Hello all,
This is my configuration for Mikrotik Dual WAN PCC with hotspot and Webproxy. It may be helpful for someone.
/interface pppoe-client
add ac-name="" add-default-route=no allow=pap,chap,mschap1,mschap2 \
dial-on-demand=no disabled=no interface=WLINK-B max-mru=1480 max-mtu=1480 \
mrru=disabled name=WLINK password=yourpassword profile=default service-name=\
"" use-peer-dns=no user=youruser
add ac-name="" add-default-route=no allow=pap,chap,mschap1,mschap2 \
dial-on-demand=no disabled=no interface=TMN-B max-mru=1480 max-mtu=1480 \
mrru=disabled name=TMN password=yourpassword profile=default service-name="" \
use-peer-dns=no user=youruser
/interface pppoe-server server
add authentication=pap,chap,mschap1,mschap2 default-profile=PPPoE disabled=no \
interface=LAN keepalive-timeout=60 max-mru=1480 max-mtu=1480 \
max-sessions=0 mrru=disabled one-session-per-host=yes service-name=\
"your service"
/ip route
add check-gateway=ping disabled=no distance=2 dst-address=0.0.0.0/0 gateway=\
WLINK routing-mark=to_WLINK scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
TMN routing-mark=to_TMN scope=30 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=WLINK scope=30 \
target-scope=10
add check-gateway=ping disabled=no distance=2 dst-address=0.0.0.0/0 gateway=\
TMN scope=30 target-scope=10
/ip firewall nat
add action=redirect chain=dstnat disabled=no dst-address=!10.55.15.1 \
dst-address-type=!local dst-port=80 hotspot=auth in-interface=LAN \
protocol=tcp src-address-list=LAN to-ports=9090
add action=redirect chain=dstnat disabled=no dst-address=!10.55.15.1 \
dst-address-type="" dst-port=80 hotspot="" protocol=tcp src-address-list=\
LAN to-ports=9090
add action=accept chain=pre-hotspot disabled=no dst-address-type=!local \
hotspot=auth in-interface=LAN
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
disabled=no out-interface=WLINK src-address=10.55.0.0/16 to-addresses=\
0.0.0.0
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
disabled=no out-interface=TMN src-address=10.55.0.0/16 to-addresses=\
0.0.0.0
add action=masquerade chain=srcnat comment="masquerade ppp network" disabled=\
no out-interface=WLINK src-address=45.19.0.0/16 to-addresses=0.0.0.0
add action=masquerade chain=srcnat comment="masquerade ppp network" disabled=\
no out-interface=TMN src-address=45.19.0.0/16 to-addresses=0.0.0.0
add action=redirect chain=dstnat disabled=no dst-port=53 protocol=udp \
to-ports=53
add action=redirect chain=dstnat disabled=no dst-port=53 protocol=tcp \
to-ports=53
/ip firewall mangle
add action=accept chain=prerouting comment="PCC with Webproxy" disabled=no \
dst-address-list=exempt-from-pcc
add action=accept chain=prerouting disabled=no in-interface=WLINK
add action=accept chain=prerouting disabled=no in-interface=TMN
add action=mark-connection chain=output disabled=no dst-address-type=!local \
hotspot="" new-connection-mark=WLINK passthrough=yes \
per-connection-classifier=both-addresses:2/0
add action=mark-connection chain=output disabled=no dst-address-type=!local \
hotspot="" new-connection-mark=TMN passthrough=yes \
per-connection-classifier=both-addresses:2/1
add action=mark-connection chain=prerouting disabled=no dst-address-type=\
!local hotspot="" new-connection-mark=WLINK passthrough=yes \
per-connection-classifier=both-addresses:2/0
add action=mark-connection chain=prerouting disabled=no dst-address-type=\
!local hotspot="" new-connection-mark=TMN passthrough=yes \
per-connection-classifier=both-addresses:2/1
add action=mark-routing chain=prerouting connection-mark=WLINK disabled=no \
new-routing-mark=to_WLINK passthrough=yes src-address-list=LAN
add action=mark-routing chain=prerouting connection-mark=TMN disabled=no \
new-routing-mark=to_TMN passthrough=yes src-address-list=LAN
/ip proxy
set always-from-cache=yes cache-administrator="ACE Network Pvt. Ltd." \
cache-hit-dscp=4 cache-on-disk=yes enabled=yes max-cache-size=5242880KiB \
max-client-connections=1000 max-fresh-time=3d max-server-connections=1000 \
parent-proxy=0.0.0.0 parent-proxy-port=0 port=9090 serialize-connections=\
no src-address=0.0.0.0
This is my configuration for Mikrotik Dual WAN PCC with hotspot and Webproxy. It may be helpful for someone.
