No sice sa to blbo riesi takto bez nicoho, lepsi by bol pristup k boxom, hlavne kvoli tomu natu 1:1 ci to nebude robit problem .. ale tak skusime..
RB1: current IP 10.0.1.100
IP: 10.39.9.11 (public IP 77.242.87.189)
MASK: 255.255.0.0
GW: 10.39.9.1
DNS: 82.114.192.15 82.114.192.6
internal network is 192.168.1.1/24
RB2: current IP 10.0.1.200
IP: 172.20.202.100 (public IP 88.146.173.193))
MASK: 255.255.255.0
GW: 172.20.202.1
DNS: 62.240.190.4 62.240.190.34 62.240.190.35
internal network is 192.168.2.1/24
Skusime ten setup s GRE tunelmi, dva spojenie MK budu mat ptp subnet napr 172.16.1.0/30
RB1:
/interface gre
add disabled=no dscp=0 l2mtu=65535 local-address=77.242.87.189 mtu=1410 name=\
gre-tunnel0 remote-address=88.146.173.193
/ip address
add address=172.16.1.1/30 comment=Tunnel disabled=no interface=gre-tunnel0 \
network=172.16.1.0
RB2:
/interface gre
add disabled=no dscp=0 l2mtu=65535 local-address=88.146.173.193 mtu=1410 name=\
gre-tunnel0 remote-address=77.242.87.189
/ip address
add address=172.16.1.2/30 comment=Tunnel disabled=no interface=gre-tunnel0 \
network=172.16.1.0
Nahodit a skusit ping na protistranu z oboch MK .... ping 172.16.1.1 resp 172.16.1.2
Ak ok, pridas routy...
RB1:
/ip route
add disabled=no dst-address=192.168.2.0/24 gateway=172.16.1.2
RB2:
/ip route
add disabled=no dst-address=192.168.1.0/24 gateway=172.16.1.1
Teraz by mala byt dosiahnutelna siet na druhom MK cez GRE tunel.
No a ked ti toto pojde tak sa ohlas
, som zvedavy ci nebude problem so src ip GRE pri tom nate. Ked ti toto pojde, pripisem nieco dalsie. ( doriesime samotny ipsec )