Pembahasan UKK TKJ 2016 2017 Paket 2


INFORMASI IP ADDRESS GATEWAY YANG DIBERIKAN ISP
SUBNETMASK : 255.255.255.0

INFORMASI IP ADDRESS ROUTER MIKROTIK
ETHER1         : 192.168.1.254
SUBNETMASK : 255.255.255.0

ETHER2         : 192.168.100.1
SUBNETMASK : 255.255.255.0

WLAN1         : 192.168.200.1
SUBNETMASK : 255.255.255.0

Kita configurasi nama interface (sesuaikan dengan router anda)
--------------------------------------------------------------------------------------------------------------------------
/interface ethernet
set [ find default-name=ether1 ] comment=ether1-internet
set [ find default-name=ether2 ] comment=ether2-switch

/interface wireless
set [ find default-name=wlan0 ] comment=wireless-wifi
---------------------------------------------------------------------------------------------------------------------------

Kita configurasi ip address untuk masing masing interface
-------------------------------------------------------------------------
/ip address
add address=192.168.1.254/24 interface=ether1 network=192.168.1.0
add address=192.168.100.1/24 interface=ether2 network=192.168.100.0
add address=192.168.200.1/24 interface=wlan1 network=192.168.200.0
-------------------------------------------------------------------------

Kita configurasi dns
-------------------------------------------------------------------------
/ip dns
set allow-remote-requests=yes servers=118.98.44.10,118.98.44.100
-------------------------------------------------------------------------

Kita configurasi default route
-------------------------------------------------------------------------
/ip route
add dst-address=0.0.0.0/0 gateway=192.168.1.254
------------------------------------------------------------------------------

Kita configurasi nat, agar jaringan ether2 dan wlan0 dapat mengakses internet
------------------------------------------------------------------------------
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
-------------------------------------------------------------------------

Kita configurasi dhcp server ether2
-------------------------------------------------------------------------
/ip pool
add name=dhcp-pool-ether2 ranges=192.168.100.2-192.168.100.100

/ip dhcp-server
add address-pool=dhcp-pool-ether2 disabled=no interface=ether2 name=dhcp-ether-2

/ip dhcp-server network
add address=192.168.100.0/24 gateway=192.168.100.1
-------------------------------------------------------------------------

Kita configurasi dhcp server wlan0
-------------------------------------------------------------------------
/ip pool
add name=dhcp-pool-wlan0 ranges=192.168.200.2-192.168.100.100

/ip dhcp-server
add address-pool=dhcp-pool-wlan0 disabled=no interface=wlan0 name=dhcp-wlan0

/ip dhcp-server network
add address=192.168.200.0/24 gateway=192.168.200.1
-------------------------------------------------------------------------


Kita configurasi wlan0
-------------------------------------------------------------------------
/interface wireless
set [ find default-name=wlan0 ] band=2ghz-onlyn disabled=no frequency=2437 mode=ap-bridge ssid=nama_peserta@Proxy wireless-protocol=802.11

/ip proxy
set cache-administrator=nama_peserta@sekolah.sch.id enabled=yes port=3128

/ip proxy access
add action=deny dst-host=linux.or.id
add action=deny path=*.mp3*
add action=deny path=*.mkv*
-------------------------------------------------------------------------


Kita paksa semua yang lewat di port 80,8080 (browsing) yang bersumber dari jaringan wireless untuk belom ke web proxy nya mikrotik
------------------------------------------------------------------------------------
/ip firewall nat
add action=redirect chain=dstnat src-address=192.168.101.0/24 dst-port=80,8080 protocol=tcp to-ports=3128
------------------------------------------------------------------------------------

Kita singkronisasi ntp client server indonesia agar router jam dan tanggal nya singkron
------------------------------------------------------------------------------------
/system ntp client
set enabled=yes primary-ntp=119.82.243.189 secondary-ntp=192.248.1.162

/system clock set time-zone-autodetect=no time-zone-name=Asia/Makassar
------------------------------------------------------------------------------------



Kita blokir akses internet wireless mulai jam 7 malam sampai dengan jam 7 pagi
------------------------------------------------------------------------------------------------------------------------------
/ip firewall filter
add action=drop chain=forward disabled=yes src-address=192.168.200.0/24


/system scheduler
add interval=1d name=internet-wireless-mati on-event=\
    "ip firewall filter enable 0" start-time=19:00:00
add interval=1d name=internet-wireless-nyala on-event=\
    "ip firewall filter disable 0" start-time=07:00:00


Catatan : Rule firewall filter, harus paling atas, karna mengacu kepada index 0

Penulis : Een Pahlefi,S.Kom

Subscribe to receive free email updates: