Community discussions

 
Iceog
just joined
Topic Author
Posts: 10
Joined: Wed Dec 07, 2011 8:43 pm

Gateway timeout with proxy and routing

Thu Dec 08, 2011 3:32 pm

Welcome,

I know there are many post about my problem , but i did not find solution.

If I turn on redirecting 80 port to 8080 i get gateway timeout. The problem did not exist , when the routing wasnt set.

Here is my specification:
IP Adress
0 ;;; hotspot network
address=192.168.100.1/23 network=192.168.100.0 interface=ether2
actual-interface=ether2

1 address=172.16.1.2/30 network=172.16.1.0 interface=ether1
actual-interface=ether1

IP ROUTE
0 A S dst-address=0.0.0.0/0 gateway=172.16.1.1
gateway-status=172.16.1.1 reachable ether1 distance=1 scope=30
target-scope=10

1 ADC dst-address=172.16.1.0/30 pref-src=172.16.1.2 gateway=ether1
gateway-status=ether1 reachable distance=0 scope=10

2 ADC dst-address=192.168.100.0/23 pref-src=192.168.100.1 gateway=ether2
gateway-status=ether2 unreachable distance=0 scope=200


/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
tcp-close-wait-timeout=10s tcp-established-timeout=1d \
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no \
tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=no
/ip firewall mangle
add action=accept chain=output disabled=no dscp=4
/ip firewall nat
add action=redirect chain=dstnat disabled=no dst-port=80 protocol=tcp \
to-ports=8080
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061
set pptp disabled=no


Thanks in advance for any help.

P.S. Sorry for my english :)
 
Iceog
just joined
Topic Author
Posts: 10
Joined: Wed Dec 07, 2011 8:43 pm

Re: Gateway timeout with proxy and routing

Thu Dec 08, 2011 4:00 pm

I note that , there on firewall/connections i get
Src. Address : 172.168.1.2
Dst. Address : 80.48.169.1 (www.orange.pl) - allowed on proxy server. For testing rest have deny
TCP State : Syn sent
 
Iceog
just joined
Topic Author
Posts: 10
Joined: Wed Dec 07, 2011 8:43 pm

Re: Gateway timeout with proxy and routing

Wed Dec 14, 2011 12:41 pm

I just solved the problem by adding 192.168.100.1 as pref.src in route rule.
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 A S  0.0.0.0/0          192.168.100.1   172.16.1.1                1
 
User avatar
dasiu
Trainer
Trainer
Posts: 232
Joined: Fri Jan 30, 2009 11:41 am
Location: Reading, UK
Contact:

Re: Gateway timeout with proxy and routing

Wed Dec 14, 2011 1:38 pm

If it was the solution - then the 172.16.1.1 router has very strange NAT rules :).
 
Iceog
just joined
Topic Author
Posts: 10
Joined: Wed Dec 07, 2011 8:43 pm

Re: Gateway timeout with proxy and routing

Wed Dec 14, 2011 1:53 pm

No jest to dość skomplikowane :)

Thanks again,

Topic can be closed
 
User avatar
dasiu
Trainer
Trainer
Posts: 232
Joined: Fri Jan 30, 2009 11:41 am
Location: Reading, UK
Contact:

Re: Gateway timeout with proxy and routing

Wed Dec 14, 2011 1:59 pm

Yeah, the topic can be closed now :)

Taa, po tym "www.orange.pl" też wywnioskowałem, że Waść z Polski być musisz :).

Pozdrawiam! :)

Who is online

Users browsing this forum: No registered users and 98 guests