Îáúåäèíèòü äâà wl500gP â îäíîé ãîðîäñêîé ñåòêå

**pLuto** · 25-06-2008, 16:05

Ýòî â ñëó÷àå hub-spoke òîïîëîãèè, êîãäà äâà êëèåíòà âÿæóòñÿ ê ñåðâåðó. Â ñëó÷àå âûõîäà ñåðâåðà èç ñòðîÿ ñåòü âàëèòñÿ. ß æå õî÷ó ðåàëèçîâàòü full mesh, òàê ÷òîáû ìåæäó êëèåíòàìè áûë íåçàâèñèìûé îò ñåðâåðà òóííåëü.

**`chert`** · 17-07-2008, 20:12

Ïîäñêàæèòå, ïîæàëóéñòà, âîçìîæíî ëè îðãàíèçîâàòü ÂÏÍ òîííåëü, èñïîëüçóÿ äâà 500 gp, è åñëè äà, òî êàê?
Çàäà÷à ñëåäóþùàÿ: äâà àñóñà íàõîäÿòñÿ â ëîêàëüíîé ñåòè ñ IP 10.100.õõ.õõõ. Çà êàæäûì èç íèõ åùå ïî îäíîé ñåòè ñ IP 192.168.õõ.õõõ. Íåîáõîäèìî, ÷òîáû êîìïüþòåðû ñåòåé çà ðîóòåðàìè âèäåëè äðóã äðóãà.
Çàðàíåå ñïàñèáî.

**V_V** · 22-07-2008, 13:45

ïîääåðæèâàþ ïðîñüáó

**AndreyPopov** · 22-07-2008, 15:33

Originally Posted by V_V

ïîääåðæèâàþ ïðîñüáó

äà âðîäå áû êàê äà. äëÿ ýòîãî ìîæíî OpenVPN èñïîëüçîâàòü.

îí âðîäå åñòü â ðåïîçèòîðèè ipkg

òàêæå îí áûë ïî óìîë÷àíèþ âñòðîåí â ïðîøèâêó ÷åõîâ:
http://koppel.cz/cdmawifi/

âïëîòü äî âåðñèè 1.68

èç 1.69 åãî óáðàëè è îí îòäåëüíî ëåæèò
http://koppel.cz/cdmawifi/download/169/

â ôàéëå ñ îñòàëüíûìè äîáàâëåíèÿìè
usb-1.9.2.7-10-USB-1.69.tar.gz

**m0p3e** · 22-07-2008, 15:48

Íàñòðîèë ó ñåáÿ ÷åðåç OpenVPN.
Êîíôèã 1:
dev tun1
port 3333
remote {IP}:3333
ifconfig 10.10.0.2 10.10.0.1
secret static.key
route-up "route add -net 192.168.7.0 netmask 255.255.255.0 gw 10.10.0.1"
persist-tun
ping 60

Êîíôèã 2:
dev tun1
port 3333
remote {IP}:3333
ifconfig 10.10.0.1 10.10.0.2
secret static.key
route-up "route add -net 192.168.6.0 netmask 255.255.255.0 gw 10.10.0.2"
persist-tun
ping 60

Âðîäå ðàáîòàåò. Õîòÿ íå âñåãäà êîððåêòíî ïîäíèìàåòñÿ ïîñëå ðåáóòà îäíîãî èç ðîóòåðîâ.

**MAV** · 04-01-2010, 18:13

Ïðîøèâêà îò http://wl500g.info/showthread.php?t=17136 +
http://wl500g.info/showthread.php?t=21889

Åñòü ãîðîäñêàÿ ñåòü, ê êîòîðîé ïîäêëþ÷åíû äâà wl500gP

Ïåðâûé: MAN - 10.251.x.y MASK 255.255.255.0 GW 10.251.x.254 LAN 192.168.1.*
Âòîðîé : MAN - 10.251.z.w MASK 255.255.255.0 GW 10.251.z.254 LAN 192.168.2.*
WAN ó îáîèõ ýòî PPTP

Çàäàíû ðîóòû íà îáåèõ ðîóòåðàõ
Network/HostIP Netmask Gateway Metric Interface
10.0.0.0 255.0.0.0 0.0.0.0 1 MAN

Äëÿ ïåðâîãî ðîóòåðà ñ LAN 192.168.1.*

Code:

# Î÷èùàåì âñå ïðàâèëà â öåïî÷êå POSTROUTING
iptables -t nat -F POSTROUTING
# Ìàñêàðäèíã íà èñõîäÿùèå ïàêåòû ñ wan/man èíòåðôåéñîâ ïðè óñëîâèè ÷òî îíè íå ïðåäíàçíà÷åíû äëÿ ñåòè 192.168.1.0/12
iptables -t nat -A POSTROUTING -o $1 -s ! $2 -d ! 192.168.1.0/12 -j MASQUERADE
iptables -t nat -A POSTROUTING -o $5 -s ! $6 -d ! 192.168.1.0/12 -j MASQUERADE
# Ïîëåçíîå ïðàâèëî. Äîãàäàéòåñü, çà÷åì îíî ;) ($3=br0) 
iptables -t nat -A POSTROUTING -o $3 -s $(nvram get lan_ipaddr)/$(nvram get lan_netmask) -d $(nvram get lan_ipaddr)/$(nvram get lan_netmask) -j MASQUERADE

è ïîòîì:

Code:

# Ðàçðåøàåì ïðîõîäÿùèå ïàêåòû. Ìàê àäðåñ çäåñü çàùèòà îò äóðàêà.
iptables -I FORWARD -i vlan1 -o br0 -d 192.168.2.0/12 -m mac --mac-source ìàê_àäðåñ_ðîóòåðà_¹2 -j ACCEPT
# Íà ñëó÷àé, åñëè êòî äî ðîóòåðà çàõî÷åò äîêîïàòñÿ
iptables -I FORWARD -i vlan1 -d 192.168.2.1 -j DROP
# Ïðàâèëà íóæíî ïðîïèñûâàòü èìåííî â ýòîé ïîñëåäîâàòåëüíîñòè

Äëÿ âòîðîãî ðîóòåðà ñ LAN 192.168.2.*

Code:

# Î÷èùàåì âñå ïðàâèëà â öåïî÷êå POSTROUTING
iptables -t nat -F POSTROUTING
# Ìàñêàðäèíã íà èñõîäÿùèå ïàêåòû ñ wan/man èíòåðôåéñîâ ïðè óñëîâèè ÷òî îíè íå ïðåäíàçíà÷åíû äëÿ ñåòè 192.168.2.0/12
iptables -t nat -A POSTROUTING -o $1 -s ! $2 -d ! 192.168.2.0/12 -j MASQUERADE
iptables -t nat -A POSTROUTING -o $5 -s ! $6 -d ! 192.168.2.0/12 -j MASQUERADE
# Ïîëåçíîå ïðàâèëî. Äîãàäàéòåñü, çà÷åì îíî ;) ($3=br0) 
iptables -t nat -A POSTROUTING -o $3 -s $(nvram get lan_ipaddr)/$(nvram get lan_netmask) -d $(nvram get lan_ipaddr)/$(nvram get lan_netmask) -j MASQUERADE

è ïîòîì:

Code:

# Ðàçðåøàåì ïðîõîäÿùèå ïàêåòû. Ìàê àäðåñ çäåñü çàùèòà îò äóðàêà.
iptables -I FORWARD -i vlan1 -o br0 -d 192.168.1.0/12 -m mac --mac-source ìàê_àäðåñ_ðîóòåðà_¹1 -j ACCEPT
# Íà ñëó÷àé, åñëè êòî äî ðîóòåðà çàõî÷åò äîêîïàòñÿ
iptables -I FORWARD -i vlan1 -d 192.168.1.1 -j DROP
# Ïðàâèëà íóæíî ïðîïèñûâàòü èìåííî â ýòîé ïîñëåäîâàòåëüíîñòè

âñå âåðíî ÿ èñïðàâèë?
Åñëè àäðåñà 10.251.x.y è 10.251.z.w ïîñòîÿííûå ìîæíî åùå íàâåñèòü çàùèòó ÷òîá ïðîïóñêàëà òîëüêî ñ ýòèõ àäðåñîâ?

**Power** · 04-01-2010, 22:10

Originally Posted by MAV

âñå âåðíî ÿ èñïðàâèë?

Íåò. Áîëåå òîãî, åñëè "x" íå ðàâíî "z", òî åñòü ñåðü¸çíûå ïîäîçðåíèÿ, ÷òî ðîóòåðû íàõîäÿòñÿ â ðàçíûõ ñåãìåíòàõ (ñ òî÷êè çðåíèÿ ethernet). Ïîïðîáóéòå íà îäíîì èç ðîóòåðîâ âûïîëíèòü êîìàíäó

Code:

arping -I vlan1 IP

ãäå IP - àäðåñ äðóãîãî ðîóòåðà. Åñëè îòâåòà íå áóäåò, òî âñÿ ýòà çàòåÿ íå ïðîéä¸ò.

**MAV** · 04-01-2010, 22:27

Originally Posted by Power

Íåò. Áîëåå òîãî, åñëè "x" íå ðàâíî "z", òî åñòü ñåðü¸çíûå ïîäîçðåíèÿ, ÷òî ðîóòåðû íàõîäÿòñÿ â ðàçíûõ ñåãìåíòàõ (ñ òî÷êè çðåíèÿ ethernet). Ïîïðîáóéòå íà îäíîì èç ðîóòåðîâ âûïîëíèòü êîìàíäó

Code:

arping -I vlan1 IP

ãäå IP - àäðåñ äðóãîãî ðîóòåðà. Åñëè îòâåòà íå áóäåò, òî âñÿ ýòà çàòåÿ íå ïðîéä¸ò.

Code:

[root@MAV_ASUS root]$ arping -I vlan1 10.251.120.219
ARPING to 10.251.120.219 from 10.251.36.155 via vlan1

òèøèíà. õîòÿ íà ðîóòåðàõ ñòîèò íå îòâå÷àòü íà ïèíãè
X íå ðàâåí Z

**MAV** · 05-01-2010, 09:53

åñëè ÿ ìîãó çàéòè íà äàëüíèé ðîóòåð ñî ñòîðîíû wan. ýòî íå ïîìîæåò?
ñ êîìïüþòåðà äàëüíèé ðîóòåð ïèíãóåòñÿ
ping 10.251.120.219 - ðàáîòàåò
ñåãìåíòû è ïðàâäà ðàçíûå.
èëè òîëüêî openVPN ?

**Power** · 05-01-2010, 11:29

Originally Posted by MAV

Code:

[root@MAV_ASUS root]$ arping -I vlan1 10.251.120.219
ARPING to 10.251.120.219 from 10.251.36.155 via vlan1

òèøèíà. õîòÿ íà ðîóòåðàõ ñòîèò íå îòâå÷àòü íà ïèíãè
X íå ðàâåí Z

Çíà÷èò, ýòîò ñïîñîá íå ïðîéä¸ò. Ãðóáî ãîâîðÿ, îí ïîäõîäèò, åñëè îáà ðîóòåðà ïîäêëþ÷åíû ê îäíîìó ñâè÷ó.
Îáû÷íûé ïèíã òóò íå ïîêàçàòåëü, êàê è ÷òî-ëèáî äðóãîå íà îñíîâå ïðîòîêîëà IP.
arping - ýòî íà ñàìîì äåëå íå ïèíã, îí ïîñûëàåò arp-çàïðîñû è ñëóøàåò îòâåòû. Åñëè ðîóòåðû íå ÿâëÿþòñÿ ñîñåäÿìè ïî ethernet, òî îòâåòîâ íå áóäåò. Íî äëÿ ðàáîòû ñïîñîáà, îïèñàííîãî â ýòîé òåìå, îòâåòû äîëæíû áûòü. Òàê ÷òî äà, ñìîòðèòå â ñòîðîíó openvpn.

**tempik** · 07-09-2011, 17:35

Originally Posted by steils

Òàêîé âîïðîñ: ìîæåò ëè ðîóòåð DIR-320 ñ àëüòåðíàòèâíîé ïðîøèâêîé îò ýíòóçèàñòîì Vampik áëîêèðîâàòü ëîêàëüíóþ ñåòü? Âñå êîìïû â ñåòè ïèíãóþòñÿ è âîçìîæíî ïîäêëþ÷àòü ñåòåâûå äèñêè. Íè íà îäíîì êîìïå íåò äîñòóïà ê ðàáî÷åé ãðóïïå, â ñåòåâîì îêðóæåíèè ïóñòî

À ÷òî Âû ïîäðàçóìåâàåòå ïîä "íåò äîñòóïà ê ðàáî÷åé ãðóïïå" ??? Ïî óìîë÷àíèþ ëîêàëüíûå ïîðòû ðîóòåðà âîîáùå íå ðàçäåëåíû ëîãè÷åñêè è íå ó÷àñòâóþò (ìåæäó ñîáîé) â ôèëüòðàöèè òðàôèêà ...

**SoLuTan** · 07-11-2011, 18:06

Âñåì çäðàâñòâîâàòü!
Ïðîøó ïîìîùè, ò. ê. ñàì ðàçîáðàòüñÿ íå ìîãó. Ïîèñêîì ïîëüçîâàëñÿ, áåçóñïåøíî ê ñîæàëåíèþ.
Åñòü ñåé÷àñ äâå ïîäñåòè ñ ìàðøðóòèçàòîðàìè WL500gP è RT-N56U. Çàäà÷à, îáúåäèíèòü èõ, ÷òîáû ïîëüçàêè îáîèõ ïîäñåòîê âèäåëè äðóã äðóãà è ìîãëè ïîëüçîâàòüñÿ îáùèìè ðåñóðñàìè è èíåòîì.
Ïåðâàÿ ïîäñåòü íà RT-N56U â ðåæèìå "IP Sharing" èìååò â ñâîåì WAN ïîðòó õâîñò ïðîâàéäåðà ñ PPPoE, íà LAN ñèäÿò êëèåíòû â 192.168.0.1/24.
Â îäèí èç åãî LAN ïîðòîâ èäåò ïðîâîä èç WAN ïîðòà âòîðîé ïîäñåòè íà WL500gP ñ ïðîøèâêîé 1.9.2.7-9, êîòîðûé ðàáîòàåò â ðåæèìå ìàðøðóòèçàòîðà (áåç NAT), ò. å. íà WAN àäðåñ 192.168.0.10, à ïî LAN ðàçäàåòñÿ 192.168.1.1/24.
Â ïåðâîé ïîäñåòêå íà RT-N56U ñäåëàí ñòàòè÷åñêèé ìàðøðóò 192.168.1.0 255.255.255.0 gw 192.168.0.10 LAN, â ðåçóëüòàòå âèäíû êëèåíòû âòîðîé ïîäñåòè. Ïðè ýòîì âòîðàÿ ïîäñåòü ìîæåò ïîëüçîâàòüñÿ èíòåðíåòîì îò ïåðâîé ïîäñåòè, íî íå âèäèò íè îäíîãî êëèåíòà ïåðâîé.

Íèêàê íå ìîãó ïîíÿòü, êàêèå ìàðøðóòû íóæíî ïðîïèñàòü âî âòîðîé ïîäñåòêå íà WL500gP, ÷òîáû áûë äîñòóïåí è èíåò è êëèåíòû ïåðâîé ïîäñåòè. Îñîáåííî ìåíÿ ââîäÿò â çàáëóæäåíèå èíòåðôåéñû WAN, LAN, MAN, íå çíàþ, êîòîðûé âûáèðàòü äëÿ ìàðøðóòà )) ×òî ÿ òîëüêî íå ïðîáîâàë, íå ïîëó÷àåòñÿ ó ìåíÿ íè÷åãî, ìàêñèìóì äîñòóïåí ñàì øëþç 192.168.0.1, äî îñòàëüíûõ íå äîñòó÷àòüñÿ. Ïðè ýòîì, åñëè çàéòè ïî telnet íà WL500gP, ñïîêîéíî ïèíãóþòñÿ âñå êëèåíòû îáîèõ ïîäñåòîê.

