ROSは、複数のPPPOEエクスポートを使用してPPTP + L2TPサーバーを構築します

要件：元々12個のダイヤルアップVPSがあり、それらはすべてMSTSCを介して操作されてIPアドレスを変更しました。次に、ROSを使用してPPTPサーバーとL2TPサーバーを構築し、ローカルPCでPPTP L2TPクライアントを使用してIPを接続および切り替えます。これには、IPを変更するためのアプリケーションソフトウェアが必要です。さまざまな地域のダイヤルアップVPSに頻繁に展開する必要はありません。合計でPPTPL2TPアカウントがあります。この機能は、以下のROSを介して実現され、12のPPPOEアウトレットが接続され、PPTPL2TPを介してポーリングされます。

--------ネットワークカード名を設定します--PPPOEの名前はwan、内部ネットワークの名前はlan -------------
/ interface bridge
add name = bridge1-lan
add name = bridge2-wan

/ interface vrrp
add interface = bridge2-wan name = vrrp1
add interface = bridge2-wan name = vrrp2 vrid = 2
add interface = bridge2-wan name = vrrp3 vrid = 3
add interface = bridge2-wan name = vrrp4 vrid = 4
add interface = bridge2-wan name = vrrp5 vrid = 5
add interface = bridge2-wan name = vrrp6 vrid = 6
add interface = bridge2-wan name = vrrp7 vrid = 7
add interface = bridge2-wan name = vrrp8 vrid = 8
add interface = bridge2 -wan name = vrrp9 vrid = 9
add interface = bridge2-wan name = vrrp10 vrid = 10
add interface = bridge2-wan name = vrrp11 vrid = 11
add interface = bridge2-wan name = vrrp12 vrid = 12

/ interface pppoe-client
add name = pppoe-out1 interface = vrrp1 user = 0713666666 password = 963852 disabled = no
add name = pppoe-out2 interface = vrrp2 user = 0713666666 password = 963852 disabled = no
add name = pppoe-out3 interface = vrrp3 user = 0713666666 password = 963852 disabled = no
add name = pppoe-out4 interface = vrrp4 user = 0713666666 password = 963852 disable = no
add name = pppoe-out5 interface = vrrp5 user = 0713666666 password = 963852 disabled = no
add name = pppoe- out6 interface = vrrp6 user = 0713666666 password = 963852 disabled = no
add name = pppoe-out7 interface = vrrp7 user = 0713666666 password = 963852 disabled = no
add name = pppoe-out8 interface = vrrp8 user = 0713666666 password = 963852 disabled = no
add name = pppoe-out9 interface = vrrp9 user = 0713666666 password = 963852 disabled = no
add name = pppoe-out10 interface = vrrp10 user = 0713666666 password = 963852 disabled = no
add name = pppoe-out11 interface = vrrp11 user = 0713666666 password = 963852disabled = no
add name = pppoe-out12 interface = vrrp12 user = 0713666666 password = 963852 disabled = no

/ ip address
add address = 192.168.64.201 / 24 interface = bridge1-lan network = 192.168.64.0
add address = 123.123.1.0 interface = bridge2-wan network = 123.123.1.0
add address = 123.123.1.1 interface = vrrp1 network = 123.123。 1.1
アドレスの追加= 123.123.1.2インターフェース= vrrp2ネットワーク= 123.123.1.2
アドレスの追加= 123.123.1.3インターフェース= vrrp3ネットワーク= 123.123.1.3
アドレスの追加= 123.123.1.4インターフェース= vrrp4ネットワーク= 123.123.1.4
アドレスの追加= 123.123.1.5インターフェース= vrrp5 network = 123.123.1.5
add address = 123.123.1.6 interface = vrrp6 network = 123.123.1.6
add address = 123.123.1.7 interface = vrrp7 network = 123.123.1.7
add address = 123.123.1.8 interface = vrrp8 network = 123.123.1.8
addアドレス= 123.123.1.9インターフェース= vrrp9ネットワーク= 123.123.1.9
add address = 123.123.1.10 interface = vrrp10 network = 123.123.1.10
add address = 123.123.1.11 interface = vrrp11 network = 123.123.1.11
add address = 123.123.1.12 interface = vrrp12 network = 123.123.1.12

/ interface bridge port
add bridge = bridge1-lan interface = lan
add bridge = bridge2-wan interface = wan

/ ip pool
add name = pptp ranges = 172.22.22.1-172.22.22.12

/ interface pptp-server server
set enabled = yes
/ interface l2tp-server server
set enabled = yes use-ipsec = required ipsec-secret = xxxxx

/ ipファイアウォールアドレス
-listadd address = 192.168.0.0 / 16 list = lanip
add address = 172.16.0.0 / 16 list = lanip
add address = 10.0.0.0 / 8 list = lanip

