Jump to content
  • 0

Проблем с пренасочване на портове.


tony.ganchev96
 Share

Question

 

Здравейте!

 

Имам проблем с пренасочване на портове.

Искам да отворя ssh към Raspberry PI, но вместо това ме пренасочва към самия рутер когато се опитвам да го достъпя от външна мрежа.

Порта се отваря, изглежда че NAT конфигурацията не пренасочва към 192.168.0.155 където се намира Raspberry-то

 

Ето и конфигурацията:

 

# aug/04/2022 21:30:01 by RouterOS 6.48.6
# software id = H8K9-XIZT
#
# model = RB760iGS
# serial number = 
/interface bridge
add name=bridge1
/interface ethernet
set [ find default-name=ether1 ] mac-address=D8:47:32:05:3C:B4
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp ranges=192.168.0.10-192.168.0.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge1 name=dhcp1
/interface bridge port
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ether5
add bridge=bridge1 interface=sfp1
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/ip settings
set accept-redirects=yes accept-source-route=yes
/interface list member
add interface=ether1 list=WAN
add list=LAN
add interface=bridge1 list=LAN
/ip address
add address=192.168.0.1/24 interface=bridge1 network=192.168.0.0
/ip dhcp-client
add disabled=no interface=ether1
/ip dhcp-server lease
add address=192.168.0.252 client-id=1:44:5c:e9:7c:a1:3c mac-address=\
    44:5C:E9:7C:A1:3C server=dhcp1
add address=192.168.0.155 client-id=1:b8:27:eb:81:5b:13 mac-address=\
    B8:27:EB:81:5B:13 server=dhcp1
/ip dhcp-server network
add address=192.168.0.0/24 gateway=192.168.0.1 netmask=24
/ip dns
set servers=0.0.0.0
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=WAN
add action=dst-nat chain=dstnat dst-address=31.13.xxx.xx dst-port=22 \
    in-interface=ether1 protocol=tcp to-addresses=192.168.0.155 to-ports=22
/ip service
set telnet disabled=yes
set www-ssl disabled=no
set api disabled=yes
set api-ssl disabled=yes
/system clock
set time-zone-name=Europe/Sofia
/system identity
set name=RouterOS
 

 

 

Благодаря предварително !

 

Link to comment
Share on other sites

3 answers to this question

Recommended Posts

  • 0

Реших проблема като пренаредих правилата последния начин

[admin@RouterOS] /ip firewall nat> print
Flags: X - disabled, I - invalid, D - dynamic 
 0    chain=dstnat action=dst-nat to-addresses=192.168.0.155 to-ports=22 protocol=tcp dst-address=xx.xx.xx.xx dst-port=33655 
      log=no log-prefix="" 

 1    chain=dstnat action=dst-nat to-addresses=192.168.0.155 protocol=tcp dst-address=xx.xx.xx.xx dst-port=80,443 log=no 
      log-prefix="" 

 2    chain=srcnat action=src-nat to-addresses=192.168.0.1 protocol=tcp src-address=192.168.0.0/24 dst-address=192.168.0.0/24 

 3    chain=srcnat action=masquerade out-interface-list=WAN log=no log-prefix="" 

Третото (2) правило е за да може да се достъпва през публичния адрес в локалната мрежа.

И разбира се смених порта на ssh на рутера от /ip services

Edited by tony.ganchev96
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.