Setting LAN Internet Gateway MikroTik – GNS3 Lab1

Setting LAN Internet Gateway MikroTik – GNS3 Lab1

  • MikroTik: mempunyai 5 NIC, ether5 terhubung langsung dengan adaptor hostonly virtualbox yang digunkan untuk remote winbox
  • Ether1: terhubung ke internet lewat device cloud dengan IP: 192.168.249.140 /24
  • Ether2: terhubung ke lan dengan IP: 192.168.10.1 /24

  • Setting interface mikrotik > Menu Interfaces
[[email protected]] > interface set ether1 name=ether1-inet
[[email protected]] > interface set ether2 name=ether2-lan
[[email protected]] > interface set ether5 name=ether5-vbox
[[email protected]] > interface print 
Flags: D - dynamic, X - disabled, R - running, S - slave 
 #     NAME                                TYPE       ACTUAL-MTU L2MTU  MAX-L2MTU
 0  R  ether1-inet                         ether            1500
 1  R  ether2-lan                          ether            1500
 2  R  ether3                              ether            1500
 3  R  ether4                              ether            1500
 4  R  ether5-vbox                         ether            1500

  • Setting IP address mikrotik: IP > Addresses dan IP > DHCP Client
[[email protected]] > ip dhcp-client add interface=ether1-inet disabled=no
[[email protected]] > ip address add address=192.168.10.1/24 interface=ether2-lan disabled=no
[[email protected]] > ip address print 
Flags: X - disabled, I - invalid, D - dynamic 
 #   ADDRESS            NETWORK         INTERFACE                                
 0 D 192.168.249.140/24 192.168.249.0   ether1-inet                              
 1   192.168.10.1/24    192.168.10.0    ether2-lan

  • Setting DNS server mikrotik: IP > DNS
[[email protected]] > ip dns set servers=192.168.10.1,8.8.8.8 allow-remote-requests=yes 
[[email protected]] > ip dns print 
                      servers: 192.168.10.1,8.8.8.8
              dynamic-servers: 192.168.249.2
        allow-remote-requests: yes
          max-udp-packet-size: 4096
         query-server-timeout: 2s
          query-total-timeout: 10s
       max-concurrent-queries: 100
  max-concurrent-tcp-sessions: 20
                   cache-size: 2048KiB
                cache-max-ttl: 1w
                   cache-used: 12KiB

  • Setting IP pool mikrotik: IP > Pool
[[email protected]] > ip pool add name=local ranges=192.168.10.11-192.168.10.20
[[email protected]] > ip pool print 
 # NAME                                           RANGES                         
 0 local                                          192.168.10.11-192.168.10.20

  • Setting Dhcp Server mikrotik: IP > DHCP Server
[[email protected]] > ip dhcp-server add name=local interface=ether2-lan address-pool=local disabled=no lease-time=12h add-arp=yes
[[email protected]] > ip dhcp-server print 
Flags: X - disabled, I - invalid 
 #   NAME        INTERFACE       RELAY           ADDRESS-POOL       LEASE-TIME ADD-ARP
 0   local       ether2-lan                      local              12h        yes

[[email protected]] > ip dhcp-server network add address=192.168.10.0/24 gateway=192.168.10.1 dns-server=192.168.10.1,8.8.8.8 domain=sys-ops.id
[[email protected]] > ip dhcp-server network print 
 # ADDRESS            GATEWAY         DNS-SERVER      WINS-SERVER     DOMAIN          
 0 192.168.10.0/24    192.168.10.1    192.168.10.1                    sys-ops.id      
                                      8.8.8.8

  • Setting IP Route Gateway: IP > Routes
[[email protected]] > ip route add gateway=192.168.249.2 check-gateway=ping 
[[email protected]] > ip route print 
Flags: X - disabled, A - active, D - dynamic, 
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, 
B - blackhole, U - unreachable, P - prohibit 
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 ADS  0.0.0.0/0                          192.168.249.2             1
 1   S  0.0.0.0/0                          192.168.249.2             1
 2 ADC  192.168.10.0/24    192.168.10.1    ether2-lan                0
 3 ADC  192.168.249.0/24   192.168.249.140 ether1-inet               0

  • Setting Firewall NAT: IP > Firewall > NAT
[[email protected]] > ip firewall nat add chain=srcnat action=masquerade out-interface=ether1-inet
[[email protected]] > ip firewall nat print 
Flags: X - disabled, I - invalid, D - dynamic 
 0    chain=srcnat action=masquerade out-interface=ether1-inet log=no log-prefix=""

  • Test ping dari dalam terminal mikrotik
[[email protected]] > ping 8.8.8.8  c=5            
  SEQ HOST                                     SIZE TTL TIME  STATUS             
    0 8.8.8.8                                    56 128 840ms
    1 8.8.8.8                                    56 128 55ms 
    2 8.8.8.8                                    56 128 59ms 
    3 8.8.8.8                                    56 128 61ms 
    4 8.8.8.8                                    56 128 58ms 
    sent=5 received=5 packet-loss=0% min-rtt=55ms avg-rtt=214ms max-rtt=840ms 

[[email protected]] > ping sys-ops.id c=5
  SEQ HOST                                     SIZE TTL TIME  STATUS             
    0 103.152.118.72                             56 128 62ms 
    1 103.152.118.72                             56 128 52ms 
    2 103.152.118.72                             56 128 49ms 
    3 103.152.118.72                             56 128 47ms 
    4 103.152.118.72                             56 128 40ms 
    sent=5 received=5 packet-loss=0% min-rtt=40ms avg-rtt=50ms max-rtt=62ms

  • Cek IP address dhcp client pada device vpcs
  • Cek IP address dhcp client pada device vm windows

herdiana3389

A system administrator with skills in system administration, virtualization, linux, windows, networking, cloud computing, container, etc.