Selasa, 24 Januari 2012

Cara Mudah Seting RB 750 Web Proxy External IpCop

Cara Seting RB 750 ini adalah setingan Mesin RB 750 v4.11 saya yang saya pelajari dari postingan mas Adeldian di Forum Mikrotik Indonesia mengenai Seting RB 750 Web Proxy External pada Mikrotik mengunakan IpCopsebagai System penyimpan Proxy Server nya.

Topografi di tempat saya yang akan saya jabarkan disini adalah seperti ini

Seting RB 750, topografi lan, web proxy, external

Seting RB 750 IP ADDRESS TIAP MESIN

Seting RB 750

set ip address LAN : 192.168.1.1

set ip address PUBLIK : 10.10.0.3

set ip address PROXY : 192.168.0.1

seting pada mesin IpCop p4 jadul peninggalan mas bayu

set ip address GREEN : 192.168.0.2

seting pada komputer client

set ip address client : 192.168.1.2/24

SETINGAN PORT IPCOP

gateway ipcop set di ip proxi di mikrotik rb750 : 192.168.0.1

seting pada mesin ip cop jalan di port : 878 dan aktifkan cache nya menurut kebutuhan

SETINGAN MIKROTIK RB 750

set ip address

Code:

/ ip address add address=10.10.0.3/24 network=10.10.0.0 broadcast=10.10.0.255 \     interface=PUBLIK comment="ip internet" disabled=no add address=192.168.1.1/24 network=192.168.1.0 broadcast=192.168.1.255 \     interface=LAN comment="ip lokal" disabled=no add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 \     interface=PROXY comment="ip IpCop" disabled=no

seting route

Code:

/ ip route add dst-address=0.0.0.0/0 gateway=192.168.1.1 scope=255 target-scope=10 \     comment="gateway" disabled=no

seting DNS

Code:
/ ip dns set primary-dns=8.8.8.8 secondary-dns=8.8.4.4 \     allow-remote-requests=no cache-size=2048KiB cache-max-ttl=1w / ip dns static add name="10.10.0.3" address=10.10.0.3 ttl=1d

seting NAT

Code:
/ ip firewall nat add chain=dstnat protocol=tcp dst-port=81 action=dst-nat \     to-addresses=192.168.0.2 to-ports=81 comment="Untuk IP Cop" disabled=no add chain=dstnat protocol=tcp dst-port=445 action=dst-nat \     to-addresses=192.168.0.2 to-ports=445 comment="Untuk HTTPS IPCOP" \     disabled=no add chain=dstnat src-address=!192.168.0.0/24 protocol=tcp dst-port=80 \     action=dst-nat to-addresses=192.168.0.2 to-ports=878 comment="" disabled=no add chain=dstnat src-address=!192.168.0.0/24 protocol=tcp dst-port=443 \     action=dst-nat to-addresses=192.168.0.2 to-ports=878 comment="" \     disabled=no add chain=srcnat out-interface=PUBLIK action=masquerade comment="" disabled=no

Seting Mangle

Code:
/ ip firewall mangle add chain=forward content="X-Cache: HIT" action=mark-connection \     new-connection-mark=squid_con passthrough=yes comment="" disabled=no add chain=forward connection-mark=squid_con action=mark-packet \     new-packet-mark=squid_pkt passthrough=no comment="" disabled=no add chain=forward connection-mark=!squid_con action=mark-connection \     new-connection-mark=all_con passthrough=yes comment="" disabled=no add chain=forward protocol=tcp src-port=80 connection-mark=all_con \     action=mark-packet new-packet-mark=http_pkt passthrough=no comment="" \     disabled=no add chain=forward protocol=icmp connection-mark=all_con action=mark-packet \     new-packet-mark=icmp_pkt passthrough=no comment="" disabled=no add chain=forward protocol=tcp dst-port=1973 connection-mark=all_con \     action=mark-packet new-packet-mark=top_pkt passthrough=no comment="" \     disabled=no add chain=forward connection-mark=all_con action=mark-packet \     new-packet-mark=test_pkt passthrough=no comment="" disabled=no

seting queue

/ queue simple add name="Squid_HIT" dst-address=0.0.0.0/0 interface=all parent=none \     packet-marks=squid_pkt direction=both priority=8 \     queue=default-small/default-small limit-at=0/0 max-limit=0/0 \     total-queue=default-small disabled=no add name="Main_Link" dst-address=0.0.0.0/0 interface=all parent=none \     direction=both priority=8 queue=default-small/default-small limit-at=0/0 \     max-limit=35000/256000 total-queue=default-small disabled=no add name="game_tales_of_pirate" dst-address=0.0.0.0/0 interface=all \     parent=none packet-marks=top_pkt direction=both priority=1 \     queue=default-small/default-small limit-at=0/0 max-limit=0/0 \     total-queue=default-small disabled=no add name="Ping_queue" dst-address=0.0.0.0/0 interface=all parent=none \     packet-marks=icmp_pkt direction=both priority=2 \     queue=default-small/default-small limit-at=0/0 max-limit=0/0 \     total-queue=default-small disabled=no add name="The_other_port_queue" target-addresses=192.168.12.0/24 \     dst-address=0.0.0.0/0 interface=all parent=Main_Link packet-marks=http_pkt \     direction=both priority=8 queue=default-small/default-small \     limit-at=5000/5000 max-limit=50000/256000 total-queue=default-small \     disabled=no add name="another_port" target-addresses=192.168.10.0/24 dst-address=0.0.0.0/0 \     interface=all parent=Main_Link packet-marks=test_pkt direction=both \     priority=8 queue=default-small/default-small limit-at=0/0 \     max-limit=0/256000 total-queue=default-small disabled=no
Diposting oleh di

1 komentar:

  1. vetaks31 Agustus 2012 pukul 03.05

    kode nya copy paste dari banyak situs ya? tu seting sama sekali ngk bisa berfungsi, contoh kenapa gw nya pake ip lan 192.168.1.1? sedangkan publik ip nya 10.10.0.3

    BalasHapus

Langganan: Posting Komentar (Atom)