcp_timeout_established 1200
set net.ipv4.netfilter.ip_conntrack_max 10240
set vm.swappiness 100
clock timezone Europe/Moscow
domainname WORKGROUP
hostname Keenetic_Giga
!
ntp server 172.17.17.1
isolate-private
dyndns profile _WEBADMIN
!
interface GigabitEthernet0
up
!
interface GigabitEthernet0/1
name 1
switchport mode access
switchport access vlan 111
up
!
interface GigabitEthernet0/2
name 2
switchport mode access
switchport access vlan 111
up
!
interface GigabitEthernet0/3
name 3
switchport mode access
switchport access vlan 111
up
!
interface GigabitEthernet0/4
name 4
switchport mode access
switchport access vlan 111
up
!
interface GigabitEthernet0/Vlan102
name ISP
description "Broadband connection"
mac address factory wan
security-level public
ip address 192.168.2.20 255.255.255.0
ip dhcp client dns-routes
ip dhcp client name-servers
ip mtu 1500
ip global 700
igmp upstream
up
!
interface GigabitEthernet0/Vlan111
security-level private
ip dhcp client dns-routes
ip dhcp client name-servers
up
!
interface GigabitEthernet0/Vlan1000
name management
description "management port"
mac address factory wan
security-level private
ip address 172.17.17.40 255.255.255.0
ip dhcp client hostname Keenetic_Giga
ip dhcp client dns-routes
ip dhcp client name-servers
ip mtu 1500
up
!
interface GigabitEthernet0/0
name 0
role inet for ISP
switchport mode trunk
switchport access vlan 1
switchport trunk vlan 1000
switchport trunk vlan 111
switchport trunk vlan 102
up
!
interface WifiMaster0
country-code RU
compatibility BGN
channel width 40-below
power 100
up
!
interface WifiMaster0/AccessPoint0
name AccessPoint
description "Wi-Fi access point"
mac access-list type none
security-level private
authentication wpa-psk ns3 YicAYnD/DOsC53lfaMOPx7pG
encryption enable
encryption wpa2
ip dhcp client dns-routes
ip dhcp client name-servers
ssid Keenetic-6813
wmm
up
!
interface Bridge2
inherit GigabitEthernet0/Vlan111
include AccessPoint
security-level private
ip dhcp client dns-routes
ip dhcp client name-servers
up
!
ip route default 192.168.2.1 ISP
ip route 192.168.1.0 255.255.255.0 172.17.17.1 management
ip dhcp pool _WEBADMIN
enable
!
ip dhcp pool _WEBADMIN_GUEST_AP
enable
!
ip name-server 8.8.8.8 ""
ip name-server 77.88.8.8 ""
ppe software
ppe hardware
user admin
password nt 31d6cfe0d16ae931b73c59d7e0c089c0
tag cli
tag http
tag ftp
tag cifs
tag printers
!
service dhcp
service dns-proxy
service igmp-proxy
service cifs
service http
service telnet
service ntp-client
service upnp
cifs
automount
permissive
!
You can post now and register later.
If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.
Question
Ильяс Тимир-Булатов
Здравствуйте, конечная задача у меня такая: настроить роутер Zyxel Keeneric Giga II на то чтобы он выполнял роль точки доступа, локальные клиенты заворачиваются в 111 влан и к нему был доступ из внешней сети по влану 1000 (управление) и чтобы он мог обновляться по влану 102, в общем и целом всё получилось кроме одного - он не хочет видеть интернет, шлюз (192.168.2.1) не пингуется(пинг 100% открыт).
Вот мой конфиг:
! $$$ Model: ZyXEL Keenetic Giga II
! $$$ Version: 2.06.1
! $$$ Agent: http/ci
! $$$ Last change: Tue, 29 Oct 2013 00:00:39 GMT
! $$$ Md5 checksum: 3b393ed30e9804a5892d309374e08a29
system
set net.ipv4.ip_forward 1
set net.ipv4.tcp_fin_timeout 30
set net.ipv4.tcp_keepalive_time 120
set net.ipv4.netfilter.ip_conntrack_tcp_timeout_established 1200
set net.ipv4.netfilter.ip_conntrack_max 10240
set vm.swappiness 100
clock timezone Europe/Moscow
domainname WORKGROUP
hostname Keenetic_Giga
!
ntp server 172.17.17.1
isolate-private
dyndns profile _WEBADMIN
!
interface GigabitEthernet0
up
!
interface GigabitEthernet0/1
name 1
switchport mode access
switchport access vlan 111
up
!
interface GigabitEthernet0/2
name 2
switchport mode access
switchport access vlan 111
up
!
interface GigabitEthernet0/3
name 3
switchport mode access
switchport access vlan 111
up
!
interface GigabitEthernet0/4
name 4
switchport mode access
switchport access vlan 111
up
!
interface GigabitEthernet0/Vlan102
name ISP
description "Broadband connection"
mac address factory wan
security-level public
ip address 192.168.2.20 255.255.255.0
ip dhcp client dns-routes
ip dhcp client name-servers
ip mtu 1500
ip global 700
igmp upstream
up
!
interface GigabitEthernet0/Vlan111
security-level private
ip dhcp client dns-routes
ip dhcp client name-servers
up
!
interface GigabitEthernet0/Vlan1000
name management
description "management port"
mac address factory wan
security-level private
ip address 172.17.17.40 255.255.255.0
ip dhcp client hostname Keenetic_Giga
ip dhcp client dns-routes
ip dhcp client name-servers
ip mtu 1500
up
!
interface GigabitEthernet0/0
name 0
role inet for ISP
switchport mode trunk
switchport access vlan 1
switchport trunk vlan 1000
switchport trunk vlan 111
switchport trunk vlan 102
up
!
interface WifiMaster0
country-code RU
compatibility BGN
channel width 40-below
power 100
up
!
interface WifiMaster0/AccessPoint0
name AccessPoint
description "Wi-Fi access point"
mac access-list type none
security-level private
authentication wpa-psk ns3 YicAYnD/DOsC53lfaMOPx7pG
encryption enable
encryption wpa2
ip dhcp client dns-routes
ip dhcp client name-servers
ssid Keenetic-6813
wmm
up
!
interface Bridge2
inherit GigabitEthernet0/Vlan111
include AccessPoint
security-level private
ip dhcp client dns-routes
ip dhcp client name-servers
up
!
ip route default 192.168.2.1 ISP
ip route 192.168.1.0 255.255.255.0 172.17.17.1 management
ip dhcp pool _WEBADMIN
enable
!
ip dhcp pool _WEBADMIN_GUEST_AP
enable
!
ip name-server 8.8.8.8 ""
ip name-server 77.88.8.8 ""
ppe software
ppe hardware
user admin
password nt 31d6cfe0d16ae931b73c59d7e0c089c0
tag cli
tag http
tag ftp
tag cifs
tag printers
!
service dhcp
service dns-proxy
service igmp-proxy
service cifs
service http
service telnet
service ntp-client
service upnp
cifs
automount
permissive
!
Link to comment
Share on other sites
1 answer to this question
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.