API tools faq
paste
Guest User

Untitled

a guest
Nov 17th, 2020
25
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 17.12 KB | None | 0 0
raw download clone embed print report
  1. pbx01*CLI>
  2.  
  3. <--- SIP read from TCP:37.29.40.19:25541 --->
  4. INVITE sip:3550@БЕЛЫЙ_АЙПИ2_МИКРОТИКА:ПОРТ_ДО_АСТЕРА;transport=TCP SIP/2.0
  5. Via: SIP/2.0/TCP 100.86.168.227:45265;branch=z9hG4bK-524287-1---31a1428da426f71d;rport
  6. Max-Forwards: 70
  7. Contact: <sip:[email protected]:25541;transport=TCP>
  8. To: <sip:3550@БЕЛЫЙ_АЙПИ2_МИКРОТИКА:ПОРТ_ДО_АСТЕРА>
  9. From: <sip:3555@БЕЛЫЙ_АЙПИ2_МИКРОТИКА:ПОРТ_ДО_АСТЕРА;transport=TCP>;tag=cb9a6d22
  10. Call-ID: qPu18HHhwoOuR6n8L1styw..
  11. CSeq: 1 INVITE
  12. Allow: INVITE, ACK, CANCEL, BYE, NOTIFY, REFER, MESSAGE, OPTIONS, INFO, SUBSCRIBE
  13. Content-Type: application/sdp
  14. User-Agent: Zoiper rv2.10.11.5-mod
  15. Allow-Events: presence, kpml, talk
  16. Content-Length: 185
  17.  
  18. v=0
  19. o=Zoiper 1605598666785 1 IN IP4 100.86.168.227
  20. s=Z
  21. c=IN IP4 100.86.168.227
  22. t=0 0
  23. m=audio 39974 RTP/AVP 0 101 8
  24. a=rtpmap:101 telephone-event/8000
  25. a=fmtp:101 0-16
  26. a=sendrecv
  27. <------------->
  28. --- (13 headers 9 lines) ---
  29. Sending to 37.29.40.19:25541 (NAT)
  30. Sending to 37.29.40.19:25541 (NAT)
  31. Using INVITE request as basis request - qPu18HHhwoOuR6n8L1styw..
  32. Found peer '3555' for '3555' from 37.29.40.19:25541
  33.  
  34. <--- Reliably Transmitting (NAT) to 37.29.40.19:25541 --->
  35. SIP/2.0 401 Unauthorized
  36. Via: SIP/2.0/TCP 100.86.168.227:45265;branch=z9hG4bK-524287-1---31a1428da426f71d;received=37.29.40.19;rport=25541
  37. From: <sip:3555@БЕЛЫЙ_АЙПИ2_МИКРОТИКА:ПОРТ_ДО_АСТЕРА;transport=TCP>;tag=cb9a6d22
  38. To: <sip:3550@БЕЛЫЙ_АЙПИ2_МИКРОТИКА:ПОРТ_ДО_АСТЕРА>;tag=as453dac47
  39. Call-ID: qPu18HHhwoOuR6n8L1styw..
  40. CSeq: 1 INVITE
  41. Server: Asterisk PBX 13.35.0
  42. Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
  43. Supported: replaces, timer
  44. WWW-Authenticate: Digest algorithm=MD5, realm="asterisk", nonce="63eb4db4"
  45. Content-Length: 0
  46.  
  47.  
  48. <------------>
  49. Scheduling destruction of SIP dialog 'qPu18HHhwoOuR6n8L1styw..' in 14528 ms (Method: INVITE)
  50.  
  51. <--- SIP read from TCP:37.29.40.19:25541 --->
  52. ACK sip:3550@БЕЛЫЙ_АЙПИ2_МИКРОТИКА:ПОРТ_ДО_АСТЕРА;transport=TCP SIP/2.0
  53. Via: SIP/2.0/TCP 100.86.168.227:45265;branch=z9hG4bK-524287-1---31a1428da426f71d;rport
  54. Max-Forwards: 70
  55. To: <sip:3550@БЕЛЫЙ_АЙПИ2_МИКРОТИКА:ПОРТ_ДО_АСТЕРА>;tag=as453dac47
  56. From: <sip:3555@БЕЛЫЙ_АЙПИ2_МИКРОТИКА:ПОРТ_ДО_АСТЕРА;transport=TCP>;tag=cb9a6d22
  57. Call-ID: qPu18HHhwoOuR6n8L1styw..
  58. CSeq: 1 ACK
  59. Content-Length: 0
  60.  
  61. <------------->
  62. --- (8 headers 0 lines) ---
  63.  
  64. <--- SIP read from TCP:37.29.40.19:25541 --->
  65. INVITE sip:3550@БЕЛЫЙ_АЙПИ2_МИКРОТИКА:ПОРТ_ДО_АСТЕРА;transport=TCP SIP/2.0
  66. Via: SIP/2.0/TCP 100.86.168.227:45265;branch=z9hG4bK-524287-1---59f0377de76dd96a;rport
  67. Max-Forwards: 70
  68. Contact: <sip:[email protected]:25541;transport=TCP>
  69. To: <sip:3550@БЕЛЫЙ_АЙПИ2_МИКРОТИКА:ПОРТ_ДО_АСТЕРА>
  70. From: <sip:3555@БЕЛЫЙ_АЙПИ2_МИКРОТИКА:ПОРТ_ДО_АСТЕРА;transport=TCP>;tag=cb9a6d22
  71. Call-ID: qPu18HHhwoOuR6n8L1styw..
  72. CSeq: 2 INVITE
  73. Allow: INVITE, ACK, CANCEL, BYE, NOTIFY, REFER, MESSAGE, OPTIONS, INFO, SUBSCRIBE
  74. Content-Type: application/sdp
  75. User-Agent: Zoiper rv2.10.11.5-mod
  76. Authorization: Digest username="3555",realm="asterisk",nonce="63eb4db4",uri="sip:3550@БЕЛЫЙ_АЙПИ2_МИКРОТИКА:ПОРТ_ДО_АСТЕРА;transport=TCP",response="d972e2f30454b0053f958c056703e93c",algorithm=MD5
  77. Allow-Events: presence, kpml, talk
  78. Content-Length: 185
  79.  
  80. v=0
  81. o=Zoiper 1605598666785 1 IN IP4 100.86.168.227
  82. s=Z
  83. c=IN IP4 100.86.168.227
  84. t=0 0
  85. m=audio 39974 RTP/AVP 0 101 8
  86. a=rtpmap:101 telephone-event/8000
  87. a=fmtp:101 0-16
  88. a=sendrecv
  89. <------------->
  90. --- (14 headers 9 lines) ---
  91. Sending to 37.29.40.19:25541 (NAT)
  92. Using INVITE request as basis request - qPu18HHhwoOuR6n8L1styw..
  93. Found peer '3555' for '3555' from 37.29.40.19:25541
  94. Got SDP version 1 and unique parts [Zoiper 1605598666785 IN IP4 100.86.168.227]
  95. Found RTP audio format 0
  96. Found RTP audio format 101
  97. Found RTP audio format 8
  98. Found audio description format telephone-event for ID 101
  99. Capabilities: us - (alaw|ulaw), peer - audio=(ulaw|alaw)/video=(nothing)/text=(nothing), combined - (alaw|ulaw)
  100. Non-codec capabilities (dtmf): us - 0x0 (nothing), peer - 0x1 (telephone-event|), combined - 0x0 (nothing)
  101. Peer audio RTP is at port 100.86.168.227:39974
  102. Looking for 3550 in from-internal (domain БЕЛЫЙ_АЙПИ2_МИКРОТИКА)
  103. sip_route_dump: route/path hop: <sip:[email protected]:25541;transport=TCP>
  104.  
  105. <--- Transmitting (NAT) to 37.29.40.19:25541 --->
  106. SIP/2.0 100 Trying
  107. Via: SIP/2.0/TCP 100.86.168.227:45265;branch=z9hG4bK-524287-1---59f0377de76dd96a;received=37.29.40.19;rport=25541
  108. From: <sip:3555@БЕЛЫЙ_АЙПИ2_МИКРОТИКА:ПОРТ_ДО_АСТЕРА;transport=TCP>;tag=cb9a6d22
  109. To: <sip:3550@БЕЛЫЙ_АЙПИ2_МИКРОТИКА:ПОРТ_ДО_АСТЕРА>
  110. Call-ID: qPu18HHhwoOuR6n8L1styw..
  111. CSeq: 2 INVITE
  112. Server: Asterisk PBX 13.35.0
  113. Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
  114. Supported: replaces, timer
  115. Contact: <sip:3550@БЕЛЫЙ_АЙПИ2_МИКРОТИКА:5060;transport=tcp>
  116. Content-Length: 0
  117.  
  118.  
  119. <------------>
  120. Audio is at 37970
  121. Adding codec alaw to SDP
  122. Adding codec ulaw to SDP
  123.  
  124. <--- Transmitting (NAT) to 37.29.40.19:25541 --->
  125. SIP/2.0 183 Session Progress
  126. Via: SIP/2.0/TCP 100.86.168.227:45265;branch=z9hG4bK-524287-1---59f0377de76dd96a;received=37.29.40.19;rport=25541
  127. From: <sip:3555@БЕЛЫЙ_АЙПИ2_МИКРОТИКА:ПОРТ_ДО_АСТЕРА;transport=TCP>;tag=cb9a6d22
  128. To: <sip:3550@БЕЛЫЙ_АЙПИ2_МИКРОТИКА:ПОРТ_ДО_АСТЕРА>;tag=as52312201
  129. Call-ID: qPu18HHhwoOuR6n8L1styw..
  130. CSeq: 2 INVITE
  131. Server: Asterisk PBX 13.35.0
  132. Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
  133. Supported: replaces, timer
  134. Contact: <sip:3550@БЕЛЫЙ_АЙПИ2_МИКРОТИКА:5060;transport=tcp>
  135. Content-Type: application/sdp
  136. Content-Length: 208
  137.  
  138. v=0
  139. o=root 874411733 874411733 IN IP4 БЕЛЫЙ_АЙПИ2_МИКРОТИКА
  140. s=Asterisk PBX 13.35.0
  141. c=IN IP4 БЕЛЫЙ_АЙПИ2_МИКРОТИКА
  142. t=0 0
  143. m=audio 37970 RTP/AVP 8 0
  144. a=rtpmap:8 PCMA/8000
  145. a=rtpmap:0 PCMU/8000
  146. a=maxptime:150
  147. a=sendrecv
  148.  
  149. <------------>
  150.  
  151. <--- SIP read from TCP:37.29.40.19:25541 --->
  152.  
  153.  
  154. <------------->
  155. [Nov 17 07:36:16] NOTICE[26257]: chan_sip.c:24776 handle_response_peerpoke: Peer '3535' is now Reachable. (405ms / 3000ms)
  156. Audio is at 37970
  157. Adding codec alaw to SDP
  158. Adding codec ulaw to SDP
  159.  
  160. <--- Reliably Transmitting (NAT) to 37.29.40.19:25541 --->
  161. SIP/2.0 200 OK
  162. Via: SIP/2.0/TCP 100.86.168.227:45265;branch=z9hG4bK-524287-1---59f0377de76dd96a;received=37.29.40.19;rport=25541
  163. From: <sip:3555@БЕЛЫЙ_АЙПИ2_МИКРОТИКА:ПОРТ_ДО_АСТЕРА;transport=TCP>;tag=cb9a6d22
  164. To: <sip:3550@БЕЛЫЙ_АЙПИ2_МИКРОТИКА:ПОРТ_ДО_АСТЕРА>;tag=as52312201
  165. Call-ID: qPu18HHhwoOuR6n8L1styw..
  166. CSeq: 2 INVITE
  167. Server: Asterisk PBX 13.35.0
  168. Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
  169. Supported: replaces, timer
  170. Contact: <sip:3550@БЕЛЫЙ_АЙПИ2_МИКРОТИКА:5060;transport=tcp>
  171. Content-Type: application/sdp
  172. Content-Length: 208
  173.  
  174. v=0
  175. o=root 874411733 874411733 IN IP4 БЕЛЫЙ_АЙПИ2_МИКРОТИКА
  176. s=Asterisk PBX 13.35.0
  177. c=IN IP4 БЕЛЫЙ_АЙПИ2_МИКРОТИКА
  178. t=0 0
  179. m=audio 37970 RTP/AVP 8 0
  180. a=rtpmap:8 PCMA/8000
  181. a=rtpmap:0 PCMU/8000
  182. a=maxptime:150
  183. a=sendrecv
  184.  
  185. <------------>
  186. [Nov 17 07:36:31] WARNING[26237]: chan_sip.c:4092 retrans_pkt: Retransmission timeout reached on transmission qPu18HHhwoOuR6n8L1styw.. for seqno 2 (Critical Response) -- See https://wiki.asterisk.org/wiki/display/AST/SIP+Retransmissions
  187. Packet timed out after 14528ms with no response
  188. [Nov 17 07:36:31] WARNING[26237]: chan_sip.c:4116 retrans_pkt: Hanging up call qPu18HHhwoOuR6n8L1styw.. - no reply to our critical packet (see https://wiki.asterisk.org/wiki/display/AST/SIP+Retransmissions).
  189. Scheduling destruction of SIP dialog 'qPu18HHhwoOuR6n8L1styw..' in 14528 ms (Method: INVITE)
  190. Reliably Transmitting (NAT) to 37.29.40.19:25541:
  191. BYE sip:[email protected]:25541;transport=TCP SIP/2.0
  192. Via: SIP/2.0/TCP БЕЛЫЙ_АЙПИ2_МИКРОТИКА:5060;branch=z9hG4bK6ec5337f;rport
  193. Max-Forwards: 70
  194. From: <sip:3550@БЕЛЫЙ_АЙПИ2_МИКРОТИКА:ПОРТ_ДО_АСТЕРА>;tag=as52312201
  195. To: <sip:3555@БЕЛЫЙ_АЙПИ2_МИКРОТИКА:ПОРТ_ДО_АСТЕРА;transport=TCP>;tag=cb9a6d22
  196. Call-ID: qPu18HHhwoOuR6n8L1styw..
  197. CSeq: 102 BYE
  198. User-Agent: Asterisk PBX 13.35.0
  199. Proxy-Authorization: Digest username="3555", realm="asterisk", algorithm=MD5, uri="sip:БЕЛЫЙ_АЙПИ2_МИКРОТИКА", nonce="63eb4db4", response="c8903b0083240da95dce831f83c1a738"
  200. X-Asterisk-HangupCause: No user responding
  201. X-Asterisk-HangupCauseCode: 18
  202. Content-Length: 0
  203.  
  204.  
  205. ---
  206.  
  207. <--- SIP read from TCP:37.29.40.19:25541 --->
  208. SIP/2.0 200 OK
  209. Via: SIP/2.0/TCP БЕЛЫЙ_АЙПИ2_МИКРОТИКА:5060;branch=z9hG4bK6ec5337f;rport=ПОРТ_ДО_АСТЕРА
  210. Contact: <sip:[email protected]:25541;transport=TCP>
  211. To: <sip:3555@БЕЛЫЙ_АЙПИ2_МИКРОТИКА:ПОРТ_ДО_АСТЕРА;transport=TCP>;tag=cb9a6d22
  212. From: <sip:3550@БЕЛЫЙ_АЙПИ2_МИКРОТИКА:ПОРТ_ДО_АСТЕРА>;tag=as52312201
  213. Call-ID: qPu18HHhwoOuR6n8L1styw..
  214. CSeq: 102 BYE
  215. User-Agent: Zoiper rv2.10.11.5-mod
  216. Content-Length: 0
  217.  
  218. <------------->
  219. --- (9 headers 0 lines) ---
  220. SIP Response message for INCOMING dialog BYE arrived
  221. Really destroying SIP dialog 'qPu18HHhwoOuR6n8L1styw..' Method: INVITE
  222. pbx01*CLI> exit
  223. Asterisk cleanly ending (0).
  224. Executing last minute cleanups
  225. [root@pbx01 ~]#
  226.  
  227.  
  228. [root@pbx01 ~]# vi /etc/asterisk/sip.conf
  229. [general]
  230. bindaddr=10.221.121.250
  231. bindport=5060
  232. localnet=10.221.0.0/255.255.0.0
  233. externip=БЕЛЫЙ_АЙПИ2_МИКРОТИКА
  234. language=ru
  235. alwaysauthreject=yes
  236. allowguest=no
  237. tcpenable=yes
  238. transport=tcp
  239.  
  240.  
  241. [office](!)
  242.  
  243. type=friend
  244. deny=0.0.0.0/0.0.0.0
  245. permit=10.10.20.0/255.255.255.0
  246. permit=10.221.0.0/255.255.0.0
  247. host=dynamic
  248. context=from-internal
  249. nat=force_rport
  250. qualify=3000
  251. directmedia=no
  252. disallow=all
  253. allow=alaw
  254. allow=ulaw
  255. dtmfmode=info
  256.  
  257. [outside](!)
  258.  
  259. type=friend
  260. permit=0.0.0.0/0.0.0.0
  261. host=dynamic
  262. context=from-internal
  263. nat=yes
  264. canreinvite=no
  265. qualify=3000
  266. directmedia=no
  267. disallow=all
  268. allow=alaw
  269. allow=ulaw
  270. dtmfmode=info
  271.  
  272. [3555](outside)
  273. callerid=YakovlevNA <3555>
  274. secret=ЫВАЫВАЫВА
  275.  
  276. [3550](office)
  277. callerid=TEST <3550>
  278. secret=ЫВАЫВАЫВА
  279.  
  280.  
  281. [root@pbx01 ~]# vi /etc/asterisk/rtp.conf
  282. [general]
  283.  
  284. rtpstart=36600
  285. rtpend=39999
  286.  
  287. pbx01*CLI> sip show peers
  288. Name/username Host Dyn Forcerport Comedia ACL Port Status Description
  289.  
  290.  
  291. 3550/3550 10.221.1.29 D Yes No A 58566 OK (1 ms)
  292. 3555/3555 37.29.40.19 D Yes Yes A 25541 OK (278 ms)
  293.  
  294.  
  295.  
  296.  
  297.  
  298.  
  299.  
  300.  
  301.  
  302.  
  303.  
  304.  
  305.  
  306. Далее конфиг Микротика, настроены два активных провайдера. Но для айпи Астера прописал, чтобы он отвечал только с одного айпи. Он указан как БЕЛЫЙ_АЙПИ2_МИКРОТИКА.
  307.  
  308.  
  309.  
  310.  
  311. [root@Mikro_MAIN] > export
  312. # nov/17/2020 16:43:29 by RouterOS 6.46.1
  313. # software id = SPSH-ZA9W
  314. #
  315. # model = RouterBOARD 3011UiAS
  316. # serial number = B88D0A83F135
  317. /interface l2tp-server
  318. add name=tmn-l2tp user=tmn-l2tp-rtk
  319. /interface bridge
  320. add name=ASTERISK
  321. add name=INET
  322. add name=KSPD
  323. add name=KS_YKT
  324. /interface ethernet
  325. set [ find default-name=ether1 ] comment="WAN RTK"
  326. set [ find default-name=ether10 ] comment="WAN BEE"
  327.  
  328. /interface list
  329. add name=WAN
  330. /interface wireless security-profiles
  331. set [ find default=yes ] supplicant-identity=MikroTik
  332. /ip pool
  333.  
  334. /ip dhcp-server
  335. add address-pool=dhcp_pool0 disabled=no interface=INET lease-time=1h name=dhcp1
  336. /ppp profile
  337.  
  338. /interface bridge port
  339.  
  340. /interface detect-internet
  341. set detect-interface-list=all
  342. /interface l2tp-server server
  343.  
  344. /interface list member
  345. add interface=ether1 list=WAN
  346. add interface=ether10 list=WAN
  347. /ip address
  348. add address=БЕЛЫЙ_АЙПИ1_МИКРОТИКА/29 interface=ether1 network=ШЛЮЗ1_МИКРОТИКА
  349.  
  350. add address=БЕЛЫЙ_АЙПИ2_МИКРОТИКА/30 interface=ether10 network=ШЛЮЗ2_МИКРОТИКА
  351.  
  352. /ip dhcp-server lease
  353.  
  354. /ip dhcp-server network
  355.  
  356. /ip dns
  357. set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
  358. /ip firewall address-list
  359.  
  360. add address=10.221.121.250 comment="Test OIT MAC" list=only_BEE
  361. add address=10.10.20.151 comment="MacOS VasilevaES" list=INET_to_KSPD
  362. /ip firewall filter
  363.  
  364.  
  365. add action=accept chain=input comment="allow udp RTP" in-interface-list=WAN port=36600-39999 protocol=udp
  366.  
  367. add action=accept chain=forward comment=fasttrack connection-state=established,related
  368. add action=drop chain=forward comment="drop invalid" connection-state=invalid disabled=yes
  369. add action=drop chain=forward comment="drop WAN >> INET" in-interface-list=WAN out-interface=INET
  370. /ip firewall mangle
  371.  
  372. add action=mark-routing chain=prerouting dst-address-list=KSPD new-routing-mark=main passthrough=no src-address-list=VPN-tunnel
  373. add action=mark-routing chain=prerouting dst-address-list=VPN-tunnel new-routing-mark=main passthrough=no src-address-list=KSPD
  374. add action=mark-connection chain=prerouting dst-address-list=!VPN-tunnel new-connection-mark=only-RTK passthrough=yes src-address-list=only_RTK
  375. add action=mark-routing chain=prerouting connection-mark=only-RTK new-routing-mark=RTK passthrough=no
  376. add action=mark-connection chain=prerouting dst-address-list=!VPN-tunnel new-connection-mark=only-BEE passthrough=yes src-address-list=only_BEE
  377. add action=mark-routing chain=prerouting connection-mark=only-BEE new-routing-mark=BEE passthrough=no
  378. add action=mark-connection chain=prerouting comment=RTK in-interface=ether1 new-connection-mark=in-RTK passthrough=yes
  379. add action=mark-routing chain=prerouting connection-mark=in-RTK new-routing-mark=RTK passthrough=yes
  380. add action=mark-connection chain=prerouting comment=BEE in-interface=ether10 new-connection-mark=in-BEE passthrough=yes
  381. add action=mark-routing chain=prerouting connection-mark=in-BEE new-routing-mark=BEE passthrough=yes
  382. add action=mark-connection chain=prerouting comment=PCC dst-address-list=!VPN-tunnel dst-address-type=!local new-connection-mark=RTK-conn passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0
  383. add action=mark-connection chain=prerouting dst-address-list=!VPN-tunnel dst-address-type=!local new-connection-mark=BEE-conn passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1
  384. add action=mark-routing chain=prerouting connection-mark=RTK-conn new-routing-mark=RTK passthrough=yes
  385. add action=mark-routing chain=prerouting connection-mark=BEE-conn new-routing-mark=BEE passthrough=yes
  386. add action=mark-routing chain=output connection-mark=in-RTK dst-address-list=!VPN-tunnel new-routing-mark=RTK passthrough=yes
  387. add action=mark-routing chain=output new-routing-mark=RTK passthrough=yes src-address=БЕЛЫЙ_АЙПИ1_МИКРОТИКА
  388. add action=mark-routing chain=output connection-mark=in-BEE dst-address-list=!VPN-tunnel new-routing-mark=BEE passthrough=yes
  389. add action=mark-routing chain=output new-routing-mark=BEE passthrough=yes src-address=БЕЛЫЙ_АЙПИ2_МИКРОТИКА
  390. /ip firewall nat
  391.  
  392. add action=dst-nat chain=dstnat dst-port=ПОРТ_ДО_АСТЕРА in-interface=ether10 protocol=tcp to-addresses=10.221.121.250 to-ports=5060
  393.  
  394. add action=dst-nat chain=dstnat dst-port=36600-39999 in-interface=ether10 protocol=udp to-addresses=10.221.121.250 to-ports=36600-39999
  395. add action=masquerade chain=srcnat comment=SRCNAT dst-address-list=!VPN-tunnel out-interface-list=WAN
  396. /ip firewall service-port
  397. set sip disabled=yes
  398. /ip ipsec policy
  399.  
  400. /ip route
  401. add comment=RTK-route distance=1 gateway=ШЛЮЗ1_МИКРОТИКА routing-mark=RTK
  402. add comment=BEE-route distance=1 gateway=ШЛЮЗ2_МИКРОТИКА routing-mark=BEE
  403. add check-gateway=ping distance=1 gateway=8.8.8.8
  404. add check-gateway=ping distance=2 gateway=8.8.4.4
  405. add distance=1 dst-address=8.8.4.4/32 gateway=ШЛЮЗ2_МИКРОТИКА scope=10
  406. add distance=1 dst-address=8.8.8.8/32 gateway=ШЛЮЗ1_МИКРОТИКА scope=10
  407.  
  408. /ip route rule
  409. add src-address=БЕЛЫЙ_АЙПИ1_МИКРОТИКА/32 table=to-RTK
  410. add src-address=БЕЛЫЙ_АЙПИ2_МИКРОТИКА/32 table=to-BEE
  411. add dst-address=10.221.0.0/16 table=main
  412.  
  413. add routing-mark=RTK table=to-RTK
  414. add routing-mark=BEE table=to-BEE
  415. /ip service
  416.  
  417. /ppp aaa
  418.  
  419. /ppp secret
  420.  
  421. /radius
  422.  
  423. /system clock
  424.  
  425. /system identity
  426. set name=Mikro_MAIN
  427. /system logging
  428.  
  429. /system ntp client
  430. set enabled=yes primary-ntp=85.114.26.194 secondary-ntp=88.147.254.230
  431. /system scheduler
  432.  
  433. /system script
  434.  
  435. /tool e-mail
  436.  
  437. /tool netwatch
  438.  
  439. /tool sniffer
  440. set file-name=3555_sip filter-interface=all filter-ip-address=10.221.121.250/32 filter-ip-protocol=tcp filter-port=sip memory-limit=10000KiB
  441. /tool traffic-monitor
  442. add interface=tmn-l2tp name=tmon1 threshold=0
  443.  
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!