Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Page 1 of 3 123 LastLast
Results 1 to 15 of 38
  1. #1
    Status
    Offline
    rielove's Avatar
    Member
    Join Date
    Aug 2009
    Posts
    160
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Client Ga bisa login Facebook

    Ga tau kenapa ko Mikrotikku 2.29 ko ga mau ngerespon dari facebook pada saat login...? Tp anehnya klo dah di restor settingan yang tak save kemaren bisa?
    Ada yang bisa nolong ga neh?
    Mohon para senior bisa bantu aku...!Click here to enlargeClick here to enlarge

    Error Message...!
    Last edited by rielove; 08-09-2009 at 13:04.

  2. #2
    Status
    Offline
    spymedan's Avatar
    Moderator
    Join Date
    Oct 2007
    Location
    Medan Metropolitan
    Posts
    2,821
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    coba digelar setingannya dimari gan..biar para master2 mikocok melihat..salah dimana gitu Click here to enlarge ntuh emang pake mikocok 2.29 yee ? atau 2.9.27 gan ? Click here to enlarge

  3. The Following User Says Thank You to spymedan For This Useful Post:


  4. #3
    Status
    Offline
    rielove's Avatar
    Member
    Join Date
    Aug 2009
    Posts
    160
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Settingannya gan...!

    ip firewall
    address-list connection export filter mangle nat service-port
    [rielove@DaNgEr-NeT] > ip firewall filter print
    Flags: X - disabled, I - invalid, D - dynamic
    0 ;;; Kases Diperbolehkan di Area Local
    chain=forward in-interface=local out-interface=local action=accept

    1 ;;; Sanity Check
    chain=forward action=jump jump-target=sanity-check

    2 ;;; Deny illegal NAT traversal
    chain=sanity-check packet-mark=nat-traversal action=jump
    jump-target=drop

    3 ;;; Block port scans
    chain=sanity-check protocol=tcp psd=20,3s,3,1
    action=add-src-to-address-list address-list=blocked-addr
    address-list-timeout=1d

    4 ;;; Block TCP Null scan
    chain=sanity-check protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack
    action=add-src-to-address-list address-list=blocked-addr
    address-list-timeout=1d

    5 ;;; Block TCP Xmas scan
    chain=sanity-check protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg


    Flags: X - disabled, I - invalid, D - dynamic
    0 ;;; Kases Diperbolehkan di Area Local
    chain=forward in-interface=local out-interface=local action=accept

    1 ;;; Sanity Check
    chain=forward action=jump jump-target=sanity-check

    2 ;;; Deny illegal NAT traversal
    chain=sanity-check packet-mark=nat-traversal action=jump
    jump-target=drop

    3 ;;; Block port scans
    chain=sanity-check protocol=tcp psd=20,3s,3,1
    action=add-src-to-address-list address-list=blocked-addr
    address-list-timeout=1d

    4 ;;; Block TCP Null scan
    chain=sanity-check protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack
    action=add-src-to-address-list address-list=blocked-addr
    address-list-timeout=1d

    5 ;;; Block TCP Xmas scan
    chain=sanity-check protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg


    Flags: X - disabled, I - invalid, D - dynamic
    0 ;;; Kases Diperbolehkan di Area Local
    chain=forward in-interface=local out-interface=local action=accept

    1 ;;; Sanity Check
    chain=forward action=jump jump-target=sanity-check

    2 ;;; Deny illegal NAT traversal
    chain=sanity-check packet-mark=nat-traversal action=jump
    jump-target=drop

    3 ;;; Block port scans
    chain=sanity-check protocol=tcp psd=20,3s,3,1
    action=add-src-to-address-list address-list=blocked-addr
    address-list-timeout=1d

    4 ;;; Block TCP Null scan
    chain=sanity-check protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack
    action=add-src-to-address-list address-list=blocked-addr
    address-list-timeout=1d

    5 ;;; Block TCP Xmas scan
    chain=sanity-check protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg


    Flags: X - disabled, I - invalid, D - dynamic
    0 ;;; Kases Diperbolehkan di Area Local
    chain=forward in-interface=local out-interface=local action=accept

    1 ;;; Sanity Check
    chain=forward action=jump jump-target=sanity-check

    2 ;;; Deny illegal NAT traversal
    chain=sanity-check packet-mark=nat-traversal action=jump
    jump-target=drop

    3 ;;; Block port scans
    chain=sanity-check protocol=tcp psd=20,3s,3,1
    action=add-src-to-address-list address-list=blocked-addr
    address-list-timeout=1d

    4 ;;; Block TCP Null scan
    chain=sanity-check protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack
    action=add-src-to-address-list address-list=blocked-addr
    address-list-timeout=1d

    5 ;;; Block TCP Xmas scan
    chain=sanity-check protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg
    action=add-src-to-address-list address-list=blocked-addr
    address-list-timeout=1d

    6 chain=sanity-check protocol=tcp src-address-list=blocked-addr action=jump
    jump-target=drop

    7 ;;; Drop TCP RST
    chain=sanity-check protocol=tcp tcp-flags=rst action=jump
    jump-target=drop

    8 ;;; Drop TCP SYN+FIN
    chain=sanity-check protocol=tcp tcp-flags=fin,syn action=jump
    jump-target=drop

    9 ;;; Dropping invalid connections at once
    chain=sanity-check connection-state=invalid action=jump jump-target=drop

    10 ;;; Accepting already established connections
    chain=sanity-check connection-state=established action=accept

    11 ;;; Also accepting related connections
    chain=sanity-check connection-state=related action=accept

    12 ;;; Drop all traffic that goes to multicast or broadcast addresses
    chain=sanity-check dst-address-type=broadcast,multicast action=jump
    jump-target=drop

    13 ;;; Drop illegal destination addresses
    chain=sanity-check in-interface=local dst-address-type=!local
    dst-address-list=illegal-addr action=jump jump-target=drop

    14 ;;; Drop everything that goes from local interface but not from local add>
    s
    chain=sanity-check in-interface=local src-address-list=!local-addr
    action=jump jump-target=drop

    15 ;;; Drop illegal source addresses
    chain=sanity-check in-interface=inet src-address-list=illegal-addr
    action=jump jump-target=drop

    16 ;;; Drop everything that goes from public interface but not to local addr>
    chain=sanity-check in-interface=inet dst-address-list=!local-addr
    action=jump jump-target=drop

    17 ;;; Drop all traffic that goes from multicast or broadcast addresses
    chain=sanity-check src-address-type=broadcast,multicast action=jump
    jump-target=drop

    18 chain=forward protocol=tcp action=jump jump-target=restrict-tcp

    19 chain=forward protocol=udp action=jump jump-target=restrict-udp

    20 chain=forward action=jump jump-target=restrict-ip

    21 chain=restrict-tcp connection-mark=auth action=reject
    reject-with=icmp-network-unreachable

    22 ;;; anti-spam policy
    chain=restrict-tcp connection-mark=smtp action=jump
    jump-target=smtp-first-drop

    23 chain=smtp-first-drop src-address-list=first-smtp
    action=add-src-to-address-list address-list=approved-smtp
    address-list-timeout=0s

    24 chain=smtp-first-drop src-address-list=approved-smtp action=return

    25 chain=smtp-first-drop action=add-src-to-address-list
    address-list=first-smtp address-list-timeout=0s


    jump-target=drop

    18 chain=forward protocol=tcp action=jump jump-target=restrict-tcp

    19 chain=forward protocol=udp action=jump jump-target=restrict-udp

    20 chain=forward action=jump jump-target=restrict-ip

    21 chain=restrict-tcp connection-mark=auth action=reject
    reject-with=icmp-network-unreachable

    22 ;;; anti-spam policy
    chain=restrict-tcp connection-mark=smtp action=jump
    jump-target=smtp-first-drop

    23 chain=smtp-first-drop src-address-list=first-smtp
    action=add-src-to-address-list address-list=approved-smtp
    address-list-timeout=0s

