Topologi :
modem ----------- Router ------------ Switch ---------- Client.....
...................................|..............................................
...................................|..............................................
....................ClearOS proxy server....................................
......................(Standalone mode).....................................
...................................................................
Alokasi IP
WAN Mikrotik 115.124.xx.xx
LAN Mikrotik 192.168.1.254
PROXY Mikrotik 192.168.3.2
ClearOS 192.168.3.1
Kebetulan saya menggunakan Mikrotik RB450
OK kita setting interfaces dan ip untuk mikrotik terlebih dahulu
/interface ethernet
set 0 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=\
"" disabled=no full-duplex=yes mac-address=00:0C:42:3D:XX:XX master-port=\
none mtu=1500 name=WAN speed=100Mbps
set 1 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=\
"" disabled=no full-duplex=yes mac-address=00:0C:42:3D:XX:XX master-port=\
none mtu=1500 name=LAN speed=100Mbps
set 3 arp=enabled auto-negotiation=yes comment="" disabled=no full-duplex=yes \
mac-address=00:0C:42:3D:XX:XX mtu=1500 name=proxy speed=100Mbps
/ip address
add address=115.124.XX.XX/30 broadcast=115.124.xx.xx comment="" disabled=no \
interface=WAN network=115.124.XX.XX
add address=192.168.1.254/24 broadcast=192.168.1.255 comment="" disabled=no \
interface=LAN network=192.168.1.0
add address=192.168.3.2/30 broadcast=192.168.3.3 comment="" disabled=no \
interface=proxy network=192.168.3.0
Setelah kita set DNS,NAT untuk LAN
/ip firewall nat
add action=src-nat chain=srcnat comment="" disabled=no dst-address=0.0.0.0/0 \
out-interface=to_isp src-address=192.168.1.0/24 to-addresses=\
115.124.XX.XX to-ports=0-65535
/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=2048KiB \
max-udp-packet-size=512 primary-dns=202.182.XX.XX secondary-dns=\
202.159.XX.XX
/ip dns static
add address=192.168.3.1 disabled=no name=proxy ttl=1d
Setting IP Address Client
misal untuk client1
IP : 192.168.1.1
netmask : 255.255.255.0
gateway : 192.168.1.254
dns1 : 192.168.1.254
dns2 : 202.182.XX.XX
Test client untuk Browsing seharusnya sudah bisa kalau belum bisa periksa kembali
setting di atas sampai client bisa browsing
OK selanjutnya persiapan untuk proxy
buat NAT di Mikrotik untuk Proxy
/ip firewall nat
add action=src-nat chain=srcnat comment="link proxy" disabled=no dst-address=\
0.0.0.0/0 out-interface=WAN src-address=192.168.3.0/30 to-addresses=\
115.124.XX.XX to-ports=0-65535
add action=dst-nat chain=dstnat comment="transproxy" disabled=\
no dst-port=80,8080 in-interface=to_swicht protocol=tcp src-address=\
!192.168.3.1 to-addresses=192.168.3.1 to-ports=3128
setelah itu install CLearOS
install ClearOS Server Standalone Mode - No Firewall
edit file /etc/firewall, cari dan ganti parameter berikut
SQUID_TRANSPARENT="on"
[root@proxy etc]# cat firewall | grep SQUID
SQUID_TRANSPARENT="on"
edit file /etc/resolv.conf, tambahkan nameserver (DNS) ISP anda
[root@proxy etc]# cat resolv.conf
nameserver 202.182.xx.xx
pastikan gateway proxy sudah ke IP PROXY Mikrotik, jika menggunakan ClearOS
sudah ada di menu network->ip setting klik edit ikuti wizardnya dan jangan
lupa gateway dan dns nya sudah benar, untuk memastikan bisa lihat file ifcfg-eth0
ada di direktory /etc/sysconfig/network-scripts
[root@proxy network-scripts]# cat ifcfg-eth0
DEVICE=eth0
TYPE="Ethernet"
ONBOOT="yes"
USERCTL="no"
BOOTPROTO="static"
IPADDR="192.168.3.1"
NETMASK="255.255.255.0"
HWADDR="00:50:da:93:4c:53"
GATEWAY="192.168.3.2"
Jalankan Web Proxy ada di menu
gateway -> Web Proxy
klik start dan buat automatic
Jangan lupa buat acl nya dulu yah di Squid bisa dari webconfignya kok
Jangan lupa buat acl nya dulu yah di Squid bisa dari webconfignya kok
Sekarang Proxy kita sudah siap di uji coba
sumber : http://obhe-world.blogspot.com/2010/11/cara-setting-transparent-proxy-clearos.html
Tidak ada komentar:
Posting Komentar