Forum

versão 4.86 não funciona a pagina de corte

Postado por luciano zirpoli em 4 de Agosto de 2011 às 10:45am

ja vi varios topicos , mudei tudo mas ainda nao funciona pagina de corte na 4.86

radius incoming  accept ta marcado e a porta ja mudei para 3799, as regras do firewal tbm ja adicionadas e o mange tbm,  ja coloquei em primeiro, tbm ja marquei radius no mk-auth, aparentemente ja fis tudo e a pagina de corte nao funciona, a unica coisa que acontece que o cleinte entra no sesion time left e depois de uns 5 a 10 minutos ele desloga o cliente e pede pra logar de novo.

se alguem souber me da uma dica ai

obrigado

Para adicionar comentários, você deve ser membro de MK-AUTH.

Join MK-AUTH

Marcações: ajuda, como, configurar, corte, para, radius, sistema
Enviar-me um email quando as pessoas responderem –
Seguir

Respostas

  • Fileto Goerhing 4 de Agosto de 2011 as 12:51pm

    tamben vou acompanhar esse topico, to passando pelo mesmo problema

    nem no pppoe e nem hotspot to cortando os clientes inadiplentes.

    por favor PEDRo: se tiver uma soluçao nos ajude......

  • Flavio 4 de Agosto de 2011 as 1:05pm
    amigo faz o seguinte, seleciona a opçao de usar SSH e mantenha como estava na versao 485, a menos é claro q vc realmente queira usar o radius.
  • luciano zirpoli 4 de Agosto de 2011 as 1:50pm

    entao mas se bastante gente usa o radius , poque nao conssigo, gostaria se saber o porque nao funciona, se pode ser regras ou alguma outra configuracao.

     

  • tiago costa de carvalho 4 de Agosto de 2011 as 2:09pm

    no meu n achei nenhuma opção de usar ssh

  • Levi 4 de Agosto de 2011 as 2:17pm
    TO USANDO A 4.85 PQ A 4.86 PRA MIM N ROLOU TAMBEM
  • Flavio 4 de Agosto de 2011 as 2:20pm
    faça um up-date manual e nao opçao de gerenciar recursos vai ter SSH so marcar e ser feliz como na versao 4,85 era, eu to usando e bloqueia normal por ip como era antes.

    tiago costa de carvalho disse:

    no meu n achei nenhuma opção de usar ssh

  • Silvio MIranda 4 de Agosto de 2011 as 4:02pm
    Amigo, posta suas regras do NAT e MANGLE.

    luciano zirpoli disse:

    entao mas se bastante gente usa o radius , poque nao conssigo, gostaria se saber o porque nao funciona, se pode ser regras ou alguma outra configuracao.

     

  • Mark Damon 4 de Agosto de 2011 as 4:30pm

    No meu corta normalmente.SISTEMA MK-AUTH VERSÃO 4 - BUILD 86

    Olha la em radius incoming se ta marcada a port 3799

  • luciano zirpoli 4 de Agosto de 2011 as 9:15pm

    essas sao minhas regras

    add action=dst-nat chain=hotspot comment="PG CORTE HOTSPOT" disabled=no \
        packet-mark=bloqueado protocol=tcp to-addresses=172.31.255.2 to-ports=85
    add action=dst-nat chain=dstnat comment="PG CORTE PPPoE" disabled=no \
        protocol=tcp src-address-list=pgcorte to-addresses=172.31.255.2 to-ports=\
        85
    add action=passthrough chain=unused-hs-chain comment=\
        "place hotspot rules here" disabled=yes
    add action=masquerade chain=srcnat comment=Masquerade disabled=no \
        src-address=10.20.148.0/24
    add action=masquerade chain=srcnat comment="" disabled=no src-address=\
        10.20.149.0/24
    add action=masquerade chain=srcnat comment="" disabled=no src-address=\
        100.100.0.0/16
    add action=masquerade chain=srcnat comment="" disabled=no src-address=\
        172.31.255.0/30
    add action=accept chain=pre-hotspot comment="Conectividade Social" disabled=\
        no dst-address=200.201.160.0/24 dst-port=80 in-interface=ether5 protocol=\
        tcp
    add action=accept chain=pre-hotspot comment="Conectividade Social" disabled=\
        no dst-address=200.201.166.0/24 dst-port=80 in-interface=ether5 protocol=\
        tcp
    add action=accept chain=pre-hotspot comment="Conectividade Social" disabled=\
        no dst-address=200.201.173.0/24 dst-port=80 in-interface=ether5 protocol=\
        tcp
    add action=accept chain=pre-hotspot comment="Conectividade Social" disabled=\
        no dst-address=200.201.174.0/24 dst-port=80 in-interface=ether5 protocol=\
        tcp
    add action=accept chain=pre-hotspot comment="Conectividade Social" disabled=\
        no dst-address=200.221.7.0/24 dst-port=80 in-interface=ether5 protocol=\
        tcp
    add action=accept chain=pre-hotspot comment="Conectividade Social" disabled=\
        no dst-address=200.221.6.0/24 dst-port=80 in-interface=ether5 protocol=\
        tcp
    add action=accept chain=pre-hotspot comment="Conectividade Social" disabled=\
        no dst-address=200.98.249.0/24 dst-port=80 in-interface=ether5 protocol=\
        tcp
    add action=accept chain=pre-hotspot comment="Conectividade Social" disabled=\
        no dst-address=200.98.253.0/24 dst-port=80 in-interface=ether5 protocol=\
        tcp
    add action=accept chain=pre-hotspot comment="Terra Video" disabled=no \
        dst-address=200.154.56.0/24 dst-port=80 in-interface=ether5 protocol=tcp
    add action=accept chain=pre-hotspot comment="Terra Video" disabled=no \
        dst-address=208.84.247.0/24 dst-port=80 in-interface=ether5 protocol=tcp
    add action=accept chain=pre-hotspot comment=globo disabled=no dst-address=\
        201.7.0.0/16 dst-port=80 in-interface=ether5 protocol=tcp
    add action=accept chain=pre-hotspot comment=globo disabled=no dst-address=\
        186.192.0.0/16 dst-port=80 in-interface=ether5 protocol=tcp
    add action=accept chain=pre-hotspot comment="ENERGY WORKS" disabled=no \

    mangle

     

    /ip firewall mangle
    add action=jump chain=prerouting comment="PG CORTE HOTSPOT" disabled=no jump-target=hotspot
    add action=mark-connection chain=prerouting comment="Controle P2P" disabled=no new-connection-mark=conexao-p2p \
        p2p=all-p2p passthrough=yes
    add action=mark-packet chain=prerouting comment="" connection-mark=conexao-p2p disabled=no new-packet-mark=\
        Pacotes-p2p passthrough=yes
    add action=mark-packet chain=prerouting comment=MSN disabled=no new-packet-mark=msn-out passthrough=yes \
        protocol=tcp src-port=1863
    add action=mark-packet chain=prerouting comment="" disabled=no dst-port=1863 new-packet-mark=msn-in \
        passthrough=yes protocol=tcp
    add action=change-mss chain=forward comment="" disabled=no new-mss=1360 protocol=tcp tcp-flags=syn
    add action=mark-connection chain=prerouting comment=SSL disabled=no dst-port=443 new-connection-mark=443_conn \
        passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=HTTP disabled=no dst-port=80 new-connection-mark=http-down \
        passthrough=yes protocol=tcp
    add action=mark-packet chain=prerouting comment="" connection-mark=voip_in disabled=no new-packet-mark=VOIP_IN \
        passthrough=yes
    add action=mark-packet chain=prerouting comment="" connection-mark=voip_out disabled=no new-packet-mark=\
        VOIP_OUT passthrough=yes
    add action=mark-packet chain=prerouting comment="" connection-mark=http-down disabled=no new-packet-mark=HTTP \
        passthrough=yes
    add action=mark-connection chain=prerouting comment=VOIP-IN disabled=no dst-port=5060 new-connection-mark=\
        voip_in passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment="" disabled=no dst-port=8365 new-connection-mark=voip_out \
        passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment=VOIP-OUT disabled=no new-connection-mark=voip_out \
        passthrough=yes protocol=udp src-port=5060
    add action=mark-connection chain=prerouting comment=warcraft disabled=no dst-port=6112 new-connection-mark=\
        voip_in passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment=warcraft disabled=no dst-port=6112 new-connection-mark=\
        voip_in passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment="cs steem" disabled=no dst-port=1305 new-connection-mark=\
        voip_in passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment="cs steem" disabled=no dst-port=27015-27050 \
        new-connection-mark=voip_in passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment="cs steem" disabled=no dst-port=27015-27050 \
        new-connection-mark=voip_in passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=cs disabled=no dst-port=27031 new-connection-mark=voip_in \
        passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment=mu disabled=no dst-port=32761 new-connection-mark=voip_in \
        passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment=futebol disabled=no dst-port=3074 new-connection-mark=\
        voip_in passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment=futebol disabled=no dst-port=3074 new-connection-mark=\
        voip_in passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=rag disabled=no dst-port=6121 new-connection-mark=voip_in \
        passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment=rag disabled=no dst-port=6121 new-connection-mark=voip_in \
        passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=gb disabled=no dst-port=7001-7015 new-connection-mark=\
        voip_in passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=gb disabled=no dst-port=36567 new-connection-mark=voip_in \
        passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment=gb disabled=no dst-port=36567 new-connection-mark=voip_in \
        passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=gb disabled=no dst-port=7001-7015 new-connection-mark=\
        voip_in passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment="word of warcraft" disabled=no dst-port=3724 \
        new-connection-mark=voip_in passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment="word of warcraft" disabled=no dst-port=3724 \
        new-connection-mark=voip_in passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment="word of warcraft" disabled=no dst-port=8129 \
        new-connection-mark=voip_in passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment="word of warcraft" disabled=no dst-port=8129 \
        new-connection-mark=voip_in passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment="" disabled=no dst-port=27039 new-connection-mark=voip_in \
        passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment=sorveterita disabled=no dst-port=3120 new-connection-mark=\
        voip_in passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=sorveteria disabled=no dst-port=3120 new-connection-mark=\
        voip_in passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment=GSM disabled=no dst-port=49152-49157 new-connection-mark=\
        voip_in passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=GSM disabled=no dst-port=64448 new-connection-mark=voip_in \
        passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=GSM disabled=no dst-port=1900 new-connection-mark=voip_in \
        passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=word disabled=no dst-port=29000 new-connection-mark=\
        voip_in passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment=word disabled=no dst-port=29000 new-connection-mark=\
        voip_in passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=ts disabled=no dst-port=8787 new-connection-mark=voip_in \
        passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=ts disabled=no dst-port=8787 new-connection-mark=voip_in \
        passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment="word of warcraft" disabled=no dst-port=7171 \
        new-connection-mark=voip_in passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment="word of warcraft" disabled=no dst-port=7171 \
        new-connection-mark=voip_in passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment="word of warcraft" disabled=no dst-port=7171 \
        new-connection-mark=voip_in passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment="cs steem" disabled=no dst-port=27016 new-connection-mark=\
        voip_in passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment="cs steem" disabled=no dst-port=27016 new-connection-mark=\
        voip_in passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment="cs steem" disabled=no dst-port=27015 new-connection-mark=\
        voip_in passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment="cs steem" disabled=no dst-port=27015 new-connection-mark=\
        voip_in passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment="cs steem" disabled=no dst-port=27018 new-connection-mark=\
        voip_in passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment="cs steem" disabled=no dst-port=27018 new-connection-mark=\
        voip_in passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment="cs steem" disabled=no dst-port=3063-3077 \
        new-connection-mark=voip_in passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment="cs steem" disabled=no dst-port=3063-3077 \
        new-connection-mark=voip_in passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment="cs steem" disabled=no dst-port=27004-27005 \
        new-connection-mark=voip_in passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment="cs steem" disabled=no dst-port=27004-27005 \
        new-connection-mark=voip_in passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment="cs steem" disabled=no dst-port=27080 new-connection-mark=\
        voip_in passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=heroes disabled=no dst-port=11031 new-connection-mark=\
        voip_in passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment=heroees disabled=no dst-port=11436 new-connection-mark=\
        voip_in passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment="cs steem" disabled=no dst-port=27080 new-connection-mark=\
        voip_in passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment="cs steem" disabled=no dst-port=3205 new-connection-mark=\
        voip_in passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment="cs steem" disabled=no dst-port=3205 new-connection-mark=\
        voip_in passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment="cs steem" disabled=no dst-port=27017 new-connection-mark=\
        voip_in passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment="cs steem" disabled=no dst-port=27017 new-connection-mark=\
        voip_in passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment=rag disabled=no dst-port=27031 new-connection-mark=voip_in \
        passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=rag disabled=no dst-port=27031 new-connection-mark=voip_in \
        passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment=gb disabled=no dst-port=10001 new-connection-mark=voip_in \
        passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=gb disabled=no dst-port=10001 new-connection-mark=voip_in \
        passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment=hon disabled=no dst-port=11031 new-connection-mark=voip_in \
        passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=hon disabled=no dst-port=11031 new-connection-mark=voip_in \
        passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment=hon disabled=no dst-port=11242 new-connection-mark=voip_in \
        passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment=hon disabled=no dst-port=11242 new-connection-mark=voip_in \
        passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=hon disabled=no dst-port=3544 new-connection-mark=voip_in \
        passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=hon disabled=no dst-port=3544 new-connection-mark=voip_in \
        passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment=heroes disabled=no dst-port=11236 new-connection-mark=\
        voip_in passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment=heroees disabled=no dst-port=11236 new-connection-mark=\
        voip_in passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=heroees disabled=no dst-port=11238 new-connection-mark=\
        voip_in passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=heroes disabled=no dst-port=11436 new-connection-mark=\
        voip_in passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment=heroes disabled=no dst-port=11238 new-connection-mark=\
        voip_in passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment=heroees disabled=no dst-port=11031 new-connection-mark=\
        voip_in passthrough=yes protocol=tcp

    Silvio MIranda disse:

    Amigo, posta suas regras do NAT e MANGLE.

    luciano zirpoli disse:

    entao mas se bastante gente usa o radius , poque nao conssigo, gostaria se saber o porque nao funciona, se pode ser regras ou alguma outra configuracao.

     

  • Pedro Filho 5 de Agosto de 2011 as 10:47pm
    Luciano altera a configuração da pagina de corte para SSH até eu saber a causa de não funcionar para vc a pagina de corte por radius...
This reply was deleted.