CCNA Bootcamp

CCNA R&S Bootcamp

Lab 1 Internetworking

Lab Tulis 1 Pada sesi ini, anda akan menyelesaikan Lab dibawah ini untuk memastikan bahwa anda sudah benar-benar sudah mampu menerima informasi dan konsep yang telah di ajarkan oleh Instruktur: •

Lab 1.1: Pendefinisian Pendefinisian Lapisan OSI dan Perangkat-perangkatnya Perangkat-perangkatnya

•

Lab 1.2: Identifikasi Identifikasi Collision dan Broadcast Domain

•

Lab 1.3: Konversi Biner/Desimal/Hexadesimal Biner/Desimal/Hexadesimal

Lab Tulis 1.1: Pendefinisian Lapisan OSI dan Perangkat-perangkatnya Deskripsi

Perangkat atau Lapisam OSI

Perangkat ini mengirim dan menerima mengenai Lapisan Network Lapisan ini membuat sebuah virtual circuit sebelum mengirimkannya antar dua end station (perangkat akhir). Lapisan ini menggunakan layanan access point. Perangkat ini menggunakan hardware addresses (alamat fisik) untuk menyaring sebuah network. Ethernet didefinisikan pada lapisan ini. Lapisan ini mendukung flow control dan sequencing. Perangkat ini dapat menghitung jarak menuju sebuah remote network. Logical addressing (alamat logika) digunakan pada lapisan ini. Hardware addresses (alamat fisik) didefinisikan pada lapisan ini. Perangkat ini menciptakan sebuah collision domain yang besar dan satu broadcast domain yang besar pula. Perang Perangkat kat ini mencip menciptak takan an banya banyak k collis collision ion domain domain yang yang lebih lebih kecil, kecil, tetapi tetapi jaringan masih memiliki satu broadcast broadcast domain yang besar. besar. Perangkat ini tidak pernah menjalankan koneksi full duplex. Perangkat ini memisahkan collision domain dan broadcast domains.

Lab Tulis 1.2: Identifikasi Collision dan Broadcast Domain Gambar dibawah ini, coba identifikasi collision domain dan broadcast domain pada setiap perangkat spesifik dibawah ini: A. Hub B. Bridge

C. Switch D. Router

1

CCNA R&S Bootcamp

Lab Tulis 1.3: Konversi Biner/Desimal/Hexadesimal 1. Konversi dari decimal IP address ke format biner. 12 8

Lengkapi tabel dibawah ini untuk menunjukkan 192.168.10.15 dalam format biner. 64 32 16 8 4 2 1

Biner

12 8

Lengkapi tabel dibawah ini untuk menunjukkan 172.16.20.55 dalam format biner. 64 32 16 8 4 2 1

Biner

12 8

Lengkapi tabel dibwah ini untuk menunjukkan 10.11.12.99 dalam format biner. 64 32 16 8 4 2

Biner

1

2. Konversi format biner dibawah ini ke format desimal IP address . 12 8

Lengkapi tabel dibawah ini untuk menunjukkan 11001100.00110011.10101010.01010101 ke dalam format desimal IP address. 64 32 16 8 4 2 1 Desimal

2

CCNA R&S Bootcamp

12 8

Lengkapi tabel dibawah ini untuk menunjukkan 11000110.11010011.00111001.11010001 kedalam format desimal IP address. 64 32 16 8 4 2 1 Desimal

12 8

Lengkapi tabel dibawah ini untuk menunjukkan 10000100.11010010.10111000.10100110 kedalam format desimal IP address. 64 32 16 8 4 2 1 Desimal

3. Konversi format biner dibawah ini kedalam format hexadesimal. 12 8

12 8

12 8

Lengkapi tabel dibawah ini untuk menunjukkan 11011000.00011011.00111101.01110110kedalam format hexadesimal. 64 32 16 8 4 2 1 Hexadesima l

Lengkapi tabel dibawah ini untuk menunjukkan 11001010.11110101.10000011.11101011 kedalam format hexadesimal. 64 32 16 8 4 2 1 Hexadesima l

Lengkapi tabel dibawah ini untuk menunjukkan 10000100.11010010.01000011.10110011 kedalam format hexadesimal. 64 32 16 8 4 2 1 Hexadesima l

3

CCNA R&S Bootcamp

Lab 2 Introduction to TCP/IP

Lab Tulis 2 Jawablah pertanyaan dibawah ini tentang TCP/IP: 1. Sebutkan rentang Class C address dalam desimal dan biner? Jawab:

2. Lapisan apakah dalam DoD model setara dengan lapisan Transport dari OSI model? Jawab:

3. Sebutkan rentang alamat yang sah Class A network address? Jawab:

4. Digunakan untuk apakah alamat 127.0.0.1? Jawab:

5. Bagaimana cara anda menemukan network address dari sebuah daftar IP address? Jawab:

6. Bagaimana cara anda menemukan broadcast address dari sebuah daftar IP address? Jawab:

7. Sebutkan rentang Class A private IP address? Jawab:

8. Sebutkan Class B private IP address? Jawab:

9. Sebutkan Class C private IP address? Jawab:

10. Sebutkan semua karakter yang dapat anda gunakan dalam pengalamatan hexadecimal? Jawab:

4

CCNA R&S Bootcamp

Lab 3 Subnetting, Variable Length Subnet Masks (VLSMs), and Troubleshooting TCP/IP

