Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Page 2 of 2 FirstFirst 12
Results 16 to 18 of 18

Thread: management VLAN

  1. #16
    Status
    Offline
    error's Avatar
    Baru Gabung
    Join Date
    Oct 2011
    Posts
    16
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    ok kawan2 semua
    ane udah dapet yang mungkin engga banyak makan resource

    -chain forward src.address=192.168.0.0/16 dst.address=192.168.9.5 protocol=tcp action accept <<< buat print server
    -chain forward src.address=192.168.9.0/24 dst.address=192.168.0.0/16 protocol=tcp action accept <<< buat scanner server dan kawan2 server lainnya

    -chain forward protocol=tcp dst-port=137-139 action drop <<=======================|
    -chain forward protocol=tcp dst-port=445 action drop <<<<< antar subnet engga bisa share |
    -chain forward protocol=udp dst-port=137-139 action drop <<=======================|

    mohon di koreksi Click here to enlarge
    klo ane udah siip sih, tapi kali ada settingan yang khilaf

  2. #17
    Status
    Offline
    adh1et's Avatar
    Member Senior
    Join Date
    Jul 2010
    Posts
    341
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by error Click here to enlarge
    ok kawan2 semua
    ane udah dapet yang mungkin engga banyak makan resource

    -chain forward src.address=192.168.0.0/16 dst.address=192.168.9.5 protocol=tcp action accept <<< buat print server
    -chain forward src.address=192.168.9.0/24 dst.address=192.168.0.0/16 protocol=tcp action accept <<< buat scanner server dan kawan2 server lainnya

    -chain forward protocol=tcp dst-port=137-139 action drop <<=======================|
    -chain forward protocol=tcp dst-port=445 action drop <<<<< antar subnet engga bisa share |
    -chain forward protocol=udp dst-port=137-139 action drop <<=======================|

    mohon di koreksi Click here to enlarge
    klo ane udah siip sih, tapi kali ada settingan yang khilaf
    kalo ane liat rule itu bisa di artikan gini ya?
    1. accept ip yang di inginkan
    2. block port" yang tidak di inginkan
    kelebihan : lebih spesifik drop yg mana aja, selain yang di drop artinya di loloskan
    kekurangan : masih ada port yang mungkin lolos

    kalo jadi gini gmn?
    1. accept semua port / ip yang ingin di loloskan
    2. drop evrything
    kelebihan : lebih spesifik accept yg mana aja, selain itu di drop pada rule 2
    kekurangan : ente harus bener" tau port brapa aja dan ip brapa aja yang harus di loloskan

  3. #18
    Status
    Offline
    error's Avatar
    Baru Gabung
    Join Date
    Oct 2011
    Posts
    16
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by adh1et Click here to enlarge
    kalo ane liat rule itu bisa di artikan gini ya?
    1. accept ip yang di inginkan
    2. block port" yang tidak di inginkan
    kelebihan : lebih spesifik drop yg mana aja, selain yang di drop artinya di loloskan
    kekurangan : masih ada port yang mungkin lolos

    kalo jadi gini gmn?
    1. accept semua port / ip yang ingin di loloskan
    2. drop evrything
    kelebihan : lebih spesifik accept yg mana aja, selain itu di drop pada rule 2
    kekurangan : ente harus bener" tau port brapa aja dan ip brapa aja yang harus di loloskan
    yah disini cuma mau engga saling lihat File yang d share, jadi engga ada pencurian data antar VLAN hehe
    dan ane merasa baru butuh yang d drop port File Sharing

    tapi boleh tuh ane telusur lagi Click here to enlarge

    tapi udah oke kan itu Click here to enlarge

 

 
Page 2 of 2 FirstFirst 12

Thread Information

Users Browsing this Thread

There are currently 2 users browsing this thread. (0 members and 2 guests)

Similar Threads

  1. Pengantar VLAN
    By maman in forum Articles
    Replies: 38
    Last Post: 05-09-2013, 11:33
  2. HELP ME......Vlan catalyst --- Vlan Mikrotik
    By motokare2006 in forum General Networking
    Replies: 0
    Last Post: 27-09-2010, 18:58
  3. [ask] membuat vlan di rb 500
    By nuna466 in forum Beginner Basics
    Replies: 9
    Last Post: 07-09-2010, 14:47
  4. [ask] Vlan
    By Fade2Green in forum General Networking
    Replies: 3
    Last Post: 12-09-2009, 05:58

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •