Konfigurasi RouterBoard Mikrotik
UKK 2019
Langkah Kerja :
#Masuk Winbox pertama kali setelah di Reset
#System~Identity~nama@RXIITKJ1
#System~User
(+)
Nama : (isikan nama)
Group : Full
Password : (sangat sulit)
(x) Admin
#IP~Address
(+) 192.168.1.ab+100/24 ~ eth1
(+) ab.ab.ab.ab/24 ~ eth3
(+) ab+10.ab+10.ab+10.ab+10/24 ~ wlan1
(x) 192.168.88.1 ~ bridge
#Interface
(eth1,eth2,eth3)~masterport~none
WLAN1 ~ (ap bridge) SSID : nama@Proxy
#Bridge~Port~WLAN1------>> diDissable(x)kan
#Wireless~Secure Profile~*default
Mode : dynamic keys
Authentication Types : [√] WPA2PSK
WPA2PSK Pre-Shared Key : (masukan password yg akan digunakan)
#IP~DNS~192.168.1.1
#IP~Routes~(+) Gateway : 192.168.1.1
#IP~DHCP Server~(hapus semua) ---> (-)
DHCP Setup~eth3~ab.ab.ab.ab+1 - ab.ab.ab.ab+50
DHCP Setup~wlan1~ab+10.ab+10.ab+10.ab+11 - ab+10.ab+10.ab+10.ab+100
#IP~Firewall~Filter Rule (sorot semua)
=======>>>>>>di Dissable(x)kan
#IP~Firewall~NAT
(+)
scrnat
Out. Interface : eth1
Action : masquerade
(+)
dstnat
Protocol : 6 (tcp)
Dst. Port : 80
In. Interface : eth3 (bisa dihilangkan / ditambah wlan1)
Action : Redirect
to port : 31229
#IP~Web Proxy
[√] Enable
Port : 31229
Cache Administrator : nama@smkbhinusku.sch.id
#IP~Web Proxy~Access
(+)
Src. Address : ab.ab.ab.0/24
Dst. Port : 80
Dst. Host : www.mikrotik.com
Action : Deny
Redirect to : bnsp.indonesia.org
(+)
Src. Address : ab.ab.ab.0/24
Dst. Port : 80
Dst. Host : www.detik.com
Action : Deny
(+)
Src. Address : ab+10.ab+10.ab+10.0/24
Dst. Port : 80
Dst. Host : www.linux.or.id
Action : Deny
(+)
Src. Address : ab+10.ab+10.ab+10.0/24
Dst. Port : 80
Path : *.mp3*
Action : Deny
(+)
Src. Address : ab+10.ab+10.ab+10.0/24
Dst. Port : 80
Path : *.mkv*
Action : Deny
(+)
Src. Address : ab+10.ab+10.ab+10.0/24
Dst. Port : 80
Dst. Host : *mikrotik*
Action : Deny
#IP~Firewall~Filter Rule
(+) (Mencatat Aktifitas PING)
Chain : input
Protocol : icmp
In. Interface : eth3
Action : log
Log profile : ini aktifitas ping dr PC LAN Kabel ke Routerboard
(+) (Memblokir PING)
Chain : input
Protocol : icmp
In. Interface : eth3
Action : drop
(+) (blokir layanan selain HTTP & HTTPS)
Chain : forward
Protocol : 6(tcp)
Dst. Port : 80,443 --->>klik kotak didepannya [ ! ]
In. Interface : eth3
Out. Interface : eth1
Action : Drop
(+) (memblokir akses internet melalui jalur wireless mulai pukul 19:00 (malam)– 07:00 (pagi).)
Chain : forward
Src. Address : ab+10.ab+10.ab+10.0/24
Protocol : 6 (tcp)
Dst. Port : 80
In. Interface : wlan1
Extra~Time~jam 07:00:01 ------ jam 18:59:59
Action : accept
(atau menggunakan Action drop tapi pada Extra Time nya jam 19:00:00 -------- jam 06:59.59)
#System~SNTP Client
[√] Enable
203.160.128.3
#System~Clock(untuk mengecek NTP)
UKK 2019
Langkah Kerja :
#Masuk Winbox pertama kali setelah di Reset
#System~Identity~nama@RXIITKJ1
#System~User
(+)
Nama : (isikan nama)
Group : Full
Password : (sangat sulit)
(x) Admin
#IP~Address
(+) 192.168.1.ab+100/24 ~ eth1
(+) ab.ab.ab.ab/24 ~ eth3
(+) ab+10.ab+10.ab+10.ab+10/24 ~ wlan1
(x) 192.168.88.1 ~ bridge
#Interface
(eth1,eth2,eth3)~masterport~none
WLAN1 ~ (ap bridge) SSID : nama@Proxy
#Bridge~Port~WLAN1------>> diDissable(x)kan
#Wireless~Secure Profile~*default
Mode : dynamic keys
Authentication Types : [√] WPA2PSK
WPA2PSK Pre-Shared Key : (masukan password yg akan digunakan)
#IP~DNS~192.168.1.1
#IP~Routes~(+) Gateway : 192.168.1.1
#IP~DHCP Server~(hapus semua) ---> (-)
DHCP Setup~eth3~ab.ab.ab.ab+1 - ab.ab.ab.ab+50
DHCP Setup~wlan1~ab+10.ab+10.ab+10.ab+11 - ab+10.ab+10.ab+10.ab+100
#IP~Firewall~Filter Rule (sorot semua)
=======>>>>>>di Dissable(x)kan
#IP~Firewall~NAT
(+)
scrnat
Out. Interface : eth1
Action : masquerade
(+)
dstnat
Protocol : 6 (tcp)
Dst. Port : 80
In. Interface : eth3 (bisa dihilangkan / ditambah wlan1)
Action : Redirect
to port : 31229
#IP~Web Proxy
[√] Enable
Port : 31229
Cache Administrator : nama@smkbhinusku.sch.id
#IP~Web Proxy~Access
(+)
Src. Address : ab.ab.ab.0/24
Dst. Port : 80
Dst. Host : www.mikrotik.com
Action : Deny
Redirect to : bnsp.indonesia.org
(+)
Src. Address : ab.ab.ab.0/24
Dst. Port : 80
Dst. Host : www.detik.com
Action : Deny
(+)
Src. Address : ab+10.ab+10.ab+10.0/24
Dst. Port : 80
Dst. Host : www.linux.or.id
Action : Deny
(+)
Src. Address : ab+10.ab+10.ab+10.0/24
Dst. Port : 80
Path : *.mp3*
Action : Deny
(+)
Src. Address : ab+10.ab+10.ab+10.0/24
Dst. Port : 80
Path : *.mkv*
Action : Deny
(+)
Src. Address : ab+10.ab+10.ab+10.0/24
Dst. Port : 80
Dst. Host : *mikrotik*
Action : Deny
#IP~Firewall~Filter Rule
(+) (Mencatat Aktifitas PING)
Chain : input
Protocol : icmp
In. Interface : eth3
Action : log
Log profile : ini aktifitas ping dr PC LAN Kabel ke Routerboard
(+) (Memblokir PING)
Chain : input
Protocol : icmp
In. Interface : eth3
Action : drop
(+) (blokir layanan selain HTTP & HTTPS)
Chain : forward
Protocol : 6(tcp)
Dst. Port : 80,443 --->>klik kotak didepannya [ ! ]
In. Interface : eth3
Out. Interface : eth1
Action : Drop
(+) (memblokir akses internet melalui jalur wireless mulai pukul 19:00 (malam)– 07:00 (pagi).)
Chain : forward
Src. Address : ab+10.ab+10.ab+10.0/24
Protocol : 6 (tcp)
Dst. Port : 80
In. Interface : wlan1
Extra~Time~jam 07:00:01 ------ jam 18:59:59
Action : accept
(atau menggunakan Action drop tapi pada Extra Time nya jam 19:00:00 -------- jam 06:59.59)
#System~SNTP Client
[√] Enable
203.160.128.3
#System~Clock(untuk mengecek NTP)
Komentar
Posting Komentar