    24 chain=smtp-first-drop src-address-list=approved-smtp action=return

    25 chain=smtp-first-drop action=add-src-to-address-list
    address-list=first-smtp address-list-timeout=0s

    26 chain=smtp-first-drop action=reject reject-with=icmp-network-unreachable

    27 chain=restrict-tcp connection-mark=other-tcp action=jump jump-target=drop

    28 chain=restrict-udp connection-mark=other-udp action=jump jump-target=drop

    29 chain=restrict-ip connection-mark=other action=jump jump-target=drop

    30 ;;; Port scanners to list
    chain=input protocol=tcp psd=21,3s,3,1 action=add-src-to-address-list
    address-list=port scanners address-list-timeout=2w

    31 chain=input protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg
    action=accept

    32 chain=input protocol=tcp tcp-flags=fin,syn action=accept

    33 chain=input protocol=tcp tcp-flags=syn,rst action=accept

    34 chain=input protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack
    action=accept

    35 chain=input protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg action=accept

    36 chain=input protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg
    action=accept

    37 ;;; dropping port scanners
    chain=input src-address-list=port scanners action=drop

    [rielove@DaNgEr-NeT] > ip firewall mangle print
    Flags: X - disabled, I - invalid, D - dynamic
    0 chain=prerouting in-interface=local dst-address-list=nice
    action=mark-connection new-connection-mark=iix passthrough=yes

    1 chain=prerouting connection-mark=iix action=mark-packet
    new-packet-mark=packet-iix passthrough=no

    2 chain=prerouting action=mark-packet new-packet-mark=packet-int
    passthrough=no

    3 chain=output connection-mark=iix action=mark-packet
    new-packet-mark=packet-iix passthrough=no

    4 chain=output action=mark-packet new-packet-mark=packet-int passthrough=no

    5 chain=prerouting src-address=192.168.13.0/24 protocol=udp
    dst-port=33434-33534 action=mark-connection
    new-connection-mark=con-tracert passthrough=yes

    6 chain=prerouting connection-mark=con-tracert action=mark-packet
    new-packet-mark=tracert passthrough=no

    7 ;;; Routing Mark For Games RF
    chain=prerouting src-address=192.168.13.0/24 protocol=tcp dst-port=27780
    action=mark-routing new-routing-mark=port-games-RF passthrough=no

    [rielove@DaNgEr-NeT] > ip fi nat pr
    Flags: X - disabled, I - invalid, D - dynamic
    0 ;;; Hubungkan Inet dan Local ...!
    chain=srcnat action=masquerade

    1 ;;; 80 --> 8080
    chain=dstnat in-interface=local protocol=tcp dst-port=80 action=redirect
    to-ports=8080

    2 ;;; 3128 --> 8080
    chain=dstnat in-interface=local protocol=tcp dst-port=3128
    action=redirect to-ports=8080

    3 X ;;; 8000 --> 8080
    chain=dstnat in-interface=local protocol=tcp dst-port=8000
    action=redirect to-ports=8080

    4 X ;;; 6667 --> 8080
    chain=dstnat in-interface=local protocol=tcp dst-port=6667
    action=redirect to-ports=8080

    5 X ;;; 7000 --> 8080
    chain=dstnat in-interface=local protocol=tcp dst-port=7000
    action=redirect to-ports=8080

  5. #4
    Status
    Offline
    rielove's Avatar
    Member
    Join Date
    Aug 2009
    Posts
    160
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    2.9.27 gan maap...

    Ko settingan ga bisa di kirim sini ya?

  6. #5
    Status
    Offline
    kdebugx86's Avatar
    Moderator
    Join Date
    Oct 2008
    Location
    greyarea
    Posts
    1,283
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    gak bisa login facebook ya ?

    itu port HTTPS nya ke blok, coba liat di /ip firewall filter, di drop gak ?
    coba cari port https (hayo port https port berapa ?) Click here to enlarge
    atau
    subnet LAN nya gak ke NAT, jadi https tidak bisa tembus tapi anda bisa browsing gara2 pake redirect proxy.

    untuk jelasnya ya coba tikernya di gelar.
    biar yang lain pada mampir dan duduk2 disini.