Labs 3 Pada sesi ini, anda akan menyelesaikan Lab dibawah ini untuk memastikan bahwa anda sudah benar-benar sudah mampu menerima informasi dan konsep yang telah di ajarkan oleh Instruktur: •

Lab 3.1: Latihan Subnet #1

•


•


Lab Tulis 3.1: Latihan Subnet #1 Tuliskan subnet, broadcast address, dan rentang valid host utnuk pertanyaan 1 hingga 6:

1. 192.168.100.25/30 Jawab:

2. 192.168.100.37/28 Jawab:

3. 192.168.100.66/27 Jawab:

4. 192.168.100.17/29 Jawab:

5. 192.168.100.99/26 Jawab:

6. 192.168.100.99/25 Jawab:

7. Anda memiliki sebuah Class B network dan membutuhkan 29 subnet. Apa mask yang cocok? Jawab:

8. Apakah broadcast address dari 192.168.192.10/29? Jawab:

9. Berapa banyak host yang tersedia untuk sebuah Class C /29 mask? Jawab:

5

CCNA R&S Bootcamp

10. Apakah subnet untuk host ID 10.16.3.65/23? Jawab:

Lab Tulis 3.2: Latihan Subnet Diberikan sebuah Class B network dan identifikasi bit jaringan (CIDR), Lengkapi tabel dibawah ini untuk mengidentifikasi subnet mask dan jumlah host address yang mungkin untuk tiap mask. Classful Address Subnet Mask Jumlah host per Subnet (2 x – 2) /16 /17 /18 /19 /20 /21 /22 /23 /24 /25 /26 /27 /28 /29 /30

Lab Tulis 3.3: Latihan Subnet Desimal IP Address

Address Class

Jumlah dari Subnet dan Host Bit

10.25.66.154/23 172.31.254.12/24 192.168.20.123/28 63.24.89.21/18 128.1.1.254/20 208.100.54.209/30

6

Jumlah dari Subnet (2 x)

Jumlah dari Host (2x – 2)

CCNA R&S Bootcamp

Lab 4 Cisco’s Internetworking Operating System (IOS) and Security Device Manager (SDM)

Hands-on Lab Pada sesi ini, anda akan melakukan command (perintah) pada sebuah Cisco router yang akan membantu anda memahami apa yang anda pelajari pada Bab ini.

Perangkat (Hostname ) R1

c2600-i-mz.122-28.bin

R2

c2600-i-mz.122-28.bin

R3

c2600-i-mz.122-28.bin

IOS Version

Interface FastEthernet0/0 FastEthernet0/1 Serial0/0 FastEthernet0/0 FastEthernet0/1 Serial0/0 Serial0/1 FastEthernet0/0

7

IP Address 192.168.1.1/24 192.168.2.1/30 192.168.3.1/24 192.168.2.2/30 192.168.4.1/30 192.168.5.1/24

CCNA R&S Bootcamp

SW1 SW2 SW3 PC1 PC2 PC3

c2950-i6q4l2-mz.121-22.EA4.bin c2950-i6q4l2-mz.121-22.EA4.bin c2950-i6q4l2-mz.121-22.EA4.bin

FastEthernet0/1 Serial0/0 FastEthernet0/1 – 24 FastEthernet0/1 – 24 FastEthernet0/1 – 24 FastEthernet0 FastEthernet0 FastEthernet0

192.168.4.2/30 192.168.1.254/24 192.168.3.254/24 192.168.5.254/24

Catatan: Perlu anda ketahui, setiap Platform memiliki fitur, nama interface, dan jumlah interface yang berbeda-beda. Mohon untuk melakukan verifikasi terlebih dahulu jika anda menggunakan Platform yang berbeda dari keterangan diatas agar konfigurasi anda dapat berhasil dilakukan. Pada Hands-on Lab Bab ini terdapat beberapa lab yang harus anda selesaikan agar Initial Configuration (Konfigurasi Awal dapat berhasil dilakukan): •

Masuk ke sebuah Router

•

Menghapus semua Konfigurasi Router (Factory Default)

•

Menyesuaikan waktu dan Membuat Banner

•

Membuat Password o Password standard Console, VTY untuk R1 dan R3 o Kombinasi username password Console dan VTY untuk R2

•

Membuat Hostname, Description, IP Address, dan Clock Rate

•

Menyimpan Konfigurasi Router

•

Test Konektifitas dan Verifikasi Konfigurasi

Pada Hands-on Lab Bab ini terdapat 6 lab yang harus anda selesaikan agar Initial Configuration (Konfigurasi Awal dapat berhasil dilakukan):

Konfigurasi Router R1(DTE) menggunakan CLI: --- System Configuration Dialog ---

Continue with configuration dialog? [yes/no]: no Press RETURN to get started!

Router>enable Router#config t Router(config)#exit Router#erase startup-config Erasing the nvram filesystem will remove all configuration files! Continue? [confirm] [OK] Erase of nvram: complete %SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram

Router#reload Proceed with reload? [confirm] %SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command. --- System Configuration Dialog ---

Continue with configuration dialog? [yes/no]: no

8

CCNA R&S Bootcamp

Press RETURN to get started!

