Scribd Logo
Upload

Welcome to Scribd!

  • Penyelesaian Soal UKK Paket 4 2021

    Uploaded by

    Wayan Chandra
    39 views3 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    39 views3 pages

    Penyelesaian Soal UKK Paket 4 2021

    Uploaded by

    Wayan Chandra

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    ROUTER (RB-951Ui)

    1. Login ke MAC Address Router melalui Winbox.

    2. Identitas Route:
     System >> Identity >> Router >> Apply >> OK.

    3. IP Address Router:
     IP >> Address >> Add >> Address = 192.168.1.1/24 >> Interface = ether1 >> Apply >> OK.
     Add >> Address = 192.168.100.1/25 >> Interface = ether2 >> Apply >> OK.
     Add >> Address = 192.168.200.1/24 >> Interface = ether3 >> Apply >> OK.

    4. IP Route (Gateway) ke Internet:


     IP >> Routes >> Add >> Gateway = 192.168.1.1 >> Apply >> OK

    5. IP DNS:
     IP >> DNS >> Servers = 192.168.1.1, 8.8.8.8 >> Allow Remote Request >> Apply >> OK.

    6. IP Firewall Nat:
     IP >> Firewall >> tab NAT >> Add >> Chain = srcnat >> Out. Interface = ether1 >> Action
    =Masquerade >> Apply >> OK.

    7. NTP Server:
     System >> Clock >> Ceklist Time Zone Autodetect >> Time Zone Name = Asia/Jakarta >> Apply >>
    OK.
     System >> SNTP Client >> Enable >> Primary NTP Server = 0.id.pool.ntp.org >> Secondary NTP
    Server = 1.id.pool.ntp.org >> Apply >> OK.
    8. Web Proxy:
     IP >> Web Proxy >> Enable >> Cache Administrator = nama_siswa@sekolah.sch.id >> Cache On
    Disk>> OK.

    9. DHCP Server:
    Untuk LAN:
     IP >> DHCP Server >> DHCP Setup >> DHCP Server Interface = ether2 >> Next >> DHCP Address
    Space = 192.168.100.0/25 >> Next >> Gateway for DHCP Network = 192.168.100.1
    >> Next >> Addresses to Give Out = 192.168.100.2-192.168.100.100 >> Next >> DNS Servers
    = 192.168.1.1, 8.8.8.8 >> Next >> Lease Time = 00:10:00 >> Next.

    10. Firewall:
     IP >> Firewall >> tab Filter Rules >> Add >> Chain = input >> Src. Address = 192.168.100.2-
    192.168.100.50 >> Protocol = icmp >> Action = drop >> Apply >> Comment = no pingrouter
    >> OK >> OK.
     Tab Filter Rules >> Add >> tab General >> Chain = forward >> Src. Address = 192.168.100.51-
    192.168.100.100 >> Dst. Address = 192.168.200.0/24 >> Protocol = icmp >> Action = drop
    >> Apply >> Comment = no ping client wireless >> OK >> OK.
     Tab Filter Rules >> Add >> Chain = input >> Action = accept >> Log >> Log Prefix = akses ke router ->
    (copy: akses ke router ->)>> OK .
     Log >> Perhatikan bahwa semua info firewall masih tersimpan di Memory. Selanjutnya akan
    dirubah agar info firewall akan disimpan di Disk.
     System >> Logging >> double klik Topics info >> Prefix = akses ke router -> (paste) >> Action
    = disk. Perhatikan kembali Log, bahwa semua info firewall sudah tersimpan di Disk.

    11. Server dan Pool Hotspot untuk WLAN :


    IP >> Hotspot >> Hotspot Setup >> Hotspot Interface = ether3 >> Next >> Local Address of Network
    = 192.168.200.1/24 >> Masquirade Network >> Next >> Address Pool of Network = 192.168.200.2-
    192.168.200.100 >> Select Certificate = None >> IP Address of SMTP Server = 0.0.0.0 >> DNS Servers
    = 192.168.1.1, 8.8.8.8 >> Next >> DNS Name = smk.sch.id >> Next >> Name of Local HotSpot User =
    admin >> Password for the User = admin >> OK.

    12. Aktifkan RADIUS :


     Selanjutnya mengaktifkan Radius. IP >> Hotspot >> tab Server Profiles >> double klik hsprof1
    (hotspot yang aktif) >> tab RADIUS >> ceklist use RADIUS >> Apply >> OK.
     Incoming

    1|Page
     Selanjutnya aktifkan user-manager dari: RADIUS >> Add >> ceklist hotspot >> Address =
    127.0.0.1 >> Secret = 12345 (password untuk komunikasi antara User Manager dengan Mikrotik) >>
    OK.
    13. Install User Manager:
     Cek paket Userman di System >> Packages. Jika belum tersedia, maka harus didownload manual
    dan diinstall. Buka websites MikroTik dari browser: http://mikrotik.com/download. Download Extra
    packages MIPSBE (Stable) sesuai tipe routerboard yang anda gunakan (RB- 951Ui = type 6.46.1).
     Setelah didownload, extract file: all_packages-mipsbe-6.46.1.zip. Dari hasil extract, cari file:
    user-manager-6.46.1-mipsbe.npk.
     Upload atau Drag and drop file: user-manager-6.46.1-mipsbe.npk ke folder user-manager
    di File >> Hotspot. Cek kembali apakah sudah terupload.
     Reload ulang sistem user-manager dengan mereboot MikrotIk. System >> Reboot >> Yes.
     System >> Packages. Pastikan paket user-manager sudah nampak pada Packages list, yang berarti
    paket ini sudah terinstall.
     Dari PC client LAN, akses alamat router: 192.168.100.1/userman menggunakan browser. Login
    dengan User= admin, Password= (kosong) >> Log in.
     Routers >> Add >> New >> Name = Hotspot-UKK (bebas) >> IP address = 127.0.0.1 (sesuai ip yg
    dibuat di RADIUS) >> Shared secret = 12345 (sesuai password yang dibuat di RADIUS) >> Add.

    14. Buat Akun Random Hotspot di RADIUS:


     Buka kembali webpages RADIUS dari: 192.168.100.1/userman menggunakan browser. Login
    dengan User= admin, Password= (kosong) >> Log in.
     Profiles >> tab Profiles >> Add >> Name = User-Random (jangan pakai spasi) >> Create >> Starts =
    At first logon >> Shared users = Unlimited >> Save profile.
     Users >> Add >> Batch >> Number of users = 20 (sesuai jumlah user yang diminta) >> Username
    prefix
    = user (bebas) >> Username length = 3 >> Password length = 5 >> Assign profile = User-Random >>
    Add. (Pastikan tampil 20 username dengan nama acak).
     Agar bisa dicetak, Generate >> Vouchers >> Generate. (Jika muncul pesan pop-up windows,
    pilih Allow pop-ups for 192.168.100.1).

    15. Akun Hotspot Aktif Pukul 07.00 – 16.00:


     Buka kembali webpages RADIUS dari: 192.168.100.1/userman menggunakan browser. Login
    dengan User= admin, Password= (kosong) >> Log in.
     Profiles >> tab Limitations >> Add >> New >> Name = aktif-07-16 >> Add.
     Tab Profiles >> Profile = User-Random >> Add new limitation >> Time = 07:00:00 – 16:00:00
    >> Limits = aktif-07-16 >> Add >> Save profile.
     Untuk setting waktu userman agar sama dengan server Hotspot, pilih menu Customers >> double
    klik user Admin >> Format >> Time Zone = +07:00 (sesuai zona waktu pada pengaturan sistem
    waktu Mikrotik anda) >> Save.

    16. Blokir Websites:


     IP >> Firewall >> tab Filter Rule >> Add >> Chain = forward >> Protocol = tcp >> Dst. Port = 443
    (karena yang akan diblokir port https) >> tab Advanced >> TLS Host = *linux.org (sesuai alamat
    websites yang diblokir) >> Action = drop >> Apply >> Comment = blok situs linux.org
    >> OK >> OK.

    17. Blokir .mp3 dan .mkv:


     IP >> Firewall >> tab Layer7 Protocols >> Add >> Name = mp3 >> Regexp = \.(mp3) >> OK.
     Add >> Name = mkv >> Regexp = \.(mkv) >> OK.
     Tab Filter Rules >> Add >> Chain = forward >> Protocol = tcp >> Dst. Port = 80 >> tab Advanced >>
    Layer7 Protocol = mp3 >> Action = drop >> Apply >> Comment = blokir mp3 >> OK >> OK.
     Add >> Chain = forward >> Protocol = tcp >> Dst. Port = 80 >> tab Advanced >> Layer7 Protocol =
    mkv >> Action = drop >> Apply >> Comment = blokir mkv >> OK >> OK.

    ACCESS POINT (TP-Link TL-WA801ND):

    1. Reset Access Point (AP) agar ip address ethernet menjadi default (di sini: 192.168.0.254).
    2. Hubungkan AP ke PC melalui ethernet dengan kabel UTP.
    3. Pastikan ip address PC sudah satu network (segmen) dengan ip address default AP.
    4. Konfigurasi AP dari PC dengan membuka ip address default (192.168.0.254) di web browser.
    5. Login dengan user = admin >> password = admin >> OK.
    6. Quick Setup = Exit.
    7. WPS >> WPS Status = Disable WPS.
    2|Page
    8. Network >> Type = Static IP >> IP Address = 192.168.200.101 >> Subnet Mask =
    255.255.255.0 >> Gateway = 192.168.200.1 >> Save >> OK.
    9. Wireless >> Wireless Setting >> Operation Mode = Access Point >> Wireless Network Name =
    nazar@ProxyUKK >> Save.
    10. Wireless Security >> Disable Security.
    11. DHCP >> DHCP Server = Disable >> Save >> OK >> click here >> Reboot.
    12. Selesai AP reboot, hubungkan AP ke ether3 pada Router Mikrotik dengan kabel UTP.

    A. PENGUJIAN

    Client LAN:
    - Cek status ip addres dhcp, pastikan dalam range 192.168.100.2-192.168.100..100.
    - Cek koneksi ke internet dengan ping.
    - Cek bloking websites: https://www.linux.org.
    - Cek bloking file: .mp3 dan .mkv dari mesin pencari (google.com).
    - Cek bloking ping ke router (rubah dahulu ip address menjadi statik: 192.168.100.[2- 50].
    - Cek bloking ping ke client WLAN (rubah dahulu ip address menjadi statik: 192.168.100.[51-
    100]. Client WLAN:
    - Login dengan user hotspot (note: Sesuaikan dengan kondisi waktu saat ini. Pastikan ke-20 user random
    hanya bisa digunakan pada pukul 07.00 sd 16.00).
    - Cek status ip addres dhcp, pastikan dalam range 192.168.200.2-192.168.200.100.
    - Cek koneksi ke internet dengan ping (jika menggunakan laptop).
    - Cek bloking websites: https://www.linux.org.
    - Cek bloking file: .mp3 dan .mkv dari mesin pencari (google.com).
    - Blocking akses internet pada waktu yang telah ditentukan (07.00 sd 16.00)

    3|Page

    You might also like