I have mikrotik routerboard 750gl software version 5.2 , 5 ethernet ports . i user 4 ports for wan contections and one port for lan conections .
i cant access http interface for these 4 wan interface ... i mean that i cant access the web interface for every adsl modem for these 4 wan intefaces. but internet connections run very well ..
thanks
here is all rules :
-------------------------------
/ip address
add address=192.168.1.2/24 broadcast=192.168.1.255 comment="" disabled=no \
interface=in1 network=192.168.1.0
add address=192.168.16.2/24 broadcast=192.168.16.255 comment="" disabled=no \
interface=in2 network=192.168.16.0
add address=10.0.0.139/24 broadcast=10.0.0.255 comment="" disabled=no \
interface=in3 network=10.0.0.0
add address=192.168.10.2/32 broadcast=192.168.10.2 comment="" disabled=no \
interface=in4 network=192.168.10.2
add address=192.168.20.1/32 broadcast=192.168.20.1 comment="" disabled=no \
interface=out network=192.168.20.1
-----------------------
/interface ethernet
set 0 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=\
"" disabled=no full-duplex=yes l2mtu=1524 mac-address=00:0C:42:A5:F3:8D \
master-port=none mtu=1500 name=in1 speed=100Mbps
set 1 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=\
"" disabled=no full-duplex=yes l2mtu=1524 mac-address=00:0C:42:A5:F3:8E \
master-port=none mtu=1500 name=in2 speed=100Mbps
set 2 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=\
"" disabled=no full-duplex=yes l2mtu=1524 mac-address=00:0C:42:A5:F3:8F \
master-port=none mtu=1500 name=out speed=100Mbps
set 3 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=\
"" disabled=no full-duplex=yes l2mtu=1524 mac-address=00:0C:42:A5:F3:90 \
master-port=none mtu=1500 name=in3 speed=100Mbps
set 4 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=\
"" disabled=no full-duplex=yes l2mtu=1524 mac-address=00:0C:42:A5:F3:91 \
master-port=none mtu=1500 name=in4 speed=100Mbps
------------------------
/ip route
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
192.168.1.1 routing-mark=in1 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
192.168.16.1 routing-mark=in2 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
10.0.0.138 routing-mark=in3 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
192.168.10.1 routing-mark=in4 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
192.168.1.1 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=2 dst-address=0.0.0.0/0 gateway=\
192.168.16.1 scope=30 target-scope=10
add check-gateway=ping comment="" disabled=no distance=3 dst-address=\
0.0.0.0/0 gateway=10.0.0.138 scope=30 target-scope=10
add check-gateway=ping comment="" disabled=no distance=4 dst-address=\
0.0.0.0/0 gateway=192.168.10.1 scope=30 target-scope=10
---------------------------
/ip firewall mangle
add action=mark-connection chain=input comment="" disabled=no in-interface=\
in1 new-connection-mark=in1_conn passthrough=yes
add action=mark-connection chain=input comment="" disabled=no in-interface=\
in2 new-connection-mark=in2_conn passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=in1_conn \
disabled=no new-routing-mark=in1 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=in2_conn \
disabled=no new-routing-mark=in2 passthrough=yes
add action=mark-connection chain=input comment="" disabled=no in-interface=\
in3 new-connection-mark=in3_conn passthrough=yes
add action=mark-connection chain=input comment="" disabled=no in-interface=\
in4 new-connection-mark=in4_conn passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=in3_conn \
disabled=no new-routing-mark=in3 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=in4_conn \
disabled=no new-routing-mark=in4 passthrough=yes
add action=mark-connection chain=prerouting comment="" disabled=no \
dst-address-type=!local in-interface=out new-connection-mark=in1_conn \
passthrough=yes per-connection-classifier=both-addresses-and-ports:4/0
add action=mark-connection chain=prerouting comment="" disabled=no \
dst-address-type=!local in-interface=out new-connection-mark=in2_conn \
passthrough=yes per-connection-classifier=both-addresses-and-ports:4/1
add action=mark-connection chain=prerouting comment="" disabled=no \
dst-address-type=!local in-interface=out new-connection-mark=in3_conn \
passthrough=yes per-connection-classifier=both-addresses-and-ports:4/2
add action=mark-connection chain=prerouting comment="" disabled=no \
dst-address-type=!local in-interface=out new-connection-mark=in4_conn \
passthrough=yes per-connection-classifier=both-addresses-and-ports:4/3
add action=mark-routing chain=prerouting comment="" connection-mark=in1_conn \
disabled=no in-interface=out new-routing-mark=in1 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=in4_conn \
disabled=no in-interface=out new-routing-mark=in4 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=in3_conn \
disabled=no in-interface=out new-routing-mark=in3 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=in2_conn \
disabled=no in-interface=out new-routing-mark=in2 passthrough=yes
-----------------------------
/ip firewall nat
add action=masquerade chain=srcnat comment="" disabled=no out-interface=in1
add action=masquerade chain=srcnat comment="" disabled=no out-interface=in2
add action=masquerade chain=srcnat comment="" disabled=no out-interface=in3
add action=masquerade chain=srcnat comment="" disabled=no out-interface=in4
************************
i mean that I cant access for example web interface for 192.168.1.1 , 192.168.16.1 , 10.0.0.138 or 192.168.10.1
sorry for my english
thanks for help
-
-
abuali2011
just joined
- Posts: 9
- Joined:
routerboard 750g .. anybody help ?
Last edited by abuali2011 on Mon Dec 26, 2011 10:26 pm, edited 1 time in total.
Re: routerboard 750g .. anybody help ?
Network details would probably help you get a good answer.
Most Cable/DSL modems use a fixed address in one of the private ranges for their Web UI. For example the Motorola Surfboard modems default to 192.168.100.1. With a single modem there are a couple easy ways to deal with this on your external WAN interface (e.g. adding a second address to the interface in that range). With multiple modems, presumably all using the same default, you may need to set up some kind of port based NAT to be able access them via distinct IP addresses.
Most Cable/DSL modems use a fixed address in one of the private ranges for their Web UI. For example the Motorola Surfboard modems default to 192.168.100.1. With a single modem there are a couple easy ways to deal with this on your external WAN interface (e.g. adding a second address to the interface in that range). With multiple modems, presumably all using the same default, you may need to set up some kind of port based NAT to be able access them via distinct IP addresses.