GuidePedia

1 , , , ,
A+ A-
PREDIKSI
PAKET 2 UKOM
KONFIGURASI MIKROTIK


Kali ini saya share sedikit tentang paket 2 ukom Teknik Komputer dan Jaringan, kalian bisa mendownload nya dengan link dibawah ini :
Download  





 Masalah dalam Paket 2 Ukom :
a.         Konfigurasi IP Address :
Interface ether1    = ip yg disediakan isp
Interface ether2    = 192.168.100.1/24 (LAN)
Interface wlan1    = 192.168.200.1/24 (WLAN)
b.        Konfigurasi DHCP Server untuk LAN dan WLAN
c.         Konfigurasi Blocking Website mikrotik.com ke website bsnp-indonesia.org (LAN)
d.        Membuat System Logging (LAN)
e.         Membuat Rule Filter utk HTTP dan HTTPS (LAN)
f.         Memblock Client nge PING ke alamat Router  dari 192.168.100.2 s.d 192.168.100.20 (LAN)
g.        Membuat SSID=nama_peserta@WifiUKOM (WLAN)
h.        Blocking File .Mp3 dan .Mkv (WLAN)
i.          Blocking website linux.or.id * (WLAN)
j.          Blocking Content Mikrotik (WLAN)
k.        Schedule pada waktu yg ditentukan (WLAN)

Penyelesaian Masalah :

1.        Konfigurasi IP DHCP Client
          #ip dhcp-client add add-default-route= yes use-peer-ntp= yes use-peer-dns=yes disabled=no interfaces=ether1

2.        Konfigurasi IP Ether2 & Wlan1
          #ip address add address=192.168.100.1/24 interface=ether2
          #ip address add address=192.168.200.1/24 interface=wlan1

3.        Konfigurasi Firewall nat
#ip firewall nat add chain=srcnat out-interface=ether1 action=masquerade
#ip firewall nat add chain=dstnat src-address=192.168.100.1/24 protocol=tcp dst-port=80 action=redirect to-ports=3128 in-interface=ether2
#ip firewall nat add chain=dstnat src-address=192.168.200.1/24 protocol=tcp dst-port=80 action=redirect to-ports=3128 in-interface=wlan1

4.        Konfigurasi DHCP Server
#ip dhcp-server setup (ether2, wlan1)

5.        Konfigurasi Proxy
#ip proxy set enabled=yes cache_administrator=nama@sekolah.sch.idmax-client-connection=1000 max-server-connection=1000
#ip proxy set port=3128










6.        Konfigurasi DNS Static Redirect ke website lain
IP> Dns > Static > +(add)
Name= mikrotik.com (nama domain yg akan di redirect)
Address = mikrotik.com (otomatis mencari alamat ip nya sendiri)

IP> Proxy > Access > + (add)
Dst-port=80
Dst-host=*mikrotik.com*
Src-address=192.168.100.0/24
Action= deny
Redirect-to=bsnp-indonesia.org

7.        Konfigurasi ICMP (Client tidak dapat PING ke IP Router)
IP> Firewall > Filter Rules > + (add)
Chain=input
Src-address=192.168.100.2-192.168.100.50
Protocol=icmp
Dst-port=80
Action=drop

8.        Konfigurasi Logging
System > Logging > Action > + (add)
Name=logging1
Type=echo

9.        Konfigurasi Rule Filter HTTP, HTTPS
IP> Firewall > Filter Rules > + (add)
Chain=forward
Protocol=tcp
Dst-port=80,443
Out-interface=ether1
                                             
10.    Konfigurasi Blocking File
#ip proxy access add path=*.mp3* action=deny in-interface=wlan1
#ip proxy access add path=*.mkv* action=deny in-interface=wlan1

11.    Konfigurasi Blocking Site
IP> Proxy > Access > + (add)
Chain=forward
Dst-host=*linux.or.id*
Dst-port=80
Src-address=192.168.200.0/24
Action=deny



12.    Konfigurasi Blocking Content “mikrotik”
IP > Proxy > Access > + (add)
Src-Address=192.168.200.0/24
Dst-port=80
Dst-host=*mikrotik*
Action=deny

IP > Firewall > Layer7Protocols > + (add)
Name=blocking
Regexp=^.+(mikrotik).*$

IP > Firewall > Filter Rules > + (add)
Chain=Forward
Src-Address=192.168.200.0/24
Layer7Protocols=blocking (Samakan dgn Layer7Protocol yg dibuat sebelumnya)
Action=deny

13.    Konfigurasi Schedule Koneksi
System > SNTP Client >
Primary=182.253.66.202 (0.id.pool.ntp.org) , atau (1.id.pool.ntp.org)
Secondary=203.160.128.66 (ntp.kim.lipi.go.id)

System > Clock >
Zone=Asia/Jakarta
Time= (sesuaikan dengan waktu sekrang)

IP > Firewall > Filter Rules >
Chain=forward
In-interface=wlan1
Action=drop
*pastikan kita disable terlebih dahulu

System > Scheduler > + (add)
Name = Koneksi Mati
Start-Date= (sesuaikan)
Start-Time= (sesuaikan)
Interval= 1d 00:00:00
On_event= /ip firewall filter enable 0 (tergantung list firewall nya)

System > Scheduler > + (add)
Name = Koneksi Hidup
Start-Date= (sesuaikan)
Start-Time= (sesuaikan)
Interval= 1d 00:00:00
On_event= /ip firewall filter disable 0 (tergantung list firewall nya)

14.    Konfigurasi Wireless
#interfaces enable 5
#interfaces wireless set 0 ssid=nama@proxy mode=ap-bridge





Konfigurasi Tambahan


Set Password pada Wireless Mikrotik
Wireless > Security Profile > + (add)
Name=profile1 (bebas)
WPA Pre Shared Keys=P4ssword (bebas)

Wireless > Wifi Interfaces`
Security-porfile=profile1 (sesuaikan dengan name security profile yg sebelumnya dibuat)

Blocking Site Menggunakan Mangel Firewall

IP > Firewall > Mangel > + (add)
Chain=forward                                                    
Src-address=192.168.100.0/24
Content=mikrotik
Action=mark packet
New-packet-mark=blok

IP > Firewall > Filter Rules > + (add)
Chain=Forward
Packet-mark=blok
Action=drop

 

NOTE : KALAU ADA KESALAHAN MOHON MAAF :’V lagi Khilaf
By
Share to:

Post a Comment

Subscribe to: Post Comments (Atom)
 
Top