Hello,
J'ai mis en place ma USG 3P hier, et ca fonctionne super.
Juste l'IP V6 qui ne fonctionne pas encore et il faut que je re fasse cette partie.
Je suis partie du fichier de n0b et du post de n0b.
J'ai juste supprimé la partie VLAN 838 qui n'existe plus.
Voila mon config.gateway.json
{
"firewall": {
"source-validation": "disable"
},
"interfaces": {
"ethernet": {
"eth0": {
"duplex": "auto",
"speed": "auto",
"vif": {
"832": {
"ip": {
"source-validation": "strict"
},
"address": [
"dhcp"
],
"dhcp-options": {
"client-option": [
"retry 60;",
"send vendor-class-identifier "sagem";",
"send user-class "\\053FSVDSL_livebox.Internet.softathome.Livebox4";",
"send rfc3118-auth 00:00:00:00:00:00:00:00:00:00:00:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx;",
"send dhcp-client-identifier 1:yy:yy:yy:yy:yy;",
"request subnet-mask, routers, domain-name-servers, domain-name, broadcast-address, dhcp-lease-time, dhcp-renewal-time, dhcp-rebinding-time, rfc3118-auth;"
],
"default-route": "update",
"default-route-distance": "1",
"name-server": "update"
},
"egress-qos": "0:0 1:0 2:0 3:0 4:0 5:0 6:6 7:0",
"firewall": {
"in": {
"name": "WAN_IN"
},
"local": {
"name": "WAN_LOCAL"
},
"out": {
"name": "WAN_OUT"
}
}
},
"840": {
"address": [
"192.168.255.254/24"
],
"egress-qos": "0:5 1:5 2:5 3:5 4:5 5:5 6:5 7:5"
}
}
}
}
},
"port-forward": {
"wan-interface": "eth0.832"
},
"protocols": {
"igmp-proxy": {
"disable-quickleave": "''",
"interface": {
"eth0": {
"role": "disabled",
"threshold": "1"
},
"eth0.832": {
"role": "disabled",
"threshold": "1"
},
"eth0.838": {
"role": "disabled",
"threshold": "1"
},
"eth0.840": {
"alt-subnet": [
"0.0.0.0/0"
],
"role": "upstream",
"threshold": "1"
},
"eth1": {
"role": "disabled",
"threshold": "1"
},
"eth2": {
"alt-subnet": [
"0.0.0.0/0"
],
"role": "downstream",
"threshold": "1"
}
}
}
},
"service": {
"dns": {
"forwarding": {
"cache-size": "10000",
"except-interface": [
"eth0.832"
]
}
},
"nat": {
"rule": {
"6001": {
"description": "MASQ corporate_network to WAN",
"log": "disable",
"outbound-interface": "eth0.832",
"protocol": "all",
"source": {
"group": {
"network-group": "corporate_network"
}
},
"type": "masquerade"
},
"6002": {
"description": "MASQ remote_user_vpn_network to WAN",
"log": "disable",
"outbound-interface": "eth0.832",
"protocol": "all",
"source": {
"group": {
"network-group": "remote_user_vpn_network"
}
},
"type": "masquerade"
},
"6003": {
"description": "MASQ guest_network to WAN",
"log": "disable",
"outbound-interface": "eth0.832",
"protocol": "all",
"source": {
"group": {
"network-group": "guest_network"
}
},
"type": "masquerade"
},
"6020": {
"description": "MASQ LiveboxTV to WAN",
"log": "disable",
"outbound-interface": "eth0.838",
"protocol": "all",
"source": {
"group": {
"network-group": "corporate_network"
}
},
"type": "masquerade"
}
}
}
}
}
Je pense que je peux encore supprimer des choses dans le config, genre la partie NAT qui doit être redondante avec ce qui est déjà dans le contrôleur.