Homserv8/17/2023 ![]() Set allow-disable-external-interface=yes enabled=yesĪdd local-address=10.160.100.1 name=vpn remote-address=10.160.100.200 Set authentication=mschap2 enabled=yes use-ipsec=yesĪdd address=10.160.100.1/24 comment=defconf interface=ether2-master network=10.160.100.0Īdd comment=defconf dhcp-options=hostname,clientid disabled=no interface=ether1Īdd address=10.160.100.163 client-id=Gigaset mac-address=7C:2F:80:A8:90:F9 server=defconfĪdd address=10.160.100.2 client-id=1:9C:B6:54:04:54:47 comment=Zappa mac-address=9C:B6:54:04:54:47Īdd address=10.160.100.140 client-id=D-Link mac-address=6C:19:8F:CC:40:1CĪdd address=10.160.100.118 client-id=1:b8:27:eb:74:36:41 mac-address=B8:27:EB:74:36:41 server=defconfĪdd address=10.160.100.0/24 comment=defconf gateway=10.160.100.1 netmask=24Īdd action=accept chain=input comment="defconf: accept ICMP" protocol=icmpĪdd action=accept chain=input comment="defconf: accept established,related" connection-state=established,relatedĪdd action=accept chain=input comment="allow l2tp" dst-port=1701 protocol=udpĪdd action=accept chain=input comment="allow pptp" dst-port=1723 protocol=tcpĪdd action=accept chain=input comment="allow sstp" dst-port=443 protocol=tcpĪdd action=accept chain=input comment="Allow ipsec" port=1701,500,4500 protocol=udpĪdd action=accept chain=input comment="Allow Homserver Dynamic DNS" dst-port=80,443,4125 protocol=tcpĪdd action=drop chain=input comment="defconf: drop all from WAN" in-interface=ether1Īdd action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,relatedĪdd action=accept chain=forward comment="defconf: accept established,related" connection-state=established,relatedĪdd action=drop chain=forward comment="defconf: drop invalid" connection-state=invalidĪdd action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \Īdd action=masquerade chain=srcnat comment="defconf: masquerade" out-interface=ether1Īdd action=dst-nat chain=dstnat comment=Homeserver dst-port=443,80,4125 in-interface=ether1 protocol=tcp \Īdd action=dst-nat chain=dstnat disabled=yes dst-port=80 in-interface=ether1 protocol=tcp to-addresses=10.160.100.2 \Īdd action=dst-nat chain=dstnat dst-port=3389 in-interface=ether1 protocol=tcp to-addresses=10.160.100.2Īdd action=dst-nat chain=dstnat dst-port=32400 in-interface=ether1 protocol=tcp to-addresses=10.160.100.2 to-ports=\Īdd action=dst-nat chain=dstnat dst-port=32400 in-interface=ether1 protocol=udp to-addresses=10.160.100.2 to-ports=\Īdd action=dst-nat chain=dstnat dst-port=5060,5065 in-interface=ether1 protocol=udp to-addresses=10.160.100.163 \Īdd action=dst-nat chain=dstnat dst-port=3389 in-interface=ether1 protocol=udp to-addresses=10.160.100.2 to-ports=\Īdd action=dst-nat chain=dstnat disabled=yes dst-port=4125 in-interface=ether1 protocol=tcp to-addresses=\Īdd action=masquerade chain=srcnat comment="masq. Set *0 local-address=192.168.89.1 only-one=no remote-address=vpn use-encryption=yes
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |