Mikrotik Static Routing/Pisah Koneksi Games Online dan Browsing
Thursday, February 16, 2017
Edit
 |
| Static Routing Mikrotik |
Peralatan /Interface yang dipasang
- 2 Modem FO Huawei
- 1 Mikrotik RB750
- Hub/Switch
2 Modem disetting Brigde dan disetting ip nya berbeda
Modem 1 (Browsing) 192.168.3.1
Modem 2 (Games) 192.168.2.1
Gateway mikrotik 192.168.88.1
Client 192.168.88.2-192.168.88.254
Kemudian dihubungkan ke mikrotik Berikut Konfigurasi singkat saya
INTERFACE
/interface pppoe-client
add comment="Line Games" disabled=no interface="ether2-GAME 3.1" name=\
"pppoe-out1-GAME 3.1" password=xxxxxxx user=xxxxxxxx@telkom.net
add comment="Line Browsing" disabled=no interface="ether5-BROWSING 4.1" mrru=\
1600 name="pppoe-out2-BROWSING 4.1" password=xxxxxxx user=\
xxxxxxxx@telkom.net
ADDRESS
/ip firewall address-list
add address=192.168.88.0/24 list=USER
add address=192.168.99.0/24 list=USER
FIREWALL
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
add action=reject chain=forward comment="Gemscool Script Error" disabled=yes \
layer7-protocol=*9
add action=drop chain=forward comment="------- Speedy Store -------" \
disabled=yes layer7-protocol=*A protocol=tcp
add action=reject chain=forward comment="------------ SB Iklan ---------" \
disabled=yes layer7-protocol=*B
add action=reject chain=forward comment="--------- Drop Openvpn --------" \
dst-port=1194 protocol=tcp reject-with=tcp-reset
add action=drop chain=forward dst-port=1194 protocol=tcp
add action=drop chain=forward disabled=yes dst-address=122.102.41.0/24
add action=drop chain=forward disabled=yes dst-address=103.229.163.0/24
add action=drop chain=forward disabled=yes dst-port=80 in-interface=\
ether1-LAN protocol=tcp src-address=192.168.88.127-192.168.88.142
add action=drop chain=forward disabled=yes dst-port=443 in-interface=\
ether1-LAN protocol=tcp src-address=192.168.88.127-192.168.88.142
MANGLE
/ip firewall mangle
add action=mark-connection chain=prerouting comment="Game Online Warnet" \
dst-port=!80,443 \
in-interface=ether1-LAN new-connection-mark=game_online protocol=tcp \
src-address-list=USER
add action=mark-connection chain=prerouting dst-port=!443 in-interface=\
ether1-LAN new-connection-mark=udp protocol=udp src-address-list=USER
add action=mark-routing chain=prerouting connection-mark=game_online \
dst-port=!80,443 \
in-interface=ether1-LAN new-routing-mark=game passthrough=no protocol=tcp \
src-address-list=USER
add action=mark-routing chain=prerouting connection-mark=udp dst-port=!443 \
in-interface=ether1-LAN new-routing-mark=game passthrough=no protocol=udp
add action=mark-connection chain=prerouting comment="Game Online WIFI" \
dst-port=!80,443 \
in-interface="ether3-WIFI 99.1" new-connection-mark=game_online protocol=\
tcp src-address-list=USER
add action=mark-connection chain=prerouting dst-port=!443 in-interface=\
"ether3-WIFI 99.1" new-connection-mark=udp protocol=udp src-address-list=\
USER
add action=mark-routing chain=prerouting connection-mark=game_online \
dst-port=!80,443 \
in-interface="ether3-WIFI 99.1" new-routing-mark=game passthrough=no \
protocol=tcp src-address-list=USER
add action=mark-routing chain=prerouting connection-mark=udp dst-port=!443 \
in-interface="ether3-WIFI 99.1" new-routing-mark=game passthrough=no \
protocol=udp
NAT
/ip firewall nat
add action=masquerade chain=srcnat comment="Masquarade Network"
add action=dst-nat chain=dstnat dst-port=53 protocol=tcp to-addresses=\
192.168.88.1 to-ports=53
add action=dst-nat chain=dstnat dst-port=53 protocol=udp to-addresses=\
192.168.88.1 to-ports=53
ROUTING
/ip route
add check-gateway=ping distance=1 gateway="pppoe-out1-GAME 3.1" routing-mark=\
game
add distance=1 gateway="pppoe-out2-BROWSING 4.1"
Videonya bisa dilihat : https://youtu.be/WvTjw4Xl2KU