Superlab 2
Topologi
Pertama kita konfigurasi Router ISP yang menghubungkan jaringan ke Internet
Topologi
Pertama kita konfigurasi Router ISP yang menghubungkan jaringan ke Internet
[admin@MikroTik] > system identity set name=ISP [admin@ISP] > /ip address add address=19.19.19.10/16 interface=ether1 /ip address add address=1.1.1.1/24 interface=ether2 /ip address add address=2.2.2.1/24 interface=ether4 /ip address add address=3.3.3.1/24 interface=ether3 /ip route add gateway=19.19.19.4 /ip dns set servers=8.8.8.8 allow-remote-requests=yes /ip firewall nat add chain=srcnat action=masquerade out-interface=ether1Lalu lanjut pada IDN-R1 agar terhubung dengan Internet
[admin@MikroTik] > system identity set name=IDN-R1 /ip address add address=1.1.1.2/24 interface=ether1 /ip address add address=192.168.1.1/30 interface=ether2 /ip route add gateway=1.1.1.1 /ip dns set servers=8.8.8.8 allow-remote-requests=yesPada IDN-R2
[admin@MikroTik] > system identity set name=IDN-R2 [admin@IDN-R2] > /ip address add address=2.2.2.2/24 interface=ether1 /ip address add address=24.24.24.1/30 interface=ether2 /ip address add address=25.25.25.1/30 interface=ether3 /ip route add gateway=2.2.2.1 /ip dns set servers=8.8.8.8 allow-remote-requests=yes /ip firewall nat add chain=srcnat action=masquerade out-interface=ether1Pada IDN-R3
[admin@MikroTik] > system identity set name=IDN-R3 [admin@IDN-R3] > ip address add address=3.3.3.2/24 interface=ether1 /ip address add address=36.36.36.1/30 interface=ether2 /ip route add gateway=3.3.3.1 /ip dns set servers=8.8.8.8 allow-remote-requests=yesBerikan alamat IP Secara manual pada VPCS
PC1> ip 192.168.1.2/30 192.168.1.1 Checking for duplicate address... PC1 : 192.168.1.2 255.255.255.252 gateway 192.168.1.1Konfigurasi NAT agar terhubung ke Internet
[admin@IDN-R1] > ip firewall nat add chain=srcnat action=masquerade out-interface=ether1Testing ping menuju internet
PC1> ping 8.8.8.8 84 bytes from 8.8.8.8 icmp_seq=1 ttl=39 time=38.532 ms 84 bytes from 8.8.8.8 icmp_seq=2 ttl=39 time=113.066 ms 84 bytes from 8.8.8.8 icmp_seq=3 ttl=39 time=168.752 ms 84 bytes from 8.8.8.8 icmp_seq=4 ttl=39 time=98.169 ms 84 bytes from 8.8.8.8 icmp_seq=5 ttl=39 time=45.602 msKonfigurasi DHCP-Relay pada IDN-R4
[admin@MikroTik] > system identity set name=IDN-R4 /ip address add address=24.24.24.2/30 interface=ether1 /ip address add address=192.168.4.1/24 interface=ether2 /ip dhcp-relay add dhcp-server=24.24.24.1 interface=ether2 local-address=192.168.4.1 disabled=noLalu DHCP Server pada IDN-R2
[admin@IDN-R2] > ip dhcp-server setup Select interface to run DHCP server on dhcp server interface: ether2 Select network for DHCP addresses dhcp address space: 192.168.4.0/24 Select gateway for given network gateway for dhcp network: 192.168.4.1 If this is remote network, enter address of DHCP relay There is no such IP network on selected interface dhcp relay: 192.168.4.1 Select pool of ip addresses given out by DHCP server addresses to give out: 192.168.4.2-192.168.4.254 Select DNS servers dns servers: 8.8.8.8 Select lease time lease time: 10mCoba konfigurasi IP Address menggunakan DHCP
PC2> dhcp DORA IP 192.168.4.254/24 GW 192.168.4.1 PC3> dhcp DORA IP 192.168.4.253/24 GW 192.168.4.1Pada Router IDN-R4 Konfigurasi default Route dan dns agar dapat terhubung ke internet
[admin@IDN-R4] > /ip route add gateway=24.24.24.1 /ip dns set servers=24.24.24.1,8.8.8.8 allow-remote-requests=yes /ip firewall nat add chain=srcnat action=masquerade out-interface=ether1Testing konektifitas internet pada VPCS
PC2> ping 8.8.8.8 84 bytes from 8.8.8.8 icmp_seq=1 ttl=38 time=38.963 ms 84 bytes from 8.8.8.8 icmp_seq=2 ttl=38 time=39.391 ms 84 bytes from 8.8.8.8 icmp_seq=3 ttl=38 time=36.366 ms 84 bytes from 8.8.8.8 icmp_seq=4 ttl=38 time=37.237 ms 84 bytes from 8.8.8.8 icmp_seq=5 ttl=38 time=38.942 ms PC3> ping 8.8.8.8 84 bytes from 8.8.8.8 icmp_seq=1 ttl=38 time=36.098 ms 84 bytes from 8.8.8.8 icmp_seq=2 ttl=38 time=34.876 ms 84 bytes from 8.8.8.8 icmp_seq=3 ttl=38 time=34.928 ms 84 bytes from 8.8.8.8 icmp_seq=4 ttl=38 time=38.485 ms 84 bytes from 8.8.8.8 icmp_seq=5 ttl=38 time=53.924 msSekarang kita lanjut pada IDN-R5, Konfigurasi terlebih dahulu alamat IP setiap interface :
[admin@MikroTik] > system identity set name=IDN-R5 /ip address add address=25.25.25.2/30 interface=ether1 /ip address add address=192.168.5.1/24 interface=ether2Lalu konfigurasi DHCP-Server
[admin@IDN-R5] > ip dhcp-server setup Select interface to run DHCP server on dhcp server interface: ether2 Select network for DHCP addresses dhcp address space: 192.168.5.0/24 Select gateway for given network gateway for dhcp network: 192.168.5.1 Select pool of ip addresses given out by DHCP server addresses to give out: 192.168.5.2-192.168.5.254 Select DNS servers dns servers: 25.25.25.2 Select lease time lease time: 10mCek pada PC4 dan PC5 apakah mendapatkan alamat IP
PC4> dhcp DORA IP 192.168.5.254/24 GW 192.168.5.1 PC5> dhcp DORA IP 192.168.5.253/24 GW 192.168.5.1Sekarang kita akan membuat salah satu PC menjadi static lease, lihat terlebih dahulu dhcp lease nya :
[admin@IDN-R5] > ip dhcp-server lease print Flags: X - disabled, R - radius, D - dynamic, B - blocked # ADDRESS MAC-ADDRESS HO SER.. RA 0 D 192.168.5.254 00:50:79:66:68:03 PC dhcp1 1 D 192.168.5.253 00:50:79:66:68:04 PC dhcp1Nomor 0 akan saya jadikan static .
[admin@IDN-R5] > /ip dhcp-server lease make-static numbers=0 /ip dhcp-server set lease-time=3 numbers=dhcp1Sehingga PC yang dijadikan static akan mendapatkan alamat IP yang sama secara permanen :
PC4> dhcp DDORA IP 192.168.5.254/24 GW 192.168.5.1 PC5> dhcp DORA IP 192.168.5.252/24 GW 192.168.5.1Konfigurasi default Route, nat, dan dns agar Router R5 dapat terhubung ke Internet
[admin@IDN-R5] > ip route add gateway=25.25.25.1 distance=1 /ip dns set servers=25.25.25.1 allow-remote-requests=yes /ip firewall nat add chain=srcnat action=masquerade out-interface=ether1Testing akses ke internet
PC2> ping 8.8.8.8 84 bytes from 8.8.8.8 icmp_seq=1 ttl=38 time=38.963 ms 84 bytes from 8.8.8.8 icmp_seq=2 ttl=38 time=39.391 ms 84 bytes from 8.8.8.8 icmp_seq=3 ttl=38 time=36.366 ms 84 bytes from 8.8.8.8 icmp_seq=4 ttl=38 time=37.237 ms 84 bytes from 8.8.8.8 icmp_seq=5 ttl=38 time=38.942 ms PC3> ping 8.8.8.8 84 bytes from 8.8.8.8 icmp_seq=1 ttl=38 time=36.098 ms 84 bytes from 8.8.8.8 icmp_seq=2 ttl=38 time=34.876 ms 84 bytes from 8.8.8.8 icmp_seq=3 ttl=38 time=34.928 ms 84 bytes from 8.8.8.8 icmp_seq=4 ttl=38 time=38.485 ms 84 bytes from 8.8.8.8 icmp_seq=5 ttl=38 time=53.924 msSekarang lanjut pada IDN-R6 konfigurasi sebagai bridge
[admin@MikroTik] > system identity set name=IDN-R6 /interface bridge add name=DHCPBridge /interface bridge port add interface=ether2 bridge=DHCPBridge /interface bridge port add interface=ether3 bridge=DHCPBridge /interface bridge port add interface=ether4 bridge=DHCPBridge /ip address add address=36.36.36.2/30 interface=ether1 /ip address add address=192.168.6.1/24 interface=DHCPBridge
[admin@IDN-R6] > ip dhcp-server setup Select interface to run DHCP server on dhcp server interface: DHCPBridge Select network for DHCP addresses dhcp address space: 192.168.6.0/24 Select gateway for given network gateway for dhcp network: 192.168.6.1 Select pool of ip addresses given out by DHCP server addresses to give out: 192.168.6.2-192.168.6.254 Select DNS servers dns servers: 8.8.8.8 Select lease time lease time: 10mTes apakah masing-masing PC mendapatkan alamat IP :
PC6> dhcp DORA IP 192.168.6.254/24 GW 192.168.6.1 PC7> dhcp DORA IP 192.168.6.253/24 GW 192.168.6.1 PC8> dhcp DORA IP 192.168.6.252/24 GW 192.168.6.1Lalu konfigurasi default route, dns, nat agar terhubung ke internet
[admin@IDN-R6] > ip dns set servers=36.36.36.1 allow-remote-requests=yes /ip route add gateway=36.36.36.1 distance=1 /ip firewall nat add chain=srcnat action=masquerade out-interface=ether1Konfigurasi berikutnya adalah menghubungkan jaringan dari R1 menuju R2 dan R3 menggunakan pptp tunnel. Pertama konfigurasi pptp-client R1 :
[admin@IDN-R1] > interface pptp-client add connect-to=2.2.2.2 user=IDN password= networkers disabled=no [admin@IDN-R1] > interface pptp-client add connect-to=3.3.3.2 user=IDN password= networkers disabled=noLalu pada R2 dan R3 adalah sebagai PPTP Server :
[admin@IDN-R2] > interface pptp-server server set enabled=yes [admin@IDN-R2] > ppp secret add name=IDN password=networkers local-address=12.12.12.2 remote-address=12.12.12.1
[admin@IDN-R3] > interface pptp-server server set enabled=yes [admin@IDN-R3] > ppp secret add name=IDN password=networkers local-address=13.13.13.2 remote-address=13.13.13.1Lalu cek apakah interface pptp-server sudah berjalan :
[admin@IDN-R1] > interface pptp-client print
Flags: X - disabled, R - running
0 R name="pptp-out1" max-mtu=1450 max-mru=1450 mrru=disabled
connect-to=2.2.2.2 user="IDN" password="networkers"
profile=default-encryption keepalive-timeout=60 add-default-route=no
dial-on-demand=no allow=pap,chap,mschap1,mschap2
1 R name="pptp-out2" max-mtu=1450 max-mru=1450 mrru=disabled
connect-to=3.3.3.2 user="IDN" password="networkers"
profile=default-encryption keepalive-timeout=60 add-default-route=no
dial-on-demand=no allow=pap,chap,mschap1,mschap2
Lalu tambahkan static routing dan nat menuju network yang berada di R2 dan R3 pada R1
IDN-R1 > IDN-R2
[admin@IDN-R1] > ip firewall nat add chain=srcnat action=masquerade out-interface=pptp-out1 [admin@IDN-R1] > ip route add dst-address=24.24.24.0/30 gateway=pptp-out1 [admin@IDN-R1] > ip route add dst-address=25.25.25.0/30 gateway=pptp-out1 [admin@IDN-R1] > ip route add dst-address=192.168.4.0/24 gateway=pptp-out1 [admin@IDN-R1] > ip route add dst-address=192.168.5.0/24 gateway=pptp-out1IDN-R1 > IDN-R3
[admin@IDN-R1] > ip firewall nat add chain=srcnat action=masquerade out-interface=pptp-out2 [admin@IDN-R1] > ip route add dst-address=36.36.36.0/30 gateway=pptp-out2 [admin@IDN-R1] > ip route add dst-address=192.168.6.0/24 gateway=pptp-out2Lalu lakukan testing dengan ping
[admin@IDN-R1] > ping 24.24.24.2
SEQ HOST SIZE TTL TIME STATUS
0 24.24.24.2 56 63 4ms
1 24.24.24.2 56 63 3ms
sent=2 received=2 packet-loss=0% min-rtt=3ms avg-rtt=3ms max-rtt=4ms
[admin@IDN-R1] > ping 25.25.25.2
SEQ HOST SIZE TTL TIME STATUS
0 25.25.25.2 56 63 5ms
1 25.25.25.2 56 63 2ms
sent=2 received=2 packet-loss=0% min-rtt=2ms avg-rtt=3ms max-rtt=5ms
[admin@IDN-R1] > ping 192.168.4.254
SEQ HOST SIZE TTL TIME STATUS
0 192.168.4.254 56 62 5ms
1 192.168.4.254 56 62 4ms
sent=2 received=2 packet-loss=0% min-rtt=4ms avg-rtt=4ms max-rtt=5ms
[admin@IDN-R1] > ping 192.168.5.254
SEQ HOST SIZE TTL TIME STATUS
0 192.168.5.254 56 62 7ms
1 192.168.5.254 56 62 3ms
sent=2 received=2 packet-loss=0% min-rtt=3ms avg-rtt=5ms max-rtt=7ms
[admin@IDN-R1] > ping 36.36.36.2
SEQ HOST SIZE TTL TIME STATUS
0 36.36.36.2 56 63 7ms
1 36.36.36.2 56 63 3ms
sent=2 received=2 packet-loss=0% min-rtt=3ms avg-rtt=5ms max-rtt=7ms
[admin@IDN-R1] > ping 192.168.6.254
SEQ HOST SIZE TTL TIME STATUS
0 192.168.6.254 56 62 5ms
1 192.168.6.254 56 62 3ms
sent=2 received=2 packet-loss=0% min-rtt=3ms avg-rtt=4ms max-rtt=5ms
Sekarang kita hubungkan IDN-R2 dengan IDN-R3 menggunakan tunnel l2tp
[admin@IDN-R2] > interface l2tp-server server set enabled=yes [admin@IDN-R2] > ppp secret add name=IDN2 password=networkers local-address=23.23.23.2 remote-address=23.23.23.3Lalu R3 sebagai client l2tp
[admin@IDN-R3] > interface l2tp-client add user=IDN2 password=networkers connect-to=2.2.2.2 disabled=noCek apakah tunnel sudah terbentuk dan bekerja
[admin@IDN-R3] > interface l2tp-client print
Flags: X - disabled, R - running
0 R name="l2tp-out1" max-mtu=1450 max-mru=1450 mrru=disabled
connect-to=2.2.2.2 user="IDN2" password="networkers"
profile=default-encryption keepalive-timeout=60 use-ipsec=no
ipsec-secret="" add-default-route=no dial-on-demand=no
allow=pap,chap,mschap1,mschap2
Lalu tambahkan static Routing pada R2 dan R3
[admin@IDN-R2] > ip route add dst-address=36.36.36.0/30 gateway=[admin@IDN-R2] > ip route add dst-address=192.168.6.0/24 gateway=
[admin@IDN-R3] > ip route add dst-address=24.24.24.0/30 gateway=l2tp-out1 [admin@IDN-R3] > ip route add dst-address=192.168.4.0/24 gateway=l2tp-out1 [admin@IDN-R3] > ip route add dst-address=25.25.25.0/30 gateway=l2tp-out1 [admin@IDN-R3] > ip route add dst-address=192.168.5.0/24 gateway=l2tp-out1
Komentar
Posting Komentar