ns5gt 2 hat kullanımı

selam,

n5gt yi Adsl + Gshdsl aynı anda kullanmak mümkün mü ?

adsl PPPoE ayarlı. internete çıkıyoruz. 2. hat olarak da gshdsl  bağladık ve burada ftp server kullanmak istiyoruz. yaptığım ayarlarda bir sıkıntı var sanırım. gshdsl in takılı olduğu untrust interface  down görünüyor.

yardımlarınız için şimdiden teşekkür ederim.

 

 

Selam,

Eğer mümkünse Konfigurasyon örneğinizi gönderebilirmisiniz ?

 

Normal
0
21

false
false
false

MicrosoftInternetExplorer4

/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Normal Tablo";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-parent:"";
mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
mso-para-margin:0cm;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:10.0pt;
font-family:"Times New Roman";
mso-ansi-language:#0400;
mso-fareast-language:#0400;
mso-bidi-language:#0400;}

factory default a cekebilirim gerekirse. su an mail sunucu mx kaydı adsl uzerinde. yeni gshdsl aldık. mx kaydini gshdsl e tasiyacagiz. mip tanımı ile ilgili bir seyler okumustum. onu yaptim ama olmadi. juniper i cok iyi bilmedigimi belirtmek isterim.

config dosyam bu sekilde;

 

set clock timezone 2

set vrouter trust-vr sharable

set vrouter "untrust-vr"

exit

set vrouter "trust-vr"

unset auto-route-export

set protocol pim

exit

exit

set service "SMTP" timeout never

set service "CustomPPTP" protocol 47 src-port
2048-2048 dst-port 2048-2048

set service "CustomPPTP" + tcp src-port 0-65535
dst-port 1723-1723

set service "ssmtp" protocol tcp src-port 465-465
dst-port 465-465 timeout never

set service "spop3" protocol tcp src-port 995-995
dst-port 995-995

set alg mgcp transaction-timeout 50

set auth-server "Local" id 0

set auth-server "Local" server-name
"Local"

set auth default auth server "Local"

set auth radius accounting port 1646

set admin name "admin"

set admin password "nP9gGKcvmLjsHGvUHtodPxPn"

set admin manager-ip 10.0.0.100.100 255.255.255.255

set admin port 4444

set admin auth timeout 10

set admin auth server "Local"

set admin format dos

set vip multi-port

set zone "Trust" vrouter "trust-vr"

set zone "Untrust" vrouter "trust-vr"

set zone "VLAN" vrouter "trust-vr"

set zone "Untrust-Tun" vrouter
"trust-vr"

set zone "Trust" tcp-rst

set zone "Untrust" block

unset zone "Untrust" tcp-rst

set zone "MGT" block

set zone "VLAN" block

set zone "VLAN" tcp-rst

set zone "Untrust" screen tear-drop

set zone "Untrust" screen syn-flood

set zone "Untrust" screen ping-death

set zone "Untrust" screen ip-filter-src

set zone "Untrust" screen land

set zone "V1-Untrust" screen tear-drop

set zone "V1-Untrust" screen syn-flood

set zone "V1-Untrust" screen ping-death

set zone "V1-Untrust" screen ip-filter-src

set zone "V1-Untrust" screen land

set zone "Trust" screen syn-flood timeout 50

set interface "trust" zone "Trust"

set interface "untrust" zone "Untrust"

set interface "adsl1" pvc 8 35 mux llc protocol
routed zone "Untrust"

unset interface vlan1 ip

set interface trust ip 10.0.0.1/24

set interface trust nat

set interface untrust ip xx.xx.xx.xx/29

set interface untrust route

set interface adsl1 ip xx.xx.xx.xx/32

set interface adsl1 route

set interface adsl1 proxy dns

unset interface vlan1 bypass-others-ipsec

unset interface vlan1 bypass-non-ip

set interface trust ip manageable

set interface untrust ip manageable

set interface adsl1 ip manageable

set interface trust manage mtrace

set interface untrust manage ping

set interface untrust manage web

set interface adsl1 manage web

set interface untrust monitor track-ip ip

set interface untrust monitor track-ip weight 1

set interface untrust monitor track-ip ip xx.xx.xx.xx

unset interface untrust monitor track-ip dynamic

set interface adsl1 vip untrust 25 "MAIL" 10.0.0.200
manual

set interface "untrust" mip xx.xx.xx.xx host
10.0.0.200 netmask 255.255.255.255 vr "trust-vr"

set flow tcp-mss

unset flow tcp-syn-check

set failover enable

set failover auto

set pki authority default scep mode "auto"

