API tools faq
paste
Advertisement
moneron

NAT lab: R2

moneron
Sep 3rd, 2017
167
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.95 KB | None | 0 0
raw download clone embed print report
  1. # Config of R2 in NAT lab
  2. # Management in EVE-NG:
  3. /system identity
  4. set name=R2-SSTP-server
  5. /tool romon
  6. set enabled=yes
  7.  
  8. # Addresses and routes:
  9. /ip address
  10. add address=10.1.0.6/30 interface=ether1
  11. add address=192.168.0.1/24 interface=ether2
  12. /ip route
  13. add gateway=10.1.0.5
  14.  
  15. # NAT
  16. /ip firewall nat
  17. add action=masquerade chain=srcnat out-interface=ether1
  18. add action=accept chain=dstnat dst-address=10.1.0.6 dst-port=443 protocol=tcp src-address=10.1.0.2 src-port=65432 comment="Catch SSTP"
  19. add action=dst-nat chain=dstnat dst-address=10.1.0.6 dst-port=443 protocol=tcp to-addresses=192.168.0.100 comment="WEB-server"
  20.  
  21. # Enable SSTP-server
  22. /interface sstp-server server
  23. set enabled=yes
  24. /ppp secret
  25. add local-address=10.0.0.1 name=ppp1 remote-address=10.0.0.2 service=sstp
  26.  
  27. # Disable unused services
  28. /ip service
  29. set telnet disabled=yes
  30. set ftp disabled=yes
  31. set www disabled=yes
  32. set ssh disabled=yes
  33. set api disabled=yes
  34. set api-ssl disabled=yes
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!