Community discussions

MikroTik App
 
absimiliard
just joined
Topic Author
Posts: 1
Joined: Wed Jun 06, 2018 7:58 pm

I can't connect to my CHR from internet

Wed Jun 06, 2018 8:08 pm

Hi,
I have a kimsufi server with proxmox. The config network file is:

auto enp1s0
iface enp1s0 inet static
address 91.121.210.82
netmask 255.255.255.0
gateway 91.121.210.254
#red externa

auto enp2s0
iface enp2s0 inet manual

auto vmbr0
iface vmbr0 inet static
address 10.0.1.1
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '10.0.1.0/24' -o enp1s0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.0.1.0/24' -o enp1s0 -j MASQUERADE
#NATEO RDP para admin
post-up iptables -t nat -A PREROUTING -i enp1s0 -p tcp --dport 3389 -j DNAT --to 10.0.1.4:3389
post-down iptables -t nat -D PREROUTING -i enp10 -p tcp --dport 3389 -j DNAT --to 10.0.1.4:3389
#NATEO RDP para CLIENTE01
post-up iptables -t nat -A PREROUTING -i enp1s0 -p tcp --dport 3390 -j DNAT --to 10.0.2.3:3389
post-down iptables -t nat A -D PREROUTING -i enp10 -p tcp --dport 3390 -j DNAT --to 10.0.2.3:3389
#NATEO RDP para CLIENTE02
post-up iptables -t nat -A PREROUTING -i enp1s0 -p tcp --dport 3391 -j DNAT --to 10.0.3.3:3389
post-down iptables -t nat -D PREROUTING -i enp10 -p tcp --dport 3391 -j DNAT --to 10.0.3.3:3389
#NATEO para VPN
post-up iptables -t nat -A PREROUTING -i enp1s0 -p tcp --dport 1723 -j DNAT --to 10.0.1.3:1723
post-down iptables -t nat -D PREROUTING -i enp1s0 -p tcp --dport 1723 -j DNAT --to 10.0.1.3:1723
#NATEO para Administrar CHR
post-up iptables -t nat -A PREROUTING -i enp1s0 -p tcp --dport 443 -j DNAT --to 10.0.1.3:443
post-down iptables -t nat -D PREROUTING -i enp1s0 -p tcp --dport 443 -j DNAT --to 10.0.1.3:443
post-up iptables -t nat -A PREROUTING -i enp1s0 -p tcp --dport 2223 -j DNAT --to 10.0.1.3:22
post-down iptables -t nat -D PREROUTING -i enp1s0 -p tcp --dport 2223 -j DNAT --to 10.0.1.3:22
post-up iptables -t nat -A PREROUTING -i enp1s0 -p tcp --dport 8291 -j DNAT --to 10.0.1.3:8291
post-down iptables -t nat -D PREROUTING -i enp1s0 -p tcp --dport 8291 -j DNAT --to 10.0.1.3:8291
post-up iptables -t nat -A PREROUTING -i enp1s0 -p tcp --dport 8729 -j DNAT --to 10.0.1.3:8729
post-down iptables -t nat -D PREROUTING -i enp1s0 -p tcp --dport 8729 -j DNAT --to 10.0.1.3:8729
#Red local Wan

auto vmbr1
iface vmbr1 inet static
address 10.0.2.1
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up iptables -t nat -A POSTROUTING -s '10.0.2.0/24' -o enp1s0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.0.2.0/24' -o enp1s0 -j MASQUERADE
#Red Local LAN1

auto vmbr2
iface vmbr2 inet static
address 10.0.3.1
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up iptables -t nat -A POSTROUTING -s '10.0.3.0/24' -o enp1s0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.0.3.0/24' -o enp1s0 -j MASQUERADE
#Red Local 2

I set my CHR with 3 nic, each on vmb0 - 10.0.1.3 , vmbr1 - 10.0.2..2 and vmbr2 - 10.0.3.2. I set PPTP server, but I can't connect from internet, but I can connect from vmbr2 to vmbr1. Any suguestion?

Kind Regards.

Who is online

Users browsing this forum: Bing [Bot] and 12 guests