Thursday, December 12, 2024

Setting Mikrotik 2 WAN

Setting as link balance 


WAN 1= 10.111.0.2/24 on Eth1

WAN2 = 172.16.0.0/24 on Eth2

LAN - 192.168.0.0/24 on Eth5


Create NAT

add chain=srcnat out-interface=ether1 action=masquerade

add chain=srcnat out-interface=ether2 action=masquerade


Create Policy Routing

Incoming

add chain=prerouting dst-address=10.111.0.0/24  action=accept in-interface=ether5

add chain=prerouting dst-address=172.16.0.0/24  action=accept in-interface=ether5

Crete marking

add chain=prerouting in-interface=ether1 connection-mark=no-mark action=mark-connection new-connection-mark=koneksiISP1

add chain=prerouting in-interface=ether2 connection-mark=no-mark action=mark-connection new-connection-mark=koneksiISP2


add chain=prerouting  in-interface=ether5 connection-mark=no-mark dst-address-type=!local per-connection-classifier=both-addresses:3/0 action=mark-connection new-connection-mark=koneksiISP1

add chain=prerouting  in-interface=ether5 connection-mark=no-mark dst-address-type=!local per-connection-classifier=both-addresses:3/1 action=mark-connection new-connection-mark=koneksiISP1

add chain=prerouting  in-interface=ether5 connection-mark=no-mark dst-address-type=!local per-connection-classifier=both-addresses:3/2 action=mark-connection new-connection-mark=koneksiISP2

add chain=prerouting connection-mark=ISP1_conn in-interface=ether5 action=mark-routing new-routing-mark=keISP1

add chain=prerouting connection-mark=ISP2_conn in-interface=ether5 action=mark-routing new-routing-mark=keISP2

add chain=output connection-mark=koneksiISP2 action=mark-routing new-routing-mark=keISP2


Ip Route+ Failover

add dst-address=0.0.0.0/0 gateway=10.111.0.1 routing-mark=to_ISP1 distance=1 check-gateway=ping

add dst-address=0.0.0.0/0 gateway=172.16.0.1 routing-mark=to_ISP2 distance=2 check-gateway=ping



Posted by at No comments:

Wednesday, October 23, 2024

SFLOW Aruba 8100

 

Enable sflow

sflow

Set IP host collector

sflow collector 192.168.100.23


Set ip switch as agent

sflow agent-ip 192.168.100.51


Configure sFLow sampling rate and polling interval.

sflow sampling 5000

sflow polling 20


Check show sflow


Posted by at No comments:

Thursday, February 1, 2024

 SETTING DDNS FORTINET


Disable the anycast communication for the FortiGuard server (CLI):

config system fortiguard
    set fortiguard-anycast disable
    set protocol udp
end

Configure a dedicated DDNS Server (CLI):
config system fortiguard
    set ddns-server-ip 173.243.138.225
end

config system ddns
    edit 1
        set ddns-server FortiGuardDDNS
        set server-type ipv4
        set ddns-domain "branch.float-zone.com"
        set addr-type ipv4
        set use-public-ip enable
        set monitor-interface "wan1"
    next
end
Posted by at No comments:
Subscribe to: Posts (Atom)