Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Page 2 of 2 FirstFirst 12
Results 16 to 19 of 19
  1. #16
    Status
    Offline
    rikici's Avatar
    Newbie
    Join Date
    Mar 2013
    Posts
    41
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by Anto.PJ Click here to enlarge
    ente ga bisa melakukan dst-nat port 80 dengan mikrotik ke eth2 proxy..
    kenapa.. karena interface mikrotik sendiri ga punya gateway, dan eth2 proxy juga ga punya gateway.. sedangkan dst-address yg dituju adalah ip publik.. pasti butuh gateway.. gimana caranya?? ya dirouting..

    memang paling mudah dilakukan src-nat supaya paket dapat di forward

    tapi sebenarnya cukup di routing..
    Code:
    /ip firewall mangle
    chain=prerouting action=mark-connection new-connection-mark=http passthrough=yes protocol=tcp src-address=192.168.0.0/24 dst-port=80
    chain=prerouting action=mark-routing connection-mark=http new-routing-mark=http passthrough=no
    /ip route
    add gateway=192.168.2.200 dst-address=0.0.0.0/0 routing-mark=http
    masalah selanjutnya adalah dst-nat, untuk mode ini, sebaiknya dilakukan di iptables proxy.. karena defaultnya interface yg menghubungkan proxy dan mikrotik gak punya gateway..
    sedang jika dilakukan di mikrotik.. not work..

    untuk melihat itu..

    iptables -t nat -L
    Saya dah coba yang ini bang , koneksi dah saya mark routing di mangle
    Code:
    /ip firewall mangle
    chain=prerouting action=mark-connection new-connection-mark=http passthrough=yes protocol=tcp src-address=192.168.0.0/24 dst-port=80
    chain=prerouting action=mark-routing connection-mark=http new-routing-mark=http passthrough=no
    /ip route
    add gateway=192.168.2.200 dst-address=0.0.0.0/0 routing-mark=http
    di ip firewall nat dsnat saya hapus, tinggal srcnat untuk ether1-gateway yang dimasquerade

    iptables juga udah dibikin, hasilnya koneksi tetap gk jalan

  2. #17
    Status
    Offline
    rikici's Avatar
    Newbie
    Join Date
    Mar 2013
    Posts
    41
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    apa karna proxynya bekerja sebagai router maka harus dimasquerade interface mikrotik ke proxy ? jadi solusinya harus dibridge ya bang?

  3. #18
    Status
    Offline
    rikici's Avatar
    Newbie
    Join Date
    Mar 2013
    Posts
    41
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Gimana kalau ether5 dan ether4 dibridge bang ? trus ip address eth2 ( jadi 192.168.0.200 ) saya samakan subnetnya dengan subnet client. Belum dicoba sih tapi kyknya bisa, bagaimana menurut bang Andy?

    dstnat dimikrotik tetap diperlukan untuk ngarahinnya ke ip eth2 proxy
    Last edited by rikici; 20-05-2013 at 00:37.

  4. #19
    Status
    Offline
    Anto.PJ's Avatar
    Forum Guru
    Join Date
    May 2011
    Location
    macz
    Posts
    1,696
    Reviews
    Read 0 Reviews
    Downloads
    7
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by rikici Click here to enlarge
    Gimana kalau ether5 dan ether4 dibridge bang ? trus ip address eth2 ( jadi 192.168.0.200 ) saya samakan subnetnya dengan subnet client. Belum dicoba sih tapi kyknya bisa, bagaimana menurut bang Andy?

    dstnat dimikrotik tetap diperlukan untuk ngarahinnya ke ip eth2 proxy
    mm.. gw kira nanya ke ane..

 

 
Page 2 of 2 FirstFirst 12

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. tproxy single interface/ethernet
    By ndasjowo in forum General Networking
    Replies: 188
    Last Post: 01-10-2014, 14:10
  2. ask: tproxy 2 ether & 2 router???
    By dingting in forum General Networking
    Replies: 2
    Last Post: 20-02-2013, 00:55
  3. [asK] konsep bridging
    By zeech in forum General Networking
    Replies: 17
    Last Post: 05-09-2009, 23:51

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •