Você está na página 1de 3

28/4/2014

[Tutorial] Esquema de Rede Mikrotik+Mkauth+Cache. Com acesso Externo ao MK-Auth [Completo] - MK-AUTH

Tutorial] Esquema de Rede


Mikrotik+Mkauth+Cache. Com acesso Externo ao
MK-Auth [Completo]
PublicadoporWilkerPazem16setembro2010s11:16emMikroTik
Enviarmensagem

Exibirtpicos

1SoluoparaosproblemasdeIPmostradonacentraldoMkAuth,mensagemdecorte,avisode
manuteno,comunicaodomkauthcomomikrotik,problemascomIPmostradonosrelatriosdosquid.
Pessoal:Seusouagradeaparaquepossamosternoodequantaspessoasestosendoajudadascom
essetutorial,daessaforaaipragente...

NoDebianProxy:
nano/etc/network/interfaces
#Theloopbacknetworkinterface
autolo
ifaceloinetloopback
#Theprimarynetworkinterface
autoeth0
ifaceeth0inetstatic
address172.31.255.3
netmask255.255.255.248
network172.31.255.0
broadcast172.31.255.7
gateway172.31.255.1
dnsnameservers8.8.8.8

norc.localficaasregrasdefirewall:
nano/etc/rc.local
iptablestnatAPOSTROUTINGoeth0jMASQUERADE
iptablestnatAPREROUTINGptcpdport80jREDIRECTtoport3128
#routeaddnet[rededosclientes]gw[ipdomikrotikqueconversacomocache]
routeaddnet192.168.0/24gw172.31.255.1
############################################################################################
http://mk-auth.com.br/forum/topics/tutorial-esquema-de-rede

1/3

28/4/2014

[Tutorial] Esquema de Rede Mikrotik+Mkauth+Cache. Com acesso Externo ao MK-Auth [Completo] - MK-AUTH

#################################
NoMikrotik:
Internet:200.200.200.200/24
Proxy:172.31.255.1/29
RedeLocal:192.168.0.1/24

#ConfiguraodasplacasedosIP's
interfacesetether1name=Internet
interfacesetether2name=Proxy
interfacesetether3name=Clientes
ipaddressaddaddress=200.200.200.200/24interface=Internet
ipaddressaddaddress=172.31.255.1/29interface=Proxy
ipaddressaddaddress=192.168.0.1/24interface=Clientes

#ConfiguraodeDNS
#ipdnsstaticaddaddress=[gatewaydarededosclientes]name=192.168.0.1
ipdnsstaticaddaddress=192.168.0.1name=192.168.0.1
ipdnssetallowremoterequests=yesservers=8.8.8.8,8.8.4.4

#ConfiguraodeGateway
iprouteaddgateway=200.200.200.1

#ConfiguraodeRadius
#radiusaddaddress=[IPdoMKAuth]service=hotspotsecret=123456
radiusaddaddress=172.31.255.2service=hotspotsecret=123456
obs:EstouusandoMikrotikv4.11parasetardnsemversesantigasdiferente.

nomikrotikregrasdenat:
/ipfirewallnat
addaction=dstnatchain=dstnatcomment="PGCORTE"disabled=noininterface=Clientesprotocol=tcpsrc
addresslist=pgcortesrcport=\
065535toaddresses=172.31.255.2toports=85
addaction=dstnatchain=dstnatcomment=manutencaodisabled=yesdstport=80ininterface=Clientes
protocol=tcptoaddresses=172.31.255.2\
toports=89
addaction=masqueradechain=srcnatcomment=""disabled=nosrcaddress=172.31.255.0/29
addaction=dstnatchain=dstnatcomment="Redirecionaaporta80paraoproxy"disabled=nodstaddress
list=!semproxydstport=80protocol=\
tcptoaddresses=172.31.255.3
addaction=masqueradechain=srcnatcomment=""disabled=nodstport=!80protocol=udp
addaction=masqueradechain=srcnatcomment="FazMascaramentodetudoquenaoeporta80"disabled=no
dstport=!80protocol=tcp
addaction=masqueradechain=srcnatcomment="FazMascaramentodePing"disabled=noprotocol=icmp

ParaacessoExternoaoMKAuth:
/ipfirewallnat
addaction=dstnatchain=dstnatcomment=""disabled=nodstport=1880protocol=tcpto
addresses=172.31.255.2toports=80

Obs:Nessecasoparaacessoexternovcvaidigitarnonavegadorohttp://ip_do_mikrotik:1880/admin

#OBS:SISTEMAMKAUTHV.4BUILD:80
#Noterminaldomkauthdigiteocomandomkchave.
#Nowebadminem,OPES>chaveparassh,iraraparecerolinkparavcfazerodownloaddesuachave
SSH"baixarchavessh".
#Apsodownloadcopiaoarquivochave.pubabraowinboxeemfilesmandecolar.

http://mk-auth.com.br/forum/topics/tutorial-esquema-de-rede

2/3

28/4/2014

[Tutorial] Esquema de Rede Mikrotik+Mkauth+Cache. Com acesso Externo ao MK-Auth [Completo] - MK-AUTH

#Adicionarusuriomkauthnomikrotik
useraddgroup=fullname=mkauthpassword=escolhaumasenha
usersshkeysimportuser=mkauthfile=chave.pub

#ConfiguraodeHotspot
iphotspotprofilesetdefaultloginby=httpchapname=defaultnasporttype=cableradiusaccounting=yes
radiusinterimupdate=3mradiusmacformat=XX:XX:XX:XX:XX:XXuseradius=yes
iphotspotuseraddname=adminpassword=123profile=default
iphotspotwalledgardenaddaction=allowcomment=""disabled=nodsthost=172.31.255.2dstport=80
iphotspotwalledgardenaddaction=allowcomment=""disabled=nodsthost=172.31.255.2dstport=85
iphotspotprofileadddnsname=192.168.0.1hotspotaddress=192.168.0.1loginby=httpchapname=hsprof1
nasporttype=cableradiusaccounting=yesradiusinterimupdate=3mradiusmacformat=XX:XX:XX:XX:XX:XX
useradius=yes
iphotspotuserprofilesetdefaultidletimeout=nonekeepalivetimeout=5mname=defaultsharedusers=1
statusautorefresh=1mtransparentproxy=no
iphotspotadddisabled=yesidletimeout=5minterface=Clientesname=hotspot1profile=hsprof1
iphotspotenablehotspot1
Apsestaultimaoposuaconxovaicairvovaiterquelogarnapagina
User:admin
Senha:123
############################################################################################
#################################
NoMKAuth:
nano/etc/network/interfaces
#Theloopbacknetworkinterface
autolo
ifaceloinetloopback
#Theprimarynetworkinterface
autoeth0
ifaceeth0inetstatic
address172.31.255.2
netmask255.255.255.248
network172.31.255.0
broadcast172.31.255.7
gateway172.31.255.1
dnsnameservers8.8.8.8

norc.localficaasregrasdefirewall:
nano/etc/rc.local
routeaddnet192.168.0/24gw172.31.255.1
############################################################################################
#################################
Att,
WilkerPaz.
Tags:172.31.255.1,172.31.255.2,cache,ip,mkauth,proxy,relatorio,squid,thunder,tutorial,Mais...
Exibies:4793

Anexos

http://mk-auth.com.br/forum/topics/tutorial-esquema-de-rede

3/3