    *tapi kayaknya sih port https ketutup sama firewall di /ip firewall filter.
    Last edited by kdebugx86; 10-09-2009 at 17:55.

  7. #6
    Status
    Offline
    picazzo's Avatar
    Member
    Join Date
    Aug 2008
    Location
    Belajar truuusssss....
    Posts
    125
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Kmaren dapet kasus kyk gitu jg, pke Mozilla gak mau, kadang2 Opera mau..ternyata punyaku kmaren pke DHCP modem, setelah ganti pke PPPOE bisa konek lg. Entah emang kyk gitu atau cuman kbetulan aja. Click here to enlarge

    CMIIW

    br,

    picazzo
    Last edited by picazzo; 11-09-2009 at 12:10.

  8. #7
    Status
    Offline
    kdebugx86's Avatar
    Moderator
    Join Date
    Oct 2008
    Location
    greyarea
    Posts
    1,283
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by rielove Click here to enlarge

    -hapus-


    [rielove@DaNgEr-NeT] > ip fi nat pr
    Flags: X - disabled, I - invalid, D - dynamic
    0 ;;; Hubungkan Inet dan Local ...!
    chain=srcnat action=masquerade

    1 ;;; 80 --> 8080
    chain=dstnat in-interface=local protocol=tcp dst-port=80 action=redirect
    to-ports=8080

    2 ;;; 3128 --> 8080
    chain=dstnat in-interface=local protocol=tcp dst-port=3128
    action=redirect to-ports=8080

    3 X ;;; 8000 --> 8080
    chain=dstnat in-interface=local protocol=tcp dst-port=8000
    action=redirect to-ports=8080

    4 X ;;; 6667 --> 8080
    chain=dstnat in-interface=local protocol=tcp dst-port=6667
    action=redirect to-ports=8080

    5 X ;;; 7000 --> 8080
    chain=dstnat in-interface=local protocol=tcp dst-port=7000
    action=redirect to-ports=8080
    NAT nya gak ada.
    semuanya nat -port- redirect.wajar kalo https gak bisa.
    kalo mau tambahkan perintah redirect untuk https ke squid tapi squidnya harus disetting untuk menerima https:

    chain=dstnat in-interface=local protocol=tcp dst-port=443
    action=redirect to-ports=8080

    atau sebaliknya default nat biasa saja, gak perlu di redirect.

    / ip firewall nat
    add chain=srcnat out-interface="local" action=masquerade comment="" disabled=no


    btw salah room nih Click here to enlarge

    - ralat -
    gak baca line 0
    intinya ada sesuatu yang menghambat https anda.coba ditelusuri....
    Last edited by kdebugx86; 13-09-2009 at 23:39.

  9. #8
    Status
    Offline
    rielove's Avatar
    Member
    Join Date
    Aug 2009
    Posts
    160
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Nah itu yang lom ketemu sampai sekarang...
    Dan kemaren sempet pvan ma guru spymedan n disuruh ganti MT...
    Sekarang dah pake MT 3.22 dan kasus seperti itu juga masih sering muncul...
    masalah teratasi kalo di restor settingan trus reboot...
    Klo terjadi kayak gitu mesti sya restor tiap pagi...

    Ada solusi lain para akang?

  10. #9
    Status
    Offline
    kdebugx86's Avatar
    Moderator
    Join Date
    Oct 2008
    Location
    greyarea
    Posts
    1,283
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    coba firewall di disable dulu semua coba...
    terus tanpa proxy.....

    liat bisa apa enggak ?

  11. #10
    Status
    Offline
    rielove's Avatar
    Member
    Join Date
    Aug 2009
    Posts
    160
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    sama guru...
    klo dah ngeblok ga bisa login facebook mau firewall dimatikan semua juga ga ngaruh...
    klo dah restor settingan baru deh mau jalan...!

  12. #11
    Status
    Offline
    kdebugx86's Avatar
    Moderator
    Join Date
    Oct 2008
    Location
    greyarea
    Posts
    1,283
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    restore tiap pagi ?

    logikanya kan berarti ada program/script di router yang nutup port https atau address dari facebook ? dari pagi sampai malam...
    kemungkinan besar sih berhubungan sama firewall script...
    kalo liat di address list ada ip facebook yang ke blok gak ?

    jarang kejadian gini, jelas kalo bgt bukan dari providernya tapi dari mikrotiknya.

    untuk test selanjutkan kalo penasaran setelah restore, coba disable semua firewall script di /ip firewall...dan gimana reaksinya apakah akan sama...

    yo wes mudah2an membantu.. tq


    --note--
    oh ya..
    pada saat facebook https sudah terblok...
    coba situs2 lain yang pake https juga .. terblok juga atau tidak ...
    Last edited by kdebugx86; 14-09-2009 at 21:06.

  13. #12
    Status
    Offline
    rielove's Avatar
    Member
    Join Date
    Aug 2009
    Posts
    160
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by kdebugx86 Click here to enlarge
    restore tiap pagi ?

    logikanya kan berarti ada program/script di router yang nutup port https atau address dari facebook ? dari pagi sampai malam...
    kemungkinan besar sih berhubungan sama firewall script...
    kalo liat di address list ada ip facebook yang ke blok gak ?

    jarang kejadian gini, jelas kalo bgt bukan dari providernya tapi dari mikrotiknya.

    untuk test selanjutkan kalo penasaran setelah restore, coba disable semua firewall script di /ip firewall...dan gimana reaksinya apakah akan sama...

    yo wes mudah2an membantu.. tq


    --note--
    oh ya..
    pada saat facebook https sudah terblok...
    coba situs2 lain yang pake https juga .. terblok juga atau tidak ...

    Coba login https untuk klik bca normal kk senior...

  14. #13
    Status
    Offline
    kdebugx86's Avatar
    Moderator
    Join Date
    Oct 2008
    Location
    greyarea
    Posts
    1,283
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    wah emang bikin pusing nih.
    https di situs lain mau, di facebook doang nolak.
    lagi beresin squid kan ? nah beresin dulu deh. nanti kalo udah abis ganti squid liat masalah yang sama masih timbul gak.

  15. #14
    Status
    Offline
    rielove's Avatar
    Member
    Join Date
    Aug 2009
    Posts
    160
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    ini ada yang lucu lagi....
    Click here to enlarge

    Coba itu bikin masalah ga para kk senior sekalian...?

  16. #15
    Status
    Offline
    jullius.cs's Avatar
    Newbie
    Join Date
    Apr 2009
    Posts
    26
    Reviews
    Read 0 Reviews
    Downloads
    10
    Uploads
    0
    Feedback Score
    0
    waduh apanya ya??

    coba gini aja bro,
    export dulu semua settingan MK-nya
    setelah itu remove semua settinganya
    kemudian import lagi satu per satu dan dicobain login ke FBnya.
    trus cek settingan yang mana yang ga bisa login.
    Gitu bro kira2....

 

 
Page 1 of 3 123 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Gimana membuat Hotspot Login agar bisa otomatis login dimikrotik
    By Orang Ganteng in forum General Networking
    Replies: 10
    Last Post: 27-05-2010, 22:02
  2. Facebook sering g isa login
    By aankoe in forum Beginner Basics
    Replies: 19
    Last Post: 29-06-2009, 20:48
  3. Facebook Login Lama...
    By suhaq in forum General Networking
    Replies: 28
    Last Post: 25-03-2009, 11:02
  4. tidak bisa login
    By ariesbw in forum Beginner Basics
    Replies: 6
    Last Post: 03-02-2009, 13:29
  5. gak bisa ping + gak bisa login via telnet&winbox
    By brondong in forum Beginner Basics
    Replies: 14
    Last Post: 26-09-2008, 07:07

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •