» » » Lab Super Mikrotik 5
, Edit

Lab Super Mikrotik 5

Lab Super Mikrotik 5 - Hallo sahabat Another Stuff, Pada Artikel yang anda baca kali ini dengan judul Lab Super Mikrotik 5, kami telah mempersiapkan artikel ini dengan baik untuk anda baca dan ambil informasi didalamnya. mudah-mudahan isi postingan Artikel MikroTik, Artikel Superlab, yang kami tulis ini dapat anda pahami. baiklah, selamat membaca.

Judul : Lab Super Mikrotik 5
link : Lab Super Mikrotik 5

Baca juga


Lab Super Mikrotik 5

Superlab5

Topologi..



Pertama adalah konfigurasi Router ISP agar terhubung dengan Internet 
[admin@MikroTik] > system identity set name=ISP
[admin@ISP] > ip address add address=19.19.19.10/16 interface=ether1
[admin@ISP] > ip address add address=11.11.11.1/24 interface=ether2
[admin@ISP] > ip address add address=22.22.22.1/24 interface=ether3
[admin@ISP] > ip route add gateway=19.19.19.4
[admin@ISP] > ip dns set servers=8.8.8.8 allow-remote-requests=yes 
[admin@ISP] > ip firewall nat add chain=srcnat action=masquerade out-interface=ether1
Lalu konfigurasi ip address pada R1 
[admin@MikroTik] > system identity set name=IDN-R1
[admin@IDN-R1] > ip address add address=11.11.11.2/24 interface=ether1
[admin@IDN-R1] > ip address add address=192.168.20.1/24 comment=to-R2 interface=ether2
[admin@IDN-R1] > ip address add address=192.168.100.1/24 comment=lan interface=ether3
Aktifkan dhcp server pada Router ini : 
[admin@IDN-R1] > ip dhcp-server setup 
Select interface to run DHCP server on 

dhcp server interface: ether3
Select network for DHCP addresses 

dhcp address space: 192.168.100.0/24
Select gateway for given network 

gateway for dhcp network: 192.168.100.1
Select pool of ip addresses given out by DHCP server 

addresses to give out: 192.168.100.2-192.168.100.254
Select DNS servers 

dns servers: 192.168.100.1
Select lease time 

lease time: 10m
Lalu konfigurasi agar Router ini tehrubung ke internet 
[admin@IDN-R1] > ip route add gateway=11.11.11.1
[admin@IDN-R1] > ip dns set servers=11.11.11.1 allow-remote-requests=yes 
[admin@IDN-R1] > ip firewall nat add chain=srcnat action=masquerade out-interface=ether1
[admin@IDN-R1] > ip route add dst-address=192.168.200.0/24 gateway=ether2
Sekarang pada Router R2 konfigurasi IP Address dan bridge 
[admin@MikroTik] > system identity set name=IDN-R2
[admin@IDN-R2] > ip address add address=192.168.20.2/24 interface=ether1
[admin@IDN-R2] > interface bridge add name=br_sw
[admin@IDN-R2] > interface bridge port add interface=ether2 bridge=br_sw 
[admin@IDN-R2] > interface bridge port add interface=ether3 bridge=br_sw 
[admin@IDN-R2] > interface bridge port add interface=ether4 bridge=br_sw 
[admin@IDN-R2] > ip address add address=192.168.200.1/24 interface=br_sw
Konfigurasi DHCP Server pada R2 
[admin@IDN-R2] > ip dhcp-server setup 
Select interface to run DHCP server on 

dhcp server interface: br_sw
Select network for DHCP addresses 

dhcp address space: 192.168.200.0/24
Select gateway for given network 

gateway for dhcp network: 192.168.200.1
Select pool of ip addresses given out by DHCP server 

addresses to give out: 192.168.200.2-192.168.200.254
Select DNS servers 

dns servers: 192.168.200.1
Select lease time 

lease time: 10m
Konfigurasi pada R2 agar terhubung ke Internet 
[admin@IDN-R2] > ip route add gateway=192.168.20.1
[admin@IDN-R2] > ip dns set servers=192.168.20.1 allow-remote-requests=yes 
[admin@IDN-R2] > ip firewall nat add chain=srcnat action=masquerade out-interface=ether1
Lanjut pada R3 kita konfigurasi IP Address : 
[admin@MikroTik] > system identity set name=IDN-R3
[admin@IDN-R3] > ip address add address=22.22.22.2/24 interface=ether1
[admin@IDN-R3] > ip address add address=192.168.30.1/24 interface=ether2
Lalu konfigurasi agar terhubung ke Internet 
[admin@IDN-R3] > ip dhcp-server setup 
Select interface to run DHCP server on 

dhcp server interface: ether2
Select network for DHCP addresses 

dhcp address space: 192.168.30.0/24
Select gateway for given network 

gateway for dhcp network: 192.168.30.1
Select pool of ip addresses given out by DHCP server 

addresses to give out: 192.168.30.2-192.168.30.254
Select DNS servers 

dns servers: 192.168.30.1
Select lease time 

lease time: 10m
Sekarang adalah konfigurasi L2TP Server pada R1 aktifkan L2TP Server : 
[admin@IDN-R1] > interface l2tp-server server set enabled=yes use-ipsec=yes ipsec-secret=123
[admin@IDN-R1] > ppp secret add name=coba password=123 local-address=172.13.56.1
 remote-address=172.13.56.2 routes=192.168.30.0/24 service=l2tp
Lalu L2TP Client pada R3 
[admin@IDN-R3] > interface l2tp-client add connect-to=11.11.11.2 disabled=no mrru=1600 name=l2tp-client password=123 user=coba
Tambah static Routing untuk menuju network 192.168.100.0/24 pada R1 
[admin@IDN-R3] > ip route add dst-address=192.168.100.0/24 gateway=l2tp-client

Selanjutnya saya akan mencoba memblokir situs facebook di jam tertentu dan di buka diwaktu tertentu, yaitu facebook di jam 8 akan diblokir dan jam 17 akan dibuka.

Pertama atur jam pada Router 
[admin@IDN-R1] > system clock set time=08:00:00
[admin@IDN-R1] > system clock print 
                  time: 08:00:10
                  date: jan/08/2017
  time-zone-autodetect: yes
        time-zone-name: manual
            gmt-offset: +00:00
Berikut ini adalah konfigurasinya : 
[admin@IDN-R1] > ip firewall filter add chain=forward content=facebook action=drop protocol=tcp comment=block-fb-http
[admin@IDN-R1] > ip firewall layer7-protocol add name=facebook regexp=^.+facebook.com.* 

[admin@IDN-R1] > /system script add name=fb-allow-https policy=write,read,policy,test,sniff source={/ip firewall filter set disabled=yes [/ip firewall filter find comment="block-fb-https"]}      
 /system script add name=fb-allow-http policy=write,read,policy,test,sniff source={/ip firewall filter set disabled=yes [/ip firewall filter find comment="block-fb-http"]}  
system script add name=fb-deny-https policy=write,read,policy,test,sniff source={/ip firewall filter set disabled=no [/ip firewall filter find comment="block-fb-https"]}        
system script add name=fb-deny-http policy=write,read,policy,test,sniff source={/ip firewall filter set disabled=no [/ip firewall filter find comment="block-fb-http"]}   
 system scheduler add name=fb-http-deny start-time=08:00:00 on-event=fb-deny-http
 system scheduler add name=fb-https-deny start-time=08:00:00 on-event=fb-deny-https 
 system scheduler add name=fb-http-allow start-time=17:00:00 on-event=fb-allow-http
 system scheduler add name=fb-https-allow start-time=17:00:00 on-event=fb-allow-https


Demikianlah Artikel Lab Super Mikrotik 5

Sekianlah artikel Lab Super Mikrotik 5 kali ini, mudah-mudahan bisa memberi manfaat untuk anda semua. baiklah, sampai jumpa di postingan artikel lainnya.

Anda sekarang membaca artikel Lab Super Mikrotik 5 dengan alamat link https://anothers-stuff.blogspot.com/2017/01/lab-super-mikrotik-5.html
close
==Close==