Langkah-langkah Konfigurasi RB941 acuan UKK paket 3:
1. koneksikan rb941 dengan internet (isp)
atur: ip lan client =
192.168.100.xx/24, gateway 192.168.100.1
dns
3.3.3.1 dan 8.8.8.8
2. masuk winbox
atur: - interfaces = ether1 ke isp (ether1_isp),
ether2 ke pc client (ether2_client), wlan1 di enable
- menu
wireless -> klik "wlan1" -> mode (ap brigde) dan ssid (...)
- ip -> dhcp client ->
interface ether1_isp, centang semuanya (use peer dns, use peer ntp) -> aplly
dan ok
- sett
ip -> address -> masukkan ip gateway -> 192.168.100.1/24 ke ether2_client
192.168.200.1/24
ke wlan1
- sett
ip -> firewall -> nat -> chain (srcnat), out interface (ether1_isp),
action (masquirade)
- sett
ip -> routes -> klik "+" -> gateway pilih ether1_isp ->
aplly dan ok
- sett ip -> dns (ip secara
dinamyc dari server isp)-> centang allow remote requests
- sett ip -> dhcp server ->
dhcp server interface (wlan1) -> next sampai finish
3. lakukan perintah ping ke 8.8.8.8 melalui new
terminal dan status connection
4. lakukan uji coba dengan membuka
www.google.com melalui browser yang ada
5. masuk winbox
atur:
- sett ip -> hotspot -> hotspot setup
- Hotspot Interface: wlan1 -> klik Next
- Local Address of Network: sudah terisi
otomatis -> klik Next
- Address Pool of Network: sudah terisi
otomatis, setti 200.2 - 200.100 -> klik Next
- Select Certificate: none -> klik Next
- IP Adddress of SMTP Server: 0.0.0.0 -> klik
Next
- DNS Servers: 3.3.3.1 dan 8.8.8.8 -> klik
Next
- DNS Name: boleh kosong atau di isi
- masukkan user dan password -> finish
6. menambah user profiles dan user
atur: - pilih ip -> hotspot -> user profiles
- klik tanda + -> isi name (guru) -> Rate
Limit (rx/tx) isikan bandwidth, misal: 1M/512k
keterangan: 1M (Upload), 512k (Download)
- pilih Users -> klik tanda +
- isi name dan password
- Profile diisi sesuai user profiles yang dibuat
(guru)
7. melakukan blokir situs dan ekstensi file
- ip
-> firewall -> layer 7 protocol -> klik "+"
- atur:
name = pokemon
regexp
= ^.+(www.pokemongo.com/).*$
- menu filter rules -> klik
"+"
atur:
- chain = forward
- src.address
= network address client
- menu advanced -> layer 7
protocol = pokemon (sesuai name
diatas)
- menu action = drop
- klik apply -> ok
------------------------------------------------------------------------------------
ip -> firewall -> filter
rules -> klik "+"
atur:
- Chain = forward
- src
address = network (NA) dari cilent
- Protocol
= 6 (tcp)
- Dst.Port
= 80
- menu advanced -> Content =
.mp3
- menu action -> drop
- klik apply -> ok
8. melakukan bypass
Menggunakan
Walled Garden
- pilih
IP -> Hotspot -> walled garden
- klik tanda "+" ->
action (allow) dan Dst.Host: (nama situs/website, misal: *bnsp-indonesia.org)