gw contohin punya dua isp 2 ip publik ke dua ip isp itu sebagai berikut :
ISP 1 >> kita langganan isp cbn contoh di kasih blok ip 202.158.10.2/30
set di eth1 = 202.158.10.4/30 gatewaynya 202.158.10.3
ISP 2 >> kita langganan isp orion contoh dikasih blok ip 203.84.84.25/30
set di eth2 = 203.84.84.27/30 gatewaynya 203.84.84.26
IP network Lannya ==> contoh untuk lannya kita pakai 192.168.1.0/24 gtwynya 192.168.1.1/24
[sourcecode language="css"]
ip address add address=202.158.10.4/30 netmask=255.255.255.252 interface=ether1
ip address add address=203.84.84.27/30 netmask=255.255.255.252 interface=ether2
ip address add address=192.168.1.1/24 netmask=255.255.255.0 interface=ether3
[/sourcecode]
setting dns dan ip route
[sourcecode language="css"]
/ ip dns set allow-remote-requests=yes primary-dns=8.8.8.8
/ ip route add gateway=203.84.84.26
/ ip route add gateway=202.158.10.3
[/sourcecode]
Sekarang setting natnya
/ ip firewall nat
add chain=srcnat src-address=192.168.1.0/24 action=masquerade
[/sourcecode]
copy mangle ini ether3 anggap untuk lan gatewaynya
[sourcecode language="css"]
/ ip firewall mangle
add chain=prerouting in-interface=ether3 action=mark-connection new-connection-mark=list_1
add chain=prerouting in-interface=ether3 action=mark-routing new-routing-mark=list_1 src-address-list=list_1
add chain=prerouting in-interface=ether3 connection-state=new action=mark-connection new-connection-mark=list_1 nth=4,1
add chain=prerouting in-interface=ether3 connection-mark=list_1 action=add-src-to-address-list address-list=list_1
[/sourcecode]
edit sedikit seperti ini :
0 komentar:
Posting Komentar