Selasa, 17 Februari 2009
Mikrotik Hotspot dan User Manager
Langkah-langkah sebagai berikut :
1. rename interface eth :LAN, LOCAL, INT
[admin@46un6-Router] > interface print
Flags: X - disabled, D - dynamic, R - running
# NAME TYPE RX-RATE TX-RATE MTU
0 R lan ether 0 0 1500
1 R int ether 0 0 1500
2 R local ether 0 0 1500
[admin@46un6-Router] >
2. setting ip address ketiga interface
[admin@46un6-Router] > ip address print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 10.8.8.45/24 10.8.8.0 10.8.8.255 local
1 192.168.10.1/24 192.168.10.0 192.168.10.255 lan
2 202.47.77.24x/28 202.47.77.240 202.47.77.255 int
[admin@46un6-Router] >
3. setting ip route / gateway
[admin@46un6-Router] > ip route print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf,
B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC G GATEWAY DISTANCE INTERFACE
0 A S 0.0.0.0/0 r 10.8.8.1 1 local
1 A S 0.0.0.0/0 r 202.47.77.24x 1 int
2 ADC 10.8.8.0/24 10.8.8.45 0 local
3 ADC 192.168.10.0/24 192.168.10.1 0 lan
4 ADC 202.47.77.240/28 202.47.77.249 0 int
[admin@46un6-Router] >
4. setting dns
[admin@46un6-Router] > ip dns print
primary-dns: 202.47.78.8
secondary-dns: 202.47.78.9
allow-remote-requests: yes
cache-size: 2048KiB
cache-max-ttl: 1w
cache-used: 21KiB
[admin@46un6-Router] >
5. setting nat / masquerading
[admin@46un6-Router] > ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=srcnat action=masquerade
1 chain=srcnat action=masquerade src-address=192.168.10.0/24
2 ;;; masquerade hotspot network
chain=srcnat action=masquerade src-address=192.168.10.0/24
[admin@46un6-Router] >
6. input address-list nice
7. marking-connection dan marking-routing
[admin@46un6-Router] > ip firewall mangle print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=output action=mark-connection new-connection-mark=mark-local-con passthrough=yes dst-address-list=nice
1 chain=output action=mark-routing new-routing-mark=mark-routing-local passthrough=yes connection-mark=mark-local-con
[admin@46un6-Router] >
8. marking gateway
9. test traceroute situs local dan international
10. setup hotspot system [ACTIVATE HOTSPOT SYSTEM]
11. activate RADIUS pada hotspot server profile [use radius = yes]
12. add Radius
services = hotspot
address = 202.47.77.24x [IP dimana radius / user-manager berada]
secret = 123456 [secret harus sama dengan user-manager]
SETTING USER-MANAGER [PAKET DIANGGAP TERPISAH DARI SISTEM HOTSPOT]
1. install paket user-manager
2. buat account user-manager
[admin@46un6-router] > tool user-manager customer add login=”46un6” password=”pu5k0mx" permissions=owner
3. untuk mengakses user-manager di >> http://202.47.77.24x/userman
username = 46un6
password = pu5k0mx
4. setting router
name = 46un6-router
ip address = 202.47.77.24x [ip address sendiri bisa juga 127.0.0.1]
secret = 123456 [secret ini harus sama dengan router]
OK
5. add user account untuk dapat akses hotspot system dari client
>> account setting lebih lengkap
6. pelajari menu aplikasi user-manager
user-manager juga bisa digunakan untuk login RouterOS
1. konfigurasi user XXX pada sisi routerOS
#/ user xxx set use-radius=yes
2. permission pada default group harus full
#/ user xxx set default-group=full
3. setting ip radius dan secret harus sama dengan user-manager
#/ radius add service=login address=202.47.77.24x secret=123456
4. test login menggunakan account user-manager [radius]
Langganan:
Posting Komentar (Atom)
tanks yeach sob... artikelnya yahut dach pokoknya.. heheh lamkenal aja yeach niech juga dari lamteng niech Merapi.. bandar jaya masuk,, hehe
BalasHapussalam,
Nurmanto
k' agung,is the best dech...pkoknya pantes jadi guru
BalasHapusudah sabar,pinter lagi?
apa cie resep pinternya...?
o ya,thankz ya k' lok perlu diposting lagi
yang banyak tentang jaringan.key...
mantabsss...thx sob...lam knal ya..
BalasHapusBro mau nanya kalo setting usermannya buat satu user bisa digunakan bersama" gimana cdaranya...?? makasi seblumnya
BalasHapus