Ïîìîãèòå ïîæàëóéñòà ñîâåòîì! Õî÷åòñÿ íå ñêîëüêî ïðîñòî ðåøåíèÿ, ñêîëüêî æåëàíèå ïîíÿòü ñóòü ïðîèñõîäÿùåãî ))

**tempik** · 08-11-2011, 16:34

Originally Posted by SoLuTan

Ïîìîãèòå ïîæàëóéñòà ñîâåòîì! Õî÷åòñÿ íå ñêîëüêî ïðîñòî ðåøåíèÿ, ñêîëüêî æåëàíèå ïîíÿòü ñóòü ïðîèñõîäÿùåãî ))

Èìååò ñìûñë ïåðåâåñòè wl500gP â ðåæèì òî÷êè äîñòóïà è ïðîáëåìà áóäåò ðåøåíà (âñå êîìïû áóäóò â îäíîé ñåòè). Äëÿ ïîíèìàíèÿ ñóòè ïðîèñõîäÿùåãî ïðèäåòñÿ èçó÷èòü "ìîäåëü OSI", îñíîâû TCP/IP è îñíîâû ìàðøðóòèçàöèè ... Èíôû â èíåòå ìîðå (à êëþ÷åâûå ñëîâà ÿ äàë)...

**olegos007** · 12-11-2011, 15:48

ïîìîãèòå íàñòðîèòü èíòåðíåò íà âòîðîì ðîóòåðå
èìååì asus rt-n16 ñ ïðîøèâêîé îò ýíòóçèàñòîâ ñ âîòêíóòûì â íåãî ìåãàôîí ìîäåìîì, ñ íåãî ìîæíî áðàòü èíòåðåíåò ïî ïðîâîäàì è ïî âàé-ôàé. Èíòåðåñóåò êàê ïîëó÷èòü èíòåðåíåò íà âòîðîì ðîóòåðå wl500gp ïîäêëþ÷åííîì ê rt-n16 ïî ïðîâîäó èç lan ïîðòà asus rt-n16 â wan wl500gð, à èìåííî êàêèå íàñòðîéêè íàäî ñäåëàòü, íè÷åãî íå ïîëó÷àåòñÿ

**tempik** · 12-11-2011, 15:50

Originally Posted by olegos007

ïîìîãèòå íàñòðîèòü èíòåðíåò íà âòîðîì ðîóòåðå
èìååì asus rt-n16 ñ ïðîøèâêîé îò ýíòóçèàñòîâ ñ âîòêíóòûì â íåãî ìåãàôîí ìîäåìîì, ñ íåãî ìîæíî áðàòü èíòåðåíåò ïî ïðîâîäàì è ïî âàé-ôàé. Èíòåðåñóåò êàê ïîëó÷èòü èíòåðåíåò íà âòîðîì ðîóòåðå wl500gp ïîäêëþ÷åííîì ê rt-n16 ïî ïðîâîäó èç lan ïîðòà asus rt-n16 â wan wl500gð, à èìåííî êàêèå íàñòðîéêè íàäî ñäåëàòü, íè÷åãî íå ïîëó÷àåòñÿ

Ïåðåâåñòè â "Òî÷êó äîñòóïà"

Thread: Îáúåäèíèòü äâà wl500gP â îäíîé ãîðîäñêîé ñåòêå

Thread Tools

Rate This Thread

Display

ÂÏÍ òîííåëü ÷åðåç ASUS 500gp

?

Îáúåäèíåíèå 2-õ ïîäñåòåé íà WL500gP è RT-N56U

2 rt-n16

Similar Threads

ПК - WL500gP - ASDL_ROUTER, без NAT

Tags for this Thread

Posting Permissions