Ako presmerovat port 22 z mikrotiku na linuxovy server???

[radocicala]

Dobry den, potreboval by som presmerovat port 22(chcem sa pripajat z internetu pomocou putty na linux server) na linux server. Mam verejnu ip x.x.x.x a lokalna ip linux servera je y.y.y.y. Viete poradit????

[sub_zero]

Dobry den, potreboval by som presmerovat port 22(chcem sa pripajat z internetu pomocou putty na linux server) na linux server. Mam verejnu ip x.x.x.x a lokalna ip linux servera je y.y.y.y. Viete poradit????

vypnout SSH services na MT:

Kód: Vybrat vše

ip> service

udelat dst-nat:

Kód: Vybrat vše

chain=dstnat action=dst-nat to-addresses=y.y.y.y to-ports=22 in-interface=ether1 dst-address=x.x.x.x dst-port=22 protocol=tcp

[radocicala]

neviem preco ale akosi mi to nefunguje viete poradit kde moze byt problem, ked sa prihlasim zo siete a dam namiesto lokalnej ip verejnu hodi ma to na pozadovanu sluzbu alebo servis ale ked to robim od hocikadial z vonku nefunguje ani prihlasenie pomocou portu 22/ktory je v ip services vypnuty) a ani pomocou weboveho rozhrania cez port 8080/linux webmin). Viete poradit kde by mohol byt problem, pricom sa mi nezda ze by to bolo poskytovatelom blokovane.

43 chain=dstnat action=dst-nat to-addresses=192.168.76.4 to-ports=22
in-interface=internet dst-address=213.151.203.22 dst-port=22
protocol=tcp

44 chain=dstnat action=dst-nat to-addresses=192.168.76.4 to-ports=8080
in-interface=internet dst-address=213.151.203.22 dst-port=8080
protocol=tcp

45 chain=dstnat action=dst-nat to-addresses=192.168.76.4 to-ports=8080
in-interface=internet dst-address=213.151.203.22 dst-port=8080
protocol=udp

[matrix]

neviem preco ale akosi mi to nefunguje viete poradit kde moze byt problem, ked sa prihlasim zo siete a dam namiesto lokalnej ip verejnu hodi ma to na pozadovanu sluzbu alebo servis ale ked to robim od hocikadial z vonku nefunguje ani prihlasenie pomocou portu 22/ktory je v ip services vypnuty) a ani pomocou weboveho rozhrania cez port 8080/linux webmin). Viete poradit kde by mohol byt problem, pricom sa mi nezda ze by to bolo poskytovatelom blokovane.

43 chain=dstnat action=dst-nat to-addresses=192.168.76.4 to-ports=22
in-interface=internet dst-address=213.151.203.22 dst-port=22
protocol=tcp

44 chain=dstnat action=dst-nat to-addresses=192.168.76.4 to-ports=8080
in-interface=internet dst-address=213.151.203.22 dst-port=8080
protocol=tcp

45 chain=dstnat action=dst-nat to-addresses=192.168.76.4 to-ports=8080
in-interface=internet dst-address=213.151.203.22 dst-port=8080
protocol=udp

mozno blba otazka ale mas spraveny aj opacny SRC-NAT z toho linux servera von ?

[radocicala]

Ked sa tam pripajam z lokalnej siete cez ip: 192.168.76.4 vtedy to funguje, z internetu nie.
Spravil som aj srcnat, ale neviem ci je dobre?

Kód: Vybrat vše

2   chain=dstnat action=dst-nat to-addresses=192.168.76.4 to-ports=22
     dst-address=235.151.245.33 dst-port=22 protocol=tcp

 3   chain=srcnat action=src-nat to-addresses=192.168.76.4 to-ports=22
     src-address=235.151.245.33 src-port=22 protocol=tcp

[klapik]

Ked sa tam pripajam z lokalnej siete cez ip: 192.168.76.4 vtedy to funguje, z internetu nie.
Spravil som aj srcnat, ale neviem ci je dobre?

Kód: Vybrat vše

2   chain=dstnat action=dst-nat to-addresses=192.168.76.4 to-ports=22
     dst-address=235.151.245.33 dst-port=22 protocol=tcp

 3   chain=srcnat action=src-nat to-addresses=192.168.76.4 to-ports=22
     src-address=235.151.245.33 src-port=22 protocol=tcp

jestli pouzivas nat zkusil bych toto:

chain=dstnat action=dst-nat to-addresses=192.168.76.4 to-ports=22
dst-address=235.151.245.33 dst-port=22 protocol=tcp

chain=srcnat action=masquerade src-address=192.168.76.4
out-interface="jmeno interfacu do netu"