Translate

Kamis, 08 Juni 2017

Lab Mikrotik 14



Konfigurasi

Kali ini kita asumsikan bahwa RouterISP adalah penyedia layanan internet yang sudah tidak perlu dilakukaan konfigurasi, oleh karena itu untuk konfigurasi bisa langsung di lanjutkan untuk mengkonfigurasi wawan-R1.

wawan-R1
[admin@Mikrotik] > system identity set name=wawan-R1
[admin@wawan-R1] > ip address add address=1.1.1.2/30 interface=ether1
[admin@wawan-R1] > ip address add address=3.3.3.1/30 interface=ether2
[admin@wawan-R1] > ip address add address=192.168.2.1/24 interface=ether3
[admin@wawan-R1] > ip address add address=192.168.1.1/24 interface=ether4
Setelah itu konfigurasi agar R1 dapat mengakses internet. Konfigurasi routing, dan DNS Server. Konfigurasi juga firewall yang nantinya akan digunakan untuk router lainnya aaupun client.
[admin@wawan-R1] > ip route add gateway=1.1.1.1
[admin@wawan-R1] > ip firewall nat add chain=srcnat action=masquerade out-interface=ether1
[admin@wawan-R1] > ip dns set servers=8.8.8.8 allow-remote-requests=yes
wawan-R2
[admin@Mikrotik] > system identity set name=wawan-R2
Buat bridge terlebih dahulu untuk ether2, ether3, dan ether4.

[admin@wawan-R2] > interface bridge add name=bridge
[admin@wawan-R2] > interface bridge port add interface=ether2 bridge=bridge
[admin@wawan-R2] > interface bridge port add interface=ether3 bridge=bridge
[admin@wawan-R2] > interface bridge port add interface=ether4 bridge=bridge
Setelah itu konfigurasi ip address untuk interface ethernet, dan bridge.

[admin@wawan-R2] > ip address add address=3.3.3.2/30 interface=ether1
[admin@wawan-R2] > ip address add address=192.168.3.1/24 interface=bridge
 Lakukan konfigurasi routing, DNS, dan firewall NAT.

[admin@wawan-R2] > ip route add gateway=3.3.3.1
[admin@wawan-R2] > ip dns set servers=8.8.8.8 allow-remote-requests=yes
[admin@wawan-R2] > ip firewall nat add chain=srcnat action=masquerade out-interface=ether1
wawan-R3
[admin@Mikrotik] > system identity set name=wawan-R3
[admin@wawan-R3] > ip address add address=2.2.2.2/30 interface=ether1
[admin@wawan-R3] > ip address add address=192.168.4.1/24 interface=ether2
 Lakukan konfigurasi routing, DNS, dan firewall NAT.

[admin@wawan-R3] > ip route add gateway=2.2.2.1
[admin@wawan-R3] > ip dns set servers=8.8.8.8 allow-remote-requests=yes
[admin@wawan-R3] > ip firewall nat add chain=srcnat action=masquerade out-interface=ether1
Setelah seluruh router telah terhubung dengan internet, langkah selanjutnya adalah memberikan IP DHCP kepada seluruh client.

wawan-R1
[admin@wawan-R1] > ip dhcp-server setup                              
Select interface to run DHCP server on

dhcp server interface: ether3
Select network for DHCP addresses

dhcp address space: 192.168.2.0/24
Select gateway for given network

gateway for dhcp network: 192.168.2.1
Select pool of ip addresses given out by DHCP server

addresses to give out: 192.168.2.2-192.168.2.254
Select DNS servers

dns servers: 8.8.8.8
Select lease time

lease time: 3d

wawan-R2
Tambahkan DHCP Server  pada interface bridge yang sebelumnya sudah kita buat pada wawan-R2.
[admin@wawan-R2] > ip dhcp-server setup             
Select interface to run DHCP server on

dhcp server interface: bridge
Select network for DHCP addresses

dhcp address space: 192.168.3.0/24
Select gateway for given network

gateway for dhcp network: 192.168.3.1
Select pool of ip addresses given out by DHCP server

addresses to give out: 192.168.3.2-192.168.3.254
Select DNS servers

dns servers: 8.8.8.8
Select lease time

lease time: 3d
wawan-R3
[admin@wawan-R3] > ip dhcp-server setup
Select interface to run DHCP server on

dhcp server interface: ether2
Select network for DHCP addresses

dhcp address space: 192.168.4.0/24
Select gateway for given network

gateway for dhcp network: 192.168.4.1
Select pool of ip addresses given out by DHCP server

addresses to give out: 192.168.4.2-192.168.4.254
Select DNS servers

dns servers: 8.8.8.8
Select lease time

lease time: 3d
Setelah IP DHCP diberikan ke jaringan local, lalu cek apakah setiap PC sudah mendapatkan IP DHCP atau belum. Jika sudah, pastikan setiap PC terhubung ke internet. Jika sudah, buat tunnel dari wawan-R1 ke wawan-R3 agar seluruh jaringan local di wawan-R1 dapat terhubung ke jaringan local wawan-R3, dan begitupun sebaliknya.

[admin@wawan-R1] > interface l2tp-server server set enabled=yes use-ipsec=yes ipsec-secret=123
[admin@wawan-R1] > ppp secret add name=idn password=123 local-address=11.11.11.1 remote-address=11.11.11.2 routes=192.168.4.0/24
Setelah L2TP server dibuat di wawan-R1, langkah selanjutnya tambahkan L2TP Client pada wawan-R3.

 [admin@wawan-R3] > interface l2tp-client add connect-to=1.1.1.2 disabled=no  name=l2tp-client password=123 user=idn
Lalu secara otomatis ip address remote terbuat di wawan-R1, maupun di wawan-R3.

[admin@wawan- R1] > ip address pr
Flags: X - disabled, I - invalid, D - dynamic
#     ADDRESS            NETWORK        INTERFACE
0     1.1.1.2/30             1.1.1.0               ether1                             
1     3.3.3.1/30             3.3.3.0               ether2                             
2     192.168.2.1/24    192.168.2.0      ether3

3 D 11.11.11.1/32      11.11.11.2         l2tp-in


Diposting oleh di
Label:

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)