1 микротик, 2 провайдера, 2 сети, сети не видят друг друга

Тема в разделе "Вопросы начинающих", создана пользователем coolfishsq, 30 май 2019.

  1. coolfishsq

    coolfishsq Новый участник

    Добрый день, ситуация такая - имеется роутер mikrotik, 1 порт - первый провайдер, 2 порт - локальная сеть для первого провайдера, 3 порт - второй провайдер, 4 порт - локальная сеть второго провайдера. Интернет настроен, локалки берут сеть из своих провайдеров, только нужно, чтобы они и друг друга видели - на первой локалке есть расшаренные папки, которые должна видеть вторая локалка, а она никак их не видит. Помогите советом [​IMG]



    Добавление от 30.05.2019 18:55:



    конфиг прилагаю

    # may/30/2019 18:49:19 by RouterOS 6.44.3
    # model = RB952Ui-5ac2nD
    /interface bridge
    add name=bridge-local
    /interface ethernet
    set [ find default-name=ether1 ] comment=WAN1 name=eth1
    set [ find default-name=ether2 ] comment=LAN1 name=eth2
    set [ find default-name=ether3 ] comment=WAN2 name=eth3
    set [ find default-name=ether4 ] comment=LAN2 name=eth4
    set [ find default-name=ether5 ] name=eth5
    /interface pppoe-client
    add add-default-route=yes disabled=no interface=eth3 name=***** password=***** use-peer-dns=yes \
    user=*****
    add add-default-route=yes disabled=no interface=eth1 name=***** password=***** use-peer-dns=yes \
    user=*****
    /interface wireless
    set [ find default-name=wlan2 ] country=russia disabled=no mode=ap-bridge ssid=MikroTik \
    wireless-protocol=802.11
    /interface list
    add name=WAN
    add name=LAN
    /interface wireless security-profiles
    set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk mode=dynamic-keys supplicant-identity=\
    MikroTik wpa-pre-shared-key=***** wpa2-pre-shared-key=*****
    add authentication-types=wpa2-psk eap-methods="" management-protection=allowed mode=dynamic-keys \
    name=profile1 supplicant-identity="" wpa2-pre-shared-key=*****
    /interface wireless
    set [ find default-name=wlan1 ] band=2ghz-b/g/n country=russia disabled=no mode=ap-bridge \
    security-profile=profile1 ssid=MikroTik wireless-protocol=802.11
    /ip hotspot profile
    set [ find default=yes ] html-directory=flash/hotspot
    /ip pool
    add name=pool_LAN1 ranges=192.168.0.10-192.168.0.110
    add name=pool_LAN2 ranges=192.168.0.130-192.168.0.230
    /ip dhcp-server
    add address-pool=pool_LAN1 disabled=no interface=bridge-local name=server1
    add address-pool=pool_LAN2 disabled=no interface=eth4 name=server2
    /interface bridge port
    add bridge=bridge-local interface=eth2
    add bridge=bridge-local interface=wlan1
    add bridge=bridge-local disabled=yes interface=wlan2
    /interface list member
    add interface=bridge-local list=LAN
    add interface=TEK list=WAN
    /ip address
    add address=192.168.0.1/25 interface=bridge-local network=192.168.0.0
    add address=192.168.0.129/25 interface=eth4 network=192.168.0.128
    /ip dhcp-client
    add dhcp-options=hostname,clientid interface=wlan2
    /ip dhcp-server network
    add address=192.168.0.0/25 dns-server=8.8.8.8,8.8.4.4 gateway=192.168.0.1
    add address=192.168.0.128/25 dns-server=8.8.8.8,8.8.4.4 gateway=192.168.0.129
    /ip dns
    set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
    /ip firewall filter
    add action=accept chain=input protocol=icmp
    add action=drop chain=input comment="drop ssh forcers" dst-port=22,23 protocol=tcp src-address-list=\
    login_blacklist
    add action=add-src-to-address-list address-list=login_blacklist address-list-timeout=1w3d chain=input \
    connection-state=new dst-port=22,23 protocol=tcp src-address-list=ssh_stage3
    add action=add-src-to-address-list address-list=ssh_stage3 address-list-timeout=2m chain=input \
    connection-state=new dst-port=22,23 protocol=tcp src-address-list=ssh_stage2
    add action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout=2m chain=input \
    connection-state=new dst-port=22,23 protocol=tcp src-address-list=ssh_stage1
    add action=add-src-to-address-list address-list=ssh_stage1 address-list-timeout=2m chain=input \
    connection-state=new dst-port=22,23 protocol=tcp
    /ip firewall mangle
    add action=mark-connection chain=input in-interface=TEK new-connection-mark=in_WAN1 passthrough=no
    add action=mark-connection chain=input in-interface=FORT new-connection-mark=in_WAN2 passthrough=no
    add action=mark-routing chain=output connection-mark=in_WAN1 new-routing-mark=rt_WAN1 passthrough=no
    add action=mark-routing chain=output new-routing-mark=rt_WAN2 passthrough=no routing-mark=in_WAN2
    add action=mark-routing chain=prerouting in-interface=bridge-local new-routing-mark=rt_LAN1-WAN1 \
    passthrough=no
    add action=mark-routing chain=prerouting in-interface=eth4 new-routing-mark=rt_LAN2-WAN2 passthrough=\
    no
    /ip firewall nat
    add action=masquerade chain=srcnat src-address=192.168.0.0/24
    /ip route
    add check-gateway=ping distance=1 gateway=TEK routing-mark=rt_WAN1
    add distance=2 gateway=FORT routing-mark=rt_WAN1
    add check-gateway=ping distance=1 gateway=FORT routing-mark=rt_WAN2
    add distance=2 gateway=TEK routing-mark=rt_WAN2
    add check-gateway=ping distance=1 gateway=TEK routing-mark=rt_LAN1-WAN1
    add distance=2 gateway=TEK routing-mark=rt_LAN1-WAN1
    add check-gateway=ping distance=1 gateway=FORT routing-mark=rt_LAN2-WAN2
    add distance=2 gateway=FORT routing-mark=rt_LAN2-WAN2
    /system clock
    set time-zone-name=Europe/Moscow
     
  2. Илья Князев

    Илья Князев Администратор Команда форума

    Думаю что проблема в виндозном файрволе.