VPN L2Tp Collegamento mancato

da **radiation** » ven 22 set 2017, 21:30

Non servono regole di firewall per far entrare la VPN nel router. Al router arriva già tutto. Disabilita tutte quelle regole.

da **routermaniak** » ven 22 set 2017, 21:59

Le ho disabilitate ma non cambia nulla ... il cell non si collega!! E i log sempre uguali. Mi parlavi di un possibile nat che blocca la vpn in quanto il tunnel arriva alla rb con ip del router tim? che intendi dire?

Inviato dal mio iPhone utilizzando Tapatalk

da **radiation** » ven 22 set 2017, 22:07

Manda la conf. Altrimenti è un po’ difficile capire

da **routermaniak** » ven 22 set 2017, 22:12

radiation ha scritto:Manda la conf. Altrimenti è un po’ difficile capire

Parli della conf della vpn e NAT ? posso fare screen shot ? come estrappolo solo la conf della vpn?

da **radiation** » sab 23 set 2017, 9:13

Fai un export di tutto ....

da **routermaniak** » sab 23 set 2017, 11:51

radiation ha scritto:Fai un export di tutto ....

Codice: Seleziona tutto: # sep/23/2017 11:16:36 by RouterOS 6.40.3 # software id = # # model = 2011UiAS # serial number = /interface bridge add arp=proxy-arp fast-forward=no mtu=1500 name=bridge_LAN /interface ethernet set [ find default-name=ether10 ] arp=proxy-arp comment=WanVs_TIM /ip ipsec proposal set [ find default=yes ] auth-algorithms=sha1,md5 pfs-group=none /ip pool add name=dhcp_pool1 ranges=10.0.2.101-10.0.2.254 add name=pool-vpn ranges=10.0.2.95-10.0.2.99 /ip dhcp-server add address-pool=dhcp_pool1 authoritative=after-2sec-delay disabled=no \ interface=bridge_LAN lease-time=3d name=dhcp1 /ppp profile add change-tcp-mss=yes dns-server=8.8.8.8,8.8.4.4 local-address=10.0.2.1 \ name=vpn-profile remote-address=pool-vpn use-encryption=yes use-ipv6=\ default set *FFFFFFFE use-compression=no use-ipv6=no use-mpls=no /tool user-manager customer set admin access=\ own-routers,own-users,own-profiles,own-limits,config-payment-gw /interface bridge port add bridge=bridge_LAN interface=ether2 add bridge=bridge_LAN interface=ether3 add bridge=bridge_LAN interface=ether4 add bridge=bridge_LAN interface=ether5 add bridge=bridge_LAN interface=ether6 add bridge=bridge_LAN interface=ether7 add bridge=bridge_LAN interface=ether8 add bridge=bridge_LAN interface=ether9 add bridge=bridge_LAN interface=sfp1 add bridge=bridge_LAN interface=ether1 /ipv6 settings set max-neighbor-entries=1024 /interface l2tp-server server set authentication=mschap1,mschap2 default-profile=vpn-profile enabled=yes \ ipsec-secret=Viaisola71bis use-ipsec=yes /interface pptp-server server set authentication=pap,chap,mschap1,mschap2 /ip address add address=10.0.2.1/24 interface=bridge_LAN network=10.0.2.0 add address=192.168.1.50/24 interface=ether10 network=192.168.1.0 /ip cloud set ddns-enabled=yes /ip dhcp-server lease add address=10.0.2.112 client-id=1:0:15:c0:36:f6:6a mac-address=\ 00:15:C0:36:F6:6A server=dhcp1 add address=10.0.2.104 client-id=1:0:1d:ec:d:12:3f mac-address=\ 00:1D:EC:0D:12:3F server=dhcp1 /ip dhcp-server network add address=10.0.2.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=10.0.2.1 /ip dns set servers=8.8.8.8,8.8.4.4 /ip firewall address-list add address=10.0.2.0/24 list=Home_lan add address=0.0.0.0/8 comment="Self-Identification [RFC 3330]" list=bogons add address=10.0.0.0/8 comment="Private[RFC 1918] - CLASS A # Check if you nee\ d this subnet before enable it" disabled=yes list=bogons add address=127.0.0.0/16 comment="Loopback [RFC 3330]" list=bogons add address=169.254.0.0/16 comment="Link Local [RFC 3330]" list=bogons add address=172.16.0.0/12 comment="Private[RFC 1918] - CLASS B # Check if you \ need this subnet before enable it" disabled=yes list=bogons add address=192.168.0.0/16 comment="Private[RFC 1918] - CLASS C # Check if you\ \_need this subnet before enable it" disabled=yes list=bogons add address=192.0.2.0/24 comment="Reserved - IANA - TestNet1" list=bogons add address=192.88.99.0/24 comment="6to4 Relay Anycast [RFC 3068]" list=\ bogons add address=198.18.0.0/15 comment="NIDB Testing" list=bogons add address=198.51.100.0/24 comment="Reserved - IANA - TestNet2" list=bogons add address=203.0.113.0/24 comment="Reserved - IANA - TestNet3" list=bogons add address=224.0.0.0/4 comment=\ "MC, Class D, IANA # Check if you need this subnet before enable it" \ disabled=yes list=bogons add address=10.0.2.0/24 list=smb-allow add address=1.10.16.0/20 comment=SpamHaus list=blacklist add address=1.32.128.0/18 comment=SpamHaus list=blacklist add address=5.8.37.0/24 comment=SpamHaus list=blacklist add address=5.34.242.0/23 comment=SpamHaus list=blacklist add address=5.101.218.0/24 comment=SpamHaus list=blacklist add address=5.101.221.0/24 comment=SpamHaus list=blacklist add address=5.134.128.0/19 comment=SpamHaus list=blacklist add address=5.157.0.0/18 comment=SpamHaus list=blacklist add address=14.4.0.0/14 comment=SpamHaus list=blacklist add address=23.226.48.0/20 comment=SpamHaus list=blacklist add address=23.246.128.0/18 comment=SpamHaus list=blacklist add address=23.251.224.0/19 comment=SpamHaus list=blacklist add address=24.51.0.0/19 comment=SpamHaus list=blacklist add address=24.233.0.0/19 comment=SpamHaus list=blacklist add address=27.126.160.0/20 comment=SpamHaus list=blacklist add address=31.11.43.0/24 comment=SpamHaus list=blacklist add address=31.184.238.0/24 comment=SpamHaus list=blacklist add address=31.222.200.0/21 comment=SpamHaus list=blacklist add address=36.0.8.0/21 comment=SpamHaus list=blacklist add address=36.37.48.0/20 comment=SpamHaus list=blacklist add address=36.93.0.0/16 comment=SpamHaus list=blacklist add address=36.116.0.0/16 comment=SpamHaus list=blacklist add address=36.119.0.0/16 comment=SpamHaus list=blacklist add address=36.255.212.0/22 comment=SpamHaus list=blacklist add address=37.18.42.0/24 comment=SpamHaus list=blacklist add address=37.139.49.0/24 comment=SpamHaus list=blacklist add address=37.148.216.0/21 comment=SpamHaus list=blacklist add address=37.230.212.0/23 comment=SpamHaus list=blacklist add address=37.246.0.0/16 comment=SpamHaus list=blacklist add address=41.242.132.0/22 comment=SpamHaus list=blacklist add address=42.0.32.0/19 comment=SpamHaus list=blacklist add address=42.1.56.0/22 comment=SpamHaus list=blacklist add address=42.1.128.0/17 comment=SpamHaus list=blacklist add address=42.52.0.0/14 comment=SpamHaus list=blacklist add address=42.83.80.0/22 comment=SpamHaus list=blacklist add address=42.96.0.0/18 comment=SpamHaus list=blacklist add address=42.123.36.0/22 comment=SpamHaus list=blacklist add address=42.128.0.0/12 comment=SpamHaus list=blacklist add address=42.160.0.0/12 comment=SpamHaus list=blacklist add address=42.194.8.0/22 comment=SpamHaus list=blacklist add address=42.194.12.0/22 comment=SpamHaus list=blacklist add address=42.194.128.0/17 comment=SpamHaus list=blacklist add address=42.208.0.0/12 comment=SpamHaus list=blacklist add address=43.229.52.0/22 comment=SpamHaus list=blacklist add address=43.236.0.0/16 comment=SpamHaus list=blacklist add address=43.250.116.0/22 comment=SpamHaus list=blacklist add address=43.252.80.0/22 comment=SpamHaus list=blacklist add address=43.252.152.0/22 comment=SpamHaus list=blacklist add address=43.252.180.0/22 comment=SpamHaus list=blacklist add address=45.4.128.0/22 comment=SpamHaus list=blacklist add address=45.4.136.0/22 comment=SpamHaus list=blacklist add address=45.64.88.0/22 comment=SpamHaus list=blacklist add address=45.114.224.0/22 comment=SpamHaus list=blacklist add address=45.117.208.0/22 comment=SpamHaus list=blacklist add address=45.121.204.0/22 comment=SpamHaus list=blacklist add address=45.127.36.0/22 comment=SpamHaus list=blacklist add address=46.29.248.0/22 comment=SpamHaus list=blacklist add address=46.29.248.0/21 comment=SpamHaus list=blacklist add address=46.151.48.0/21 comment=SpamHaus list=blacklist add address=46.232.192.0/21 comment=SpamHaus list=blacklist add address=46.243.140.0/24 comment=SpamHaus list=blacklist add address=46.243.142.0/24 comment=SpamHaus list=blacklist add address=46.243.173.0/24 comment=SpamHaus list=blacklist add address=49.8.0.0/14 comment=SpamHaus list=blacklist add address=49.238.64.0/18 comment=SpamHaus list=blacklist add address=59.254.0.0/15 comment=SpamHaus list=blacklist add address=60.233.0.0/16 comment=SpamHaus list=blacklist add address=61.11.224.0/19 comment=SpamHaus list=blacklist add address=61.13.128.0/17 comment=SpamHaus list=blacklist add address=61.14.224.0/22 comment=SpamHaus list=blacklist add address=61.45.251.0/24 comment=SpamHaus list=blacklist add address=66.98.112.0/20 comment=SpamHaus list=blacklist add address=66.231.64.0/20 comment=SpamHaus list=blacklist add address=67.213.112.0/20 comment=SpamHaus list=blacklist add address=67.213.136.0/21 comment=SpamHaus list=blacklist add address=67.219.208.0/20 comment=SpamHaus list=blacklist add address=67.220.224.0/19 comment=SpamHaus list=blacklist add address=69.26.160.0/19 comment=SpamHaus list=blacklist add address=69.169.224.0/20 comment=SpamHaus list=blacklist add address=74.118.60.0/22 comment=SpamHaus list=blacklist add address=74.122.56.0/21 comment=SpamHaus list=blacklist add address=79.110.17.0/24 comment=SpamHaus list=blacklist add address=79.110.18.0/24 comment=SpamHaus list=blacklist add address=79.110.19.0/24 comment=SpamHaus list=blacklist add address=79.110.25.0/24 comment=SpamHaus list=blacklist add address=79.173.104.0/21 comment=SpamHaus list=blacklist add address=83.175.0.0/18 comment=SpamHaus list=blacklist add address=84.238.160.0/22 comment=SpamHaus list=blacklist add address=85.93.5.0/24 comment=SpamHaus list=blacklist add address=85.121.39.0/24 comment=SpamHaus list=blacklist add address=86.55.40.0/23 comment=SpamHaus list=blacklist add address=86.55.42.0/23 comment=SpamHaus list=blacklist add address=91.194.254.0/23 comment=SpamHaus list=blacklist add address=91.200.12.0/22 comment=SpamHaus list=blacklist add address=91.200.248.0/22 comment=SpamHaus list=blacklist add address=91.207.4.0/22 comment=SpamHaus list=blacklist add address=91.209.12.0/24 comment=SpamHaus list=blacklist add address=91.212.104.0/24 comment=SpamHaus list=blacklist add address=91.212.124.0/24 comment=SpamHaus list=blacklist add address=91.213.126.0/24 comment=SpamHaus list=blacklist add address=91.217.10.0/23 comment=SpamHaus list=blacklist add address=91.220.62.0/24 comment=SpamHaus list=blacklist add address=91.220.101.0/24 comment=SpamHaus list=blacklist add address=91.220.163.0/24 comment=SpamHaus list=blacklist add address=91.224.160.0/23 comment=SpamHaus list=blacklist add address=91.225.216.0/22 comment=SpamHaus list=blacklist add address=91.230.252.0/23 comment=SpamHaus list=blacklist add address=91.234.36.0/24 comment=SpamHaus list=blacklist add address=91.235.2.0/24 comment=SpamHaus list=blacklist add address=91.236.74.0/23 comment=SpamHaus list=blacklist add address=91.238.82.0/24 comment=SpamHaus list=blacklist add address=91.240.165.0/24 comment=SpamHaus list=blacklist add address=93.179.89.0/24 comment=SpamHaus list=blacklist add address=93.179.90.0/24 comment=SpamHaus list=blacklist add address=93.179.91.0/24 comment=SpamHaus list=blacklist add address=95.216.0.0/15 comment=SpamHaus list=blacklist add address=101.192.0.0/14 comment=SpamHaus list=blacklist add address=101.202.0.0/16 comment=SpamHaus list=blacklist add address=101.203.128.0/19 comment=SpamHaus list=blacklist add address=101.248.0.0/15 comment=SpamHaus list=blacklist add address=101.252.0.0/15 comment=SpamHaus list=blacklist add address=103.2.44.0/22 comment=SpamHaus list=blacklist add address=103.16.76.0/24 comment=SpamHaus list=blacklist add address=103.23.8.0/22 comment=SpamHaus list=blacklist add address=103.36.64.0/22 comment=SpamHaus list=blacklist add address=103.57.248.0/22 comment=SpamHaus list=blacklist add address=103.63.0.0/22 comment=SpamHaus list=blacklist add address=103.65.204.0/22 comment=SpamHaus list=blacklist add address=103.68.212.0/22 comment=SpamHaus list=blacklist add address=103.69.212.0/22 comment=SpamHaus list=blacklist add address=103.194.8.0/22 comment=SpamHaus list=blacklist add address=103.197.8.0/22 comment=SpamHaus list=blacklist add address=103.205.84.0/22 comment=SpamHaus list=blacklist add address=103.207.160.0/22 comment=SpamHaus list=blacklist add address=103.210.12.0/22 comment=SpamHaus list=blacklist add address=103.215.80.0/22 comment=SpamHaus list=blacklist add address=103.227.4.0/22 comment=SpamHaus list=blacklist add address=103.228.8.0/22 comment=SpamHaus list=blacklist add address=103.229.36.0/22 comment=SpamHaus list=blacklist add address=103.229.40.0/22 comment=SpamHaus list=blacklist add address=103.230.144.0/22 comment=SpamHaus list=blacklist add address=103.231.84.0/22 comment=SpamHaus list=blacklist add address=103.232.136.0/22 comment=SpamHaus list=blacklist add address=103.232.172.0/22 comment=SpamHaus list=blacklist add address=103.236.32.0/22 comment=SpamHaus list=blacklist add address=103.239.56.0/22 comment=SpamHaus list=blacklist add address=104.36.184.0/22 comment=SpamHaus list=blacklist add address=104.153.96.0/21 comment=SpamHaus list=blacklist add address=104.153.112.0/21 comment=SpamHaus list=blacklist add address=104.153.244.0/22 comment=SpamHaus list=blacklist add address=104.160.224.0/19 comment=SpamHaus list=blacklist add address=104.218.224.0/22 comment=SpamHaus list=blacklist add address=104.219.88.0/21 comment=SpamHaus list=blacklist add address=104.244.88.0/21 comment=SpamHaus list=blacklist add address=104.245.40.0/21 comment=SpamHaus list=blacklist add address=104.245.188.0/22 comment=SpamHaus list=blacklist add address=104.245.248.0/21 comment=SpamHaus list=blacklist add address=104.255.56.0/21 comment=SpamHaus list=blacklist add address=108.166.224.0/19 comment=SpamHaus list=blacklist add address=110.172.64.0/18 comment=SpamHaus list=blacklist add address=114.118.0.0/17 comment=SpamHaus list=blacklist add address=115.166.136.0/22 comment=SpamHaus list=blacklist add address=116.78.0.0/15 comment=SpamHaus list=blacklist add address=116.119.0.0/17 comment=SpamHaus list=blacklist add address=116.128.0.0/10 comment=SpamHaus list=blacklist add address=116.144.0.0/15 comment=SpamHaus list=blacklist add address=116.146.0.0/15 comment=SpamHaus list=blacklist add address=116.197.156.0/22 comment=SpamHaus list=blacklist add address=116.206.16.0/22 comment=SpamHaus list=blacklist add address=117.58.0.0/17 comment=SpamHaus list=blacklist add address=117.120.64.0/18 comment=SpamHaus list=blacklist add address=119.42.52.0/22 comment=SpamHaus list=blacklist add address=119.58.0.0/16 comment=SpamHaus list=blacklist add address=119.232.0.0/16 comment=SpamHaus list=blacklist add address=120.48.0.0/15 comment=SpamHaus list=blacklist add address=121.46.124.0/22 comment=SpamHaus list=blacklist add address=121.100.128.0/18 comment=SpamHaus list=blacklist add address=122.129.0.0/18 comment=SpamHaus list=blacklist add address=123.136.80.0/20 comment=SpamHaus list=blacklist add address=123.249.0.0/16 comment=SpamHaus list=blacklist add address=124.68.0.0/15 comment=SpamHaus list=blacklist add address=124.70.0.0/15 comment=SpamHaus list=blacklist add address=124.157.0.0/18 comment=SpamHaus list=blacklist add address=124.242.0.0/16 comment=SpamHaus list=blacklist add address=125.31.192.0/18 comment=SpamHaus list=blacklist add address=125.58.0.0/18 comment=SpamHaus list=blacklist add address=125.169.0.0/16 comment=SpamHaus list=blacklist add address=128.13.0.0/16 comment=SpamHaus list=blacklist add address=128.85.0.0/16 comment=SpamHaus list=blacklist add address=128.94.0.0/16 comment=SpamHaus list=blacklist add address=128.168.0.0/16 comment=SpamHaus list=blacklist add address=128.188.0.0/16 comment=SpamHaus list=blacklist add address=130.148.0.0/16 comment=SpamHaus list=blacklist add address=130.196.0.0/16 comment=SpamHaus list=blacklist add address=130.222.0.0/16 comment=SpamHaus list=blacklist add address=131.72.208.0/22 comment=SpamHaus list=blacklist add address=131.108.16.0/22 comment=SpamHaus list=blacklist add address=131.108.232.0/22 comment=SpamHaus list=blacklist add address=131.200.0.0/16 comment=SpamHaus list=blacklist add address=134.18.0.0/16 comment=SpamHaus list=blacklist add address=134.22.0.0/16 comment=SpamHaus list=blacklist add address=134.23.0.0/16 comment=SpamHaus list=blacklist add address=134.33.0.0/16 comment=SpamHaus list=blacklist add address=134.62.0.0/15 comment=SpamHaus list=blacklist add address=134.127.0.0/16 comment=SpamHaus list=blacklist add address=134.172.0.0/16 comment=SpamHaus list=blacklist add address=134.209.0.0/16 comment=SpamHaus list=blacklist add address=136.230.0.0/16 comment=SpamHaus list=blacklist add address=137.19.0.0/16 comment=SpamHaus list=blacklist add address=137.33.0.0/16 comment=SpamHaus list=blacklist add address=137.55.0.0/16 comment=SpamHaus list=blacklist add address=137.76.0.0/16 comment=SpamHaus list=blacklist add address=137.105.0.0/16 comment=SpamHaus list=blacklist add address=137.171.0.0/16 comment=SpamHaus list=blacklist add address=137.218.0.0/16 comment=SpamHaus list=blacklist add address=138.31.0.0/16 comment=SpamHaus list=blacklist add address=138.36.92.0/22 comment=SpamHaus list=blacklist add address=138.36.136.0/22 comment=SpamHaus list=blacklist add address=138.36.148.0/22 comment=SpamHaus list=blacklist add address=138.43.0.0/16 comment=SpamHaus list=blacklist add address=138.52.0.0/16 comment=SpamHaus list=blacklist add address=138.59.4.0/22 comment=SpamHaus list=blacklist add address=138.59.204.0/22 comment=SpamHaus list=blacklist add address=138.94.120.0/22 comment=SpamHaus list=blacklist add address=138.94.144.0/22 comment=SpamHaus list=blacklist add address=138.94.216.0/22 comment=SpamHaus list=blacklist add address=138.97.156.0/22 comment=SpamHaus list=blacklist add address=138.125.0.0/16 comment=SpamHaus list=blacklist add address=138.185.116.0/22 comment=SpamHaus list=blacklist add address=138.186.208.0/22 comment=SpamHaus list=blacklist add address=138.200.0.0/16 comment=SpamHaus list=blacklist add address=138.216.0.0/16 comment=SpamHaus list=blacklist add address=138.228.0.0/16 comment=SpamHaus list=blacklist add address=138.249.0.0/16 comment=SpamHaus list=blacklist add address=139.45.0.0/16 comment=SpamHaus list=blacklist add address=139.136.0.0/16 comment=SpamHaus list=blacklist add address=139.188.0.0/16 comment=SpamHaus list=blacklist add address=140.143.128.0/17 comment=SpamHaus list=blacklist add address=140.167.0.0/16 comment=SpamHaus list=blacklist add address=141.94.0.0/15 comment=SpamHaus list=blacklist add address=141.101.132.0/24 comment=SpamHaus list=blacklist add address=141.101.201.0/24 comment=SpamHaus list=blacklist add address=141.136.22.0/24 comment=SpamHaus list=blacklist add address=141.136.27.0/24 comment=SpamHaus list=blacklist add address=141.178.0.0/16 comment=SpamHaus list=blacklist add address=141.253.0.0/16 comment=SpamHaus list=blacklist add address=142.4.160.0/19 comment=SpamHaus list=blacklist add address=142.102.0.0/16 comment=SpamHaus list=blacklist add address=143.0.236.0/22 comment=SpamHaus list=blacklist add address=143.49.0.0/16 comment=SpamHaus list=blacklist add address=143.64.0.0/16 comment=SpamHaus list=blacklist add address=143.135.0.0/16 comment=SpamHaus list=blacklist add address=144.207.0.0/16 comment=SpamHaus list=blacklist add address=145.231.0.0/16 comment=SpamHaus list=blacklist add address=146.3.0.0/16 comment=SpamHaus list=blacklist add address=146.183.0.0/16 comment=SpamHaus list=blacklist add address=147.7.0.0/16 comment=SpamHaus list=blacklist add address=147.16.0.0/14 comment=SpamHaus list=blacklist add address=147.119.0.0/16 comment=SpamHaus list=blacklist add address=148.111.0.0/16 comment=SpamHaus list=blacklist add address=148.148.0.0/16 comment=SpamHaus list=blacklist add address=148.154.0.0/16 comment=SpamHaus list=blacklist add address=148.178.0.0/16 comment=SpamHaus list=blacklist add address=148.185.0.0/16 comment=SpamHaus list=blacklist add address=148.248.0.0/16 comment=SpamHaus list=blacklist add address=149.109.0.0/16 comment=SpamHaus list=blacklist add address=149.114.0.0/16 comment=SpamHaus list=blacklist add address=149.118.0.0/16 comment=SpamHaus list=blacklist add address=149.143.64.0/18 comment=SpamHaus list=blacklist add address=150.10.0.0/16 comment=SpamHaus list=blacklist add address=150.22.128.0/17 comment=SpamHaus list=blacklist add address=150.25.0.0/16 comment=SpamHaus list=blacklist add address=150.40.0.0/16 comment=SpamHaus list=blacklist add address=150.107.106.0/23 comment=SpamHaus list=blacklist add address=150.107.220.0/22 comment=SpamHaus list=blacklist add address=150.121.0.0/16 comment=SpamHaus list=blacklist add address=150.126.0.0/16 comment=SpamHaus list=blacklist add address=150.129.136.0/22 comment=SpamHaus list=blacklist add address=150.129.212.0/22 comment=SpamHaus list=blacklist add address=150.129.228.0/22 comment=SpamHaus list=blacklist add address=150.141.0.0/16 comment=SpamHaus list=blacklist add address=150.242.36.0/22 comment=SpamHaus list=blacklist add address=150.242.100.0/22 comment=SpamHaus list=blacklist add address=150.242.120.0/22 comment=SpamHaus list=blacklist add address=150.242.144.0/22 comment=SpamHaus list=blacklist add address=151.123.0.0/16 comment=SpamHaus list=blacklist add address=151.192.0.0/16 comment=SpamHaus list=blacklist add address=151.212.0.0/16 comment=SpamHaus list=blacklist add address=151.237.176.0/20 comment=SpamHaus list=blacklist add address=151.237.184.0/22 comment=SpamHaus list=blacklist add address=152.109.0.0/16 comment=SpamHaus list=blacklist add address=152.136.0.0/16 comment=SpamHaus list=blacklist add address=152.147.0.0/16 comment=SpamHaus list=blacklist add address=153.14.0.0/16 comment=SpamHaus list=blacklist add address=153.52.0.0/14 comment=SpamHaus list=blacklist add address=153.93.0.0/16 comment=SpamHaus list=blacklist add address=155.11.0.0/16 comment=SpamHaus list=blacklist add address=155.40.0.0/16 comment=SpamHaus list=blacklist add address=155.66.0.0/16 comment=SpamHaus list=blacklist add address=155.73.0.0/16 comment=SpamHaus list=blacklist add address=155.108.0.0/16 comment=SpamHaus list=blacklist add address=155.204.0.0/16 comment=SpamHaus list=blacklist add address=155.249.0.0/16 comment=SpamHaus list=blacklist add address=157.115.0.0/16 comment=SpamHaus list=blacklist add address=157.162.0.0/16 comment=SpamHaus list=blacklist add address=157.186.0.0/16 comment=SpamHaus list=blacklist add address=157.195.0.0/16 comment=SpamHaus list=blacklist add address=157.231.0.0/16 comment=SpamHaus list=blacklist add address=157.232.0.0/16 comment=SpamHaus list=blacklist add address=158.54.0.0/16 comment=SpamHaus list=blacklist add address=158.90.0.0/17 comment=SpamHaus list=blacklist add address=158.249.0.0/16 comment=SpamHaus list=blacklist add address=159.65.0.0/16 comment=SpamHaus list=blacklist add address=159.80.0.0/16 comment=SpamHaus list=blacklist add address=159.85.0.0/16 comment=SpamHaus list=blacklist add address=159.111.0.0/16 comment=SpamHaus list=blacklist add address=159.151.0.0/16 comment=SpamHaus list=blacklist add address=159.174.0.0/16 comment=SpamHaus list=blacklist add address=159.219.0.0/16 comment=SpamHaus list=blacklist add address=159.223.0.0/16 comment=SpamHaus list=blacklist add address=159.229.0.0/16 comment=SpamHaus list=blacklist add address=160.14.0.0/16 comment=SpamHaus list=blacklist add address=160.21.0.0/16 comment=SpamHaus list=blacklist add address=160.117.0.0/16 comment=SpamHaus list=blacklist add address=160.180.0.0/16 comment=SpamHaus list=blacklist add address=160.181.0.0/16 comment=SpamHaus list=blacklist add address=160.200.0.0/16 comment=SpamHaus list=blacklist add address=160.235.0.0/16 comment=SpamHaus list=blacklist add address=160.240.0.0/16 comment=SpamHaus list=blacklist add address=160.255.0.0/16 comment=SpamHaus list=blacklist add address=161.0.0.0/19 comment=SpamHaus list=blacklist add address=161.0.68.0/22 comment=SpamHaus list=blacklist add address=161.66.0.0/16 comment=SpamHaus list=blacklist add address=161.70.0.0/16 comment=SpamHaus list=blacklist add address=161.71.0.0/16 comment=SpamHaus list=blacklist add address=161.189.0.0/16 comment=SpamHaus list=blacklist add address=161.232.0.0/16 comment=SpamHaus list=blacklist add address=162.208.124.0/22 comment=SpamHaus list=blacklist add address=162.212.188.0/22 comment=SpamHaus list=blacklist add address=162.213.128.0/22 comment=SpamHaus list=blacklist add address=162.213.232.0/22 comment=SpamHaus list=blacklist add address=162.219.32.0/21 comment=SpamHaus list=blacklist add address=162.222.148.0/22 comment=SpamHaus list=blacklist add address=162.245.124.0/22 comment=SpamHaus list=blacklist add address=162.254.72.0/21 comment=SpamHaus list=blacklist add address=163.47.19.0/24 comment=SpamHaus list=blacklist add address=163.50.0.0/16 comment=SpamHaus list=blacklist add address=163.53.247.0/24 comment=SpamHaus list=blacklist add address=163.59.0.0/16 comment=SpamHaus list=blacklist add address=163.250.0.0/16 comment=SpamHaus list=blacklist add address=163.254.0.0/16 comment=SpamHaus list=blacklist add address=164.6.0.0/16 comment=SpamHaus list=blacklist add address=164.60.0.0/16 comment=SpamHaus list=blacklist add address=164.79.0.0/16 comment=SpamHaus list=blacklist add address=164.137.0.0/16 comment=SpamHaus list=blacklist add address=165.102.0.0/16 comment=SpamHaus list=blacklist add address=165.192.0.0/16 comment=SpamHaus list=blacklist add address=165.205.0.0/16 comment=SpamHaus list=blacklist add address=165.209.0.0/16 comment=SpamHaus list=blacklist add address=166.117.0.0/16 comment=SpamHaus list=blacklist add address=167.74.0.0/18 comment=SpamHaus list=blacklist add address=167.87.0.0/16 comment=SpamHaus list=blacklist add address=167.97.0.0/16 comment=SpamHaus list=blacklist add address=167.103.0.0/16 comment=SpamHaus list=blacklist add address=167.158.0.0/16 comment=SpamHaus list=blacklist add address=167.162.0.0/16 comment=SpamHaus list=blacklist add address=167.175.0.0/16 comment=SpamHaus list=blacklist add address=167.224.0.0/19 comment=SpamHaus list=blacklist add address=168.64.0.0/16 comment=SpamHaus list=blacklist add address=168.90.108.0/22 comment=SpamHaus list=blacklist add address=168.129.0.0/16 comment=SpamHaus list=blacklist add address=168.181.52.0/22 comment=SpamHaus list=blacklist add address=170.67.0.0/16 comment=SpamHaus list=blacklist add address=170.113.0.0/16 comment=SpamHaus list=blacklist add address=170.114.0.0/16 comment=SpamHaus list=blacklist add address=170.120.0.0/16 comment=SpamHaus list=blacklist add address=170.179.0.0/16 comment=SpamHaus list=blacklist add address=170.244.40.0/22 comment=SpamHaus list=blacklist add address=171.22.0.0/16 comment=SpamHaus list=blacklist add address=171.25.0.0/17 comment=SpamHaus list=blacklist add address=171.26.0.0/16 comment=SpamHaus list=blacklist add address=172.96.16.0/22 comment=SpamHaus list=blacklist add address=172.103.40.0/21 comment=SpamHaus list=blacklist add address=172.103.64.0/18 comment=SpamHaus list=blacklist add address=173.228.160.0/19 comment=SpamHaus list=blacklist add address=173.246.160.0/19 comment=SpamHaus list=blacklist add address=175.103.64.0/18 comment=SpamHaus list=blacklist add address=176.61.136.0/22 comment=SpamHaus list=blacklist add address=176.61.136.0/21 comment=SpamHaus list=blacklist add address=176.65.128.0/19 comment=SpamHaus list=blacklist add address=176.97.116.0/22 comment=SpamHaus list=blacklist add address=177.36.16.0/20 comment=SpamHaus list=blacklist add address=177.74.160.0/20 comment=SpamHaus list=blacklist add address=177.91.0.0/22 comment=SpamHaus list=blacklist add address=177.234.136.0/21 comment=SpamHaus list=blacklist add address=178.16.80.0/20 comment=SpamHaus list=blacklist add address=178.216.48.0/21 comment=SpamHaus list=blacklist add address=179.42.64.0/19 comment=SpamHaus list=blacklist add address=180.178.192.0/18 comment=SpamHaus list=blacklist add address=180.236.0.0/14 comment=SpamHaus list=blacklist add address=181.118.32.0/19 comment=SpamHaus list=blacklist add address=184.169.64.0/19 comment=SpamHaus list=blacklist add address=184.170.208.0/20 comment=SpamHaus list=blacklist add address=185.2.32.0/24 comment=SpamHaus list=blacklist add address=185.3.132.0/22 comment=SpamHaus list=blacklist add address=185.16.40.0/22 comment=SpamHaus list=blacklist add address=185.35.136.0/22 comment=SpamHaus list=blacklist add address=185.46.84.0/22 comment=SpamHaus list=blacklist add address=185.50.250.0/24 comment=SpamHaus list=blacklist add address=185.50.251.0/24 comment=SpamHaus list=blacklist add address=185.64.20.0/22 comment=SpamHaus list=blacklist add address=185.68.156.0/22 comment=SpamHaus list=blacklist add address=185.72.68.0/22 comment=SpamHaus list=blacklist add address=185.93.185.0/24 comment=SpamHaus list=blacklist add address=185.93.187.0/24 comment=SpamHaus list=blacklist add address=185.103.72.0/22 comment=SpamHaus list=blacklist add address=185.106.94.0/24 comment=SpamHaus list=blacklist add address=185.127.24.0/22 comment=SpamHaus list=blacklist add address=185.129.148.0/23 comment=SpamHaus list=blacklist add address=185.132.4.0/22 comment=SpamHaus list=blacklist add address=185.133.20.0/22 comment=SpamHaus list=blacklist add address=185.134.20.0/22 comment=SpamHaus list=blacklist add address=185.135.184.0/22 comment=SpamHaus list=blacklist add address=185.137.219.0/24 comment=SpamHaus list=blacklist add address=185.141.188.0/22 comment=SpamHaus list=blacklist add address=185.146.20.0/22 comment=SpamHaus list=blacklist add address=185.146.28.0/22 comment=SpamHaus list=blacklist add address=185.147.140.0/22 comment=SpamHaus list=blacklist add address=185.147.156.0/22 comment=SpamHaus list=blacklist add address=185.148.44.0/22 comment=SpamHaus list=blacklist add address=185.148.128.0/22 comment=SpamHaus list=blacklist add address=185.149.112.0/22 comment=SpamHaus list=blacklist add address=185.150.84.0/22 comment=SpamHaus list=blacklist add address=185.151.48.0/22 comment=SpamHaus list=blacklist add address=185.151.60.0/22 comment=SpamHaus list=blacklist add address=185.152.36.0/22 comment=SpamHaus list=blacklist add address=185.152.248.0/22 comment=SpamHaus list=blacklist add address=185.154.20.0/22 comment=SpamHaus list=blacklist add address=185.155.52.0/22 comment=SpamHaus list=blacklist add address=185.156.88.0/21 comment=SpamHaus list=blacklist add address=185.156.92.0/22 comment=SpamHaus list=blacklist add address=185.159.36.0/22 comment=SpamHaus list=blacklist add address=185.159.37.0/24 comment=SpamHaus list=blacklist add address=185.159.68.0/22 comment=SpamHaus list=blacklist add address=185.167.116.0/22 comment=SpamHaus list=blacklist add address=185.171.120.0/22 comment=SpamHaus list=blacklist add address=185.173.44.0/22 comment=SpamHaus list=blacklist add address=185.175.140.0/22 comment=SpamHaus list=blacklist add address=185.180.124.0/22 comment=SpamHaus list=blacklist add address=185.184.192.0/22 comment=SpamHaus list=blacklist add address=185.187.212.0/22 comment=SpamHaus list=blacklist add address=185.187.236.0/22 comment=SpamHaus list=blacklist add address=185.193.88.0/22 comment=SpamHaus list=blacklist add address=185.195.160.0/22 comment=SpamHaus list=blacklist add address=185.197.120.0/22 comment=SpamHaus list=blacklist add address=185.198.212.0/22 comment=SpamHaus list=blacklist add address=185.202.88.0/22 comment=SpamHaus list=blacklist add address=185.204.236.0/22 comment=SpamHaus list=blacklist add address=185.205.68.0/22 comment=SpamHaus list=blacklist add address=185.208.128.0/22 comment=SpamHaus list=blacklist add address=186.1.128.0/19 comment=SpamHaus list=blacklist add address=186.65.112.0/20 comment=SpamHaus list=blacklist add address=186.96.96.0/19 comment=SpamHaus list=blacklist add address=188.72.96.0/24 comment=SpamHaus list=blacklist add address=188.72.126.0/24 comment=SpamHaus list=blacklist add address=188.72.127.0/24 comment=SpamHaus list=blacklist add address=188.172.160.0/19 comment=SpamHaus list=blacklist add address=188.239.128.0/18 comment=SpamHaus list=blacklist add address=188.247.135.0/24 comment=SpamHaus list=blacklist add address=188.247.230.0/24 comment=SpamHaus list=blacklist add address=189.213.128.0/17 comment=SpamHaus list=blacklist add address=190.2.208.0/21 comment=SpamHaus list=blacklist add address=190.9.48.0/21 comment=SpamHaus list=blacklist add address=190.99.80.0/21 comment=SpamHaus list=blacklist add address=190.123.208.0/20 comment=SpamHaus list=blacklist add address=192.5.103.0/24 comment=SpamHaus list=blacklist add address=192.12.131.0/24 comment=SpamHaus list=blacklist add address=192.22.0.0/16 comment=SpamHaus list=blacklist add address=192.26.25.0/24 comment=SpamHaus list=blacklist add address=192.31.212.0/23 comment=SpamHaus list=blacklist add address=192.40.29.0/24 comment=SpamHaus list=blacklist add address=192.43.153.0/24 comment=SpamHaus list=blacklist add address=192.43.154.0/23 comment=SpamHaus list=blacklist add address=192.43.156.0/22 comment=SpamHaus list=blacklist add address=192.43.160.0/24 comment=SpamHaus list=blacklist add address=192.43.175.0/24 comment=SpamHaus list=blacklist add address=192.43.176.0/21 comment=SpamHaus list=blacklist add address=192.43.184.0/24 comment=SpamHaus list=blacklist add address=192.46.192.0/18 comment=SpamHaus list=blacklist add address=192.54.110.0/24 comment=SpamHaus list=blacklist add address=192.67.16.0/24 comment=SpamHaus list=blacklist add address=192.67.160.0/22 comment=SpamHaus list=blacklist add address=192.86.85.0/24 comment=SpamHaus list=blacklist add address=192.88.74.0/24 comment=SpamHaus list=blacklist add address=192.100.142.0/24 comment=SpamHaus list=blacklist add address=192.101.44.0/24 comment=SpamHaus list=blacklist add address=192.101.181.0/24 comment=SpamHaus list=blacklist add address=192.101.200.0/21 comment=SpamHaus list=blacklist add address=192.101.240.0/21 comment=SpamHaus list=blacklist add address=192.101.248.0/23 comment=SpamHaus list=blacklist add address=192.125.0.0/17 comment=SpamHaus list=blacklist add address=192.133.3.0/24 comment=SpamHaus list=blacklist add address=192.135.255.0/24 comment=SpamHaus list=blacklist add address=192.152.194.0/24 comment=SpamHaus list=blacklist add address=192.154.11.0/24 comment=SpamHaus list=blacklist add address=192.158.51.0/24 comment=SpamHaus list=blacklist add address=192.160.44.0/24 comment=SpamHaus list=blacklist add address=192.190.49.0/24 comment=SpamHaus list=blacklist add address=192.190.97.0/24 comment=SpamHaus list=blacklist add address=192.195.150.0/24 comment=SpamHaus list=blacklist add address=192.197.87.0/24 comment=SpamHaus list=blacklist add address=192.203.252.0/24 comment=SpamHaus list=blacklist add address=192.206.114.0/24 comment=SpamHaus list=blacklist add address=192.206.183.0/24 comment=SpamHaus list=blacklist add address=192.219.120.0/21 comment=SpamHaus list=blacklist add address=192.219.128.0/18 comment=SpamHaus list=blacklist add address=192.219.192.0/20 comment=SpamHaus list=blacklist add address=192.219.208.0/21 comment=SpamHaus list=blacklist add address=192.225.96.0/20 comment=SpamHaus list=blacklist add address=192.226.16.0/20 comment=SpamHaus list=blacklist add address=192.229.32.0/19 comment=SpamHaus list=blacklist add address=192.231.66.0/24 comment=SpamHaus list=blacklist add address=192.234.189.0/24 comment=SpamHaus list=blacklist add address=192.245.101.0/24 comment=SpamHaus list=blacklist add address=193.9.158.0/24 comment=SpamHaus list=blacklist add address=193.25.48.0/20 comment=SpamHaus list=blacklist add address=193.26.64.0/19 comment=SpamHaus list=blacklist add address=193.107.16.0/22 comment=SpamHaus list=blacklist add address=193.138.244.0/22 comment=SpamHaus list=blacklist add address=193.139.0.0/16 comment=SpamHaus list=blacklist add address=193.177.64.0/18 comment=SpamHaus list=blacklist add address=193.243.0.0/17 comment=SpamHaus list=blacklist add address=194.1.152.0/24 comment=SpamHaus list=blacklist add address=194.29.185.0/24 comment=SpamHaus list=blacklist add address=195.182.57.0/24 comment=SpamHaus list=blacklist add address=195.190.13.0/24 comment=SpamHaus list=blacklist add address=195.191.56.0/23 comment=SpamHaus list=blacklist add address=195.191.102.0/23 comment=SpamHaus list=blacklist add address=195.225.176.0/22 comment=SpamHaus list=blacklist add address=196.1.109.0/24 comment=SpamHaus list=blacklist add address=196.42.128.0/17 comment=SpamHaus list=blacklist add address=196.61.240.0/20 comment=SpamHaus list=blacklist add address=196.63.0.0/16 comment=SpamHaus list=blacklist add address=196.164.0.0/15 comment=SpamHaus list=blacklist add address=196.193.0.0/16 comment=SpamHaus list=blacklist add address=196.196.0.0/16 comment=SpamHaus list=blacklist add address=196.197.0.0/16 comment=SpamHaus list=blacklist add address=196.198.0.0/16 comment=SpamHaus list=blacklist add address=196.199.0.0/16 comment=SpamHaus list=blacklist add address=196.240.0.0/15 comment=SpamHaus list=blacklist add address=196.242.0.0/15 comment=SpamHaus list=blacklist add address=196.244.0.0/15 comment=SpamHaus list=blacklist add address=196.247.0.0/16 comment=SpamHaus list=blacklist add address=197.154.0.0/16 comment=SpamHaus list=blacklist add address=197.159.80.0/21 comment=SpamHaus list=blacklist add address=198.13.0.0/20 comment=SpamHaus list=blacklist add address=198.14.128.0/19 comment=SpamHaus list=blacklist add address=198.14.160.0/19 comment=SpamHaus list=blacklist add address=198.20.16.0/20 comment=SpamHaus list=blacklist add address=198.44.192.0/20 comment=SpamHaus list=blacklist add address=198.45.32.0/20 comment=SpamHaus list=blacklist add address=198.45.64.0/19 comment=SpamHaus list=blacklist add address=198.56.64.0/18 comment=SpamHaus list=blacklist add address=198.57.64.0/20 comment=SpamHaus list=blacklist add address=198.62.70.0/24 comment=SpamHaus list=blacklist add address=198.62.76.0/24 comment=SpamHaus list=blacklist add address=198.96.224.0/20 comment=SpamHaus list=blacklist add address=198.99.117.0/24 comment=SpamHaus list=blacklist add address=198.102.222.0/24 comment=SpamHaus list=blacklist add address=198.148.212.0/24 comment=SpamHaus list=blacklist add address=198.151.16.0/20 comment=SpamHaus list=blacklist add address=198.151.64.0/18 comment=SpamHaus list=blacklist add address=198.151.152.0/22 comment=SpamHaus list=blacklist add address=198.160.205.0/24 comment=SpamHaus list=blacklist add address=198.169.201.0/24 comment=SpamHaus list=blacklist add address=198.177.175.0/24 comment=SpamHaus list=blacklist add address=198.177.176.0/22 comment=SpamHaus list=blacklist add address=198.177.180.0/24 comment=SpamHaus list=blacklist add address=198.177.214.0/24 comment=SpamHaus list=blacklist add address=198.178.64.0/19 comment=SpamHaus list=blacklist add address=198.179.22.0/24 comment=SpamHaus list=blacklist add address=198.181.64.0/19 comment=SpamHaus list=blacklist add address=198.181.96.0/20 comment=SpamHaus list=blacklist add address=198.183.32.0/19 comment=SpamHaus list=blacklist add address=198.184.193.0/24 comment=SpamHaus list=blacklist add address=198.184.208.0/24 comment=SpamHaus list=blacklist add address=198.186.25.0/24 comment=SpamHaus list=blacklist add address=198.186.208.0/24 comment=SpamHaus list=blacklist add address=198.187.64.0/18 comment=SpamHaus list=blacklist add address=198.187.192.0/24 comment=SpamHaus list=blacklist add address=198.190.173.0/24 comment=SpamHaus list=blacklist add address=198.199.212.0/24 comment=SpamHaus list=blacklist add address=198.202.237.0/24 comment=SpamHaus list=blacklist add address=198.204.0.0/21 comment=SpamHaus list=blacklist add address=198.206.140.0/24 comment=SpamHaus list=blacklist add address=198.212.132.0/24 comment=SpamHaus list=blacklist add address=199.5.152.0/23 comment=SpamHaus list=blacklist add address=199.5.229.0/24 comment=SpamHaus list=blacklist add address=199.10.64.0/24 comment=SpamHaus list=blacklist add address=199.26.137.0/24 comment=SpamHaus list=blacklist add address=199.26.207.0/24 comment=SpamHaus list=blacklist add address=199.26.251.0/24 comment=SpamHaus list=blacklist add address=199.33.222.0/24 comment=SpamHaus list=blacklist add address=199.34.128.0/18 comment=SpamHaus list=blacklist add address=199.46.32.0/19 comment=SpamHaus list=blacklist add address=199.58.248.0/21 comment=SpamHaus list=blacklist add address=199.60.102.0/24 comment=SpamHaus list=blacklist add address=199.71.56.0/21 comment=SpamHaus list=blacklist add address=199.71.192.0/20 comment=SpamHaus list=blacklist add address=199.84.55.0/24 comment=SpamHaus list=blacklist add address=199.84.56.0/22 comment=SpamHaus list=blacklist add address=199.84.60.0/24 comment=SpamHaus list=blacklist add address=199.84.64.0/19 comment=SpamHaus list=blacklist add address=199.87.208.0/21 comment=SpamHaus list=blacklist add address=199.88.32.0/20 comment=SpamHaus list=blacklist add address=199.88.48.0/22 comment=SpamHaus list=blacklist add address=199.89.16.0/20 comment=SpamHaus list=blacklist add address=199.89.198.0/24 comment=SpamHaus list=blacklist add address=199.120.163.0/24 comment=SpamHaus list=blacklist add address=199.165.32.0/19 comment=SpamHaus list=blacklist add address=199.166.200.0/22 comment=SpamHaus list=blacklist add address=199.184.82.0/24 comment=SpamHaus list=blacklist add address=199.185.192.0/20 comment=SpamHaus list=blacklist add address=199.196.192.0/19 comment=SpamHaus list=blacklist add address=199.198.160.0/20 comment=SpamHaus list=blacklist add address=199.198.176.0/21 comment=SpamHaus list=blacklist add address=199.198.184.0/23 comment=SpamHaus list=blacklist add address=199.198.188.0/22 comment=SpamHaus list=blacklist add address=199.200.64.0/19 comment=SpamHaus list=blacklist add address=199.212.96.0/20 comment=SpamHaus list=blacklist add address=199.223.0.0/20 comment=SpamHaus list=blacklist add address=199.230.64.0/19 comment=SpamHaus list=blacklist add address=199.230.96.0/21 comment=SpamHaus list=blacklist add address=199.233.85.0/24 comment=SpamHaus list=blacklist add address=199.233.96.0/24 comment=SpamHaus list=blacklist add address=199.241.64.0/19 comment=SpamHaus list=blacklist add address=199.244.56.0/21 comment=SpamHaus list=blacklist add address=199.245.138.0/24 comment=SpamHaus list=blacklist add address=199.246.137.0/24 comment=SpamHaus list=blacklist add address=199.246.213.0/24 comment=SpamHaus list=blacklist add address=199.246.215.0/24 comment=SpamHaus list=blacklist add address=199.248.64.0/18 comment=SpamHaus list=blacklist add address=199.249.64.0/19 comment=SpamHaus list=blacklist add address=199.253.32.0/20 comment=SpamHaus list=blacklist add address=199.253.48.0/21 comment=SpamHaus list=blacklist add address=199.253.224.0/20 comment=SpamHaus list=blacklist add address=199.254.32.0/20 comment=SpamHaus list=blacklist add address=200.0.60.0/23 comment=SpamHaus list=blacklist add address=200.3.128.0/20 comment=SpamHaus list=blacklist add address=200.22.0.0/16 comment=SpamHaus list=blacklist add address=200.71.124.0/22 comment=SpamHaus list=blacklist add address=200.189.44.0/22 comment=SpamHaus list=blacklist add address=201.148.168.0/22 comment=SpamHaus list=blacklist add address=201.169.0.0/16 comment=SpamHaus list=blacklist add address=202.0.192.0/18 comment=SpamHaus list=blacklist add address=202.20.32.0/19 comment=SpamHaus list=blacklist add address=202.21.64.0/19 comment=SpamHaus list=blacklist add address=202.27.96.0/23 comment=SpamHaus list=blacklist add address=202.27.98.0/24 comment=SpamHaus list=blacklist add address=202.27.99.0/24 comment=SpamHaus list=blacklist add address=202.27.100.0/22 comment=SpamHaus list=blacklist add address=202.27.120.0/22 comment=SpamHaus list=blacklist add address=202.27.161.0/24 comment=SpamHaus list=blacklist add address=202.27.162.0/23 comment=SpamHaus list=blacklist add address=202.27.164.0/22 comment=SpamHaus list=blacklist add address=202.27.168.0/24 comment=SpamHaus list=blacklist add address=202.39.112.0/20 comment=SpamHaus list=blacklist add address=202.40.32.0/19 comment=SpamHaus list=blacklist add address=202.40.64.0/18 comment=SpamHaus list=blacklist add address=202.68.0.0/18 comment=SpamHaus list=blacklist add address=202.86.0.0/22 comment=SpamHaus list=blacklist add address=202.148.32.0/20 comment=SpamHaus list=blacklist add address=202.148.176.0/20 comment=SpamHaus list=blacklist add address=202.183.0.0/19 comment=SpamHaus list=blacklist add address=202.189.80.0/20 comment=SpamHaus list=blacklist add address=203.2.200.0/22 comment=SpamHaus list=blacklist add address=203.9.0.0/19 comment=SpamHaus list=blacklist add address=203.31.88.0/23 comment=SpamHaus list=blacklist add address=203.34.70.0/23 comment=SpamHaus list=blacklist add address=203.34.71.0/24 comment=SpamHaus list=blacklist add address=203.34.252.0/23 comment=SpamHaus list=blacklist add address=203.86.252.0/22 comment=SpamHaus list=blacklist add address=203.148.80.0/22 comment=SpamHaus list=blacklist add address=203.149.92.0/22 comment=SpamHaus list=blacklist add address=203.169.0.0/22 comment=SpamHaus list=blacklist add address=203.189.112.0/22 comment=SpamHaus list=blacklist add address=203.191.64.0/18 comment=SpamHaus list=blacklist add address=204.19.38.0/23 comment=SpamHaus list=blacklist add address=204.44.32.0/20 comment=SpamHaus list=blacklist add address=204.44.192.0/20 comment=SpamHaus list=blacklist add address=204.44.224.0/20 comment=SpamHaus list=blacklist add address=204.48.16.0/20 comment=SpamHaus list=blacklist add address=204.52.255.0/24 comment=SpamHaus list=blacklist add address=204.57.16.0/20 comment=SpamHaus list=blacklist add address=204.75.147.0/24 comment=SpamHaus list=blacklist add address=204.75.228.0/24 comment=SpamHaus list=blacklist add address=204.80.198.0/24 comment=SpamHaus list=blacklist add address=204.86.16.0/20 comment=SpamHaus list=blacklist add address=204.87.199.0/24 comment=SpamHaus list=blacklist add address=204.89.224.0/24 comment=SpamHaus list=blacklist add address=204.106.128.0/18 comment=SpamHaus list=blacklist add address=204.106.192.0/19 comment=SpamHaus list=blacklist add address=204.107.208.0/24 comment=SpamHaus list=blacklist add address=204.126.244.0/23 comment=SpamHaus list=blacklist add address=204.128.151.0/24 comment=SpamHaus list=blacklist add address=204.128.180.0/24 comment=SpamHaus list=blacklist add address=204.130.16.0/20 comment=SpamHaus list=blacklist add address=204.130.167.0/24 comment=SpamHaus list=blacklist add address=204.147.64.0/21 comment=SpamHaus list=blacklist add address=204.187.155.0/24 comment=SpamHaus list=blacklist add address=204.187.156.0/22 comment=SpamHaus list=blacklist add address=204.187.160.0/19 comment=SpamHaus list=blacklist add address=204.187.192.0/19 comment=SpamHaus list=blacklist add address=204.187.224.0/20 comment=SpamHaus list=blacklist add address=204.187.240.0/21 comment=SpamHaus list=blacklist add address=204.187.248.0/22 comment=SpamHaus list=blacklist add address=204.187.252.0/23 comment=SpamHaus list=blacklist add address=204.187.254.0/24 comment=SpamHaus list=blacklist add address=204.194.64.0/21 comment=SpamHaus list=blacklist add address=204.194.184.0/21 comment=SpamHaus list=blacklist add address=204.225.16.0/20 comment=SpamHaus list=blacklist add address=204.225.159.0/24 comment=SpamHaus list=blacklist add address=204.225.210.0/24 comment=SpamHaus list=blacklist add address=204.232.0.0/18 comment=SpamHaus list=blacklist add address=204.238.137.0/24 comment=SpamHaus list=blacklist add address=204.238.170.0/24 comment=SpamHaus list=blacklist add address=204.238.183.0/24 comment=SpamHaus list=blacklist add address=205.137.0.0/20 comment=SpamHaus list=blacklist add address=205.142.104.0/22 comment=SpamHaus list=blacklist add address=205.144.0.0/20 comment=SpamHaus list=blacklist add address=205.144.176.0/20 comment=SpamHaus list=blacklist add address=205.148.128.0/18 comment=SpamHaus list=blacklist add address=205.148.192.0/18 comment=SpamHaus list=blacklist add address=205.151.128.0/19 comment=SpamHaus list=blacklist add address=205.159.45.0/24 comment=SpamHaus list=blacklist add address=205.159.174.0/24 comment=SpamHaus list=blacklist add address=205.159.180.0/24 comment=SpamHaus list=blacklist add address=205.166.77.0/24 comment=SpamHaus list=blacklist add address=205.166.84.0/24 comment=SpamHaus list=blacklist add address=205.166.130.0/24 comment=SpamHaus list=blacklist add address=205.166.168.0/24 comment=SpamHaus list=blacklist add address=205.166.211.0/24 comment=SpamHaus list=blacklist add address=205.172.176.0/22 comment=SpamHaus list=blacklist add address=205.172.244.0/22 comment=SpamHaus list=blacklist add address=205.175.160.0/19 comment=SpamHaus list=blacklist add address=205.189.71.0/24 comment=SpamHaus list=blacklist add address=205.189.72.0/23 comment=SpamHaus list=blacklist add address=205.203.0.0/19 comment=SpamHaus list=blacklist add address=205.203.224.0/19 comment=SpamHaus list=blacklist add address=205.207.134.0/24 comment=SpamHaus list=blacklist add address=205.210.107.0/24 comment=SpamHaus list=blacklist add address=205.210.139.0/24 comment=SpamHaus list=blacklist add address=205.210.171.0/24 comment=SpamHaus list=blacklist add address=205.210.172.0/22 comment=SpamHaus list=blacklist add address=205.214.96.0/19 comment=SpamHaus list=blacklist add address=205.214.128.0/19 comment=SpamHaus list=blacklist add address=205.233.224.0/20 comment=SpamHaus list=blacklist add address=205.236.185.0/24 comment=SpamHaus list=blacklist add address=205.236.189.0/24 comment=SpamHaus list=blacklist add address=205.237.88.0/21 comment=SpamHaus list=blacklist add address=206.41.160.0/19 comment=SpamHaus list=blacklist add address=206.51.29.0/24 comment=SpamHaus list=blacklist add address=206.81.0.0/19 comment=SpamHaus list=blacklist add address=206.130.4.0/23 comment=SpamHaus list=blacklist add address=206.130.188.0/24 comment=SpamHaus list=blacklist add address=206.143.128.0/17 comment=SpamHaus list=blacklist add address=206.189.0.0/16 comment=SpamHaus list=blacklist add address=206.195.224.0/19 comment=SpamHaus list=blacklist add address=206.197.28.0/24 comment=SpamHaus list=blacklist add address=206.197.29.0/24 comment=SpamHaus list=blacklist add address=206.197.77.0/24 comment=SpamHaus list=blacklist add address=206.197.165.0/24 comment=SpamHaus list=blacklist add address=206.203.64.0/18 comment=SpamHaus list=blacklist add address=206.209.80.0/20 comment=SpamHaus list=blacklist add address=206.224.160.0/19 comment=SpamHaus list=blacklist add address=206.226.0.0/19 comment=SpamHaus list=blacklist add address=206.226.32.0/19 comment=SpamHaus list=blacklist add address=206.227.64.0/18 comment=SpamHaus list=blacklist add address=207.22.192.0/18 comment=SpamHaus list=blacklist add address=207.32.128.0/19 comment=SpamHaus list=blacklist add address=207.32.208.0/20 comment=SpamHaus list=blacklist add address=207.45.224.0/20 comment=SpamHaus list=blacklist add address=207.110.64.0/18 comment=SpamHaus list=blacklist add address=207.110.96.0/19 comment=SpamHaus list=blacklist add address=207.110.128.0/18 comment=SpamHaus list=blacklist add address=207.177.128.0/18 comment=SpamHaus list=blacklist add address=207.178.64.0/19 comment=SpamHaus list=blacklist add address=207.183.192.0/19 comment=SpamHaus list=blacklist add address=207.226.192.0/20 comment=SpamHaus list=blacklist add address=207.234.0.0/17 comment=SpamHaus list=blacklist add address=208.93.4.0/22 comment=SpamHaus list=blacklist add address=208.117.88.0/22 comment=SpamHaus list=blacklist add address=208.117.92.0/24 comment=SpamHaus list=blacklist add address=209.51.32.0/20 comment=SpamHaus list=blacklist add address=209.54.160.0/19 comment=SpamHaus list=blacklist add address=209.66.128.0/19 comment=SpamHaus list=blacklist add address=209.95.192.0/19 comment=SpamHaus list=blacklist add address=209.97.128.0/18 comment=SpamHaus list=blacklist add address=209.99.128.0/18 comment=SpamHaus list=blacklist add address=209.145.0.0/19 comment=SpamHaus list=blacklist add address=209.182.64.0/19 comment=SpamHaus list=blacklist add address=209.229.0.0/16 comment=SpamHaus list=blacklist add address=209.242.192.0/19 comment=SpamHaus list=blacklist add address=212.92.127.0/24 comment=SpamHaus list=blacklist add address=216.47.96.0/20 comment=SpamHaus list=blacklist add address=216.152.240.0/20 comment=SpamHaus list=blacklist add address=216.183.208.0/20 comment=SpamHaus list=blacklist add address=220.154.0.0/16 comment=SpamHaus list=blacklist add address=221.132.192.0/18 comment=SpamHaus list=blacklist add address=223.0.0.0/15 comment=SpamHaus list=blacklist add address=223.169.0.0/16 comment=SpamHaus list=blacklist add address=223.173.0.0/16 comment=SpamHaus list=blacklist add address=223.201.0.0/16 comment=SpamHaus list=blacklist add address=223.254.0.0/16 comment=SpamHaus list=blacklist add address=77.72.82.0/24 comment=DShield list=blacklist add address=5.188.10.0/24 comment=DShield list=blacklist add address=5.188.62.0/24 comment=DShield list=blacklist add address=5.188.203.0/24 comment=DShield list=blacklist add address=80.82.70.0/24 comment=DShield list=blacklist add address=84.53.198.0/24 comment=DShield list=blacklist add address=212.3.130.0/24 comment=DShield list=blacklist add address=94.74.81.0/24 comment=DShield list=blacklist add address=80.82.77.0/24 comment=DShield list=blacklist add address=45.55.21.0/24 comment=DShield list=blacklist add address=93.174.93.0/24 comment=DShield list=blacklist add address=196.52.43.0/24 comment=DShield list=blacklist add address=141.212.122.0/24 comment=DShield list=blacklist add address=191.96.249.0/24 comment=DShield list=blacklist add address=158.85.81.0/24 comment=DShield list=blacklist add address=71.6.146.0/24 comment=DShield list=blacklist add address=168.1.128.0/24 comment=DShield list=blacklist add address=185.129.148.0/24 comment=DShield list=blacklist add address=85.113.214.0/24 comment=DShield list=blacklist add address=169.54.233.0/24 comment=DShield list=blacklist /ip firewall filter add action=accept chain=input comment="VPN L2TP UDP 500" disabled=yes \ dst-port=500 in-interface=ether10 protocol=udp add action=accept chain=input comment="VPN L2TP UDP 1701" disabled=yes \ dst-port=1701 in-interface=ether10 protocol=udp add action=accept chain=input comment="VPN L2TP 4500" disabled=yes dst-port=\ 4500 in-interface=ether10 protocol=udp add action=accept chain=input comment="VPN L2TP ESP" disabled=yes \ in-interface=ether10 protocol=ipsec-esp add action=accept chain=input comment="VPN L2TP AH" disabled=yes \ in-interface=ether10 protocol=ipsec-ah add action=add-src-to-address-list address-list=Syn_Flooder \ address-list-timeout=30m chain=input comment=\ "Add Syn Flood IP to the list" connection-limit=30,32 protocol=tcp \ tcp-flags=syn add action=drop chain=input comment="Drop to syn flood list" \ src-address-list=Syn_Flooder add action=add-src-to-address-list address-list=Port_Scanner \ address-list-timeout=1w chain=input comment="Port Scanner Detect" \ protocol=tcp psd=21,3s,3,1 add action=drop chain=input comment="Drop to port scan list" \ src-address-list=Port_Scanner add action=jump chain=input comment="Jump for icmp input flow" jump-target=\ ICMP protocol=icmp add action=drop chain=input comment="Block all access to the winbox - except t\ o support list # DO NOT ENABLE THIS RULE BEFORE ADD YOUR SUBNET IN THE SUP\ PORT ADDRESS LIST" disabled=yes dst-port=8291 protocol=tcp \ src-address-list=!support add action=jump chain=forward comment="Jump for icmp forward flow" \ jump-target=ICMP protocol=icmp add action=drop chain=forward comment="Drop to bogon list" dst-address-list=\ bogons add action=add-src-to-address-list address-list=spammers \ address-list-timeout=3h chain=forward comment=\ "Add Spammers to the list for 3 hours" connection-limit=30,32 dst-port=\ 25,587 limit=30/1m,0:packet protocol=tcp add action=drop chain=forward comment="Avoid spammers action" dst-port=25,587 \ protocol=tcp src-address-list=spammers add action=accept chain=input comment="Accept DNS - UDP" port=53 protocol=udp add action=accept chain=input comment="Accept DNS - TCP" port=53 protocol=tcp add action=accept chain=input comment="Accept to established connections" \ connection-state="" protocol=tcp add action=accept chain=input comment="Accept to related connections" \ connection-state="" protocol=tcp add action=accept chain=input comment="Full access to SUPPORT address list" \ src-address-list=support add action=drop chain=input comment="Drop anything else! # DO NOT ENABLE THIS \ RULE BEFORE YOU MAKE SURE ABOUT ALL ACCEPT RULES YOU NEED" disabled=yes add action=accept chain=ICMP comment="Echo request - Avoiding Ping Flood" \ icmp-options=8:0 limit=1,5:packet protocol=icmp add action=accept chain=ICMP comment="Echo reply" icmp-options=0:0 protocol=\ icmp add action=accept chain=ICMP comment="Time Exceeded" icmp-options=11:0 \ protocol=icmp add action=accept chain=ICMP comment="Destination unreachable" icmp-options=\ 3:0-1 protocol=icmp add action=accept chain=ICMP comment=PMTUD icmp-options=3:4 protocol=icmp add action=drop chain=ICMP comment="Drop to the other ICMPs" protocol=icmp add action=jump chain=output comment="Jump for icmp output" jump-target=ICMP \ protocol=icmp add action=accept chain=forward comment="allow established connections" \ connection-state="" add action=accept chain=forward comment="allow related connections" \ connection-state="" add action=drop chain=forward comment="drop invalid connections" \ connection-state="" add action=drop chain=virus comment="Drop Blaster Worm" dst-port=135-139 \ protocol=tcp add action=drop chain=virus comment="Drop Messenger Worm" dst-port=135-139 \ protocol=udp add action=drop chain=virus comment="Drop Blaster Worm" dst-port=445 \ protocol=tcp add action=drop chain=virus comment="Drop Blaster Worm" dst-port=445 \ protocol=udp add action=drop chain=virus comment=________ dst-port=593 protocol=tcp add action=drop chain=virus comment=________ dst-port=1024-1030 protocol=tcp add action=drop chain=virus comment="Drop MyDoom" dst-port=1080 protocol=tcp add action=drop chain=virus comment=________ dst-port=1214 protocol=tcp add action=drop chain=virus comment="ndm requester" dst-port=1363 protocol=\ tcp add action=drop chain=virus comment="ndm server" dst-port=1364 protocol=tcp add action=drop chain=virus comment="screen cast" dst-port=1368 protocol=tcp add action=drop chain=virus comment=hromgrafx dst-port=1373 protocol=tcp add action=drop chain=virus comment=cichlid dst-port=1377 protocol=tcp add action=drop chain=virus comment=Worm dst-port=1433-1434 protocol=tcp add action=drop chain=virus comment="Bagle Virus" dst-port=2745 protocol=tcp add action=drop chain=virus comment="Drop Dumaru.Y" dst-port=2283 protocol=\ tcp add action=drop chain=virus comment="Drop Beagle" dst-port=2535 protocol=tcp add action=drop chain=virus comment="Drop Beagle.C-K" dst-port=2745 protocol=\ tcp add action=drop chain=virus comment="Drop MyDoom" dst-port=3127-3128 \ protocol=tcp add action=drop chain=virus comment="Drop Backdoor OptixPro" dst-port=3410 \ protocol=tcp add action=drop chain=virus comment=Worm dst-port=4444 protocol=tcp add action=drop chain=virus comment=Worm dst-port=4444 protocol=udp add action=drop chain=virus comment="Drop Sasser" dst-port=5554 protocol=tcp add action=drop chain=virus comment="Drop Beagle.B" dst-port=8866 protocol=\ tcp add action=drop chain=virus comment="Drop Dabber.A-B" dst-port=9898 protocol=\ tcp add action=drop chain=virus comment="Drop Dumaru.Y" dst-port=10000 protocol=\ tcp add action=drop chain=virus comment="Drop MyDoom.B" dst-port=10080 protocol=\ tcp add action=drop chain=virus comment="Drop NetBus" dst-port=12345 protocol=tcp add action=drop chain=virus comment="Drop Kuang2" dst-port=17300 protocol=tcp add action=drop chain=virus comment="Drop SubSeven" dst-port=27374 protocol=\ tcp add action=drop chain=virus comment="Drop PhatBot, Agobot, Gaobot" dst-port=\ 65506 protocol=tcp add action=jump chain=forward comment="jump to the virus chain" jump-target=\ virus add action=accept chain=forward comment="Allow HTTP" dst-port=80 protocol=tcp add action=accept chain=forward comment="Allow SMTP" dst-port=25 protocol=tcp add action=accept chain=forward comment="allow TCP" protocol=tcp add action=accept chain=forward comment="allow ping" protocol=icmp add action=accept chain=forward comment="allow udp" protocol=udp add action=drop chain=forward comment="drop everything else" add action=add-src-to-address-list address-list=blocked-addr \ address-list-timeout=1d chain=input connection-limit=32,32 protocol=tcp add action=tarpit chain=input connection-limit=3,32 protocol=tcp \ src-address-list=blocked-addr add action=jump chain=forward comment="SYN Flood protect" connection-state="" \ jump-target=SYN-Protect protocol=tcp tcp-flags=syn add action=accept chain=SYN-Protect connection-state="" limit=400,5:packet \ protocol=tcp tcp-flags=syn add action=drop chain=SYN-Protect connection-state="" protocol=tcp tcp-flags=\ syn add action=add-src-to-address-list address-list="port scanners" \ address-list-timeout=2w chain=input comment="NMAP FIN Stealth scan" \ protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg add action=add-src-to-address-list address-list="port scanners" \ address-list-timeout=2w chain=input comment="SYN/FIN scan" protocol=tcp \ tcp-flags=fin,syn add action=add-src-to-address-list address-list="port scanners" \ address-list-timeout=2w chain=input comment="SYN/RST scan" protocol=tcp \ tcp-flags=syn,rst add action=add-src-to-address-list address-list="port scanners" \ address-list-timeout=2w chain=input comment="FIN/PSH/URG scan" protocol=\ tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack add action=add-src-to-address-list address-list="port scanners" \ address-list-timeout=2w chain=input comment="ALL/ALL scan" protocol=tcp \ tcp-flags=fin,syn,rst,psh,ack,urg add action=add-src-to-address-list address-list="port scanners" \ address-list-timeout=2w chain=input comment="NMAP NULL scan" protocol=tcp \ tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg add action=drop chain=input comment="dropping port scanners" \ src-address-list="port scanners" add action=drop chain=forward comment="\"BLOCK SPAMMERS OR INFECTED USERS\"" \ dst-port=25 protocol=tcp src-address-list=spammers add action=add-src-to-address-list address-list=spammers \ address-list-timeout=1w3d chain=forward comment=\ "\"Detect and add-list SMTP virus or spammers\"" connection-limit=30,32 \ dst-port=25 limit=50,5:packet protocol=tcp add action=drop chain=input comment="drop ftp brute forcers" dst-port=21 \ protocol=tcp src-address-list=ftp_blacklist add action=accept chain=output content="530 Login incorrect" dst-limit=\ 1/1m,9,dst-address/1m protocol=tcp add action=add-dst-to-address-list address-list=ftp_blacklist \ address-list-timeout=3h chain=output content="530 Login incorrect" \ protocol=tcp add action=drop chain=input comment="drop ssh brute forcers" dst-port=22 \ protocol=tcp src-address-list=ssh_blacklist add action=add-src-to-address-list address-list=ssh_blacklist \ address-list-timeout=1w3d chain=input connection-state="" dst-port=22 \ protocol=tcp src-address-list=ssh_stage3 add action=add-src-to-address-list address-list=ssh_stage3 \ address-list-timeout=1m chain=input connection-state="" dst-port=22 \ protocol=tcp src-address-list=ssh_stage2 add action=add-src-to-address-list address-list=ssh_stage2 \ address-list-timeout=1m chain=input connection-state="" dst-port=22 \ protocol=tcp src-address-list=ssh_stage1 add action=add-src-to-address-list address-list=ssh_stage1 \ address-list-timeout=1m chain=input connection-state="" dst-port=22 \ protocol=tcp add action=drop chain=forward comment="drop ssh brute downstream" dst-port=22 \ protocol=tcp src-address-list=ssh_blacklist add action=drop chain=forward comment="Drop Address List" src-address-list=\ blacklist add action=accept chain=input comment=smb1 disabled=yes dst-port=137-138 \ protocol=udp src-address-list=smb-allow add action=accept chain=input comment=smb2 disabled=yes dst-port=137,139 \ protocol=tcp src-address-list=smb-allow add action=accept chain=input comment=FTP-Rb disabled=yes dst-port=2121 \ protocol=tcp /ip firewall nat add action=masquerade chain=srcnat out-interface=ether10 src-address=\ 10.0.2.0/24 add action=dst-nat chain=dstnat comment=Garden_Cam dst-port=8081 log=yes \ protocol=tcp to-addresses=10.0.2.14 to-ports=8081 add action=dst-nat chain=dstnat comment=SSH_Rasp dst-port=22 log=yes \ protocol=tcp to-addresses=10.0.2.100 to-ports=22 add action=dst-nat chain=dstnat comment=FTP-Rasp dst-port=21 log=yes \ protocol=tcp to-addresses=10.0.2.100 to-ports=21 add action=dst-nat chain=dstnat comment=Passive-Range-RaspFTP dst-port=\ 49152-65534 log=yes protocol=tcp to-addresses=10.0.2.100 to-ports=\ 49152-65534 add action=dst-nat chain=dstnat comment=FTP-Rb disabled=yes dst-port=2121 \ log=yes protocol=tcp to-addresses=10.0.2.1 to-ports=2121 add action=dst-nat chain=dstnat comment=Webmin disabled=yes dst-port=10000 \ protocol=tcp to-addresses=10.0.2.100 to-ports=10000 add action=dst-nat chain=dstnat comment=Cups_Print-Server disabled=yes \ dst-port=631 protocol=tcp to-addresses=10.0.2.100 to-ports=631 add action=dst-nat chain=dstnat comment=Sane-RaspScan disabled=yes dst-port=\ 6566 protocol=tcp to-addresses=10.0.2.100 to-ports=6566 add action=dst-nat chain=dstnat comment=AccesPoint disabled=yes dst-port=80 \ log=yes protocol=tcp to-addresses=10.0.2.12 /ip firewall service-port set ftp ports=2121 /ip ipsec peer add address=0.0.0.0/0 dh-group=modp1024 enc-algorithm=aes-256,aes-128,3des \ exchange-mode=main-l2tp generate-policy=port-override nat-traversal=no \ secret=XXXXXXXXX /ip ipsec policy set 0 disabled=yes /ip route add distance=1 gateway=192.168.1.1 /ip service set telnet disabled=yes set ftp port=2121 set www disabled=yes set ssh disabled=yes set api disabled=yes set api-ssl disabled=yes /ip smb set allow-guests=no interfaces=bridge_LAN,ether10 /ip smb shares add directory=/disk1 max-sessions=1 name=share1 /ppp secret add name=XXXXXXXX password=XXXXXXX profile=vpn-profile service=\ l2tp /system clock set time-zone-autodetect=no time-zone-name=Europe/Rome /system lcd set contrast=0 enabled=no port=parallel type=24x4 /system lcd page set time disabled=yes display-time=5s set resources disabled=yes display-time=5s set uptime disabled=yes display-time=5s set packets disabled=yes display-time=5s set bits disabled=yes display-time=5s set version disabled=yes display-time=5s set identity disabled=yes display-time=5s set bridge_LAN disabled=yes display-time=5s set sfp1 disabled=yes display-time=5s set ether1 disabled=yes display-time=5s set ether2 disabled=yes display-time=5s set ether3 disabled=yes display-time=5s set ether4 disabled=yes display-time=5s set ether5 disabled=yes display-time=5s set ether6 disabled=yes display-time=5s set ether7 disabled=yes display-time=5s set ether8 disabled=yes display-time=5s set ether9 disabled=yes display-time=5s set ether10 disabled=yes display-time=5s /system logging add disabled=yes topics=debug /system ntp client set enabled=yes primary-ntp=193.204.114.232 secondary-ntp=193.204.114.233 /system ntp server set broadcast=yes enabled=yes multicast=yes /system scheduler add comment="Download openbl list" interval=1w name=DownloadBegoneList \ on-event=Download_openbl policy=\ ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=\ jan/01/1970 start-time=01:05:00 add comment="Apply openbl List" interval=1w name=InstallBegoneList on-event=\ Replace_openbl policy=\ ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=\ jan/01/1970 start-time=01:15:00 add comment="Download spamnaus list" interval=1w name=DownloadSpamhausList \ on-event=Download_spamhaus policy=\ ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=\ jan/01/1970 start-time=02:02:00 add comment="Apply spamnaus List" interval=1w name=InstallSpamhausList \ on-event=Replace_spamhaus policy=\ ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=\ jan/01/1970 start-time=02:12:00 add comment="Download dshield list" interval=1w name=DownloadDShieldList \ on-event=Download_dshield policy=\ ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=\ jan/01/1970 start-time=02:42:00 add comment="Apply dshield List" interval=1w name=InstallDShieldList \ on-event=Replace_dshield policy=\ ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=\ jan/01/1970 start-time=02:52:00 /system script add name=Download_openbl owner=admin policy=\ ftp,reboot,read,write,policy,test,password,sniff,sensitive source="\ \n/tool fetch url=\"http://joshaven.com/openbl.rsc\" mode=http;\ \n:log info \"Downloaded openbl.rsc from Joshaven.com\";\ \n" add name=Replace_openbl owner=admin policy=\ ftp,reboot,read,write,policy,test,password,sniff,sensitive source="\ \n:foreach i in=[/ip firewall address-list find ] do={\ \n:if ( [/ip firewall address-list get \$i comment] = \"OpenBL\" ) do={\ \n/ip firewall address-list remove \$i\ \n}\ \n}\ \n/import file-name=openbl.rsc;\ \n:log info \"Removal old openbl and add new\";\ \n" add name=Download_spamhaus owner=admin policy=\ ftp,reboot,read,write,policy,test,password,sniff,sensitive source="\ \n/tool fetch url=\"http://joshaven.com/spamhaus.rsc\" mode=http;\ \n:log info \"Downloaded spamhaus.rsc from Joshaven.com\";\ \n" add name=Replace_spamhaus owner=admin policy=\ ftp,reboot,read,write,policy,test,password,sniff,sensitive source="\ \n:foreach i in=[/ip firewall address-list find ] do={\ \n:if ( [/ip firewall address-list get \$i comment] = \"SpamHaus\" ) do={\ \n/ip firewall address-list remove \$i\ \n}\ \n}\ \n/import file-name=spamhaus.rsc;\ \n:log info \"Removal old openbl and add new\";\ \n" add name=Download_dshield owner=admin policy=\ ftp,reboot,read,write,policy,test,password,sniff,sensitive source="\ \n/tool fetch url=\"http://joshaven.com/dshield.rsc\" mode=http;\ \n:log info \"Downloaded dshield.rsc from Joshaven.com\";\ \n" add name=Replace_dshield owner=admin policy=\ ftp,reboot,read,write,policy,test,password,sniff,sensitive source="\ \n:foreach i in=[/ip firewall address-list find ] do={\ \n:if ( [/ip firewall address-list get \$i comment] = \"DShield\" ) do={\ \n/ip firewall address-list remove \$i\ \n}\ \n}\ \n/import file-name=dshield.rsc;\ \n:log info \"Removal old dshield and add new\";\ \n" /tool romon port add /tool user-manager database set db-path=user-manager1

Ho un forte dubbio xo che possa centrare questo:

da **radiation** » sab 23 set 2017, 16:51

Ora sono in giro e non riesco a guardare bene. Il problema che vedi nel DDNS è normale in quanto la connessione non è attestata direttamente al Mikrotik e lui vede l'IP del modem.

Per la VPN prova a usare queste impostazioni:

/ip ipsec proposal
set [ find default=yes ] auth-algorithms=sha1,md5 pfs-group=none

/ip pool
add name=vpn ranges=192.168.89.2-192.168.89.255

/ppp profile
add change-tcp-mss=yes local-address=192.168.89.1 name=profile-vpn \
remote-address=vpn use-encryption=yes

/interface l2tp-server server
set default-profile=profile-vpn enabled=yes ipsec-secret=123456578

/ip ipsec peer
add enc-algorithm=aes-256,aes-192,aes-128,3des exchange-mode=main-l2tp \
generate-policy=port-override passive=yes secret=12345678

/ppp secret
add name=UTENTE password=PASSWORD profile=profile-vpn

Per gli eventuali log:

/system logging
add disabled=yes topics=l2tp
add topics=ipsec,debug,!packet

da **routermaniak** » sab 23 set 2017, 22:04

Ciao ho cancellato il setup della vpn l2tp....e applicato il tuo. il log è cambiato tantissimo ed è assai lungo (non so come fare per copiarlo dalla finestra del log)... però ancora nessun collegamento da iphone!

da **radiation** » sab 23 set 2017, 22:08

Ma hai copiato il mio esempio?

Hai abituato anche i log della vpn?

da **routermaniak** » sab 23 set 2017, 22:14

ho applicato il mio esempio cambiando l'ip pool con la mia subnet... si i log vpn li ho abilitati, ma dove li recupero? cliccando su log e provando a fare connessione viene fuori una marea di roba

VPN L2Tp Collegamento mancato

Re: VPN L2Tp Collegamento mancato

VPN L2Tp Collegamento mancato

Re: VPN L2Tp Collegamento mancato

Re: VPN L2Tp Collegamento mancato

Re: VPN L2Tp Collegamento mancato

Re: VPN L2Tp Collegamento mancato

Re: VPN L2Tp Collegamento mancato

Re: VPN L2Tp Collegamento mancato

Re: VPN L2Tp Collegamento mancato

Re: VPN L2Tp Collegamento mancato

Chi c’è in linea