码迷,mamicode.com
首页 > 其他好文 > 详细

ROS搭建PPTP+L2TP服务器使用多个PPPOE出口

时间:2020-12-30 11:06:59      阅读:0      评论:0      收藏:0      [点我收藏+]

标签:inter   packet   oba   ofo   动态域名   mst   ref   href   etc   

需求:原来有12台拨号VPS,都是通过MSTSC进行操作换IP地址,现在想使用ROS搭建PPTP和L2TP服务器,在本地PC上使用PPTP L2TP客户端进行连接切换IP,这样需要换IP的应用软件就不需要频繁在各个地区拨号VPS上进行部署了,共一个PPTP L2TP账号,下面通过ROS来实现这个功能,通过PPTP L2TP来连接轮询12个PPPOE出口

--------设置网卡名称--PPPOE命名为wan内网命名为lan-------------
/interface bridge
add name=bridge1-lan
add name=bridge2-wan

/interface vrrp
add interface=bridge2-wan name=vrrp1
add interface=bridge2-wan name=vrrp2 vrid=2
add interface=bridge2-wan name=vrrp3 vrid=3
add interface=bridge2-wan name=vrrp4 vrid=4
add interface=bridge2-wan name=vrrp5 vrid=5
add interface=bridge2-wan name=vrrp6 vrid=6
add interface=bridge2-wan name=vrrp7 vrid=7
add interface=bridge2-wan name=vrrp8 vrid=8
add interface=bridge2-wan name=vrrp9 vrid=9
add interface=bridge2-wan name=vrrp10 vrid=10
add interface=bridge2-wan name=vrrp11 vrid=11
add interface=bridge2-wan name=vrrp12 vrid=12

/interface pppoe-client
add name=pppoe-out1 interface=vrrp1 user=0713666666 password=963852 disabled=no
add name=pppoe-out2 interface=vrrp2 user=0713666666 password=963852 disabled=no
add name=pppoe-out3 interface=vrrp3 user=0713666666 password=963852 disabled=no
add name=pppoe-out4 interface=vrrp4 user=0713666666 password=963852 disabled=no
add name=pppoe-out5 interface=vrrp5 user=0713666666 password=963852 disabled=no
add name=pppoe-out6 interface=vrrp6 user=0713666666 password=963852 disabled=no
add name=pppoe-out7 interface=vrrp7 user=0713666666 password=963852 disabled=no
add name=pppoe-out8 interface=vrrp8 user=0713666666 password=963852 disabled=no
add name=pppoe-out9 interface=vrrp9 user=0713666666 password=963852 disabled=no
add name=pppoe-out10 interface=vrrp10 user=0713666666 password=963852 disabled=no
add name=pppoe-out11 interface=vrrp11 user=0713666666 password=963852 disabled=no
add name=pppoe-out12 interface=vrrp12 user=0713666666 password=963852 disabled=no

/ip address
add address=192.168.64.201/24 interface=bridge1-lan network=192.168.64.0
add address=123.123.1.0 interface=bridge2-wan network=123.123.1.0
add address=123.123.1.1 interface=vrrp1 network=123.123.1.1
add address=123.123.1.2 interface=vrrp2 network=123.123.1.2
add address=123.123.1.3 interface=vrrp3 network=123.123.1.3
add address=123.123.1.4 interface=vrrp4 network=123.123.1.4
add address=123.123.1.5 interface=vrrp5 network=123.123.1.5
add address=123.123.1.6 interface=vrrp6 network=123.123.1.6
add address=123.123.1.7 interface=vrrp7 network=123.123.1.7
add address=123.123.1.8 interface=vrrp8 network=123.123.1.8
add address=123.123.1.9 interface=vrrp9 network=123.123.1.9
add address=123.123.1.10 interface=vrrp10 network=123.123.1.10
add address=123.123.1.11 interface=vrrp11 network=123.123.1.11
add address=123.123.1.12 interface=vrrp12 network=123.123.1.12

/interface bridge port
add bridge=bridge1-lan interface=lan
add bridge=bridge2-wan interface=wan

/ip pool
add name=pptp ranges=172.22.22.1-172.22.22.12

技术图片

/interface pptp-server server
set enabled=yes
/interface l2tp-server server
set enabled=yes use-ipsec=required ipsec-secret=xxxxx

/ip firewall address-list
add address=192.168.0.0/16 list=lanip
add address=172.16.0.0/16 list=lanip
add address=10.0.0.0/8 list=lanip

/ip firewall mangle
add action=mark-routing chain=prerouting dst-address-list=!lanip new-routing-mark=pptp1 passthrough=no src-address=172.22.22.1
add action=mark-routing chain=prerouting dst-address-list=!lanip new-routing-mark=pptp2 passthrough=no src-address=172.22.22.2
add action=mark-routing chain=prerouting dst-address-list=!lanip new-routing-mark=pptp3 passthrough=no src-address=172.22.22.3
add action=mark-routing chain=prerouting dst-address-list=!lanip new-routing-mark=pptp4 passthrough=no src-address=172.22.22.4
add action=mark-routing chain=prerouting dst-address-list=!lanip new-routing-mark=pptp5 passthrough=no src-address=172.22.22.5
add action=mark-routing chain=prerouting dst-address-list=!lanip new-routing-mark=pptp6 passthrough=no src-address=172.22.22.6
add action=mark-routing chain=prerouting dst-address-list=!lanip new-routing-mark=pptp7 passthrough=no src-address=172.22.22.7
add action=mark-routing chain=prerouting dst-address-list=!lanip new-routing-mark=pptp8 passthrough=no src-address=172.22.22.8
add action=mark-routing chain=prerouting dst-address-list=!lanip new-routing-mark=pptp9 passthrough=no src-address=172.22.22.9
add action=mark-routing chain=prerouting dst-address-list=!lanip new-routing-mark=pptp10 passthrough=no src-address=172.22.22.10
add action=mark-routing chain=prerouting dst-address-list=!lanip new-routing-mark=pptp11 passthrough=no src-address=172.22.22.11
add action=mark-routing chain=prerouting dst-address-list=!lanip new-routing-mark=pptp12 passthrough=no src-address=172.22.22.12

/ip firewall nat
add action=masquerade chain=srcnat out-interface=all-ppp
add action=masquerade chain=srcnat out-interface=bridge1-lan

/ip route
add distance=1 gateway=pppoe-out1 routing-mark=pptp1
add distance=1 gateway=pppoe-out2 routing-mark=pptp2
add distance=1 gateway=pppoe-out3 routing-mark=pptp3
add distance=1 gateway=pppoe-out4 routing-mark=pptp4
add distance=1 gateway=pppoe-out5 routing-mark=pptp5
add distance=1 gateway=pppoe-out6 routing-mark=pptp6
add distance=1 gateway=pppoe-out7 routing-mark=pptp7
add distance=1 gateway=pppoe-out8 routing-mark=pptp8
add distance=1 gateway=pppoe-out9 routing-mark=pptp9
add distance=1 gateway=pppoe-out10 routing-mark=pptp10
add distance=1 gateway=pppoe-out11 routing-mark=pptp11
add distance=1 gateway=pppoe-out12 routing-mark=pptp12
add distance=1 dst-address=10.0.0.0/8 gateway=192.168.64.254
add distance=1 dst-address=172.16.0.0/16 gateway=192.168.64.254
add distance=1 dst-address=192.168.0.0/16 gateway=192.168.64.254

/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set winbox port=8081
set api-ssl disabled=yes

/ppp secret
add name=pptp password=pptp profile=default-encryption service=pptp
add name=l2tp password=l2tp profile=default-encryption service=l2tp

-------------------添加外网PPTP L2TP连接进口+DNS+主机名-------------------------------------------
/interface vrrp
add interface=bridge2-wan name=vrrp248 vrid=248
add interface=bridge2-wan name=vrrp249 vrid=249

/interface pppoe-client
add name=userclient-out1 interface=vrrp248 user=0713666666 password=963852 disabled=no add-default-route=yes
add name=userclient-out2 interface=vrrp249 user=0713666666 password=963852 disabled=no add-default-route=yes

/ip address
add address=123.123.1.248 interface=vrrp248 network=123.123.1.248
add address=123.123.1.249 interface=vrrp249 network=123.123.1.249

/ip dns
set allow-remote-requests=yes cache-size=2048 max-udp-packet-size=512 servers=223.5.5.5,223.6.6.6

/system identity
set name="xxxxx"

-----------------添加动态域名 DNSPOD DDNS对应出口----------------------------------------
#PPPoE
:local pppoe "userclient-out1"

#DDNS Token
:local token "xxxxxxx,dddddddd"

#DDNS域名
:local record "dddddd"
:local domain "abcd.com"

#以下不需要修改
:global ipold
:local ipnew [/ip address get [/ip address find interface=$pppoe] address]
:set ipnew [:pick $ipnew 0 ([len $ipnew] -3)]
:if ($ipnew != $ipold) do={
:local url "http://u.myxzy.com/dnspod/\?token=$token&ip=$ipnew&domain=$domain&record=$record"
/tool fetch url=$url mode=http keep-result=no
:set ipold $ipnew
log info "DDNS: Sending UPDATE!"
}

ROS搭建PPTP+L2TP服务器使用多个PPPOE出口

标签:inter   packet   oba   ofo   动态域名   mst   ref   href   etc   

原文地址:https://blog.51cto.com/biwei/2572796

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!