Professional Documents
Culture Documents
Attachment
Attachment
KONEKSI KE INTERNET
IP – ADDRESSES
ether1 = 192.168.0.XXX/24 (sesuaikan dengan IP yang sudah ditentukan)
ether2 = 192.168.100.1/25
wlan1 = 192.168.200.1/24
gateway = 192.168.0.1
IP – DNS
SERVER
8.8.8.8 dan 8.8.4.4 (dapat diganti gateway)
Allow remote = diceklist
IP – ROUTES
ROUTES (+)
Gateway = 192.168.0.1
Setelah selesai, cobalah ping ke goggle.com melalui terminal. Pastikan sudah terkoneksi
DISTRIBUSI KE CLIENT
IP – FIREWALL
NAT (+)
General
Chain = srcnat
Out. Interface = ether1 (sumber internet)
Action
Action = masquerade
NTP CLIENT
SYSTEM – SNTP CLIENT
SNTP CLIENT
Enabled
Primary NTP Server = id.pool.ntp.org
Jika gagal mendapatkan IP, silahkan pancing melalui terminal dan paste IPx di Primary NTP Server.
SYSTEM – CLOCK
Time zone name = Asia/Jakarta
Buat rule tersebut dengan cara di copy, akan tetapi dst. Address diganti :
(rule dua) dst. Address = 192.168.100.1 (ether2)
(rule tiga) dst. Address = 192.168.200.1 (wlan1)
1|Page
BLOK PING 192.168.100.51-192.168.100.100 KE CLIENT WIRELESS
IP – FIREWALL
FILTER RULE (+)
General
Chain = forward
Src. Address = 192.168.100.51-192.168.100.100
Dst. Address = 192.168.200.0/24
Protocol = icmp
Action
Action = drop
LOGGING
IP – FIREWALL
FILTER RULE (+)
General
Chain = input
Action = log
Log Prefix = log_ukk
Untuk mengubah ke disk, silahkan masuk SYSTEM – LOGGING dan ubah sesuai keinginan
WIRELESS
INTERFACE
Aktifkan wireless, kemudian klik 2x
Wireless
Mode = ap bridge
SSID = nama_peserta@hotspot
HOTSPOT
IP – HOTSPOT
SERVER - HOTSPOT SETUP
Interface = wlan1
Range IP = 192.168.200.2-192.168.200.100
Certificate = none
DNS Server = 8.8.8.8 dan 8.8.4.4
DNS name = namadepan.net (tanpa tanda petik atau spasi, contoh : syamsul.net)
User dan pas = admin | admin
Jangan lupa Cek hasil DHCP Pool . Cek di IP - POOL
SERVER PROFILES
RADIUS
Klik 2x hotspot yang dibuat, kemudian TAB RADIUS
Ceklis USE RADIUS
RADIUS
RADIUS
General
Service = hotspot
Address = 127.0.0.1 (sesuaikan sesuai keinginan)
Secret = 1234567 (sesuaikan sesuai keinginan)
/tool user-manager database clear (dapat digunakan untuk membersihkan database userman)
2|Page
USERMAN
AKSES
IP_address_router/userman
DNS_hotspot/userman
ROUTES
Name = radiusku
IP Address = 127.0.0.1
Shared secret = 1234567
Time zone = +7.00
CUSTOMERS
Time zone = +7.00
PROFILES
Profiles
Limitation name = client-limitation
Profiles = client-profile
Profile = client-profile
Add new = 07.00.00 – 11.59.59 (ceklis) add
= 12.00.00 – 16.00.00 (ceklis) add
USER
ADD – BATCH
Number of users = 20
Username prefix = ukk-
Username length =3
Password length =3
add
MEMBUAT L7
IP – firewall –layer 7
Name = blok-web
Regexp = ^.+(linux.org).*$
FILTER
General
Chain = forward
Src. Address = 192.168.200.0/24
In. interface = wlan1
Advanced
Layer 7 = blok-web (harus sama dengan nama yang dibuat di Layer 7)
Action
Action = drop
3|Page
BLOKIR EKSTENSI .MP3
MEMBUAT L7
IP – firewall –layer 7
Name = blok-mp3
Regexp = ^.*get.+\.mp3.*$
FILTER
General
Chain = forward
Src. Address = 192.168.200.0/24
In. interface = wlan1
Advanced
Layer 7 = blok-mp3 (harus sama dengan nama yang dibuat di Layer 7)
Action
Action = drop
Catatan :
Jangan lupa bersihkan seluruh Histori yang ada di browser
UKK 2022-2023
MIKROTIK : RB951-2Hnd
GATEWAY : 192.168.0.1
4|Page