/interface pppoe-client
add ac-name="" add-default-route=no allow=pap,chap,mschap1,mschap2 \
dial-on-demand=no disabled=no interface=WLINK-B max-mru=1480 max-mtu=1480 \
mrru=disabled name=WLINK password=yourpassword profile=default service-name=\
"" use-peer-dns=no user=youruser
add ac-name="" add-default-route=no allow=pap,chap,mschap1,mschap2 \
dial-on-demand=no disabled=no interface=TMN-B max-mru=1480 max-mtu=1480 \
mrru=disabled name=TMN password=yourpassword profile=default service-name="" \
use-peer-dns=no user=youruser
/interface pppoe-server server
add authentication=pap,chap,mschap1,mschap2 default-profile=PPPoE disabled=no \
interface=LAN keepalive-timeout=60 max-mru=1480 max-mtu=1480 \
max-sessions=0 mrru=disabled one-session-per-host=yes service-name=\
"your service"
/ip route
add check-gateway=ping disabled=no distance=2 dst-address=0.0.0.0/0 gateway=\
WLINK routing-mark=to_WLINK scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
TMN routing-mark=to_TMN scope=30 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=WLINK scope=30 \
target-scope=10
add check-gateway=ping disabled=no distance=2 dst-address=0.0.0.0/0 gateway=\
TMN scope=30 target-scope=10
/ip firewall nat
add action=redirect chain=dstnat disabled=no dst-address=!10.55.15.1 \
dst-address-type=!local dst-port=80 hotspot=auth in-interface=LAN \
protocol=tcp src-address-list=LAN to-ports=9090
add action=redirect chain=dstnat disabled=no dst-address=!10.55.15.1 \
dst-address-type="" dst-port=80 hotspot="" protocol=tcp src-address-list=\
LAN to-ports=9090
add action=accept chain=pre-hotspot disabled=no dst-address-type=!local \
hotspot=auth in-interface=LAN
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
disabled=no out-interface=WLINK src-address=10.55.0.0/16 to-addresses=\
0.0.0.0
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
disabled=no out-interface=TMN src-address=10.55.0.0/16 to-addresses=\
0.0.0.0
add action=masquerade chain=srcnat comment="masquerade ppp network" disabled=\
no out-interface=WLINK src-address=45.19.0.0/16 to-addresses=0.0.0.0
add action=masquerade chain=srcnat comment="masquerade ppp network" disabled=\
no out-interface=TMN src-address=45.19.0.0/16 to-addresses=0.0.0.0
add action=redirect chain=dstnat disabled=no dst-port=53 protocol=udp \
to-ports=53
add action=redirect chain=dstnat disabled=no dst-port=53 protocol=tcp \
to-ports=53
/ip firewall mangle
add action=accept chain=prerouting comment="PCC with Webproxy" disabled=no \
dst-address-list=exempt-from-pcc
add action=accept chain=prerouting disabled=no in-interface=WLINK
add action=accept chain=prerouting disabled=no in-interface=TMN
add action=mark-connection chain=output disabled=no dst-address-type=!local \
hotspot="" new-connection-mark=WLINK passthrough=yes \
per-connection-classifier=both-addresses:2/0
add action=mark-connection chain=output disabled=no dst-address-type=!local \
hotspot="" new-connection-mark=TMN passthrough=yes \
per-connection-classifier=both-addresses:2/1
add action=mark-connection chain=prerouting disabled=no dst-address-type=\
!local hotspot="" new-connection-mark=WLINK passthrough=yes \
per-connection-classifier=both-addresses:2/0
add action=mark-connection chain=prerouting disabled=no dst-address-type=\
!local hotspot="" new-connection-mark=TMN passthrough=yes \
per-connection-classifier=both-addresses:2/1
add action=mark-routing chain=prerouting connection-mark=WLINK disabled=no \
new-routing-mark=to_WLINK passthrough=yes src-address-list=LAN
add action=mark-routing chain=prerouting connection-mark=TMN disabled=no \
new-routing-mark=to_TMN passthrough=yes src-address-list=LAN
/ip proxy
set always-from-cache=yes cache-administrator="ACE Network Pvt. Ltd." \
cache-hit-dscp=4 cache-on-disk=yes enabled=yes max-cache-size=5242880KiB \
max-client-connections=1000 max-fresh-time=3d max-server-connections=1000 \
parent-proxy=0.0.0.0 parent-proxy-port=0 port=9090 serialize-connections=\
no src-address=0.0.0.0
No comments:
Post a Comment