Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 15 of 15
  1. #1
    Status
    Offline
    wadooke's Avatar
    Baru Gabung
    Join Date
    Aug 2007
    Posts
    16
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0

    Squid (Trustix Secure Linux) + mikrotik = client gak bisa browsing?

    tolong bos master...
    Aku sudah install squid box pake TSL(Trustix Secure Linux) dan udah bisa ping ke . trus dibawahnya aku pasang mikrotik.. tapi untuk client di bawah mikrotik kok gak bisa browsing yah...
    skema:

    internet 172.16.200.93
    |
    |
    Squid Box eth0=172.16.200.94
    eth1=192.168.100.1
    |
    |
    mikrotik eth0=192.168.100.2
    eth1=192.168.0.1
    |
    |
    clients 192.168.0.101-120

    ===========================

    di mesin squid box aku jalankan perintah iptables:

    #iptables -A PREROUTING -t nat -p tcp -s 192.168.100.0/30 -i eth1 -d \! 192.168.100.0/30 --dport 80 -j REDIRECT --to-port 8080

    #iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

    #echo 1 > /proc/sys/net/ipv4/ip_forward

    truss di mikrotik aku tambahkan perintah :

    /ip firewall nat add action=masquerade src-address=192.168.0.0 chain=srcnat

    ==========================

    dari mesin mikrotik bisa untuk ping ke squid dan
    tapi dari client gak bisa ping ke squidbox maupun ping ke yahoo.com

    aku curiga ada kesalahan di settingan di mikrotiknya...
    tapi aku dah mentok....
    mungkin ada temen-temen yg mo bantu...
    sebelumnya terima kasih

  2. #2
    Status
    Offline
    [a]
    [a]'s Avatar
    Administrator
    Join Date
    Jun 2007
    Location
    Jakarta, Indonesia, Indonesia
    Posts
    1,729
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    1 (100%)
    udah ada default route blum ?

    0.0.0.0 menuju ke 192.168.100.1

  3. #3
    Status
    Offline
    wadooke's Avatar
    Baru Gabung
    Join Date
    Aug 2007
    Posts
    16
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    default route nya dimana bos?

    squid atau mikrotik

    maklum newbi nihClick here to enlarge

  4. #4
    Status
    Offline
    [a]
    [a]'s Avatar
    Administrator
    Join Date
    Jun 2007
    Location
    Jakarta, Indonesia, Indonesia
    Posts
    1,729
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    1 (100%)
    di mikrotik nya bro...

    cara ngetestnya gampang ajah...

    dari client dah bisa ping ke 192.168.100.1 blum...klo dr client blum bisa tapi dari mikrotik bisa...berarti tinggal default routenya ajah tuh..

  5. #5
    Status
    Offline
    wadooke's Avatar
    Baru Gabung
    Join Date
    Aug 2007
    Posts
    16
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    dari client ke squid gak bisa ping
    tapi dari client bisa ping ke mikrotik
    dari mikrotik dah bisa ping ke squid


    masalahnya aku bingung setting route di mikrotiknya mas...
    gimana yah?

  6. #6
    Status
    Offline
    wadooke's Avatar
    Baru Gabung
    Join Date
    Aug 2007
    Posts
    16
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    kalo di browser di client disetting proxy 192.168.100.1:8080 bis jalan..
    gimana yah settingan transparent proxy di mikrotik?

  7. #7
    Status
    Offline
    safir's Avatar
    Newbie
    Join Date
    Oct 2007
    Posts
    52
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by wadooke Click here to enlarge
    dari client ke squid gak bisa ping
    tapi dari client bisa ping ke mikrotik
    dari mikrotik dah bisa ping ke squid


    masalahnya aku bingung setting route di mikrotiknya mas...
    gimana yah?
    udah diset firewall nya

    /ip firewall nat add chain=srcnat action=masquerade out-inteface={ethernet
    yang langsung terhubung ke Internet atau Public}

  8. #8
    Status
    Offline
    scorpion14's Avatar
    Member Senior
    Join Date
    Sep 2007
    Posts
    306
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    itu lum di redirect tuh...

  9. #9
    Status
    Offline
    mailo's Avatar
    Newbie
    Join Date
    Sep 2007
    Posts
    20
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    dolo saya pernah pake system seperti itu .. cuma beda posisi aja

    client --> proxy --> mikrotik -->internet

    catatan : di proxy saya gak pake 2 ether tapi pake 1 ether dan Virtual IP
    ga ada masalah tuh.
    cuma mungkin untuk limiting bandwidthnya di squid pake delay pools, karena karena kalo udah masuk masuk ke mikrotik khan yang kebaca IP proxy nya.

