|
[ despotovd @ 11.03.2011. 21:48 ] @
[ Predrag Supurovic @ 12.03.2011. 06:06 ] @
Rade li drugi sajtovi?
[ despotovd @ 12.03.2011. 12:34 ] @
Sve vezano za surf radi. Samo kad treba da se logujes nece .doduse nisam probao da li login na gmail ...yahoo mail ide ,ali klasican surf i gledanje filmova ide bez problema.
Dejan [ Aleksandar Đokić @ 12.03.2011. 14:03 ] @
da nije to problem sa https-om? probaj da se logujes na gmail pa javi,
ako jeste onda MTU menjaj [ despotovd @ 12.03.2011. 14:46 ] @
Izgleda da jeste ... neide nijedan https ...
mtu na ap je 1500. Kad sam dodao sebe u walled garden kao src addr. prolazi sav https saobracaj , ocigledno je neki od firewall filter rules ili NAT rules dodatih kreiranjem Hotspota . :/ evo podesavanja : [despotovd@MikroTik] /ip hotspot> print Flags: X - disabled, I - invalid, S - HTTPS # NAME INTERFACE ADDRESS-POOL PROFILE IDLE-TIMEOUT 0 hotspot1 KoNet AP8 hs-pool-6 hsprof1 5m [despotovd@MikroTik] /ip hotspot> profile [despotovd@MikroTik] /ip hotspot profile> print Flags: * - default 0 * name="default" hotspot-address=0.0.0.0 dns-name="" html-directory=hotspot rate-limit="" http-proxy=0.0.0.0:0 smtp-server=0.0.0.0 login-by=cookie,http-chap http-cookie-lifetime=3d split-user-domain=no use-radius=no 1 name="hsprof1" hotspot-address=10.20.50.193 dns-name="konet.net" html-directory=hotspot rate-limit="" http-proxy=0.0.0.0:0 smtp-server=0.0.0.0 login-by=cookie,http-chap http-cookie-lifetime=3d split-user-domain=no use-radius=no [despotovd@MikroTik] /ip hotspot profile> [despotovd@MikroTik] /ip hotspot user> print Flags: X - disabled, D - dynamic # SERVER NAME ADDRESS PROFILE UPTIME 0 despotovd 1M 0s 1 hotspot1 sasa 512k 0s [despotovd@MikroTik] /ip firewall filter> print dynamic Flags: X - disabled, I - invalid, D - dynamic 0 D chain=forward action=jump jump-target=hs-unauth hotspot=from-client,!auth 1 D chain=forward action=jump jump-target=hs-unauth-to hotspot=to-client,!auth 2 D chain=input action=jump jump-target=hs-input hotspot=from-client 3 I chain=hs-input action=jump jump-target=pre-hs-input 4 D chain=hs-input action=accept protocol=udp dst-port=64872 5 D chain=hs-input action=accept protocol=tcp dst-port=64872-64875 6 D chain=hs-input action=jump jump-target=hs-unauth hotspot=!auth 7 D chain=hs-unauth action=reject reject-with=tcp-reset protocol=tcp 8 D chain=hs-unauth action=reject reject-with=icmp-net-prohibited 9 D chain=hs-unauth-to action=reject reject-with=icmp-host-prohibited [despotovd@MikroTik] /ip firewall nat> print dynamic Flags: X - disabled, I - invalid, D - dynamic 0 D chain=dstnat action=jump jump-target=hotspot hotspot=from-client 1 I chain=hotspot action=jump jump-target=pre-hotspot 2 D chain=hotspot action=redirect to-ports=64872 protocol=udp dst-port=53 3 D chain=hotspot action=redirect to-ports=64872 protocol=tcp dst-port=53 4 D chain=hotspot action=redirect to-ports=64873 protocol=tcp hotspot=local-dst dst-port=80 5 D chain=hotspot action=redirect to-ports=64875 protocol=tcp hotspot=local-dst dst-port=443 6 D chain=hotspot action=jump jump-target=hs-unauth protocol=tcp hotspot=!aut> 7 D chain=hotspot action=jump jump-target=hs-auth protocol=tcp hotspot=auth 8 D chain=hs-unauth action=redirect to-ports=64874 protocol=tcp dst-port=80 9 D chain=hs-unauth action=redirect to-ports=64874 protocol=tcp dst-port=3128 10 D chain=hs-unauth action=redirect to-ports=64874 protocol=tcp dst-port=8080 11 D chain=hs-unauth action=redirect to-ports=64875 protocol=tcp dst-port=443 12 I chain=hs-unauth action=jump jump-target=hs-smtp protocol=tcp dst-port=25 13 D chain=hs-auth action=redirect to-ports=64874 protocol=tcp hotspot=http 14 I chain=hs-auth action=jump jump-target=hs-smtp protocol=tcp dst-port=25 I da napomena prvi hot spot. :) Hvala svima u napred Dejan [Ovu poruku je menjao despotovd dana 12.03.2011. u 17:21 GMT+1] [ Aleksandar Đokić @ 12.03.2011. 16:23 ] @
ne, ne verujem da su u pitanju firewall pravila...
smanjuj MTU polako i probaj, trebalo bi da bude 1480 default [ despotovd @ 12.03.2011. 17:19 ] @
Probao sam i dalje ista prica
[ Aleksandar Đokić @ 12.03.2011. 17:24 ] @
pa daj malo opsirniji odgovor, sta si probao?
[ despotovd @ 12.03.2011. 17:56 ] @
smanjivao MTU
1480 -> 1300 i dalje ista prica , ali posto mi radi kako sam i rekao malo pre , kad izbegnem hot spot -> svoj IP stavim u walled garden i onda za mene ne vazi ni jedno pravilo iz ip firewall vezano za hot spot ... koliko sam shvatio onda mi sve radi ok ... ali to nije resenje koje meni treba jer ako tako budem morao raditi onda jednostavno necu koristiti hotspot . Problem je ocigledno negde u firewal pravilima koje kreira hotspot ... te kad se klijent loguje umesto da i https radi normalno on se ponasa za https kao da se klijent nije logovao na hotspot i izbaci mu conn timeout [ flighter_022 @ 12.03.2011. 21:14 ] @
Probaj racunarom direktno na Internet (umesto da ides preko hotspota), i ako i dalje ne radi, onda mozda ISP blokira FB.
[ nino1987 @ 12.03.2011. 22:03 ] @
meni ista stvar bila kada sam stavio QoS za skype... nisam se mogo ulogirat na facebook
Copyright (C) 2001-2024 by www.elitesecurity.org. All rights reserved.
|