kk..,
numpang tanya yah gimana seh caranya ngeblok/ ngebatasin semua trafic lokal.
Pengennya seh biar semua client yang ada dalam satu LAN nga bisa nge ping satu sama lain atau ngaliat satu sama lain.
makasi sebelumnya
for already registered members
Results 1 to 15 of 35
-
LinkBack
LinkBack URL
About LinkBacks- Bookmark & Share
- Tweet this thread
-
13-07-2007, 12:08 #1Status
- Offline
- Join Date
- Jul 2007
- Posts
- 63
- Reviews
- Read 0 Reviews
- Downloads
- 0
- Uploads
- 0
Newbie
- Feedback Score
- 0
[ask]Gimana caranya memblok trafiic local
-
The Following User Says Thank You to gateway For This Useful Post:
-
13-07-2007, 13:42 #2Status
- Offline
- Join Date
- Jul 2007
- Location
- Bandung, Indonesia
- Posts
- 1,816
- Reviews
- Read 0 Reviews
- Downloads
- 0
- Uploads
- 0
Contributor
- Feedback Score
- 0
dibedain aja ip per client nya
misalkan
client a = 192.168.1.2/30 gateway 192.168.1.1
client b = 192.168.1.6/30 gateway 192.168.1.5
client c = 192.168.1.10/30 gateway 192.168.1.9
dst
kayaknya kalo pengen langsung, susah. soalnya topologinya kan mikrotik -- switch -- client.
atau ada ide lain ?
-
The Following User Says Thank You to c0nf For This Useful Post:
-
13-07-2007, 15:21 #3Status
- Offline
![[a]'s Avatar](http://www.forummikrotik.com/avatars/%5Ba%5D.gif?dateline=1207663657 "[a]'s Avatar")
- Join Date
- Jun 2007
- Location
- Jakarta, Indonesia, Indonesia
- Posts
- 1,729
- Reviews
- Read 0 Reviews
- Downloads
- 0
- Uploads
- 0
Administrator
- Feedback Score
- 1 (100%)
halloo bos gateway
RB 532nya gimana bossss.......heuhehehhe
kalo emang masih satu network...kita ga akan bisa nge-blok traffic antar sesama node didalam network tersebut....
klo emang kebutuhannya kaya gitu, coba ikutin saran dari bro cOnf...bikin subnet untuk tiap2 kategori user....nanti baru bisa pembatasan antar subnet tersebut dilakukan di mikrotik...
atau cara gua, yang emang ga mau ribet...gua pake IP yang berbeda-beda untuk tiap kategori user....
office : 10.10.x.x
guest : 192.168.1.x
outlet : 172.16.x.x
dan networknya secara fisik juga gua pisah...dan di mikrotiknya gua pakein interface ethernet sebanyak network tersebut + wan (menuju isp)....
klo dah kaya gini gua bisa control traffic antar network tersebut secara mudah.....
mudah-mudahan bisa sedikit membantu...
-
13-07-2007, 21:32 #4Status
- Offline
- Join Date
- Jul 2007
- Posts
- 655
- Reviews
- Read 0 Reviews
- Downloads
- 0
- Uploads
- 0
Member Super Senior
- Feedback Score
- 0
??? MAKSUTNYA NGEPING SATU SAMA LAIN DALAM JARINGAN GIMANA YAHHHH
1 network gitu ato ada beberapa network terus di jadiin satu lewat mikrotik???
BTW ini udah salah jalur, harusnya di bagian general networking. pindahin om admin
-
13-07-2007, 21:54 #5Status
- Offline
- Join Date
- Jun 2007
- Location
- Jakarta, Indonesia, Indonesia
- Posts
- 1,729
- Reviews
- Read 0 Reviews
- Downloads
- 0
- Uploads
- 0
Administrator
- Feedback Score
- 1 (100%)
siap bro....
thanks..
-
14-07-2007, 10:25 #6Status
- Offline
- Join Date
- Jul 2007
- Posts
- 66
- Reviews
- Read 0 Reviews
- Downloads
- 8
- Uploads
- 0
Newbie
- Feedback Score
- 0
kl misalnya cm satu network ( 192.168.1.0/24 ) trs yang mw diblok akses pingnya dan cm satu gateway saja yang boleh diping misalnya 192.168.1.1
Originally Posted by c0nf
coba aja rule ini :
/ip fi filter add chain=forward out-interface=ether1 dst-address=!192.168.1.1 protocol=icmp action=drop
mungkin sdh ada yg tau
-
14-07-2007, 12:33 #7Status
- Offline
- Join Date
- Jun 2007
- Location
- Jakarta, Indonesia, Indonesia
- Posts
- 1,729
- Reviews
- Read 0 Reviews
- Downloads
- 0
- Uploads
- 0
Administrator
- Feedback Score
- 1 (100%)
gini bro..
klo ping yang mau diblok adalah :
host(yang nge-ping) -> switch -> mikrotik -> switch -> host(yang diping)
ini bisa dilakukan dengan rule diatas / rule yang nge-blok paket forward ICMP
tapi klo topologi kaya dibawah :
host(yang nge-ping) -> Switch -> Mikrotik
........................................^
........................................|
host(yang di-ping) -------
ini ga akan bisa dilakukan dengan firewall rule di Mikrotik,
hal ini mungkin bisa dicapai dengan mengganti switch yang ada dengan Manageable Switch...Cuma musti diliat cost-nya yang gede tuhh....
-
14-07-2007, 13:31 #8Status
- Offline
- Join Date
- Jul 2007
- Location
- Bandung, Indonesia
- Posts
- 1,816
- Reviews
- Read 0 Reviews
- Downloads
- 0
- Uploads
- 0
Contributor
- Feedback Score
- 0
yups
semuanya betul
hehehhehe
jadi sebenernya itu masalah di topologi jaringan mas gateway
tinggal dipilih mana yg paling cocok dalam kasus anda
-
14-07-2007, 18:21 #9Status
- Offline
- Join Date
- Jul 2007
- Posts
- 1,507
- Reviews
- Read 0 Reviews
- Downloads
- 0
- Uploads
- 0
Forum Guru
- Feedback Score
- 0
klo kasusnya di rt/rw net gmn yah?
user yg satu ga boleh tau ada user lain...
klo dia pake IP scanner kan bisa tau IP mana aja yg reply..
nah klo gt gmn??
-
14-07-2007, 19:18 #10Status
- Offline
- Join Date
- Jul 2007
- Location
- Bandung, Indonesia
- Posts
- 1,816
- Reviews
- Read 0 Reviews
- Downloads
- 0
- Uploads
- 0
Contributor
- Feedback Score
- 0
kalo di gw dibagi2 kayak gini :
client a = 192.168.1.2/30 gateway 192.168.1.1
client b = 192.168.1.6/30 gateway 192.168.1.5
client c = 192.168.1.10/30 gateway 192.168.1.9
netmasknya diitung sendiri ya (buat latihan heheheh)
cuman emang kerjaan lagi masuk2in ip gateway nya di mikrotik
untuk sementara sih masih aman2 aja dengan cara di atas.
kalo mau bener2 safe, ya harus beli switch mahal (manageble switch)
atau kalo ngga salah, dulu pernah liat lan card mikrotik yg banyak port rj45 nya.cuman ngga tau bener itu dari mikrotik atau bukan. soalnya blm pernah pegang yg "gituan" sih heheheh
-
14-07-2007, 19:23 #11Status
- Offline
- Join Date
- Jul 2007
- Posts
- 1,507
- Reviews
- Read 0 Reviews
- Downloads
- 0
- Uploads
- 0
Forum Guru
- Feedback Score
- 0
waduh, klo klien nya sampe puluhan gmn tuh? hehe...
berarti satu2 nya cara emang di pisahin segmen nya yah?
gw ada tuh, lan card nya mikrotik 10/100 yg port.. terpaksa beli, soalnya kebutuhan NIC nya banyak.. hehe..
-
14-07-2007, 19:25 #12Status
- Offline
- Join Date
- Jul 2007
- Location
- Bandung, Indonesia
- Posts
- 1,816
- Reviews
- Read 0 Reviews
- Downloads
- 0
- Uploads
- 0
Contributor
- Feedback Score
- 0
kalo kliennya udah puluhan dan pake cara saya, berarti bentar lagi bro ponywaterhouse bakal menghilang dari forum ini. soalnya jarinya udah jadi segede jempol semuanya
heheheh
jangan marah ya bro
just kidding
-
14-07-2007, 19:32 #13Status
- Offline
- Join Date
- Jul 2007
- Posts
- 1,507
- Reviews
- Read 0 Reviews
- Downloads
- 0
- Uploads
- 0
Forum Guru
- Feedback Score
- 0
hahaha...
jari gw kenapa bisa segede jempol yah??
-
15-07-2007, 00:32 #14Status
- Offline
- Join Date
- Jun 2007
- Location
- Jakarta, Indonesia, Indonesia
- Posts
- 1,729
- Reviews
- Read 0 Reviews
- Downloads
- 0
- Uploads
- 0
Administrator
- Feedback Score
- 1 (100%)
emang subnet sih satu-satunya cara....atau ada yang pernah pake managable switch ??
-
15-07-2007, 13:02 #15Status
- Offline
- Join Date
- Jul 2007
- Posts
- 66
- Reviews
- Read 0 Reviews
- Downloads
- 8
- Uploads
- 0
Newbie
- Feedback Score
- 0
kl rule itu saya coba topologinya spt ini "
WAN ----- switch ----- mikroTik
|
|
PC client
switchnya unmanageable, jd item yang ada tanda seru negasi dr ip gateway.
Originally Posted by [a]
-
The Following User Says Thank You to symbal_pecah For This Useful Post:
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
All times are GMT +8. The time now is 18:24.
Auto Closing Of Threads provided by
Threads Auto Close (Lite) -
vBulletin Mods & Addons Copyright © 2021 DragonByte Technologies Ltd.
2009. Forum MikroTik Indonesia 1 add-ons Copyright © 2021 LancerForHire, LLC.
Powered by vBulletin® Version 4.2.2
Copyright © 2021 vBulletin Solutions, Inc. All rights reserved.
Search Engine Optimization by vBSEO 3.6.0
Copyright © 2021 vBulletin Solutions, Inc. All rights reserved.
Search Engine Optimization by vBSEO 3.6.0
2009. Forum MikroTik Indonesia 1 add-ons Copyright © 2021 LancerForHire, LLC.