Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Page 1 of 2 12 LastLast
Results 1 to 15 of 17
  1. #1
    Status
    Offline
    BRAINHOLIC's Avatar
    Newbie
    Join Date
    Apr 2010
    Location
    Jakarta
    Posts
    21
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0

    Question Butuh Bantuan Suhu buat routing vpn

    suhu-suhu bantuin sy donk.. dah mentok.. kebingungan ngatur topologinya..

    topologi yang sdh ada begini:

    Click here to enlarge

    R1:
    lan : 10.171.0.0/24 (bridge)
    P2P : 10.171.1.2/30
    route 1 : 0.0.0.0/0 gateway :172.x.x.x
    route 2 : 10.171.1.0/30 gateway : 10.171.1.3

    R2:
    P2P : 10.171.1.3/30
    vpn : 10.171.1.100-10.171.1.252
    vpn client : 10.163.x.x
    route 1 : 0.0.0.0/0 gateway : 202.x.x.x
    route 2 : 10.171.1.0/30 gateway : 10.171.0.2

    permasalahan:
    - untuk cabang dengan jendela sudah bisa ping ke Pc di lan R1 (untuk setting client di centos gmn ya?bisa konek tp ga bisa ping. ket di R2 Encoding nya kosong)
    - gmn ya routing vpn client di R2 agar cabang bisa akses ke dc via vpn client R2


    klo suhu2 ada topologi yg lebih mudah boleh deh. intinya DC dan R1 kita ga bisa utak atik.

    maap kl penjelasannya membingungkan.. saya sndri juga bingung ngeliat topologi aslinya juga. muter2... Click here to enlarge

    matur nuwun... mohon dibantu ya Click here to enlarge
    Last edited by BRAINHOLIC; 17-05-2012 at 23:14. Reason: nambahin

  2. #2
    Status
    Offline
    Anto.PJ's Avatar
    Forum Guru
    Join Date
    May 2011
    Location
    macz
    Posts
    1,696
    Reviews
    Read 0 Reviews
    Downloads
    7
    Uploads
    0
    Feedback Score
    0
    topologinya digambar pakai visio aja plis..

  3. #3
    Status
    Offline
    chu_please's Avatar
    Member
    Join Date
    Feb 2012
    Posts
    203
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    yoi...bnr.....

  4. #4
    Status
    Offline
    BRAINHOLIC's Avatar
    Newbie
    Join Date
    Apr 2010
    Location
    Jakarta
    Posts
    21
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    wah kok berantakan gitu ya hasilnya.. kurang lebih kyk gini topologinya :

    Click here to enlarge

    bantuin ya Click here to enlarge

  5. #5
    Status
    Offline
    zdienos's Avatar
    Forum Guru
    Join Date
    Feb 2010
    Location
    ~/makasar
    Posts
    1,252
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    gedein dikit bang, gambarnya....

  6. #6
    Status
    Offline
    Anto.PJ's Avatar
    Forum Guru
    Join Date
    May 2011
    Location
    macz
    Posts
    1,696
    Reviews
    Read 0 Reviews
    Downloads
    7
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge g kebaca..

    Click here to enlarge

  7. #7
    Status
    Offline
    BRAINHOLIC's Avatar
    Newbie
    Join Date
    Apr 2010
    Location
    Jakarta
    Posts
    21
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    ihh maaf bro.. pikiran lg kemana2 nieh.. upload lg ya
    Click here to enlarge

  8. #8
    Status
    Offline
    BRAINHOLIC's Avatar
    Newbie
    Join Date
    Apr 2010
    Location
    Jakarta
    Posts
    21
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    bang anton.PJ bang zdienos bantuin donkkk Click here to enlarge

  9. #9
    Status
    Offline
    yogii's Avatar
    Member Senior
    Join Date
    Jun 2010
    Location
    Batam - Indonesia
    Posts
    416
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    1
    Feedback Score
    0
    itu masih gambar buta. edit lagi post diatas nambahin nama routernya, nama pc dll, saya mau nyamain dengan yg di ataspun menggunakan ip bingung, diawal ipnya 10.188 dibawah 10.171. sekalian tulis juga permaslahannya dibawah gambar.

    insyaallah... Click here to enlarge

  10. #10
    Status
    Offline
    BRAINHOLIC's Avatar
    Newbie
    Join Date
    Apr 2010
    Location
    Jakarta
    Posts
    21
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    iya saya sndr bingung jelasin.. topologi aslinya juga ruwet..
    gini mas :

    Click here to enlarge

    R1:
    lan : 10.171.0.0/24 (bridge)
    P2P : 10.171.1.2/30
    route 1 : 0.0.0.0/0 gateway :172.x.x.x
    route 2 : 10.171.1.0/30 gateway : 10.171.1.3

    R2:
    P2P : 10.171.1.3/30
    vpn : 10.171.1.100-10.171.1.252
    vpn client : 10.163.x.x
    route 1 : 0.0.0.0/0 gateway : 202.x.x.x
    route 2 : 10.171.1.0/30 gateway : 10.171.0.2

    permasalahan:
    - untuk cabang dengan jendela sudah bisa ping ke Pc di lan R1 (untuk setting client di centos gmn ya?bisa konek tp ga bisa ping. ket di R2 Encoding nya kosong)
    - gmn ya routing vpn client di R2 agar cabang bisa akses ke dc via vpn client R2 (konekin vpn ke vpn)

    makasih...

  11. #11
    Status
    Offline
    Anto.PJ's Avatar
    Forum Guru
    Join Date
    May 2011
    Location
    macz
    Posts
    1,696
    Reviews
    Read 0 Reviews
    Downloads
    7
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by BRAINHOLIC Click here to enlarge
    bang anton.PJ bang zdienos bantuin donkkk Click here to enlarge
    Anto.PJ, ga pake "n"
    Last edited by Anto.PJ; 18-05-2012 at 00:35.

  12. #12
    Status
    Offline
    BRAINHOLIC's Avatar
    Newbie
    Join Date
    Apr 2010
    Location
    Jakarta
    Posts
    21
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by Anto.PJ Click here to enlarge
    Anto.PJ, ga pake "n"
    hhehe.. maap lg siwer nieh ga pake kaca mata bang anto

  13. #13
    Status
    Offline
    Anto.PJ's Avatar
    Forum Guru
    Join Date
    May 2011
    Location
    macz
    Posts
    1,696
    Reviews
    Read 0 Reviews
    Downloads
    7
    Uploads
    0
    Feedback Score
    0
    kita pecahkan dulu jalurnya..
    batasan = disini saya menggunakan PPTP
    protokol yang digunakan harus di allow firewall
    Protocol 6 (TCP) Port: 1723
    Protocol 47 (Gre)

    R2(VPN server)<====inet====>VPN CLient(ServerCabang)===>Client cabang

    VPNCLient (Server cabang) menggunakan CentOS
    Code:
    #pptpsetup --create (tunnel) --server --username --password --encrypt
    Jika interface PPTP = dev ppp0
    iptables
    Code:
    # route add -net 10.171.0.0 netmask 255.255.255.0 dev ppp0
    # iptables --insert OUTPUT 1 --source 0.0.0.0/0.0.0.0 --destination 10.171.0.0/24 --jump ACCEPT --out-interface ppp0
    # iptables --insert INPUT 1 --source 10.171.0.0/24 --destination 0.0.0.0/0.0.0.0 --jump ACCEPT --in-interface ppp0
    # iptables --insert FORWARD 1 --source 0.0.0.0/0.0.0.0 --destination 10.171.0.0/24 --jump ACCEPT --out-interface ppp0
    # iptables --insert FORWARD 1 --source 10.171.0.0/24 --destination 0.0.0.0/0.0.0.0 --jump ACCEPT
    # iptables --table nat --append POSTROUTING --out-interface ppp0 --jump MASQUERADE
    # iptables --append FORWARD --protocol tcp --tcp-flags SYN,RST SYN --jump TCPMSS --clamp-mss-to-pmtu
    iptables diatas disesuaikan untuk data center juga.. saya ga tau IP VPN untuk koneksi datacenter berapa..

    Router 2
    Code:
    /IP firewall nat
    chain=src-nat out-interface=pptp-in1 action=masquerade
    Code:
    /ip route add dst-address=10.171.0.0/24 gateway=10.171.1.2 disabled=no
    /ip route rule add dst-address=10.171.0.0/24  action=lookup table=main
    di Router 1 (kalo bisa..)
    Code:
    /ip route add dst-address=10.171.1.0/24 gateway=10.171.1.3 disabled=no
    /ip route rule add dst-address=10.171.1.0/24  action=lookup table=main
    koneksi ke data center
    DC<=>VPN Server<==>[R2(VPNCLient)><R2(VPN server)]<==inet==>VPN CLient(ServerCabang)==>Client cabang

    router 2 sebagai client VPN
    dari Data center VPN pakai PPTP/L2TP/OVPN??
    Last edited by Anto.PJ; 18-05-2012 at 01:36.

  14. The Following User Says Thank You to Anto.PJ For This Useful Post:


  15. #14
    Status
    Offline
    BRAINHOLIC's Avatar
    Newbie
    Join Date
    Apr 2010
    Location
    Jakarta
    Posts
    21
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    mantab bang anto sy pelajari dl ya. bsk diterapkan di mt nya.. sy report lg besok... thanks berat bang Click here to enlargeClick here to enlarge

  16. #15
    Status
    Offline
    BRAINHOLIC's Avatar
    Newbie
    Join Date
    Apr 2010
    Location
    Jakarta
    Posts
    21
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by Anto.PJ Click here to enlarge
    iptables
    Code:
    # route add -net 10.171.0.0 netmask 255.255.255.0 dev ppp0
    # iptables --insert OUTPUT 1 --source 0.0.0.0/0.0.0.0 --destination 10.171.0.0/24 --jump ACCEPT --out-interface ppp0
    # iptables --insert INPUT 1 --source 10.171.0.0/24 --destination 0.0.0.0/0.0.0.0 --jump ACCEPT --in-interface ppp0
    # iptables --insert FORWARD 1 --source 0.0.0.0/0.0.0.0 --destination 10.171.0.0/24 --jump ACCEPT --out-interface ppp0
    # iptables --insert FORWARD 1 --source 10.171.0.0/24 --destination 0.0.0.0/0.0.0.0 --jump ACCEPT
    # iptables --table nat --append POSTROUTING --out-interface ppp0 --jump MASQUERADE
    # iptables --append FORWARD --protocol tcp --tcp-flags SYN,RST SYN --jump TCPMSS --clamp-mss-to-pmtu
    iptables diatas disesuaikan untuk data center juga.. saya ga tau IP VPN untuk koneksi datacenter berapa..
    itu script di mikrotiknya kyk gmn ya bang?

    untuk vpn server DC pake pptp bang. udah test pk jendela bisa koneksi kesana.
    Last edited by BRAINHOLIC; 18-05-2012 at 11:11. Reason: tmbh

 

 
Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 6
    Last Post: 05-07-2011, 15:40
  2. Butuh Bantuan..
    By underkost in forum General Networking
    Replies: 5
    Last Post: 18-08-2010, 11:26
  3. [ASK] Mohon bantuan pada para suhu-suhu mikrotik
    By salman in forum Beginner Basics
    Replies: 4
    Last Post: 12-12-2009, 19:53
  4. butuh bantuan buat optimalkan link
    By ree_bood in forum Wireless Networking
    Replies: 19
    Last Post: 24-04-2009, 02:52
  5. Minta Bantuan para SUHU
    By feri_st in forum Wireless Networking
    Replies: 3
    Last Post: 25-08-2008, 14:08

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •