Thursday, March 14, 2013

Limitasi Mikrotik port SMTP dan POP3 pada jaringan lokal

Limitasi Mikrotik port SMTP dan POP3 pada jaringan lokal. Di bawah ini configurasi port SMTP(25) dan POP3(110) pada mikrotik.

1. Buat mangle untuk SMTP dan POP3
SMTP:
    ip firewall mangle add action=mark-packet chain=prerouting dst-port=25 protocol=tcp new-packet-mark=smtp_pack passthrough=yes comment=Limitasi_SMTP


POP3:

    ip firewall mangle add action=mark-packet chain=prerouting dst-port=110 protocol=tcp new-packet-mark=pop3_pack passthrough=yes comment=Limitasi_POP3


2. Buat limitasi menggunakan "Queue Tree"

SMTP:

    queue tree add name=smtp-q parent=global-out packet-mark=smtp_pack queue=default priority=8 max-limit=256000


POP3:

    queue tree add name=pop3-q parent=global-out packet-mark=pop3_pack queue=default priority=8 max-limit=256000



Pada configurasi diatas dibatasi untuk SMTP dan POP 256kb bandwidth.
Dengan demikian limitasi port SMTP dan POP3 selesai.
End.
Posted by at No comments:

How to perform a Cisco router password recovery without losing your configuration.

How to perform a Cisco router password recovery without losing your configuration.

In order to perform a password recovery, you will need to reboot the router a couple of times.  This means downtime, but it is a good sacrifice to make in order to get your passwords reset.

First, hook up the DB9 end of the standard light blue serial cable to your serial port.  The other end of the cable should plug into the port labeled “Console” on the back of the Cisco router.  If you do  not have a serial port, then you'll need to go purchase a USB-to-serial adapter cable and install it on your computer.

Now that your hardware is connected, establish a serial connection with the router.
The settings you need are:
Baud: 9600
Data bits: 8
Parity: No
Stop bits: 1
Flow Control: None

On Windows, I use putty for this connection.  Yes, putty can be used to make serial connections as well as telnet/ssh.  Hyperterminal works great as well.  On Linux, I use minicom and on FreeBSD/OpenBSD, I use cu (cu -s 9600 -l /dev/cuad0).

Reboot the router and press the Break key to interrupt the boot sequence.
For break key sequences, refer to this Cisco link: http://www.cisco.com/en/US/products/hw/routers/ps133/products_tech_note0...

Type confreg 0x2142.  This tells the router to bypass NVRAM during bootup.  In other words, your existing configuration won't be loaded.  The good news is that it won't be deleted either.

Type reset to reboot the router.  Answer No when prompted to run setup.

Type copy start run.  This loads your startup configuration into memory.  Now, if you type a show run config, you'll see the router configuration.  Also, you should notice that your router name is now in the prompt instead of the default “Router”.

Change the enable secret - “enable secret new_password

Change the register back to 0x2102:
config-register 0x2102

When the router reboots it will load the old configuration with the new password.

Save the password so that it will be persistent during reboots, type copy run start

Reboot the router by typing reload at the enable prompt.
Posted by at No comments:
Subscribe to: Posts (Atom)