|
|
|
|
Online Now: 4 0 Members | 4 Guests |
|
|
|
|
|
|
Copy & paste Coding Dibawah ini Untuk Banner kami ================================== <a href="http://www.sekuritionline.net/" target="_blank"><img src= "http://www.sekuritionline.net/ banner/banner.gif" width="125" height="75" alt="sekuritionline.net" title="SO-Te@m" border="0" /></a> |
|
|
|
|
|
|
| -------------------------------- |
|
|
|
|
|
|
|
| January 26, 2009, 6:53 pm |
|
|
|
|
By cyberlog
Published: April 25, 2007
Print
Email
SETING ROUTER LINUX
|eth0 | |-------| | MGW | |---|---| | |eth1 | | |--------------------hub----------------------| | | | | | | | | | |---------| |---------| |---------| |Client 01| |Client 02| |Client 03| |---------| |---------| |---------|
Pertama
yang harus di lakukan adalah mensetting mgw(main gateway) supaya bisa
connect ke internet Sebelum Mensetting : 1.Minta IP public ke ISP lengkap dengan netmask,broadcast dan dns nya misalnya : RANGE : 202.159.121.0/29 IP : 202.159.121.2 GATEWAY : 202.159.121.1 Nemast : 255.255.255.248 broadcast : 202.159.121.7 DNS1 : 202.159.0.10 DNS2 : 202.159.0.20 berarti
kita mendapatkan ip 5 buah dari 202.159.121.2 - 202.159.121.6
2.Menentukan IP local yang akan kita gunakan buat client
Setting IP MGW : 1.[root@mgw cachak]$ vi /etc/sysconfig/network lalu isi dengan :
NETWORKING=yes HOSTNAME=mgw.domain.com GATEWAY=202.159.121.1
lalu simpen dengan menekan :wq
2.Menconfigurasi IP eth0(default)
[root@mgw root]$ vi /etc/sysconfig/network-scripts/ifcfg-eth0 lalu isi dengan :
DEVICE=eth0 BOOTPROTO=static IPADDR=202.159.121.2 BROADCAST=202.159.121.7 NETMASK=255.255.255.249 ONBOOT=yes USERCTL=no
lalu simpen dengan menekan :wq
3.Setting dns resolve
[root@mgw root]$ vi /etc/resolve.conf lalu isi dengan nameserver dari isp kita tadi :
nameserver 202.159.0.10 nameserver 202.159.0.20
lalu simpen dengan menekan :wq
4.Setting ip_forwarding
[root@mgw cachak]$ vi /etc/sysctl.conf
rubah net.ipv4.ip_forward = 0 menjadi net.ipv4.ip_forward = 1 atau
kalau gak ada net.ipv4.ip_forward = 0 tambahin net.ipv4.ip_forward = 1
simpen dengan menekan :wq
5.restart network [root@mgw cachak]$ /etc/init.d/network restart Shutting down interface eth0: [ OK ] Shutting down loopback interface: [ OK ] Disabling IPv4 packet forwarding: [ OK ] Setting network parameters: [ OK ] Bringing up loopback interface: [ OK ] Bringing up interface eth0: [ OK ]
[root@www root]#chkconfig --level 2345 network on [root@www root]#
6.testing dengan ngeping ke default gateway 202.159.121.1
[root@mgw cachak]$ ping 202.159.121.1 PING 202.159.121.1 (202.159.121.1) 56(84) bytes of data. 64 bytes from 202.159.121.1: icmp_seq=1 ttl=63 time=0.356 ms 64 bytes from 202.159.121.1: icmp_seq=2 ttl=63 time=0.269 ms 64 bytes from 202.159.121.1: icmp_seq=3 ttl=63 time=0.267 ms 64 bytes from 202.159.121.1: icmp_seq=4 ttl=63 time=0.268 ms
--- 202.159.121.1 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 2997ms rtt min/avg/max/mdev = 0.267/0.290/0.356/0.038 ms
7.testing untuk ngeping google.com untuk ngecek dns nya kalau muncul : PING google.com (216.239.39.99) 56(84) bytes of data. berarti dns kita untuk mgw dah bekerja, tapi kalau muncul : ping: unknown host google.com berarti
dns yang kita isikan di /etc/resolve.conf masih salah,silahkan cek lagi
ke ISP nya
nah bereskan sudah setting IP untuk mgw nya supaya
mgw ini bisa sekaligus di gunakan sebagai ns server oleh client maka
harus di install daemon bind atau daemon nameserver yang lain ataukalau sudah ada tinggal idupin Bind nya
[root@www root]# /etc/init.d/named restart Stopping named: [ OK ] Starting named: [ OK ] [root@www root]#chkconfig --level 2345 named on [root@www root]#
misalnya ip ke client adalah : 192.168.0.1/24 IP : 192.168.0.1 netmask : 255.255.255.0 broadcast : 192.168.0.255 RANGE IP CLIENT : 192.168.0.2-192.168.0.254
Setting ip untuk eth1 (yang ke client) 1.memberi IP 192.168.0.1 di eth1 [root@mgw cachak]$ vi /etc/sysconfig/network-scripts/ifcfg-eth1 lalu isi dengan :
DEVICE=eth1 BOOTPROTO=static IPADDR=192.168.0.1 NETMASK=255.255.255.0 BROADCAST=192.168.0.255 ONBOOT=yes USERCTL=no
lalu simpen dengan menekan :wq
2.Restart networknya
[root@mgw root]$ /etc/init.d/network restart Shutting down interface eth0: [ OK ] Shutting down interface eth1: [ OK ] Shutting down loopback interface: [ OK ] Disabling IPv4 packet forwarding: [ OK ] Setting network parameters: [ OK ] Bringing up loopback interface: [ OK ] Bringing up interface eth0: [ OK ] Bringing up interface eth1: [ OK ]
3.Testing dengan cara ping ip eth1 [root@mgw cachak]$ ping 192.168.0.1 PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data. 64 bytes from 192.168.0.1: icmp_seq=1 ttl=63 time=0.356 ms 64 bytes from 192.168.0.1: icmp_seq=2 ttl=63 time=0.269 ms 64 bytes from 192.168.0.1: icmp_seq=3 ttl=63 time=0.267 ms 64 bytes from 192.168.0.1: icmp_seq=4 ttl=63 time=0.268 ms
--- 192.168.0.1 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 2997ms rtt min/avg/max/mdev = 0.267/0.290/0.356/0.038 ms
Tinggal Setting IP computer client dengan ketentuan di bawah ini :
IP : 192.168.0.2 - 192.168.0.254 GATEWAY : 192.168.0.1 NETMASK : 255.255.255.0 BROADCAST : 192.168.0.255 NAMESERVER : 192.168.0.1
misal :
Client01 =============================== IP : 192.168.0.2 GATEWAY : 192.168.0.1 NETMASK : 255.255.255.0 BROADCAST : 192.168.0.255 NAMESERVER : 192.168.0.1
Client02 =============================== IP : 192.168.0.3 GATEWAY : 192.168.0.1 NETMASK : 255.255.255.0 BROADCAST : 192.168.0.255 NAMESERVER : 192.168.0.1
dan seterusnya sesuai banyaknya client,yang berubah hanya IP untuk
client windows maka setting IP di bagian Start Menu/Setting/Control
Panel/Network
setelah di setting ip client, maka coba ping
ke 192.168.0.1 dari client,kalau berhasil berarti client dan MGW nya
sudah tersambung.
Setting MGW supaya client bisa internat dengan menggunakan NAT
1.Matikan iptablesnya
[root@mgw root]# /etc/init.d/iptables stop Flushing all chains: [ OK ] Removing user defined chains: [ OK ] Resetting built-in chains to the default ACCEPT policy: [ OK ] [root@mgw root]#
2.Tambahkan iptables untuk Source NAt sesuai dengan ip di eth0 [root@mgw
root]# /sbin/iptables -t nat -A POSTROUTING -o eth0 -s 192.168.8.0/24
-j SNAT --to-source 202.159.121.2 [root@mgw root]#
/sbin/iptables-save > /etc/sysconfig/iptables [root@mgw root]# /etc/init.d/iptables restart Flushing all current rules and user defined chains: [ OK ] Clearing all current rules and user defined chains: [ OK ] Applying iptables firewall rules: [ OK ] [root@mgw root]# iptables-save
SNAT sudah,SNAT disini standar sekali dan gak ada proteksi untuk
mengetest nya kita browser di client lalau buka google.com, kalau jalan
berati kita sudah berhasil
View Comments (0)
|
|
|
|
|
Sorry, your account does not have access to post comments.