set pki x509 default cert-path partial

set infranet controller timeout action no-change

set dns host dns1 195.175.39.39 src-interface adsl1

set dns host dns2 195.175.39.40

set dns host dns3 0.0.0.0

set dns host schedule 06:28

set address "Trust" "10.0.0.0/24"
10.0.0.0 255.255.255.0

set address "Trust" "10.0.0.118/32"
10.0.0.118 255.255.255.255

set address "Trust" "10.0.0.200/32"
10.0.0.200 255.255.255.255

set address "Trust" "10.0.0.210/32"
10.0.0.210 255.255.255.255

set address "Trust" "10.0.0.50/32"
10.0.0.200 255.255.255.255

set address "Trust" "192.168.0.10/32"
192.168.0.10 255.255.255.255

set address "Trust" "192.168.1.0/24"
192.168.1.0 255.255.255.0

set address "Trust" "192.168.1.100/32"
192.168.1.100 255.255.255.255

set address "Trust" "192.168.1.109/32"
192.168.1.109 255.255.255.255

set address "Trust" "srv1" 10.0.0.200
255.255.255.255

set address "Trust" "srv3" 10.0.0.50
255.255.255.255

set address "Trust" "srv5" 10.0.0.225
255.255.255.255

set ike respond-bad-spi 1

unset ike ikeid-enumeration

unset ike dos-protection

unset ipsec access-session enable

set ipsec access-session maximum 5000

set ipsec access-session upper-threshold 0

set ipsec access-session lower-threshold 0

set ipsec access-session dead-p2-sa-timeout 0

unset ipsec access-session log-error

unset ipsec access-session info-exch-connected

unset ipsec access-session use-error-log

set attack db mode Update

set attack db schedule daily 00:00

set url protocol websense

set config enable

set server 10.0.0.210 15868 10

set fail-mode permit

exit

set policy id 27 from "Trust" to
"Untrust"  "srv3"
"Any" "ANY" permit log

set policy id 27

exit

set policy id 17 name "server-full" from
"Trust" to "Untrust" 
"srv3" "Any" "FTP" permit log

set policy id 17

set src-address "srv1"

set src-address "srv5"

set service "HTTP"

set service "HTTPS"

set log session-init

exit

set policy id 21 from "Trust" to
"Untrust" 
"10.0.0.0/24" "Any" "DNS" permit log

set policy id 21

set service "FTP"

set service "HTTP"

set service "HTTPS"

exit

set policy id 22 from "Trust" to
"Untrust" 
"10.0.0.210/32" "Any" "ANY" permit log

set policy id 22

exit

set policy id 25 name "viruswall out" from
"Trust" to "Untrust" 
"srv1" "Any" "ANY" nat src permit log

set policy id 25

exit

set policy id 28 from "Trust" to
"Untrust" 
"10.0.0.118/32" "VIP(adsl1)" "FTP" permit
log

set policy id 28

exit

set policy id 30 name "smtpserverfullaccess" from
"Trust" to "Untrust" 
"10.0.0.200/32" "Any" "ANY" permit log

set policy id 30

exit

set policy id 31 name "adslsmtpin" from
"Untrust" to "Trust" 
"Any" "VIP(adsl1)" "SMTP" permit log

set policy id 31

exit

 

set pppoa name "net" username "ttnet@ttnet"
password "U0YYOVA/AriLZnGEKrqEA=="

set pppoa name "tt_ppoa" interface adsl1

set nsmgmt bulkcli reboot-timeout 60

set ssh version v2

set config lock timeout 5

set ssl port 4443

set ntp server "0.0.0.0"

set ntp server backup1 "0.0.0.0"

set ntp server backup2 "0.0.0.0"

set modem speed 115200

set modem retry 3

set modem interval 10

set modem idle-time 10

set snmp port listen 161

set snmp port trap 162

set vrouter "untrust-vr"

exit

set vrouter "trust-vr"

set source-routing enable

set sibr-routing enable

unset add-default-route

set pbr smtp_pol

exit

set interface trust pbr

set interface adsl1 pbr

set interface untrust pbr

set zone Trust pbr smtp_pol

set zone Untrust pbr smtp_pol

set zone Untrust-Tun pbr smtp_pol

set vrouter "untrust-vr"

exit

set vrouter "trust-vr"

set protocol pim

exit

exit

yok mu ns5gt de 2 hat kullanan arkadaş ?

 

merhaba ,

5 gt de aynı anda 2 hattı kullanamazsınız fakat Untrust bacagına bırtane zyxel modem takarak hem adsl hem gshdsl kullanabılırsınız

selam,

n5gt yi Adsl + Gshdsl aynı anda kullanmak mümkün mü ?

adsl PPPoE ayarlı. internete çıkıyoruz. 2. hat olarak da gshdsl  bağladık ve burada ftp server kullanmak istiyoruz. yaptığım ayarlarda bir sıkıntı var sanırım. gshdsl in takılı olduğu untrust interface  down görünüyor.

yardımlarınız için şimdiden teşekkür ederim.

 

merhaba,

ns 5gt adsl modeli wan hattı olarak direk şekilde ADSL yi destekler.. eğer g.shdsl hattını da netscreen üzerinde sonlandırmak istiyorsanız bunun için g.shdsl destekli bir modemi bridge yapıp cihaz üzerinde sonlandırabiirsiniz. ve eğer isterseniz ECMP yani load balance yaparak veya, source base routing yazarak networkden istediğiniz ip adreslerine yani hostlara istediğiniz yerden çıkış verebilirsiniz.