KONFIGURASI MIKROTIK

I. SETTING INTERNET
1. IP ADDRESS
 ETHERNET 1 / INTERNET >> DHCP CLIENT >> INTERFACE =
INTERNET >> APPLY/OK.
 ETHERNET 2 / LAN >> ADD/(+) >> 192.168.100.1/24 >> INTERNET =
LAN >> APLLY/OK.
 WLAN 1 / WIFI >> ADD/(+) >> 192.168.200.1/24 >> INTERFACE = WIFI
>> APPLY/OK.

2. FIREWALL >> NAT

 IP >> FIREWALL >> NAT >> ADD/(+) >> CHAIN : SRCNAT >>
OUT.INTERFACE : INTERNET >> ACTION : MASQUERADE >>
APPLY/OK
 IP >> FIREWALL >> NAT >> ADD/(+) >> CHAIN : DSTNAT >>
PROTOCOL : 6 (TCP) >> DST.PORT : 80 >> ACTION : REDIRECT >>
TO.PORT : 3128 >> APPLY/OK.

3. DHCP SERVER
 IP >> DHCP SERVER >> DHCP SETUP >> ETHER 2/ LAN >> DHCPOOL
: 192.168.100.2 – 192.168.100.100 >> OK.
 IP >> DHCP SERVER >> DHCP SETUP >> WLAN1 / WIFI >> DHCPOOL
: 192.168.200.2- 192.168.200.100 >> APPLY/OK.

II. PADA JARINGAN ETHER 2 / LAN

1. IP >> DNS
 “ ALLOW REMOTE REQUEST ” (CENTANG) >> STATIC >> ADD/(+)
>> NAME : WWW.MIKROTIK.COM >> ADDRESS :
BSNP-INDONESIA.ORG >> APPLY/OK.

2. FIREWALL >> FILTER RULES

 IP >> FIREWALL >> FILTER RULES >> CHAIN : INPUT >>
SRC.ADDRESS : 192.168.100.2-192.168.100.50 >> DST. ADDRESS :
192.168.100.1 >> PROTOCOL : 1 (ICMP) >> ACTION : DROP >>
APLLY/OK.
 IP >> FIREWALL >> FILTER RULES >> CHAIN : INPUT >>
SRC.ADDRESS : 192.168.100.0/24 >> DST ADDRESS : 192.168.100.1
PROTOCOL : 6 (TCP) >> DST.HOST : 80 >> ACTION : LOG >>
CENTANG LOG >> APPLY/OK.
  IP >> FIREWALL >> FILTER RULES >> CHAIN : INPUT >>
SRC.ADDRESS : 192.168.100.0/24 >> PROTOCOL : 6 (TCP) >>
DST.HOST : 80 >> ACTION : ACCEPT >> APPLY/OK.
 IP >> FIREWALL >> FILTER RULES >> CHAIN : FORWARD >>
SRC.ADDRESS : 192.168.100.0/24 >> PROTOCOL : 6 (TCP) >>
DST.HOST : 80,443 >> ACTION : ACCEPT >> APPLY/OK.

3. IP >> WEB PROXY

 IP >> WEB PROXY >> “ ENABLE “ (CENTANG ) >> PORT : 3128 >>
CACHE ADMINISTRATOR : NAMA@SMKN1NGANJUK.SCH.ID >>
“CACHE ON DSIK” (CENTANG) >> APPLY/OK.
 IP >> WEB PROXY >> ACCESS >> ADD/(+) >> SRC.ADDRESS :
192.168.100.0/24 >> DST.HOST : * MIKROTIK.COM * >> ACTION :
DENY >> REDIRECT TO : BSNP-INDONESIA.ORG. >> APLLY/OK.

III. PADA JARINGAN WLAN 1/ WIFI

1. IP >> WEB PROXY
 IP >> WEB PROXY >> ACCESS >> ADD/(+) >> SRC.ADDRESS :
192.168.200.0/24 >> DST.HOST : *LINUX.OR.ID* >> ACTION : DENY
>> APLLY/OK.
 IP >> WEB PROXY >> ACCESS >> ADD/(+) >> SRC.ADDRESS :
192.168.200.0/24 >> PATH : *.MP3* >> ACTION : DENY >> APLLY/OK.
 IP >> WEB PROXY >> ACCESS >> ADD/(+) >> SRC.ADDRESS :
192.168.200.0/24 >> PATH : *.MKV* >> ACTION : DENY >> APLLY/OK.
 IP >> WEB PROXY >> ACCESS >> ADD/(+) >> SRC.ADDRESS :
192.168.200.0/24 >> DST.HOST : *MIKROTIK* >> ACTION : DENY >>
APLLY/OK. ( CUMA YG KE BLOK YANG HTTP AJA, HTTPS NGGAK
BISA KE BLOK KALO DI WEB PROXY)

2. LAYER 7 PROTOCOL
 IP >> FIREWALL >> LAYER 7 PROTOCOL >> ADD/(+) >> NAME :
MIKROTIK >> TYPE “ ^.+(MIKROTIK).*$ >> APPLY OK. >> FILTER
RULES >> ADD/+ >> CHAIN : FORWARD >> SRC.ADDRESS :
192.168.200.0/24 >> ADVANCE >> LAYER 7 PROTOCOL : MIKROTIK
>> ACTION : DROP >> APPLY OK. ( KALAU DISINI INSYAALLAH
HTTPSNYA BISA KE BLOK )

3. MENGATUR WAKTU DAN MEMBLOKIR WAKTU DIJAM TERTENTU:

1) SNTP CLIENT
  SYSTEM >> SNTP CLIENT >> “ENABLE” (CENTANG) >>
PRYMARY SNTP SERVER : “ ID.NTP.POOL.ORG”
>>APPLY OK.

2) CLOCK
 SYSTEM >> CLOCK >> “TIME ZONE DETECTED”
(CENTANG) >> TIMEZONE >> “ASIA/JAKARTA” >>
APPLY OK.

3) FILTER RULES ( BLOKIR INTERNET DI JAM TERTENTU)

 IP >> FIRE WALL >> FILTER RULES >> ADD/(+) >>
CHAIN : FORWARD >> SRC.ADRESS : 192.168.200.0/24
>> ACTION : DROP >> EXTRA >> TIME >> “ 08.00.00-
08.02.00” >> APPLY OK.