  10. #10
    Status
    Offline
    mailo's Avatar
    Newbie
    Join Date
    Sep 2007
    Posts
    20
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by wadooke Click here to enlarge
    kalo di browser di client disetting proxy 192.168.100.1:8080 bis jalan..
    gimana yah settingan transparent proxy di mikrotik?
    redirect nya disetel dolo boss Click here to enlarge

  11. #11
    Status
    Offline
    okto_2005's Avatar
    Member Super Senior
    Join Date
    Jul 2007
    Posts
    655
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    ya... set aja parent-proxy diisi ip nya trustixnya. sekalian port. terus di trustix jangan lupa nat nya port 80 ke 3128 (biasanya sih gitu).

    loh kok ipchainnnya kok gitu doang ya..... kurang tuh bos......

  12. #12
    Status
    Offline
    wadooke's Avatar
    Baru Gabung
    Join Date
    Aug 2007
    Posts
    16
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    masalahnya aku gak begitu tahu tentang IPTABLES...
    mungkin ada rekan yg bisa ngajarin aku tentang IPTABLES...
    di kopi paste di sini aja....

  13. #13
    Status
    Offline
    spymedan's Avatar
    Moderator
    Join Date
    Oct 2007
    Location
    Medan Metropolitan
    Posts
    2,821
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Kalo tidak melalui mikrotik bisa gak browsing dari client ? maksudnya dari ISP >> Trustix >> Client kalo gak bisa coba deh pelan2 periksan dari awal setingannya :

    Misalnya :
    eth0 ( IP Public )
    Range : 10.0.40.0/30
    IP : 10.0.40.2
    Gateway : 10.0.40.1
    Netmask : 255.255.255.252
    Broadcast : 10.0.40.3
    DNS : 10.0.40.1
    eth1 ( IP Local )
    IP = 172.27.27.0/24

    1. Terlebih dahulu kita edit dulu tuh grub.conf biar waktu booting
    ga lama
    root@proxy ~ # vi /etc/grub.conf
    Code :
    timeout = 10
    ganti dengan 0
    save dengan menekan wq
    2. Nah setelah itu kita aktifkan ssh nya biar kita bisa
    remote dan edit di windows pakai putty
    root@proxy ~ # vi /etc/ssh/sshd_config
    #Port 22
    PermiteRootLogin no

    3. Hilangkan tanda pagar pada port 22
    dan pada PermiteRootLogin yes
    save dengan menekan wq
    root@proxy ~ # chkconfig sshd on
    root@proxy ~ # service sshd start
    root@proxy ~ # service network restart

    4. Nah Baru kita tentukan IP MGW nya
    Setting IP MGW
    root@proxy ~ # vi /etc/sysconfig/network
    Lalu isikan
    NETWORKING = yes
    HOSTNAME = proxy.com
    NOZEROCONF = yes
    GATEWAYDEV = eth0
    GATEWAY = 10.0.40.1
    save dengan menekan : wq

    5. Setting IP eth0
    root@proxy ~ # vi /etc/sysconfig/network-scripts/ifcfg-eth0
    Lalu isikan
    DEVICE = eth0
    BOOTPROTO = static
    BROADCAST = 10.0.40.3
    IPADDR = 10.0.40.2
    NETMASK = 255.255.255.252
    NETWORK = 10.0.40.0
    ONBOOT = yes

    6. Setting DNS resolv isikan dns isp kita
    root@proxy ~ # vi /etc/resolv.conf
    nameservers 10.0.40.1
    nameservers 172.27.27.1
    save dengan menekan : wq

    7. Nah setelah itu kita set ip_forwardnya
    root@proxy ~ # vi /etc/sysctl.conf
    net.ipv4.ip_forward = 0
    ganti dengan net.ipv4.ip_forward = 1
    save dengan menekan wq

    8. Restart Network
    root@proxy ~ # service network restart
    Shutting down interface eth0: [ OK ]
    Shutting down interface eth1: [ OK ]
    Shutting down loopback interface: [ OK ]
    Disabling IPv4 packet forwarding: [ OK ]
    Setting network parameters: [ OK ]
    Bringing up loopback interface: [ OK ]
    Bringing up interface eth0: [ OK ]
    Bringing up interface eth1: [ OK ]

    9. aktifkan networknya
    root@proxy ~ # chkconfig –level 2345 network on

    10. Test Ping ke gateway
    root@proxy ~ # ping 10.0.40.1
    PING 10.0.40.1 (10.0.40.1) 56(84) bytes of data.
    64 bytes from 10.0.40.1: icmp_seq=1 ttl=64 time=1.02 ms
    64 bytes from 10.0.40.1: icmp_seq=2 ttl=64 time=0.618 ms
    64 bytes from 10.0.40.1: icmp_seq=3 ttl=64 time=0.613 ms
    64 bytes from 10.0.40.1: icmp_seq=4 ttl=64 time=0.597 ms

    11. Test Ping ke google
    PING google.com (72.14.207.99) 56(84) bytes of data.
    64 bytes from eh-in-f99.google.com (72.14.207.99): icmp_seq=1 ttl=229 time=354 ms
    64 bytes from eh-in-f99.google.com (72.14.207.99): icmp_seq=2 ttl=227 time=389 ms
    64 bytes from eh-in-f99.google.com (72.14.207.99): icmp_seq=3 ttl=229 time=374 ms
    Kalau keluar seperti diatas berarti dns kita bekerja dengan baik
    12. Hidupkan bindnya supaya mgw ini bisa di gunakan client sebagai ns server
    root@proxy ~ # chkconfig –level 2345 named on
    root@proxy ~ # service named start

    13. Seting IP Client
    Setting IP eth1 isikan ip lokal kita
    root@proxy ~ # vi /etc/sysconfig/network-scripts/ifcfg-eth1
    DEVICE = eth1
    BOOTPROTO = static
    BROADCAST = 172.27.27.255
    IPADDR = 172.27.27.1
    NETMASK = 255.255.255.0
    NETWORK = 172.27.27.0
    ONBOOT = yes
    save dengan menekan : wq

    14. Restart Network
    root@proxy ~ # service network restart
    Test Ping ke IP eth1
    root@proxy ~ # ping 172.27.27.1
    PING 172.27.27.1 (172.27.27.1) 56(84) bytes of data.
    64 bytes from 172.27.27.1: icmp_seq=1 ttl=64 time=0.058 ms
    64 bytes from 172.27.27.1: icmp_seq=2 ttl=64 time=0.034 ms
    64 bytes from 172.27.27.1: icmp_seq=3 ttl=64 time=0.025 ms
    Bila ada tanggapan seperti di atas maka sudah berjalan baik
    tinggal seting ip di client

    16. Misalnya :
    Client 1
    IP Address : 172.27.27.2
    Subnet Mask : 255.255.255.0
    Default Gateway : 172.27.27.1
    DNS Server : 10.0.40.1
    172.27.27.1
    Client 2
    IP Address : 172.27.27.3
    Subnet Mask : 255.255.255.0
    Default Gateway : 172.27.27.1
    DNS Server : 10.0.40.1
    172.27.27.1
    Dan Seterusnya sesuai banyak nya client yg berubah hanya ip addresnya
    coba ping dari client kalau berhasil artinya mgw dan client udah terhubung

    17. Seting Client agar bisa internet
    root@proxy ~ #
    iptables -t nat -A POSTROUTING -s 172.27.27.0/255.255.255.252 -o eth0 -j MASQUERADE
    root@proxy ~ # chkconfig iptables on
    root@proxy ~ # /etc/init.d/iptables save
    root@proxy ~ # service iptables start

    18. Tes dari client untuk browsing
    bila jalan berarti berhasil

    saya juga begitu tapi setelah diteliti salah di tahap 17 setelah itu bisa...

    saya dapet dari googling neh ..semoga membantu...Click here to enlargeClick here to enlarge

  14. #14
    Status
    Offline
    rielove's Avatar
    Member
    Join Date
    Aug 2009
    Posts
    160
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Kalo tempat aku beda lagi kk sekalian...
    Ping ke google atau ping ke modem dah ga bisa, tetapi klo browsing jalan lancar...
    Mikrotik setting standar, hanya dikasih Masquarede sama DNS...

    Yang aku bingungkan ko ga bisa ping ke google ataupun ke google yach?
    Klo browsing lancar2 aja...
    Mohon bantuan kk sekalian....!
    Tetapi klo ping dari mikrotik ke google.com lancar....!Click here to enlarge

  15. #15
    Status
    Offline
    bebelac3's Avatar
    Newbie
    Join Date
    Jan 2009
    Posts
    35
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by rielove Click here to enlarge
    Kalo tempat aku beda lagi kk sekalian...
    Ping ke google atau ping ke modem dah ga bisa, tetapi klo browsing jalan lancar...
    Mikrotik setting standar, hanya dikasih Masquarede sama DNS...

    Yang aku bingungkan ko ga bisa ping ke google ataupun ke google yach?
    Klo browsing lancar2 aja...
    Mohon bantuan kk sekalian....!
    Tetapi klo ping dari mikrotik ke google.com lancar....!Click here to enlarge
    cuba cek di /ip routesnya .. Click here to enlarge

 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [Ask] Script biar Client cuman bisa browse IIX aja
    By okto_2005 in forum Scripting @ Mikrotik
    Replies: 21
    Last Post: 13-03-2013, 07:06
  2. Replies: 40
    Last Post: 23-02-2010, 15:27
  3. mikrotik dan linux squid
    By nocbagusnet in forum General Networking
    Replies: 4
    Last Post: 14-09-2007, 18:27
  4. RB532 dgn client airbridge outdoor ga bisa ping
    By wiecky in forum Wireless Networking
    Replies: 3
    Last Post: 23-08-2007, 01:44
  5. blok IP supaya gak bisa browsing....
    By bdu4punk in forum Beginner Basics
    Replies: 5
    Last Post: 15-08-2007, 21:10

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •