Senin, 28 Agustus 2017

Cara Menghubungkan Ethernet Port Masing-masing di Mikrotik menggunakan Dua ISP


Cara menggunakan Ethernet Port masing-masing di Mikrotik agar masing-masing port dapat nyambung

Ilustrasi :

Port 1 = ini menuju ke GPON Indihome yang sudah dibridge
Port 2 = WAN yang Non Telkom
Port 3 = ini distribusi ke LAN Lantai 2
Port 3 = ini distribusi ke LAN Lantai 1
Public = Dial dari Mikrotik ke Telkom

ethernet 1 = WAN ( GPON) Telkom
ethernet 2 =  WAN Non Telkom
ethernet 3 = ke LAN Lantai 3 dan 2 = 191.168.10.0/25
ethernet 4 = ke LAN Lantai 1 = 192.168.3.0/29

Konfigurasi di NAT Firewall:

Chain =Srcnat, Out-Interface = ether 3,Action = Masquerete
Chain= Srcnat, Out-Interface = ether4, Action =Masqurete

Konfigurasi di Mangle
add action= mark-connection Chain = Input , connection-state=new, in-interface=ether2 ,new-connection-mark= isp-1,passthrough=yes.

add action= mark-connection, Chain= Input, connection-state=new,in-interface=ether3, new-connection-mark= isp-2 passthrough=yes

add action= mark-routing chain=output ,connection-mark=isp-1\
disable= no new-routing-mark=jalur-1 passthrough=no

add action=mark-routing chain=output ,connection-mark= isp-2\
disable=no new-routing-mark=jalur-2 passthrough=no

add action=mark-connection chain=prerouting disable=no\
dst-address-type=!local  in-interface=ether3-LAN new-connection-mark=isp-1\
passthrough=yes per-connection-classifier=both-address-and-port:2/0

add action =mark-connection chain=prerouting disable=no\
dst-address-type=!local in-interface=ether4-LAN new-connection-mark=isp-2\
passthrough=yes per-connection-classifiers=both-addresses-and-port:2/1

add action=mark-routing chain=prerouting connection-mark=isp1\
disable=no in-interface=ether3-LAN new-routing-mark=jalur-1\
passthrough=yes

add action=mark-routing chain=prerouting connection-mark=isp-2\
disable=no int-interfac=ether4-LAN new-routing-mark=jalur-2\
passthrough=yes

Konfigurasi IP Routes

## Distribusi koneksi Internet ke Modem GPON Telkom
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.1.1\
routing-mark=jalur-1

##Distribusi koneksi Internet ke Modem Non Telkom
add disabled=no distance=2 dst-address=0.0.0.0/0 gateway=192.168.2.1\
routing-mark=jalur-2

add comment="" disable=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.1.1
add comment="" disable=no distance=2 dst-address=0.0.0.0/0 gateway=192.168.2.1


Silahkan dicoba...






Diposting oleh di Tidak ada komentar:

Cara Memblokir Sosmed untuk IP tertentu di mikrotik


Cara Memblokir Sosmed untuk IP address tertentu di Mikrotik,

Langkah Pertama :
 Buatlah dahulu Ip Address List yang akan di Blok dengan nama streamingblok

Langkah Kedua :
 Buatlah di Layer 7 Firewall melalui  Regexp= youtube|twitter|facebook|dailymotion|metacafe
 dan beri nama sosmed-youtube

Langkah Ketiga :
 Buatlah Firewall Rulenya :
      A. Chain = Forward,
      B. Advanced;
          a.Src address List streamingblok ,
          b.Layer 7 protocol = sosmed-youtube,
          c.Src MacAddress= 00:00:00:00:00:00
     C. Action = Drop
     D. Comment = Blok Streaming Selain Managemen

Semoga bermanfaat

Diposting oleh di Tidak ada komentar:
Langganan: Postingan (Atom)