Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 12 of 12
  1. #1
    Status
    Offline
    nubee's Avatar
    Baru Gabung
    Join Date
    Sep 2014
    Posts
    7
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Thumbs up Internal Server Error Status Code : 500 saat menggunakan mikrotik

    Yth. Rekan2 Forum Mikrotik Indonesia

    Perkenalkan nama saya adin, saat ini saya bekerja di salah satu perushaan milik negara, langsung saja.

    sekilas mengenai jaringan di kantor saya.

    Kantor saya memiliki 2 jaringan, Intranet dan Internet namun sebelumnya dua jaringan ini terpisah. jika rekan - rekan kantor ingin menggunakan internet mereka ganti ip xxx.xxx.xxx.xxx jika menggunakan intranet mereka menggunakan yyy.yyy.yyy.yyy;
    kemudian saya coba menggunakan mikrotik untuk menggabungkannya untuk beberapa saat semuanya terlihat berjalan normal akses internet maupun intranet, namun saya dapat komplain untuk yang menggunakan jaringan intranet mereka mengeluhkan lemot, sulit akses dll waktu saya ping ke server aplikasi perusahaan yg terhubung di intranet saya merasa masih normal

    [admin@MikroTik] > ping 10.68.35.8
    HOST SIZE TTL TIME STATUS
    10.68.35.8 56 239 25ms
    10.68.35.8 56 239 26ms
    10.68.35.8 56 239 25ms
    sent=3 received=3 packet-loss=0% min-rtt=25ms avg-rtt=25ms
    max-rtt=26ms

    saat saya coba mengakses intranet ternyata muncul error "Server Error in Application; Status Text : Internal Server Error; Status Code : 500"

    Setelah saya browsing dapatlah saya keterangan bahwa Status Code : 500 bahwa ada kesalahan di sisi server aplikasi berdasarkan informasi yang saya dapat di .

    Sudah saya koordinasikan juga ke penanggung jawab aplikasi korporat saya, dan mereka merasa tidak ada masalah. kemudian saya tanya rekan sejawat di kantor lain juga tidak ada masalah.

    pernah suatu ketika saya kembalikan lagi ke awal dengan membagi secara terpisah kedua jaringan tersebut, dan anehnya tidak ada muncul pesan error tersebut dan aplikasi berjalan dengan normal saat saya kembalikan lagi menggunakan mikrotik masalah tersebut muncul kembali.

    saya sudah modifikasi routing dengan meminjam VPN dari kantor rekan saya yang tidak ada masalah, namun hasilnya masih sama.

    apa yang harus saya perbaiki maupun saya periksa dengan kondisi tersebut diatas. atas tanggapannya saya ucapkan terima kasih

  2. #2
    Status
    Offline
    junius's Avatar
    Member
    Join Date
    Apr 2010
    Posts
    113
    Reviews
    Read 0 Reviews
    Downloads
    3
    Uploads
    0
    Feedback Score
    0
    gelar topologi ma setup nya boss....
    kemungkinan salah setup

  3. #3
    Status
    Offline
    nubee's Avatar
    Baru Gabung
    Join Date
    Sep 2014
    Posts
    7
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by junius Click here to enlarge
    gelar topologi ma setup nya boss....
    kemungkinan salah setup
    Ok saya tampilkan dari hasil export

    # sep/03/2014 09:55:39 by RouterOS 6.19
    # software id = xxxxxxxx
    #
    /interface bridge
    add disabled=yes name=bridge1 protocol-mode=none
    /interface ethernet
    set [ find default-name=ether1 ] auto-negotiation=no
    set [ find default-name=ether4 ] auto-negotiation=no
    /interface ethernet switch port
    set 4 default-vlan-id=auto vlan-mode=disabled
    /ip hotspot profile
    add dns-name=lahathotspot.go.id hotspot-address=192.168.80.254 login-by=\
    http-chap name=hsprof1 nas-port-type=ethernet use-radius=yes
    /ip hotspot user profile
    set [ find default=yes ] shared-users=5
    add name=other rate-limit=512k/512k shared-users=30 transparent-proxy=yes
    add name=Rapat rate-limit=128k/128k shared-users=25 transparent-proxy=yes
    /ip ipsec proposal
    set [ find default=yes ] enc-algorithms=3des
    /ip pool
    add name=dhcp_pool1 ranges=10.18.130.110-10.18.130.200
    add name=hs-pool-3 ranges=169.254.100.2-169.254.100.254
    add name=hs-pool-4 ranges=192.168.80.1-192.168.80.253
    /ip dhcp-server
    add address-pool=dhcp_pool1 disabled=no interface=bridge1 name=dhcp1 relay=\
    0.0.0.1
    add address-pool=dhcp_pool1 disabled=no interface=bridge1 name=dhcp2
    add address-pool=hs-pool-3 disabled=no interface=ether4 lease-time=1h name=\
    dhcp3
    add address-pool=dhcp_pool1 disabled=no interface=ether3 lease-time=1h name=\
    dhcp4
    add address-pool=hs-pool-4 disabled=no interface=ether5 lease-time=1h name=\
    dhcp5
    /ip hotspot
    add address-pool=hs-pool-4 disabled=no interface=ether2 name=hotspot1 \
    profile=hsprof1
    /ip hotspot user profile
    add address-pool=hs-pool-4 name=hotspot rate-limit=2000k/2000k shared-users=\
    15 transparent-proxy=yes
    /port
    set 0 name=serial0
    /interface pppoe-client
    add ac-name="" add-default-route=no allow=pap,chap,mschap1,mschap2 \
    dial-on-demand=no disabled=no interface=ether3 keepalive-timeout=60 \
    max-mru=1480 max-mtu=1480 mrru=disabled name=pppoe-out1 password=xxxxx \
    profile=default service-name="" use-peer-dns=yes user=\
    xxxxx@telkom.net
    /ip neighbor discovery
    set pppoe-out1 discover=no
    /snmp community
    add addresses=0.0.0.0/0 name=xxxx
    /system logging action
    set 0 memory-lines=100
    set 1 disk-lines-per-file=100
    /user group
    add name=reading policy="local,telnet,ssh,ftp,reboot,winbox,web,!re ad,!write,!\
    policy,!test,!password,!sniff,!sensitive,!api"
    /interface bridge port
    add bridge=bridge1 interface=ether3
    add bridge=bridge1 interface=ether4
    /interface pptp-server server
    set enabled=yes max-mru=1460 max-mtu=1460
    /ip address
    add address=10.18.130.254/24 comment=intranet disabled=yes interface=ether3 \
    network=10.18.130.0
    add address=192.168.1.5/24 disabled=yes interface=pppoe-out1 network=\
    192.168.1.0
    add address=192.168.80.254/24 comment="hotspot network" interface=ether2 \
    network=192.168.80.0
    add address=10.18.130.254/24 interface=ether4 network=10.18.130.0
    /ip dhcp-client
    add comment="default configuration" dhcp-options=hostname,clientid
    /ip dhcp-server network
    add address=10.18.130.0/24 dns-server=10.18.130.254 gateway=10.18.130.254 \
    netmask=24
    add address=169.254.100.0/24 comment="hotspot network" gateway=169.254.100.1
    add address=192.168.80.0/24 comment="hotspot network" gateway=192.168.80.254
    add address=192.168.88.0/24 comment="default configuration" dns-server=\
    192.168.88.1 gateway=192.168.88.1
    /ip dns
    set allow-remote-requests=yes max-udp-packet-size=2048 servers=\
    10.18.1.52,202.134.0.155
    /ip dns static
    add address=192.168.88.1 disabled=yes name=router
    add address=10.18.130.254 disabled=yes name=xxxxxxx
    add address=10.18.1.52 name=xxxxxxxx
    add address=10.1.6.63 name=xxxxxxxx
    add address=192.168.80.254 name=xxxxxxxxxx
    /ip firewall filter
    add action=passthrough chain=unused-hs-chain comment=\
    "place hotspot rules here"
    add chain=forward comment="allow established connections" connection-state=\
    established
    add chain=forward comment="allow related connections" connection-state=\
    related
    add action=drop chain=forward comment="drop invalid connections" \
    connection-state=invalid
    add action=drop chain=virus comment="Drop Messenger Worm" dst-port=135-139 \
    protocol=udp
    add action=drop chain=virus comment="Drop Blaster Worm" dst-port=135-139 \
    protocol=tcp
    add action=drop chain=virus comment=Worm dst-port=1433-1434 protocol=tcp
    add action=drop chain=virus comment="Drop Blaster Worm" dst-port=445 \
    protocol=tcp
    add action=drop chain=virus comment="Drop Blaster Worm" dst-port=445 \
    protocol=udp
    add action=drop chain=virus comment=________ dst-port=593 protocol=tcp
    add action=drop chain=virus comment=________ dst-port=1024-1030 protocol=tcp
    add action=drop chain=virus comment="Drop MyDoom" dst-port=1080 protocol=tcp
    add action=drop chain=virus comment=________ dst-port=1214 protocol=tcp
    add action=drop chain=virus comment="ndm requester" dst-port=1363 protocol=\
    tcp
    add action=drop chain=virus comment="ndm server" dst-port=1364 protocol=tcp
    add action=drop chain=virus comment="screen cast" dst-port=1368 protocol=tcp
    add action=drop chain=virus comment=hromgrafx dst-port=1373 protocol=tcp
    add action=drop chain=virus comment=cichlid dst-port=1377 protocol=tcp
    add action=drop chain=virus comment="Bagle Virus" dst-port=2745 protocol=tcp
    add action=drop chain=virus comment="Drop Dumaru.Y" dst-port=2283 protocol=\
    tcp
    add action=drop chain=virus comment="Drop Beagle" dst-port=2535 protocol=tcp
    add action=drop chain=virus comment="Drop Beagle.C-K" dst-port=2745 protocol=\
    tcp
    add action=drop chain=virus comment="Drop MyDoom" dst-port=3127 protocol=tcp
    add action=drop chain=virus comment="Drop Backdoor OptixPro" dst-port=3410 \
    protocol=tcp
    add action=drop chain=virus comment=Worm dst-port=4444 protocol=tcp
    add action=drop chain=virus comment=Worm dst-port=4444 protocol=udp
    add action=drop chain=virus comment="Drop Sasser" dst-port=5554 protocol=tcp
    add action=drop chain=virus comment="Drop Beagle.B" dst-port=8866 protocol=\
    tcp
    add action=drop chain=virus comment="Drop Dabber.A-B" dst-port=9898 protocol=\
    tcp
    add action=drop chain=virus comment="Drop Dumaru.Y, sebaiknya di didisable kar\
    ena juga sering digunakan utk vpn atau webmin" disabled=yes dst-port=\
    10000 protocol=tcp
    add action=drop chain=virus comment="Drop MyDoom.B" dst-port=10080 protocol=\
    tcp
    add action=drop chain=virus comment="Drop NetBus" dst-port=12345 protocol=tcp
    add action=drop chain=virus comment="Drop Kuang2" dst-port=17300 protocol=tcp
    add action=drop chain=virus comment="Drop SubSeven" dst-port=27374 protocol=\
    tcp
    add action=drop chain=virus comment="Drop PhatBot, Agobot, Gaobot" dst-port=\
    65506 protocol=tcp
    add action=jump chain=forward comment="jump to the virus chain" jump-target=\
    virus
    add chain=input comment="Accept established connections" connection-state=\
    established
    add chain=input comment="Accept related connections" connection-state=related
    add action=drop chain=input comment="Drop invalid connections" \
    connection-state=invalid
    add chain=input comment=UDP protocol=udp
    add chain=input comment="Allow limited pings" limit=50/5s,2 protocol=icmp
    add chain=input comment=pptp-server dst-port=1723 protocol=tcp
    /ip firewall nat
    add action=passthrough chain=unused-hs-chain comment=\
    "place hotspot rules here" disabled=yes to-addresses=0.0.0.0
    add action=masquerade chain=srcnat comment=intranet src-address=\
    10.18.130.0/24 to-addresses=0.0.0.0
    add action=masquerade chain=srcnat comment=vpn src-address=192.168.88.0/24 \
    to-addresses=0.0.0.0
    add action=dst-nat chain=dstnat dst-port=8887 protocol=tcp to-addresses=\
    10.18.130.2 to-ports=8291
    add action=masquerade chain=srcnat comment="masquerade hotspot network" \
    src-address=169.254.100.0/24
    add action=masquerade chain=srcnat comment="masquerade hotspot network" \
    src-address=10.18.130.0/24
    add action=masquerade chain=srcnat comment="masquerade hotspot network" \
    src-address=192.168.80.0/24 to-addresses=0.0.0.0
    add action=masquerade chain=srcnat comment="masquerade hotspot atas" \
    src-address=192.168.33.0/24
    add action=masquerade chain=srcnat dst-address=10.18.0.0/24
    add action=masquerade chain=srcnat dst-address=10.0.0.0/8
    /ip proxy
    set max-cache-size=none parent-proxy=0.0.0.0
    /ip route
    add distance=1 gateway=10.10.9.254
    add distance=1 gateway=110.137.128.1
    add distance=2 gateway=192.168.100.1
    add check-gateway=ping disabled=yes distance=2 gateway=xxxxxxxxx
    add distance=1 dst-address=10.0.0.0/8 gateway=10.18.130.1
    /ip service
    set telnet disabled=yes
    set ftp disabled=yes
    set www port=9090
    set ssh port=443
    set api disabled=yes
    /ip upnp
    set allow-disable-external-interface=no
    /radius
    add address=110.137.129.45 secret=lahat123 service=login,hotspot
    /snmp
    set enabled=yes trap-community=public
    /system clock
    set time-zone-name=Asia/Jakarta
    /system ntp client
    set enabled=yes primary-ntp=152.118.24.8
    /tool mac-server
    add interface=ether3
    add interface=ether4
    add interface=ether5
    add interface=ether2
    /tool mac-server mac-winbox
    add interface=ether3
    add interface=ether4
    add interface=ether5
    add interface=ether2

  4. #4
    Status
    Offline
    nubee's Avatar
    Baru Gabung
    Join Date
    Sep 2014
    Posts
    7
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by junius Click here to enlarge
    gelar topologi ma setup nya boss....
    kemungkinan salah setup
    untuk topologinya saya mohon maaf tidak bisa menampilkan karena dari tadi saya mau upload gambar di sini belum bisa hehehehe, topologinya biasa Intranet -> mikrotik -> speedy port 5 dan port 2 router kantor sedangkan port 3 intranet

  5. #5
    Status
    Offline
    junius's Avatar
    Member
    Join Date
    Apr 2010
    Posts
    113
    Reviews
    Read 0 Reviews
    Downloads
    3
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by nubee Click here to enlarge
    untuk topologinya saya mohon maaf tidak bisa menampilkan karena dari tadi saya mau upload gambar di sini belum bisa hehehehe, topologinya biasa Intranet -> mikrotik -> speedy port 5 dan port 2 router kantor sedangkan port 3 intranet
    boss coba untuk firewall anti virus dll di diseble apakan sama ajah atau tidak... kemungkinan di salah satu firewall tersebut menutup akses internal si boss
    yang drop drop itu maksut saya
    Click here to enlarge

  6. #6
    Status
    Offline
    brutuz_1's Avatar
    VIP Member
    Join Date
    Feb 2010
    Posts
    792
    Reviews
    Read 0 Reviews
    Downloads
    3
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by junius Click here to enlarge
    boss coba untuk firewall anti virus dll di diseble apakan sama ajah atau tidak... kemungkinan di salah satu firewall tersebut menutup akses internal si boss
    yang drop drop itu maksut saya
    Click here to enlarge
    coba bypass trafik dari dan ke arah server aplikasi nya..Click here to enlarge

  7. #7
    Status
    Offline
    nubee's Avatar
    Baru Gabung
    Join Date
    Sep 2014
    Posts
    7
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by junius Click here to enlarge
    boss coba untuk firewall anti virus dll di diseble apakan sama ajah atau tidak... kemungkinan di salah satu firewall tersebut menutup akses internal si boss
    yang drop drop itu maksut saya
    Click here to enlarge
    awalnya juga saya berpikir seperti itu update terbaru firewall sudah sy delete/disable masih sama

  8. #8
    Status
    Offline
    nubee's Avatar
    Baru Gabung
    Join Date
    Sep 2014
    Posts
    7
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by brutuz_1 Click here to enlarge
    coba bypass trafik dari dan ke arah server aplikasi nya..Click here to enlarge
    akan saya pelajari dulu bagaimana Cara baypass heehe perkembangannya nanti saya update

  9. #9
    Status
    Offline
    junius's Avatar
    Member
    Join Date
    Apr 2010
    Posts
    113
    Reviews
    Read 0 Reviews
    Downloads
    3
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by nubee Click here to enlarge
    awalnya juga saya berpikir seperti itu update terbaru firewall sudah sy delete/disable masih sama
    tak load ke mikrotik ku dulu yahh..... siang ato sore tak kabari hasil e.... Nb: kalo kalo ga ada kerjaan Click here to enlarge *piss

  10. #10
    Status
    Offline
    nubee's Avatar
    Baru Gabung
    Join Date
    Sep 2014
    Posts
    7
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Update Perkembangan Terakhir

    Click here to enlarge Originally Posted by junius Click here to enlarge
    tak load ke mikrotik ku dulu yahh..... siang ato sore tak kabari hasil e.... Nb: kalo kalo ga ada kerjaan Click here to enlarge *piss
    Ok terime kasih

    Untuk update hari ini setingan mikrotik saya kembalikan ke konfigurasi awal kemudian saya routing internet dan intranet jadi satu tanpa hotspot. namun agar tidak mengganggu jaringan intranet saya siasati dengan menempatkan router intranet di belakang switch bukan di mikrotik. kira - kira topologinya seperti ini

    router intranet -> switch -> mikrotik

    jadi user di kantor bisa punya 2 gateway, 1 gw dari router ( hanya bisa intranet ) 1 gw dari mikrotik ( intranet plus internet ) saya uji coba di 2 komputer frontliner menggunakan 2 gw tersebut ingin saya bandingkan performa keduanya dan sampai pagi ini tidak ada masalah.

    rencana saya nanti sore setelah jam kantor saya mau coba setting awal hotspotnya.

  11. #11
    Status
    Offline
    nubee's Avatar
    Baru Gabung
    Join Date
    Sep 2014
    Posts
    7
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by brutuz_1 Click here to enlarge
    coba bypass trafik dari dan ke arah server aplikasi nya..Click here to enlarge
    maaf bisa dijelaskan bypass trafik yang dimaksud yang seperti apa, saya cuma dapat referensi bypass melalui walled garden dari hotspot, apakah yang seperti itu yang dimaksud?

  12. #12
    Status
    Offline
    brutuz_1's Avatar
    VIP Member
    Join Date
    Feb 2010
    Posts
    792
    Reviews
    Read 0 Reviews
    Downloads
    3
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by nubee Click here to enlarge
    maaf bisa dijelaskan bypass trafik yang dimaksud yang seperti apa, saya cuma dapat referensi bypass melalui walled garden dari hotspot, apakah yang seperti itu yang dimaksud?
    Code:
    /ip fi ma 
    chain=prerouting src-address=192.168.80.0/24 dst-address=10.18.130.0/24 action=accept
    chain=prerouting src-address=10.18.130.0/24 dst-address= 192.168.80.0/24action=accept
    taro rule nya diatas.....Click here to enlarge

 

 

Thread Information

Users Browsing this Thread

There are currently 2 users browsing this thread. (0 members and 2 guests)

Similar Threads

  1. Tanya masalah status offered di leases DHCP server mikrotik
    By day3order in forum General Networking
    Replies: 6
    Last Post: 06-11-2015, 00:25
  2. [ASK] Winbox error visual c++ saat mau di buka di mikrotik rb750
    By Adhre Justifai in forum General Networking
    Replies: 2
    Last Post: 19-08-2014, 22:01
  3. [ASK] VPN Error code 809 di L2TP dan error code 807
    By Zerefinth in forum General Networking
    Replies: 3
    Last Post: 23-05-2014, 19:56
  4. Replies: 2
    Last Post: 14-09-2013, 03:38
  5. Tanya Error code
    By avian in forum General Networking
    Replies: 7
    Last Post: 09-11-2009, 18:49

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •