Konfigurasi Firewall MikroTik | Cara Mengamankan Jaringan Komputer
Summary
TLDRIn this tutorial, the video explains how to configure firewall rules on MikroTik devices to block specific traffic. The host demonstrates various scenarios, such as blocking ping requests between devices, blocking HTTP access, and SSH access. Key concepts like traffic flow (input, forward, and output) and filtering based on protocols and addresses are emphasized. The importance of understanding the characteristics of network traffic, such as source and destination IPs, protocols, and ports, is highlighted. The video guides viewers through step-by-step configurations, troubleshooting, and best practices for implementing MikroTik firewall rules.
Takeaways
- ๐ Understanding traffic flow is crucial when configuring firewalls in MikroTik, including input, forward, and output traffic.
- ๐ The first step in firewall configuration is identifying the traffic flow, such as whether it's coming from outside to inside (input), inside to outside (output), or passing through the router (forward).
- ๐ When configuring firewall rules, it's important to specify criteria for filtering packets, such as source and destination addresses, protocols (e.g., ICMP, TCP), and ports.
- ๐ MikroTik's firewall allows various filtering options, including input, forward, and output chains, to control traffic flow based on different scenarios.
- ๐ In the first scenario, blocking traffic from PC A to Router 1 is achieved by configuring an input rule that specifies the source address as PC A's IP and the protocol as ICMP (for ping).
- ๐ The second scenario demonstrates blocking ping traffic from PC A to PC D using a forward chain and defining source and destination addresses for precise filtering.
- ๐ The firewall configuration can be tested by disabling and enabling rules to see the effect on network traffic, ensuring that the desired actions (e.g., blocking pings) are applied correctly.
- ๐ Incorrect selection of chains or protocols can prevent firewall rules from functioning as expected, highlighting the importance of proper configuration and testing.
- ๐ In the third scenario, blocking HTTP access (port 80) from PC D to Router 1 is demonstrated using an input chain and specifying the source address of PC D and the protocol as TCP.
- ๐ The fourth scenario involves blocking SSH access from PC B to Router 1 by configuring a rule with the input chain and the TCP protocol on port 22, ensuring that specific traffic is filtered appropriately.
Q & A
What is the purpose of using a firewall in Mikrotik?
-The purpose of using a firewall in Mikrotik is to filter traffic and block unwanted activities, such as blocking traffic from specific devices or restricting certain network activities, as demonstrated in the script where different traffic blocking scenarios are applied.
What is the significance of understanding traffic flow in firewall configuration?
-Understanding traffic flow is crucial for properly configuring a firewall. It helps determine whether traffic is incoming (input), passing through (forward), or outgoing (output), which in turn affects the rules you create for filtering packets.
What are the three types of traffic flows mentioned in the script?
-The three types of traffic flows mentioned are: Input (traffic from outside to inside the router), Forward (traffic passing through the router between devices), and Output (traffic from inside the router to the outside).
What role does packet identification play in firewall configuration?
-Packet identification is important for firewall configuration as it helps specify the source, destination, protocol, and port of the traffic, allowing precise filtering. For example, blocking ping traffic requires knowing the ICMP protocol and source/destination IP addresses.
What happens when the wrong chain is selected in firewall rules?
-Selecting the wrong chain, such as using 'input' instead of 'forward,' will cause the firewall rule to be ineffective. For instance, a rule that should block traffic from one device to another will fail if the wrong chain is chosen.
How can one test whether a firewall rule is working as expected?
-To test whether a firewall rule is working, you can try sending traffic from the source device to the destination and observe the behavior. For example, pinging the router or attempting an SSH connection, and checking whether the traffic is blocked as expected.
What is the potential problem if the protocol selected in the rule is incorrect?
-If the protocol in the firewall rule is incorrect, the rule will not catch the traffic as intended. For example, selecting UDP instead of ICMP for a ping block will not block the ping traffic, because ping uses ICMP, not UDP.
What is the effect of incorrectly specifying the source address in a firewall rule?
-Incorrectly specifying the source address can cause the rule to apply to the wrong traffic or fail to apply at all. For instance, if you are blocking traffic from a specific device, you need to input the correct source IP address to target that device.
How can the order of firewall rules impact the network traffic?
-The order of firewall rules is important because Mikrotik processes the rules sequentially. If a rule is placed lower in the list, it may not be applied if a previous rule already handles the traffic, potentially allowing unwanted traffic through.
How is the TCP protocol used in the firewall configurations mentioned in the video?
-The TCP protocol is used in various firewall configurations, such as blocking SSH traffic from a specific device to the router. For instance, in the script, TCP is used for port 22 to block SSH access, and for HTTP traffic to block access to the router's web interface.
Outlines
This section is available to paid users only. Please upgrade to access this part.
Upgrade NowMindmap
This section is available to paid users only. Please upgrade to access this part.
Upgrade NowKeywords
This section is available to paid users only. Please upgrade to access this part.
Upgrade NowHighlights
This section is available to paid users only. Please upgrade to access this part.
Upgrade NowTranscripts
This section is available to paid users only. Please upgrade to access this part.
Upgrade NowBrowse More Related Video
TUTORIAL CARA BLOK SITUS DENGAN FILTER RULES | CARA MUDAH DROP SITUS DI FIREWALL MIKROTIK
KEAMANAN JARINGAN | 3.2.2 Praktik Pengenalan Perangkat Firewal (Mikrotik) - FASE F (SMK TJKT)
Praktik UKK Kelas XII Cara 1
Securing the Router from BruteForce Attacks - MIKROTIK TUTORIAL [ENG SUB]
KONFIGURASI BLOK SITUS DI MIKROTIK
BELAJAR SETTING FIREWALL MIKROTIK SEDERHANA | 3 JENIS FILTER RULE FIREWALL MIKROTIK
5.0 / 5 (0 votes)
