Escolar Documentos
Profissional Documentos
Cultura Documentos
[Tutorial] Esquema de Rede Mikrotik+Mkauth+Cache. Com acesso Externo ao MK-Auth [Completo] - MK-AUTH
Exibirtpicos
1SoluoparaosproblemasdeIPmostradonacentraldoMkAuth,mensagemdecorte,avisode
manuteno,comunicaodomkauthcomomikrotik,problemascomIPmostradonosrelatriosdosquid.
Pessoal:Seusouagradeaparaquepossamosternoodequantaspessoasestosendoajudadascom
essetutorial,daessaforaaipragente...
NoDebianProxy:
nano/etc/network/interfaces
#Theloopbacknetworkinterface
autolo
ifaceloinetloopback
#Theprimarynetworkinterface
autoeth0
ifaceeth0inetstatic
address172.31.255.3
netmask255.255.255.248
network172.31.255.0
broadcast172.31.255.7
gateway172.31.255.1
dnsnameservers8.8.8.8
norc.localficaasregrasdefirewall:
nano/etc/rc.local
iptablestnatAPOSTROUTINGoeth0jMASQUERADE
iptablestnatAPREROUTINGptcpdport80jREDIRECTtoport3128
#routeaddnet[rededosclientes]gw[ipdomikrotikqueconversacomocache]
routeaddnet192.168.0/24gw172.31.255.1
############################################################################################
http://mk-auth.com.br/forum/topics/tutorial-esquema-de-rede
1/3
28/4/2014
[Tutorial] Esquema de Rede Mikrotik+Mkauth+Cache. Com acesso Externo ao MK-Auth [Completo] - MK-AUTH
#################################
NoMikrotik:
Internet:200.200.200.200/24
Proxy:172.31.255.1/29
RedeLocal:192.168.0.1/24
#ConfiguraodasplacasedosIP's
interfacesetether1name=Internet
interfacesetether2name=Proxy
interfacesetether3name=Clientes
ipaddressaddaddress=200.200.200.200/24interface=Internet
ipaddressaddaddress=172.31.255.1/29interface=Proxy
ipaddressaddaddress=192.168.0.1/24interface=Clientes
#ConfiguraodeDNS
#ipdnsstaticaddaddress=[gatewaydarededosclientes]name=192.168.0.1
ipdnsstaticaddaddress=192.168.0.1name=192.168.0.1
ipdnssetallowremoterequests=yesservers=8.8.8.8,8.8.4.4
#ConfiguraodeGateway
iprouteaddgateway=200.200.200.1
#ConfiguraodeRadius
#radiusaddaddress=[IPdoMKAuth]service=hotspotsecret=123456
radiusaddaddress=172.31.255.2service=hotspotsecret=123456
obs:EstouusandoMikrotikv4.11parasetardnsemversesantigasdiferente.
nomikrotikregrasdenat:
/ipfirewallnat
addaction=dstnatchain=dstnatcomment="PGCORTE"disabled=noininterface=Clientesprotocol=tcpsrc
addresslist=pgcortesrcport=\
065535toaddresses=172.31.255.2toports=85
addaction=dstnatchain=dstnatcomment=manutencaodisabled=yesdstport=80ininterface=Clientes
protocol=tcptoaddresses=172.31.255.2\
toports=89
addaction=masqueradechain=srcnatcomment=""disabled=nosrcaddress=172.31.255.0/29
addaction=dstnatchain=dstnatcomment="Redirecionaaporta80paraoproxy"disabled=nodstaddress
list=!semproxydstport=80protocol=\
tcptoaddresses=172.31.255.3
addaction=masqueradechain=srcnatcomment=""disabled=nodstport=!80protocol=udp
addaction=masqueradechain=srcnatcomment="FazMascaramentodetudoquenaoeporta80"disabled=no
dstport=!80protocol=tcp
addaction=masqueradechain=srcnatcomment="FazMascaramentodePing"disabled=noprotocol=icmp
ParaacessoExternoaoMKAuth:
/ipfirewallnat
addaction=dstnatchain=dstnatcomment=""disabled=nodstport=1880protocol=tcpto
addresses=172.31.255.2toports=80
Obs:Nessecasoparaacessoexternovcvaidigitarnonavegadorohttp://ip_do_mikrotik:1880/admin
#OBS:SISTEMAMKAUTHV.4BUILD:80
#Noterminaldomkauthdigiteocomandomkchave.
#Nowebadminem,OPES>chaveparassh,iraraparecerolinkparavcfazerodownloaddesuachave
SSH"baixarchavessh".
#Apsodownloadcopiaoarquivochave.pubabraowinboxeemfilesmandecolar.
http://mk-auth.com.br/forum/topics/tutorial-esquema-de-rede
2/3
28/4/2014
[Tutorial] Esquema de Rede Mikrotik+Mkauth+Cache. Com acesso Externo ao MK-Auth [Completo] - MK-AUTH
#Adicionarusuriomkauthnomikrotik
useraddgroup=fullname=mkauthpassword=escolhaumasenha
usersshkeysimportuser=mkauthfile=chave.pub
#ConfiguraodeHotspot
iphotspotprofilesetdefaultloginby=httpchapname=defaultnasporttype=cableradiusaccounting=yes
radiusinterimupdate=3mradiusmacformat=XX:XX:XX:XX:XX:XXuseradius=yes
iphotspotuseraddname=adminpassword=123profile=default
iphotspotwalledgardenaddaction=allowcomment=""disabled=nodsthost=172.31.255.2dstport=80
iphotspotwalledgardenaddaction=allowcomment=""disabled=nodsthost=172.31.255.2dstport=85
iphotspotprofileadddnsname=192.168.0.1hotspotaddress=192.168.0.1loginby=httpchapname=hsprof1
nasporttype=cableradiusaccounting=yesradiusinterimupdate=3mradiusmacformat=XX:XX:XX:XX:XX:XX
useradius=yes
iphotspotuserprofilesetdefaultidletimeout=nonekeepalivetimeout=5mname=defaultsharedusers=1
statusautorefresh=1mtransparentproxy=no
iphotspotadddisabled=yesidletimeout=5minterface=Clientesname=hotspot1profile=hsprof1
iphotspotenablehotspot1
Apsestaultimaoposuaconxovaicairvovaiterquelogarnapagina
User:admin
Senha:123
############################################################################################
#################################
NoMKAuth:
nano/etc/network/interfaces
#Theloopbacknetworkinterface
autolo
ifaceloinetloopback
#Theprimarynetworkinterface
autoeth0
ifaceeth0inetstatic
address172.31.255.2
netmask255.255.255.248
network172.31.255.0
broadcast172.31.255.7
gateway172.31.255.1
dnsnameservers8.8.8.8
norc.localficaasregrasdefirewall:
nano/etc/rc.local
routeaddnet192.168.0/24gw172.31.255.1
############################################################################################
#################################
Att,
WilkerPaz.
Tags:172.31.255.1,172.31.255.2,cache,ip,mkauth,proxy,relatorio,squid,thunder,tutorial,Mais...
Exibies:4793
Anexos
http://mk-auth.com.br/forum/topics/tutorial-esquema-de-rede
3/3