Konfigurasi RouterBoard Mikrotik
Langkah Kerja :
#Masuk Winbox pertama kali setelah di Reset
#System~Identity~wahyu_s@RXIITKJ1
#System~User
(+)
Nama : wahyu
Group : Full
Password : (sangat sulit)
(x) Admin
#IP~Address
(+) 192.168.1.129/24 ~ eth1
(+) 29.29.29.29/24 ~ eth3
(+) 39.39.39.39/24 ~ wlan1
(x) 192.168.88.1 ~ bridge
#Interface
(eth1,eth2,eth3)~masterport~none
WLAN1 ~ (ap bridge) SSID : wahyu@Proxy
#Bridge~Port~WLAN1------>> diDissable(x)kan
#Wireless~Secure Profile~*default
Mode : dynamic keys
Authentication Types : [√] WPA2PSK
WPA2PSK Pre-Shared Key : (masukan password yg akan digunakan)
#IP~DNS~192.168.1.1
#IP~Routes~(+) Gateway : 192.168.1.1
#IP~DHCP Server~(hapus semua) ---> (-)
DHCP Setup~eth3~29.29.29.30 - 29.29.29.79
DHCP Setup~wlan1~39.39.39.40 - 39.39.39.129
#IP~Firewall~Filter Rule (sorot semua)
=======>>>>>>di Dissable(x)kan
#IP~Firewall~NAT
(+)
scrnat
Out. Interface : eth1
Action : masquerade
(+)
dstnat
Protocol : 6 (tcp)
Dst. Port : 80
In. Interface : eth3 (bisa dihilangkan / ditambah wlan1)
Action : Redirect
to port : 31229
#IP~Web Proxy
[√] Enable
Port : 31229
Cache Administrator : wahyu_s@smkbhinusku.sch.id
#IP~Web Proxy~Access
(+)
Src. Address : 29.29.29.0/24
Dst. Port : 80
Dst. Host : www.mikrotik.com
Action : Deny
Redirect to : bnsp.indonesia.org
(+)
Src. Address : 29.29.29.0/24
Dst. Port : 80
Dst. Host : www.detik.com
Action : Deny
(+)
Src. Address : 39.39.39.0/24
Dst. Port : 80
Dst. Host : www.linux.or.id
Action : Deny
(+)
Src. Address : 39.39.39.0/24
Dst. Port : 80
Path : *.mp3*
Action : Deny
(+)
Src. Address : 39.39.39.0/24
Dst. Port : 80
Path : *.mkv*
Action : Deny
(+)
Src. Address : 39.39.39.0/24
Dst. Port : 80
Dst. Host : *mikrotik*
Action : Deny
#IP~Firewall~Filter Rule
(+) (Mencatat Aktifitas PING)
Chain : input
Protocol : icmp
In. Interface : eth3
Action : log
Log profile : ini aktifitas ping dr PC LAN Kabel ke Routerboard
(+) (Memblokir PING)
Chain : input
Protocol : icmp
In. Interface : eth3
Action : drop
(+) (blokir layanan selain HTTP & HTTPS)
Chain : forward
Protocol : 6(tcp)
Dst. Port : 80,443 --->>klik kotak didepannya [ ! ]
In. Interface : eth3
Out. Interface : eth1
Action : Drop
(+) (memblokir akses internet melalui jalur wireless mulai pukul 19:00 (malam)– 07:00 (pagi).)
Chain : forward
Src. Address : 39.39.39.0/24
Protocol : 6 (tcp)
Dst. Port : 80
In. Interface : wlan1
Extra~Time~jam 07:00:01 ------ jam 18:59:59
Action : accept
(atau menggunakan Action drop tapi pada Extra Time nya jam 19:00:00 -------- jam 07:00:00)
#System~SNTP Client
[√] Enable
Mode : unicast
Primary NTP Server : 203.160.128.3
#System~Clock(untuk mengecek NTP)
Langkah Kerja :
#Masuk Winbox pertama kali setelah di Reset
#System~Identity~wahyu_s@RXIITKJ1
#System~User
(+)
Nama : wahyu
Group : Full
Password : (sangat sulit)
(x) Admin
#IP~Address
(+) 192.168.1.129/24 ~ eth1
(+) 29.29.29.29/24 ~ eth3
(+) 39.39.39.39/24 ~ wlan1
(x) 192.168.88.1 ~ bridge
#Interface
(eth1,eth2,eth3)~masterport~none
WLAN1 ~ (ap bridge) SSID : wahyu@Proxy
#Bridge~Port~WLAN1------>> diDissable(x)kan
#Wireless~Secure Profile~*default
Mode : dynamic keys
Authentication Types : [√] WPA2PSK
WPA2PSK Pre-Shared Key : (masukan password yg akan digunakan)
#IP~DNS~192.168.1.1
#IP~Routes~(+) Gateway : 192.168.1.1
#IP~DHCP Server~(hapus semua) ---> (-)
DHCP Setup~eth3~29.29.29.30 - 29.29.29.79
DHCP Setup~wlan1~39.39.39.40 - 39.39.39.129
#IP~Firewall~Filter Rule (sorot semua)
=======>>>>>>di Dissable(x)kan
#IP~Firewall~NAT
(+)
scrnat
Out. Interface : eth1
Action : masquerade
(+)
dstnat
Protocol : 6 (tcp)
Dst. Port : 80
In. Interface : eth3 (bisa dihilangkan / ditambah wlan1)
Action : Redirect
to port : 31229
#IP~Web Proxy
[√] Enable
Port : 31229
Cache Administrator : wahyu_s@smkbhinusku.sch.id
#IP~Web Proxy~Access
(+)
Src. Address : 29.29.29.0/24
Dst. Port : 80
Dst. Host : www.mikrotik.com
Action : Deny
Redirect to : bnsp.indonesia.org
(+)
Src. Address : 29.29.29.0/24
Dst. Port : 80
Dst. Host : www.detik.com
Action : Deny
(+)
Src. Address : 39.39.39.0/24
Dst. Port : 80
Dst. Host : www.linux.or.id
Action : Deny
(+)
Src. Address : 39.39.39.0/24
Dst. Port : 80
Path : *.mp3*
Action : Deny
(+)
Src. Address : 39.39.39.0/24
Dst. Port : 80
Path : *.mkv*
Action : Deny
(+)
Src. Address : 39.39.39.0/24
Dst. Port : 80
Dst. Host : *mikrotik*
Action : Deny
#IP~Firewall~Filter Rule
(+) (Mencatat Aktifitas PING)
Chain : input
Protocol : icmp
In. Interface : eth3
Action : log
Log profile : ini aktifitas ping dr PC LAN Kabel ke Routerboard
(+) (Memblokir PING)
Chain : input
Protocol : icmp
In. Interface : eth3
Action : drop
(+) (blokir layanan selain HTTP & HTTPS)
Chain : forward
Protocol : 6(tcp)
Dst. Port : 80,443 --->>klik kotak didepannya [ ! ]
In. Interface : eth3
Out. Interface : eth1
Action : Drop
(+) (memblokir akses internet melalui jalur wireless mulai pukul 19:00 (malam)– 07:00 (pagi).)
Chain : forward
Src. Address : 39.39.39.0/24
Protocol : 6 (tcp)
Dst. Port : 80
In. Interface : wlan1
Extra~Time~jam 07:00:01 ------ jam 18:59:59
Action : accept
(atau menggunakan Action drop tapi pada Extra Time nya jam 19:00:00 -------- jam 07:00:00)
#System~SNTP Client
[√] Enable
Mode : unicast
Primary NTP Server : 203.160.128.3
#System~Clock(untuk mengecek NTP)
Komentar
Posting Komentar