Acceder a máquina virtual creada en unraid

buenas, una ayuda pido para una situación que tengo. Tengo un pc con Unraid que tiene ip 192.168.50.63 que se la asigna 192.168.50.0/24 y he montando una máquina virtual que le asigna desde virbr0 la ip 192.168.122.78 con 192.168.122.0/24 de ruta. que tengo que hacer para acceder desde mi lan y desde fuera de la red la VM? gracias anticipadas.

# model = RB4011iGS+
# serial number = AAAF09501705
/interface bridge
add admin-mac=B8:69:F4:E6:CC:20 auto-mac=no comment=defconf frame-types=\
admit-only-vlan-tagged igmp-snooping=yes name=bridge vlan-filtering=yes
add igmp-snooping=yes name=bridge-iptv
add name=ospf-lo
add disabled=yes name=zerotier
/interface ethernet
set [ find default-name=ether2 ] name=ether2-iptv-decoder
/interface vlan
add interface=bridge name=vlan-ext vlan-id=60
add interface=ether1 name=vlan-internet vlan-id=832
add interface=bridge name=vlan-lan vlan-id=50
add interface=ether1 name=vlan838-iptv vlan-id=838
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface lte apn
set [ find default=yes ] ip-type=ipv4
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=pool-lan ranges=192.168.50.20-192.168.50.254
add name=pool-ext ranges=192.168.60.20-192.168.60.254
add name=iptv-orange ranges=192.168.40.0/30
/ip dhcp-server
add address-pool=pool-lan interface=vlan-lan name=dhcp-lan
add address-pool=pool-ext interface=vlan-ext name=dhcp-ext
add address-pool=iptv-orange bootp-support=dynamic interface=bridge-iptv \
name=iptv-orange
/port
set 0 name=serial0
set 1 name=serial1
/routing table
add fib name=compadre
/routing bgp template
set default disabled=no output.network=bgp-networks routing-table=main
/system logging action
set 0 memory-lines=100
/interface bridge port
add bridge=bridge-iptv interface=ether2-iptv-decoder
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged \
interface=ether3 pvid=50
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged \
interface=ether4 pvid=60
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged \
interface=ether5 pvid=50
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged \
interface=ether6 pvid=50
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged \
interface=ether7 pvid=50
add bridge=zerotier frame-types=admit-only-untagged-and-priority-tagged \
interface=ether8 pvid=50 trusted=yes
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged \
interface=ether9 pvid=50
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged \
interface=ether10 pvid=50
add bridge=bridge frame-types=admit-only-vlan-tagged interface=sfp-sfpplus1
add bridge=bridge interface=eoip-iptv pvid=22
add bridge=bridge-iptv interface=vlan838-iptv
add bridge=bridge interface=eoip-tunnel-juanma pvid=22
add bridge=bridge interface=eoip-tunnel-lte
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged \
interface=LAN pvid=50 trusted=yes
/interface bridge settings
set use-ip-firewall-for-pppoe=yes use-ip-firewall-for-vlan=yes
/ip neighbor discovery-settings
set discover-interface-list=LAN
/ip settings
set max-neighbor-entries=8192 tcp-syncookies=yes
/ipv6 settings
set accept-router-advertisements=yes max-neighbor-entries=8192
/interface bridge vlan
add bridge=bridge comment=lan tagged=bridge,sfp-sfpplus1 vlan-ids=50
add bridge=bridge comment=externos tagged=bridge,sfp-sfpplus1 vlan-ids=60
add bridge=bridge comment=paco-pepe tagged=bridge,sfp-sfpplus1 vlan-ids=22
/interface list member
add comment=defconf interface=vlan-lan list=LAN
add comment=defconf interface=vlan-internet list=WAN
/interface wireguard peers
/ip address
add address=192.168.50.1/24 interface=vlan-lan network=192.168.50.0
add address=192.168.60.1/24 interface=vlan-ext network=192.168.60.0
add address=172.17.0.2/30 interface=wireguard-iptv network=172.17.0.0
add address=10.20.30.40 interface=vlan838-iptv network=10.20.30.40
add address=192.168.40.1/30 interface=ether2-iptv-decoder network=\
192.168.40.0
add address=192.168.1.2/24 interface=sfp-sfpplus1 network=192.168.1.0
add address=172.17.30.2/30 interface=wireguard-juanma network=172.17.30.0
add address=172.16.0.2/30 interface=wireguard-lte-mame network=172.16.0.0
add address=172.16.0.5/30 interface=wireguard-osfp-compadre network=\
172.16.0.4
add address=0.0.0.2 interface=ospf-lo network=0.0.0.2
/ip arp
add address=192.168.50.30 interface=vlan-lan mac-address=64:BC:58:84:82:D5
/ip cloud
set ddns-enabled=yes
/ip dhcp-client
add comment=defconf interface=vlan-internet
/ip dhcp-server lease
add address=192.168.40.2 allow-dual-stack-queue=no client-id=\
1:90:F8:91:76:C3:0B mac-address=90:F8:91:76:C3:0B server=iptv-orange
add address=192.168.50.45 client-id=1:1c:83:41:28:7c:3f mac-address=\
1C:83:41:28:7C:3F server=dhcp-lan
add address=192.168.50.63 client-id=1:0:1e:6:30:43:75 mac-address=\
00:1E:06:30:43:75 server=dhcp-lan
/ip dhcp-server network
add address=192.168.40.2/32 dns-server=62.37.228.20,62.36.225.150 gateway=\
192.168.40.1 netmask=30 ntp-server=95.39.224.42,5.56.160.3
add address=192.168.50.0/24 dns-server=192.168.50.1 domain=lan gateway=\
192.168.50.1
add address=192.168.60.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=192.168.60.1
/ip dns
set allow-remote-requests=yes servers=\
62.36.225.150,62.37.228.204,2001:470:20::2
/ip dns static
add address=192.168.88.1 comment=defconf name=router.lan
/ip firewall filter
add action=accept chain=input in-interface=zerotier
add action=accept chain=input comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment="vpn EoIP" protocol=gre
add action=accept chain=input comment=\
"defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
add action=accept chain=input comment="IGMP PARA IPTV" protocol=igmp
add action=accept chain=forward comment="UDP PARA IPTV" protocol=udp
add action=accept chain=input comment="UDP PARA IPTV" protocol=udp
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related hw-offload=yes
add action=accept chain=forward comment=\
"defconf: accept established,related, untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface-list=WAN
add action=reject chain=forward comment="externos: acceso solo a internet" \
out-interface-list=!WAN reject-with=icmp-net-prohibited src-address=\
192.168.60.0/24
/ip firewall mangle
add action=set-priority chain=postrouting new-priority=1 out-interface=\
vlan-internet passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
ipsec-policy=out,none out-interface-list=WAN
add action=dst-nat chain=dstnat in-interface=vlan-internet protocol=tcp \
to-addresses=192.168.50.20 to-ports=32400
add action=dst-nat chain=dstnat dst-port=51413 in-interface=vlan-internet \
log=yes protocol=tcp to-addresses=192.168.50.26 to-ports=51413
add action=dst-nat chain=dstnat dst-port=2263 in-interface=vlan-internet log=\
yes protocol=tcp to-addresses=192.168.50.63 to-ports=2263
add action=dst-nat chain=dstnat dst-port=2263 in-interface=vlan-lan log=yes \
protocol=tcp to-addresses=192.168.50.63 to-ports=2263
add action=dst-nat chain=dstnat dst-port=2295 in-interface=vlan-lan log=yes \
protocol=udp to-addresses=192.168.50.63 to-ports=2295
add action=dst-nat chain=dstnat dst-port=2263 in-interface=vlan-lan log=yes \
protocol=udp to-addresses=192.168.50.63 to-ports=2263
add action=dst-nat chain=dstnat dst-port=51413 in-interface=vlan-internet \
log=yes protocol=udp to-addresses=192.168.50.26 to-ports=51413
add action=dst-nat chain=dstnat dst-port=192 in-interface=bridge log=yes \
protocol=udp to-addresses=192.168.60.254 to-ports=192
add action=dst-nat chain=dstnat dst-port=54421 in-interface=vlan-internet \
log=yes protocol=udp to-addresses=192.168.50.53 to-ports=54421
# zerotier not ready
add action=dst-nat chain=dstnat dst-port=8440 in-interface=zerotier log=yes \
protocol=tcp to-addresses=192.168.50.3 to-ports=8440
add action=masquerade chain=srcnat dst-address=192.168.50.3 dst-port=8440 \
protocol=tcp src-address=192.168.50.0/24 to-addresses=192.168.50.3
add action=masquerade chain=srcnat dst-address=192.168.50.63 dst-port=2295 \
protocol=udp src-address=192.168.50.0/24 to-addresses=192.168.50.3
add action=masquerade chain=srcnat dst-address=192.168.50.63 dst-port=2263 \
protocol=tcp src-address=192.168.50.0/24 to-addresses=192.168.50.3
add action=dst-nat chain=dstnat dst-port=8440 in-interface=vlan-lan log=yes \
protocol=tcp to-addresses=192.168.50.3 to-ports=8440
# zerotier not ready
add action=dst-nat chain=dstnat dst-port=8440 in-interface=zerotier protocol=\
udp to-addresses=192.168.50.3 to-ports=8440
add action=src-nat chain=srcnat dst-address=192.168.1.0/24 to-addresses=\
192.168.1.2
add action=src-nat chain=srcnat dst-address=192.168.60.0/24 to-addresses=\
192.168.60.254
add action=dst-nat chain=dstnat dst-port=14610 in-interface=vlan-internet \
protocol=tcp to-addresses=192.168.50.1 to-ports=14610
add action=dst-nat chain=dstnat dst-port=14610 in-interface=bridge protocol=\
tcp to-addresses=192.168.50.1 to-ports=14610
add action=dst-nat chain=dstnat disabled=yes dst-port=8001 in-interface=\
vlan-lan protocol=tcp to-addresses=192.168.50.54 to-ports=8001
add action=dst-nat chain=dstnat disabled=yes dst-port=8001 in-interface=\
vlan-internet protocol=tcp to-addresses=192.168.50.54 to-ports=8001
add action=dst-nat chain=dstnat disabled=yes dst-port=8001 in-interface=\
bridge protocol=tcp to-addresses=192.168.50.54 to-ports=8001
/ip route
add disabled=yes distance=255 dst-address=0.0.0.0/0 gateway=255.255.255.255 \
pref-src="" routing-table=main scope=30 suppress-hw-offload=no \
target-scope=10
add gateway=172.17.0.1 routing-table=compadre
/ipv6 route
add disabled=no distance=1 dst-address=2000::/3 gateway=2001:470:1f20:3d2::1 \
scope=30 target-scope=10
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set winbox port=14610
set api-ssl disabled=yes
/ip upnp interfaces
add interface=bridge type=internal
/ipv6 address
add address=2001:470:1f20:3d2::2 advertise=no interface=sit1
add address=2001:470:1f21:3d2::1 interface=vlan-lan
/ipv6 dhcp-client
add interface=ether1 pool-name=mameipv6 request=prefix
/ipv6 firewall address-list
add address=::/128 comment="defconf: unspecified address" list=bad_ipv6
add address=::1/128 comment="defconf: lo" list=bad_ipv6
add address=fec0::/10 comment="defconf: site-local" list=bad_ipv6
add address=::ffff:0.0.0.0/96 comment="defconf: ipv4-mapped" list=bad_ipv6
add address=::/96 comment="defconf: ipv4 compat" list=bad_ipv6
add address=100::/64 comment="defconf: discard only " list=bad_ipv6
add address=2001:db8::/32 comment="defconf: documentation" list=bad_ipv6
add address=2001:10::/28 comment="defconf: ORCHID" list=bad_ipv6
add address=3ffe::/16 comment="defconf: 6bone" list=bad_ipv6
/ipv6 firewall filter
add action=accept chain=input comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid
add action=accept chain=input comment="defconf: accept ICMPv6" protocol=\
icmpv6
add action=accept chain=input comment="defconf: accept UDP traceroute" port=\
33434-33534 protocol=udp
add action=accept chain=input comment=\
"defconf: accept DHCPv6-Client prefix delegation." dst-port=546 protocol=\
udp src-address=fe80::/10
add action=accept chain=input comment="defconf: accept IKE" dst-port=500,4500 \
protocol=udp
add action=accept chain=input comment="defconf: accept ipsec AH" protocol=\
ipsec-ah
add action=accept chain=input comment="defconf: accept ipsec ESP" protocol=\
ipsec-esp
add action=accept chain=input comment=\
"defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsec
add action=drop chain=input comment=\
"defconf: drop everything else not coming from LAN" in-interface-list=\
!LAN
add action=accept chain=forward comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
add action=drop chain=forward comment=\
"defconf: drop packets with bad src ipv6" src-address-list=bad_ipv6
add action=drop chain=forward comment=\
"defconf: drop packets with bad dst ipv6" dst-address-list=bad_ipv6
add action=drop chain=forward comment="defconf: rfc4890 drop hop-limit=1" \
hop-limit=equal:1 protocol=icmpv6
add action=accept chain=forward comment="defconf: accept ICMPv6" protocol=\
icmpv6
add action=accept chain=forward comment="defconf: accept HIP" protocol=139
add action=accept chain=forward comment="defconf: accept IKE" dst-port=\
500,4500 protocol=udp
add action=accept chain=forward comment="defconf: accept ipsec AH" protocol=\
ipsec-ah
add action=accept chain=forward comment="defconf: accept ipsec ESP" protocol=\
ipsec-esp
add action=accept chain=forward comment=\
"defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsec
add action=drop chain=forward comment=\
"defconf: drop everything else not coming from LAN" in-interface-list=\
!LAN
/ipv6 nd
set [ find default=yes ] other-configuration=yes
/routing igmp-proxy interface
add alternative-subnets=192.168.40.0/30 interface=vlan-internet upstream=yes
add alternative-subnets=192.168.40.0/30 interface=bridge-iptv
/routing ospf interface-template
add area=backbone disabled=no networks=172.16.0.0/30,172.16.0.4/30 type=ptp
add area=backbone disabled=no networks=192.168.50.0/24,192.168.60.0/24 \
passive
/routing rule
add action=lookup disabled=no src-address=192.168.60.248/32 table=compadre
/system clock
set time-zone-name=Europe/Madrid
 
Última edición:
¿estás seguro de que quieres hacer eso? Mira que las máquinas virtuales hacen NAT por algo...

No obstante, sería tan sencillo como meter una ruta estática, diciendo que a la subred 192.168.122.0/24 se llega por la 192.168.50.63

Saludos!
 
Otra posibilidad es colocar la máquina virtual en el mismo segmento de red. Lo harías con "network source: br0" y "network model: virtio-net".

Desde fuera de casa deberías acceder a través de una vpn. En este foro hay varios tutoriales.

Saludos!
 
Arriba