/ ipファイアウォールマングル
addaction = mark-routing chain = prerouting dst-address-list =！lanip new-routing-mark = pptp1 passthrough = no src-address = 172.22.22.1
add action = mark-routing chain = prerouting dst-address -list =！lanip new-routing-mark = pptp2 passthrough = no src-address = 172.22.22.2
add action = mark-routing chain = prerouting dst-address-list =！lanip new-routing-mark = pptp3 passthrough = no src -address = 172.22.22.3
add action = mark-routing chain = prerouting dst-address-list =！lanip new-routing-mark = pptp4 passthrough = no src-address = 172.22.22.4
add action = mark-routing chain = prerouting dst -address-list =！lanip new-routing-mark = pptp5 passthrough = no src-address = 172.22.22.5
add action = mark-routing chain = prerouting dst-address-list =！lanip new-routing-mark = pptp6 passthrough = no src-address = 172.22.22.6
add action = mark-routing chain = prerouting dst-address-list =！ lanip new-routing-mark = pptp7 passthrough = no src-address = 172.22.22.7
add action = mark-routing chain = prerouting dst-address-list =！lanip new-routing-mark = pptp8 passthrough = no src-address = 172.22 .22.8
add action = mark-routing chain = prerouting dst-address-list =！lanip new-routing-mark = pptp9 passthrough = no src-address = 172.22.22.9
add action = mark-routing chain = prerouting dst-address-list =！lanip new-routing-mark = pptp10 passthrough = no src-address = 172.22.22.10
add action = mark-routing chain = prerouting dst-address-list =！lanip new-routing-mark = pptp11 passthrough = no src-address = 172.22.22.11
add action = mark-routing chain = prerouting dst-address-list =！lanip new-routing-mark = pptp12 passthrough = no src-address = 172.22.22.12

/ ip Firewall nat
add action = masquerade chain = srcnat out-interface = all-ppp
add action = masquerade chain = srcnat out-interface = bridge1-lan

/ ipルート
追加距離= 1ゲートウェイ= pppoe-out1ルーティングマーク= pptp1
追加距離= 1ゲートウェイ= pppoe-out2ルーティングマーク= pptp2
追加距離= 1ゲートウェイ= pppoe-out3ルーティングマーク= pptp3
追加距離= 1ゲートウェイ= pppoe-out4ルーティングマーク= pptp4
追加距離= 1ゲートウェイ= pppoe-out5ルーティングマーク= pptp5
追加距離= 1ゲートウェイ= pppoe-out6ルーティングマーク= pptp6
追加距離= 1ゲートウェイ= pppoe-out7ルーティングマーク= pptp7
追加距離= 1ゲートウェイ= pppoe-out8ルーティングマーク= pptp8
追加距離= 1ゲートウェイ= pppoe-out9ルーティングマーク= pptp9
追加距離= 1ゲートウェイ= pppoe-out10ルーティングマーク= pptp10
追加距離= 1ゲートウェイ= pppoe -out11 routing-mark = pptp11
add distance = 1 Gateway = pppoe-out12 routing-mark = pptp12
add distance = 1 dst-address = 10.0.0.0 / 8 Gateway = 192.168.64.254
add distance = 1 dst-address = 172.16.0.0 / 16 Gateway = 192.168.64.254
add distance = 1 dst-address = 192.168.0.0 / 16ゲートウェイ= 192.168.64.254

/ ip service
set telnet disabled = yes
set ftp disabled = yes
set www disabled = yes
set ssh disabled = yes
set api disabled = yes
set winbox port = 8081
set api-ssl disabled = yes

/ ppp secret
add name = pptp password = pptp profile = default-encryption service = pptp
add name = l2tp password = l2tp profile = default-encryption service = l2tp

-------------------外部ネットワークPPTPL2TP接続インポート+ DNS +ホスト名を追加-------------------- -----------------------
/ interface vrrp
add interface = bridge2-wan name = vrrp248 vrid = 248
add interface = bridge2-wan name = vrrp249 vrid = 249

/ interface pppoe-client
add name = userclient-out1 interface = vrrp248 user = 0713666666 password = 963852 disabled = no add-default-route = yes
add name = userclient-out2 interface = vrrp249 user = 0713666666 password = 963852 disabled = no add- default-route = yes

/ ip address
add address = 123.123.1.248 interface = vrrp248 network = 123.123.1.248
add address = 123.123.1.249 interface = vrrp249 network = 123.123.1.249

/ ip dns
set allow-remote-requests = yes cache-size = 2048 max-udp-packet-size = 512servers = 223.5.5.5,223.6.6.6

/ system identity
set name = "xxxxx"

-----------------動的ドメイン名DNSPODDDNSの対応する出口を追加します-------------------------- --------------
#PPPoE
：local pppoe "userclient-out1"

#DDNSトークン
：ローカルトークン "xxxxxxx、dddddddd"

#DDNSドメイン名
：ローカルレコード "dddddd"
：ローカルドメイン "abcd.com"

＃完全不需要修改
：global ipold
：local ipnew [/ ip address get [/ ip address find interface = $ pppoe] address]
：set ipnew [：pick $ ipnew 0（[len $ ipnew] -3）]
：if（ $ ipnew！= $ ipold）do = {
：local url " http://u.myxzy.com/dnspod/\?token=$token&ip=$ipnew&domain=$domain&record=$record "
/ tool fetch url = $ urlモード= http keep-result = no
：set ipold $ ipnew
log info "DDNS：Sending UPDATE！"
}