Router>enable Router#clock set 09:00:00 01 jan 2012 Router#config t Router(config)#hostname R1 R1(config)#banner motd # Enter TEXT message. End with the character '#'. "Selamat Datang ke Router R1"#

R1(config)#enable secret cisco R1(config)#line console 0 R1(config-line)#password cisco R1(config-line)#login R1(config-line)#exit R1(config)#line vty 0 4 R1(config-line)#password cisco R1(config-line)#login R1(config-line)#exit R1(config)#interface fa0/0 R1(config-if)#description "terhubung ke SW1 fa0/24" R1(config-if)#ip address 192.168.1.1 255.255.255.0 R1(config-if)#no shut R1(config-if)#exit R1(config)#interface se0/0 R1(config-if)#description "terhubung ke R2 se-0/0" R1(config-if)#ip address 192.168.2.1 255.255.255.252 R1(config-if)#no shut R1(config-if)#exit R1(config)#exit R1#copy run start Destination filename [startup-config]? Building configuration... [OK]

R1#

Konfigurasi Router R2(DCE) menggunakan CLI: --- System Configuration Dialog ---



Router#reload

9

CCNA R&S Bootcamp

Proceed with reload? [confirm] %SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command. --- System Configuration Dialog ---


Router>enable Router#clock set 09:00:00 1 jan 2012 Router#config t Router(config)#hostname R2 R2(config)#banner motd # Enter TEXT message. End with the character '#'. "Selamat Datang di Router R2"# R2(config)#username admin privilege 15 password cisco R2(config)#username user1 password cisco R2(config)#line console 0 R2(config-line)#login local R2(config-line)#exit R2(config)#line vty 0 4 R2(config-line)#login local R2(config-line)#exit R2(config)#interface fa0/0 R2(config-if)#description "terhubung ke SW1 fa0/24" R2(config-if)#ip address 192.168.3.1 255.255.255.0 R2(config-if)#no shut R2(config-if)#exit R2(config)#interface se0/0 R2(config-if)#description "terhubung ke R1 se-0/0" R2(config-if)#ip address 192.168.2.2 255.255.255.252 R2(config-if)#clock rate 64000 R2(config-if)#no shut R2(config-if)#exit R2(config)#int se0/1 R2(config-if)#description "terhubung ke R3 se-0/0" R2(config-if)#ip add 192.168.4.1 255.255.255.252 R2(config-if)#clock rate 64000 R2(config-if)#no shut R2(config-if)#exit R2(config)#exit R2#copy run start Destination filename [startup-config]? Building configuration... [OK]

R2#

Konfigurasi Router R3(DTE) menggunakan CLI: --- System Configuration Dialog ---

Continue with configuration dialog? [yes/no]: no

10

CCNA R&S Bootcamp

Press RETURN to get started!


Router#reload Proceed with reload? [confirm] %SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command. --- System Configuration Dialog ---


Router>enable Router#clock set 09:00:00 1 jan 2012 Router#config t Router(config)#hostname R3 R3(config)#enable password cisco R3(config)#service password-encryption R3(config)#line console 0 R3(config-line)#password cisco R3(config-line)#login R3(config-line)#exit R3(config)#line vty 0 4 R3(config-line)#password ciso R3(config-line)#password cisco R3(config-line)#login R3(config-line)#exit R3(config)#interface fa0/0 R3(config-if)#description "terhubung ke SW1 fa0/24" R3(config-if)#ip address 192.168.5.1 255.255.255.0 R3(config-if)#no shut R3(config-if)#exit R3(config)#interface se0/0 R3(config-if)#description "terhubung ke R2 se-0/1" R3(config-if)#ip address 192.168.4.2 255.255.255.252 R3(config-if)#no shut R3(config-if)#exit R3(config)#exit R3#write Building configuration... [OK]

R3#

Test Konektifitas dan Verifikasi Konfigurasi: R1#ping 192.168.2.2 Type escape sequence to abort.

11

CCNA R&S Bootcamp

Sending 5, 100-byte ICMP Echos to 192.168.2.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/25/32 ms

R1# R1#show ip interface brief Interface

IP-Address

OK? Method Status

Protocol

FastEthernet0/0

192.168.1.1

YES manual up

up

FastEthernet0/1

unassigned

YES unset

Serial0/0

192.168.2.1

YES manual up

R1# R1#show running-config Building configuration... Current configuration : 688 bytes ! version 12.2 no service timestamps log datetime msec no service timestamps debug datetime msec no service password-encryption ! hostname R1 ! enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0 ! interface FastEthernet0/0 description "terhubung ke SW1 fa0/24" ip address 192.168.1.1 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address duplex auto speed auto shutdown ! interface Serial0/0 description "terhubung ke R2 se-0/0" ip address 192.168.2.1 255.255.255.252 ! ip classless ! banner motd ^C "Selamat Datang ke Router R1"^C ! line con 0 password cisco login line vty 0 4 password cisco login ! end

12

administratively down down up

CCNA R&S Bootcamp

R1# Catatan: Lakukan juga Test Konektifitas dan Verifikasi pada R2 dan R3

Lab 5 Managing a Cisco Internetwork

Hands-on Lab Untuk menyelesaikan sesi lab berikut, Lakukan konfigurasi lanjutan dari Lab 4 dengan menyelesaikan point-point yang disebutkan dibawah ini.


c2600-i-mz.122-28.bin

R2

c2600-i-mz.122-28.bin

IOS Version

Interface FastEthernet0/0 FastEthernet0/1 Serial0/0 FastEthernet0/0 FastEthernet0/1 Serial0/0 Serial0/1

13

IP Address 192.168.1.1/24 192.168.2.1/30 192.168.3.1/24 192.168.2.2/30 192.168.4.1/30

CCNA R&S Bootcamp

R3


c2600-i-mz.122-28.bin


FastEthernet0/0 FastEthernet0/1 Serial0/0 FastEthernet0/1 – 24 FastEthernet0/1 – 24 FastEthernet0/1 – 24 FastEthernet0 FastEthernet0 FastEthernet0

192.168.5.1/24 192.168.4.2/30 192.168.1.254/24 192.168.3.254/24 192.168.5.254/24

Berikut adalah Lab yang harus anda selesaikan pada Bab ini, Lab ini hanya dilakukan di Router R1 sebagai contoh. Jika anda menginginkannya, anda dapat melakukannya untuk Router lain: •

Melakukan Back-up IOS Router anda

•

Melakukan Upgrade atau Restore IOS Router anda

•

Melakunan Back-up dan Restore Konfigurasi Router anda

•

Menggunakan Cisco Discovery Protocol (CDP) untuk Monitoring dan Manajemen

•

Penggunaan Resolving Hostname

Melakukan Back-up IOS pada Router R1: R1#show flash: System flash directory: File Length Name/status 3 5571584 c2600-i-mz.122-28.bin 2 28282 sigdef-category.xml 1 227537 sigdef-default.xml [5827403 bytes used, 58188981 available, 64016384 total] 63488K bytes of processor board System flash (Read/Write)

R1#copy flash tftp Source filename []? c2600-i-mz.122-28.bin Address or name of remote host []? 192.168.1.2 Destination filename [c2600-i-mz.122-28.bin]? Writing c2600-i-mz.122 28.bin...!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! [OK - 5571584 bytes] 5571584 bytes copied in 6.189 secs (900000 bytes/sec)

R1#

Melakukan Upgrade atau Restore IOS pada Router R1: R1#copy tftp flash Address or name of remote host []? 192.168.1.2 Source filename []? c2600-advipservicesk9-mz.124-15.T1.bin Destination filename [c2600-advipservicesk9-mz.124-15.T1.bin]? Accessing tftp://192.168.1.2/c2600-advipservicesk9-mz.124-15.T1.bin... Loading c2600-advipservicesk9-mz.124-15.T1.bin from 192.168.1.2: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

14

CCNA R&S Bootcamp

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! [OK - 33591768 bytes] 33591768 bytes copied in 36.892 secs (95603 bytes/sec) R1#show flash System flash directory: File Length Name/status 4 33591768 c2600-advipservicesk9-mz.124-15.T1.bin 3 5571584 c2600-i-mz.122-28.bin 2 28282 sigdef-category.xml 1 227537 sigdef-default.xml [39419171 bytes used, 24597213 available, 64016384 total] 63488K bytes of processor board System flash (Read/Write) R1#delete flash: Delete filename []?c2600-i-mz.122-28.bin Delete flash:/c2600-i-mz.122-28.bin? [confirm] R1#config t R1(config)#boot system flash c2600-advipservicesk9-mz.124-15.T1.bin R1(config)#exit R1#write Building configuration... [OK] R1#reload Proceed with reload? [confirm] %SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command.

R1#show version Cisco IOS Software, 2600 Software (C2600-ADVIPSERVICESK9-M), Version 12.4(15)T1, RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2007 by Cisco Systems, Inc. Compiled Wed 18-Jul-07 06:21 by pt_rel_team ROM: System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fc1) Copyright (c) 2000 by cisco Systems, Inc. System returned to ROM by power-on System image file is "c2600-advipservicesk9-mz.124-15.T1.bin"

This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately. A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

15

CCNA R&S Bootcamp

If you require further assistance please contact us by sending email to [email protected]. cisco 2621 (MPC860) processor (revision 0x200) with 60416K/5120K bytes of memory Processor board ID JAD05190MTZ (4292891495) M860 processor: part number 0, mask 49 2 FastEthernet/IEEE 802.3 interface(s) 1 Low-speed serial(sync/async) network interface(s) 32K bytes of NVRAM. 16384K bytes of processor board System flash (Read/Write) Configuration register is 0x2102 R1#

Melakukan Back-up dan Restore Konfigurasi pada Router R1: R1#copy run tftp Address or name of remote host []? 192.168.1.2 Destination filename [R1-confg]? Writing running-config....!! [OK - 745 bytes] 745 bytes copied in 3.141 secs (0 bytes/sec) R1#

R1#copy tftp run Address or name of remote host []? 192.168.1.2 Source filename []? R1-confg Destination filename [running-config]? Accessing tftp://192.168.1.2/R1-confg... Loading R1-confg from 192.168.1.2: ! [OK - 745 bytes] 745 bytes copied in 0.063 secs (11825 bytes/sec) R1# %SYS-5-CONFIG_I: Configured from console by console R1#

Menggunakan Cisco Discovery Protocol (CDP) untuk Monitoring & Manajemen pada Router R1: R1(config)#cdp run R1(config)#exit R1#show cdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone Device ID Local Intrfce Holdtme Capability Platform Port ID Switch Fas 0/0 124 S 2950 Fas 0/24 R2 Ser 0/0 124 R C2600 Ser 0/0

R1#show cdp entry * Device ID: Switch Entry address(es):

16

CCNA R&S Bootcamp

Platform: cisco 2950, Capabilities: Switch Interface: FastEthernet0/0, Port ID (outgoing port): FastEthernet0/24 Holdtime: 138 Version : Cisco Internetwork Operating System Software IOS (tm) C2950 Software (C2950-I6Q4L2-M), SOFTWARE(fc1) Copyright (c) 1986-2005 by cisco Systems, Inc. Compiled Wed 18-May-05 22:31 by jharirba

Version

12.1(22)EA4,

RELEASE

advertisement version: 2 Duplex: full --------------------------Device ID: R2 Entry address(es): IP address : 192.168.2.2 Platform: cisco C2600, Capabilities: Router Interface: Serial0/0, Port ID (outgoing port): Serial0/0 Holdtime: 138 Version : Cisco Internetwork Operating System Software IOS (tm) C2600 Software (C2600-I-M), Version 12.2(28), RELEASE SOFTWARE (fc5) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2005 by cisco Systems, Inc. Compiled Wed 27-Apr-04 19:01 by miwang advertisement version: 2 Duplex: full

R1# show cdp interface FastEthernet0/0 is up, line protocol is up Sending CDP packets every 60 seconds Holdtime is 180 seconds FastEthernet0/1 is administratively down, line protocol is down Sending CDP packets every 60 seconds Holdtime is 180 seconds Serial0/0 is up, line protocol is up Sending CDP packets every 60 seconds Holdtime is 180 seconds R1#

Penggunaan Resolving Hostname pada Router R1: R1# config t R1(config)#ip host R2 192.168.2.2 R1(config)#exit R1#ping 192.168.2.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.2.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 17/31/46 ms

R1#ping R2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.2.2, timeout is 2 seconds: !!!!!

17

CCNA R&S Bootcamp

Success rate is 100 percent (5/5), round-trip min/avg/max = 31/31/32 ms

R1#telnet R2 Trying 192.168.2.2 ...Open "Selamat Datang di Router R2"

User Access Verification

Username: admin Password: R2#

Lab 6 IP Routing

Hands-on Labs Pada hands-on lab ini, lakukan konfigurasi sesuai topologi dibawah ini. Berikut adalah Lab yang harus anda selesaikan pada Bab ini: •

Konfigurasi Static Route pada R1,R2,R3

•

Verifikasi Static Route pada R1, R2, R3

•

Konfigurasi RIP pada R1, R2, R3

•

Verifikasi RIP pada R1, R2, R3

Perangkat (Hostname

IOS Version

Interface

18

IP Address

CCNA R&S Bootcamp

) R1

c2600-i-mz.122-28.bin

R2

c2600-i-mz.122-28.bin

R3

c2600-i-mz.122-28.bin



FastEthernet0/0 FastEthernet0/1 Serial0/0 FastEthernet0/0 FastEthernet0/1 Serial0/0 Serial0/1 FastEthernet0/0 FastEthernet0/1 Serial0/0 FastEthernet0/1 – 24 FastEthernet0/1 – 24 FastEthernet0/1 – 24 FastEthernet0 FastEthernet0 FastEthernet0

192.168.1.1/24 192.168.2.1/30 192.168.3.1/24 192.168.2.2/30 192.168.4.1/30 192.168.5.1/24 192.168.4.2/30 192.168.1.254/24 192.168.3.254/24 192.168.5.254/24

Konfigurasi Static Route pada R1,R2,R3 R1#config t R1(config)#ip route 192.168.3.0 255.255.255.0 192.168.2.2 R1(config)#ip route 192.168.4.0 255.255.255.252 192.168.2.2 R1(config)#ip route 192.168.5.0 255.255.255.0 192.168.2.2 R1(config)#exit R1# R2#config t R2(config)#ip route 192.168.1.0 255.255.255.0 192.168.2.1 R2(config)#ip route 192.168.5.0 255.255.255.0 192.168.4.2 R2(config)#exit R2# R3#config t R3(config)#ip route 192.168.1.0 255.255.255.0 192.168.4.1 R3(config)#ip route 192.168.2.0 255.255.255.252 192.168.4.1 R3(config)#ip route 192.168.3.0 255.255.255.0 192.168.4.1 R3(config)#exit R3#

Verifikasi Static Route pada R1, lakukan sendiri untuk R2 dan R3: R1#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set C C

S S S

192.168.1.0/24 is directly connected, FastEthernet0/0 192.168.2.0/30 is subnetted, 1 subnets 192.168.2.0 is directly connected, Serial0/0

192.168.3.0/24 192.168.4.0/30 192.168.4.0 192.168.5.0/24

[1/0] via 192.168.2.2 is subnetted, 1 subnets [1/0] via 192.168.2.2 [1/0] via 192.168.2.2

19

CCNA R&S Bootcamp

R1#ping 192.168.3.254 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.3.254, timeout is 2 seconds: .!!!! Success rate is 80 percent (4/5), round-trip min/avg/max = 80/90/94 ms

R1#ping 192.168.5.254 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.5.254, timeout is 2 seconds: .!!!! Success rate is 80 percent (4/5), round-trip min/avg/max = 80/109/125 ms R1#

Konfigurasi RIP pada R1, R2, R3 R1#config t R1(config)#no ip route 192.168.3.0 255.255.255.0 192.168.2.2 R1(config)#no ip route 192.168.4.0 255.255.255.252 192.168.2.2 R1(config)#no ip route 192.168.5.0 255.255.255.0 192.168.2.2 R1(config)#router rip R1(config-router)#network 192.168.1.0 R1(config-router)#network 192.168.2.0 R1(config-router)#exit R1(config)#exit R1#write Building configuration... [OK]

R1# R2#config t R2(config)#no ip route 192.168.1.0 255.255.255.0 192.168.2.1 R2(config)#no ip route 192.168.5.0 255.255.255.0 192.168.4.2 R2(config)#router rip R2(config-router)#network 192.168.2.0 R2(config-router)#network 192.168.3.0 R2(config-router)#network 192.168.4.0 R2(config-router)#exit R2(config)#exit R2#write Building configuration... [OK]

R2# R3#config t R3(config)#no ip route 192.168.1.0 255.255.255.0 192.168.4.1 R3(config)#no ip route 192.168.2.0 255.255.255.252 192.168.4.1 R3(config)#no ip route 192.168.3.0 255.255.255.0 192.168.4.1 R3(config)#router rip R3(config-router)#network 192.168.4.0 R3(config-router)#network 192.168.5.0 R3(config-router)#exit R3(config)#exit

20

CCNA R&S Bootcamp

R3#write Building configuration... [OK]

R3#

Verifikasi RIP pada R1, lakukan sendiri untuk R2 dan R3: R1#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set C C R R R

192.168.1.0/24 192.168.2.0/30 192.168.2.0 192.168.3.0/24 192.168.4.0/24 192.168.5.0/24

is directly connected, FastEthernet0/0 is subnetted, 1 subnets is directly connected, Serial0/0 [120/1] via 192.168.2.2, 00:00:23, Serial0/0 [120/1] via 192.168.2.2, 00:00:23, Serial0/0 [120/2] via 192.168.2.2, 00:00:23, Serial0/0

R1#show ip rip database 192.168.1.0/24 directly connected, FastEthernet0/0 192.168.2.0/30 directly connected, Serial0/0 192.168.3.0/24 [1] via 192.168.2.2, 00:00:01, Serial0/0 192.168.4.0/24 [1] via 192.168.2.2, 00:00:01, Serial0/0 192.168.5.0/24 [2] via 192.168.2.2, 00:00:01, Serial0/0

R1#ping 192.168.3.254 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.3.254, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 78/85/94 ms

R1#ping 192.168.5.254 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.5.254, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 94/114/125 ms

R1#

21

CCNA R&S Bootcamp

Lab 7 Enhanced IGRP (EIGRP) and Open Shortest Path First (OSPF)

Hands-on Labs Pada hands-on lab ini, lakukan konfigurasi sesuai topologi dibawah ini. Berikut adalah Lab yang harus anda selesaikan pada Bab ini: •

Konfigurasi EIGRP dengan AS Number 10

•

Verifikasi EIGRP

•

Konfigurasi OSPF dengan Process-ID 10 dan menggunakan Backbone Area 0

•

Verifikasi OSPF

•

Konfigurasi OSPF pada BMA (Broadcast Multi-Access) Network o Telusuri Proses pemilihan OSPF DR dan DBR o Menjadikan Router R3 sebagai DR dengan Router-ID paling Tinggi o Menjadikan Router R2 interface fa0/0 menjadi DR dengan Priority 255

22

CCNA R&S Bootcamp


c2600-i-mz.122-28.bin

R2

c2600-i-mz.122-28.bin

R3

c2600-i-mz.122-28.bin


IOS Version


Interface FastEthernet0/0 FastEthernet0/1 Serial0/0 FastEthernet0/0 FastEthernet0/1 Serial0/0 Serial0/1 FastEthernet0/0 FastEthernet0/1 Serial0/0 FastEthernet0/1 – 24 FastEthernet0/1 – 24 FastEthernet0/1 – 24 FastEthernet0 FastEthernet0 FastEthernet0

Konfigurasi EIGRP dengan AS Number 10 pada R1, R2, dan R3: R1#config t R1(config)#router eigrp 10 R1(config-router)#network 192.168.1.0 R1(config-router)#network 192.168.2.0 R1(config-router)#exit R1(config)#exit R1#write Building configuration... [OK]

R1# R2#config t R2(config)#router eigrp 10 R2(config-router)#network 192.168.2.0

23

IP Address 192.168.1.1/24 192.168.2.1/30 192.168.3.1/24 192.168.2.2/30 192.168.4.1/30 192.168.5.1/24 192.168.4.2/30 192.168.1.254/24 192.168.3.254/24 192.168.5.254/24

CCNA R&S Bootcamp

R2(config-router)#network 192.168.3.0 R2(config-router)#network 192.168.4.0 R2(config-router)#exit R2(config)#exit R2#write Building configuration... [OK]

R2# R3#config t R3(config)#router eigrp 10 R3(config-router)#network 192.168.4.0 R3(config-router)#network 192.168.5.0 R3(config-router)#exit R3(config)#exit R3# R3#write Building configuration... [OK]

R3#

Verifikasi EIGRP pada Router R1, lakukan hal yang sama pada Router R2 dan R3: R1#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set C

192.168.1.0/24 is directly connected, FastEthernet0/0 192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks

D

192.168.2.0/24 is a summary, 00:05:04, Null0

C

192.168.2.0/30 is directly connected, Serial0/0

D D D

192.168.3.0/24 [90/20514560] via 192.168.2.2, 00:03:40, Serial0/0 192.168.4.0/24 [90/21024000] via 192.168.2.2, 00:03:35, Serial0/0 192.168.5.0/24 [90/21026560] via 192.168.2.2, 00:02:04, Serial0/0

R1#show ip eigrp neighbors IP-EIGRP neighbors for process 10 H Address Interface 0

192.168.2.2

Se0/0

Hold Uptime (sec) 13 00:03:50

R1#show ip eigrp traffic IP-EIGRP Traffic Statistics for process 10 Hellos sent/received: 140/52 Updates sent/received: 4/5 Queries sent/received: 0/0 Replies sent/received: 0/0 Acks sent/received: 5/4 Input queue high water mark 1, 0 drops SIA-Queries sent/received: 0/0 SIA-Replies sent/received: 0/0

24

SRTT (ms) 40

RTO

Q Cnt 1000 0

Seq Num 11

CCNA R&S Bootcamp

R1#show ip eigrp topology IP-EIGRP Topology Table for AS 10 Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply, r - Reply status P 192.168.1.0/24, 1 successors, FD is 28160 via Connected, FastEthernet0/0 P 192.168.2.0/30, 1 successors, FD is 20512000 via Connected, Serial0/0 P 192.168.2.0/24, 1 successors, FD is 20512000 via Summary (20512000/0), Null0 P 192.168.3.0/24, 1 successors, FD is 20514560 via 192.168.2.2 (20514560/28160), Serial0/0 P 192.168.4.0/24, 1 successors, FD is 21024000 via 192.168.2.2 (21024000/20512000), Serial0/0 P 192.168.5.0/24, 1 successors, FD is 21026560 via 192.168.2.2 (21026560/20514560), Serial0/0

R1#show ip eigrp interfaces IP-EIGRP interfaces for process 10

Interface Fa0/0 Se0/0 R1#

Peers 0 1

Xmit Queue Un/Reliable 0/0 0/0

Mean SRTT 1236 1236

Pacing Time Un/Reliable 0/10 0/10

Multicast Flow Timer 0 0

Konfigurasi OSPF dengan Process-ID 10 Area 0 pada R1, R2, dan R3: R1#config t R1(config)#no router eigrp 10 R1(config)#router ospf 10 R1(config-router)#network 192.168.1.0 0.0.0.255 area 0 R1(config-router)#network 192.168.2.0 0.0.0.3 area 0 R1(config-router)#exit R1(config)#exit R1#write Building configuration... [OK]

R1# R2#config t R2(config)#no router eigrp 10 R2(config)#router ospf 10 R2(config-router)#network 192.168.2.0 0.0.0.3 area 0 R2(config-router)#network 192.168.3.0 0.0.0.255 area 0 R2(config-router)#network 192.168.4.0 0.0.0.3 area 0 R2(config-router)#exit R2(config)#exit R2#write Building configuration... [OK]

R2# R3#config t R3(config)#no router eigrp 10

25

Pending Routes 0 0

CCNA R&S Bootcamp

R3(config)#router ospf 10 R3(config-router)#network 192.168.4.0 0.0.0.3 area 0 R3(config-router)#network 192.168.5.0 0.0.0.255 area 0 R3(config-router)#exit R3(config)#exit R3#write Building configuration... [OK]

R3#

Verifikasi OSPF pada Router R1, lakukan hal yang sama pada Router R2 dan R3: R1#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set C C O R O O

192.168.1.0/24 is directly connected, FastEthernet0/0 192.168.2.0/30 is subnetted, 1 subnets 192.168.2.0 is directly connected, Serial0/0 192.168.3.0/24 [110/782] via 192.168.2.2, 00:03:53, Serial0/0 192.168.4.0/24 is variably subnetted, 2 subnets, 2 masks 192.168.4.0/24 [120/1] via 192.168.2.2, 00:00:22, Serial0/0 192.168.4.0/30 [110/1562] via 192.168.2.2, 00:03:41, Serial0/0 192.168.5.0/24 [110/1563] via 192.168.2.2, 00:01:51, Serial0/0

R1#show ip ospf neighbor Neighbor ID Pri State 192.168.4.1 0 FULL/

Dead Time 00:00:33

-

Address 192.168.2.2

Interface Serial0/0

R1#show ip ospf database OSPF Router with ID (192.168.2.1) (Process ID 10) Router Link States (Area 0) Link ID 192.168.2.1 192.168.4.1 192.168.5.1

ADV Router 192.168.2.1 192.168.4.1 192.168.5.1

Age 250 138 126

Seq# 0x80000003 0x80000005 0x80000003

Checksum 0x00731a 0x009a65 0x0095e8

Link count 3 5 3

R1#show ip ospf interface FastEthernet0/0 is up, line protocol is up Internet address is 192.168.1.1/24, Area 0 Process ID 10, Router ID 192.168.2.1, Network Type BROADCAST, Cost: 1 Transmit Delay is 1 sec, State DR, Priority 1 Designated Router (ID) 192.168.2.1, Interface address 192.168.1.1 No backup designated router on this network Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:03 Index 1/1, flood queue length 0 Next 0x0(0)/0x0(0)

26

CCNA R&S Bootcamp

Last flood scan length is 1, maximum is 1 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Serial0/0 is up, line protocol is up Internet address is 192.168.2.1/30, Area 0 Process ID 10, Router ID 192.168.2.1, Network Type POINT-TO-POINT, Cost: 781 Transmit Delay is 1 sec, State POINT-TO-POINT, Priority 0 No designated router on this network No backup designated router on this network Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:02 Index 2/2, flood queue length 0 Next 0x0(0)/0x0(0) Last flood scan length is 1, maximum is 1 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 1 , Adjacent neighbor count is 1 Adjacent with neighbor 192.168.4.1 Suppress hello for 0 neighbor(s) R1#

Konfigurasi OSPF pada BMA (Broadcast Multi-Access) Network:

R1#config t

27

CCNA R&S Bootcamp

R1(config)#interface fa0/0 R1(config-if)#no description R1(config-if)#description "terhubung ke SW-BMA fa0/1" R1(config-if)#exit R1(config)#exit R1#write Building configuration... [OK]

R1# R2#config t R2(config)#int fa0/0 R2(config-if)#no ip address R2(config-if)#ip add 192.168.1.2 255.255.255.0 R2(config-if)#no description R2(config-if)#description "terhubung ke SW-BMA fa0/2" R2(config-if)#exit R2(config)#router ospf 10 R2(config-router)#no network 192.168.3.0 0.0.0.255 area 0 R2(config-router)#network 192.168.1.0 0.0.0.255 area 0 R2(config-router)#exit R2(config)#exit R2#write Building configuration... [OK]

R2# R3#config t R3(config)#int fa0/0 R3(config-if)#no ip add R3(config-if)#no description R3(config-if)#ip add 192.168.1.3 255.255.255.0 R3(config-if)#description "terhubung ke SW-BMA fa0/3" R3(config-if)#exit R3(config)#router ospf 10 R3(config-router)#no network 192.168.5.0 0.0.0.255 area 0 R3(config-router)#network 192.168.1.0 0.0.0.255 area 0 R3(config-router)#exit R3(config)#exit R3#write Building configuration... [OK]

R3#

Telusuri Proses pemilihan OSPF DR dan DBR: R1#show ip ospf neighbor Neighbor ID 192.168.4.1 192.168.5.1 192.168.4.1 R1# R1#

Pri 1 1 0

State FULL/BDR FULL/DROTHER FULL/ -

Dead Time 00:00:38 00:00:34 00:00:30

R2#show ip ospf neighbor

28

Address 192.168.1.2 192.168.1.3 192.168.2.2

Interface FastEthernet0/0 FastEthernet0/0 Serial0/0

CCNA R&S Bootcamp

Neighbor ID 192.168.2.1 192.168.5.1 192.168.2.1 192.168.5.1 R2#

Pri 1 1 0 0

State FULL/DR FULL/DROTHER FULL/ FULL/ -

Dead Time 00:00:38 00:00:34 00:00:30 00:00:35

Address 192.168.1.1 192.168.1.3 192.168.2.1 192.168.4.2

Interface FastEthernet0/0 FastEthernet0/0 Serial0/0 Serial0/1

Dead Time 00:00:31 00:00:32 00:00:37

Address 192.168.1.1 192.168.1.2 192.168.4.1


R3#show ip ospf neighbor Neighbor ID 192.168.2.1 192.168.4.1 192.168.4.1 R3#

Pri 1 1 0

State FULL/DR FULL/BDR FULL/ -

Menjadikan Router R3 sebagai DR dengan Router-ID paling Tinggi: Perangkat (Hostname) R1 R2 R3

Router-ID 10.10.1.1 10.10.2.1 10.10.3.1

R1#config t R1(config)#router ospf 10 R1(config-router)#rou R1(config-router)#router-id 10.10.1.1 R1(config-router)#exit R1(config)#exit R1#write Building configuration... [OK]

R1# R2#config t Enter configuration commands, one per line. R2(config)#router ospf 10 R2(config-router)#router-id 10.10.2.1 R2(config-router)#exit R2(config)#exit R2#write Building configuration... [OK]

R2# R3#config t R3(config)#router ospf 10 R3(config-router)#router-id 10.10.3.1 R3(config-router)#exit R3(config)#exit R3#write Building configuration... [OK]

R3# R1#show ip ospf neighbor

29

End with CNTL/Z.

CCNA R&S Bootcamp

Neighbor ID 10.10.2.1 10.10.3.1 10.10.2.1 R1#

Pri 1 1 0

State FULL/BDR FULL/DR FULL/ -

Dead Time 00:00:39 00:00:32 00:00:37

Address 192.168.1.2 192.168.1.3 192.168.2.2


Dead Time 00:00:38 00:00:32 00:00:33 00:00:37

Address 192.168.1.3 192.168.1.1 192.168.2.1 192.168.4.2


Dead Time 00:00:33 00:00:36 00:00:39

Address 192.168.1.1 192.168.1.2 192.168.4.1


R2#show ip ospf neighbor Neighbor ID 10.10.3.1 10.10.1.1 10.10.1.1 10.10.3.1

Pri 1 1 0 0

State FULL/DR FULL/DROTHER FULL/ FULL/ -

R2#

R3#sh ip ospf neighbor Neighbor ID 10.10.1.1 10.10.2.1 10.10.2.1 R3#

Pri 1 1 0

State FULL/DROTHER FULL/BDR FULL/ -

Menjadikan Router R2 interface fa0/0 menjadi DR dengan Priority 255: R2#config t R2(config)#interface fa0/0 R2(config-if)#ip ospf priority 255 R2(config-if)#exit R2(config)#exit R2#


Pri 1 255 0

State FULL/BDR FULL/DR FULL/ -

Dead Time 00:00:31 00:00:31 00:00:35

Address 192.168.1.3 192.168.1.2 192.168.2.2


Dead Time 00:00:32 00:00:32 00:00:36 00:00:30

Address 192.168.1.3 192.168.1.1 192.168.2.1 192.168.4.2


Dead Time 00:00:33 00:00:33 00:00:32

Address 192.168.1.1 192.168.1.2 192.168.4.1


R2#show ip ospf neighbor Neighbor ID 10.10.3.1 10.10.1.1 10.10.1.1 10.10.3.1 R2#

Pri 1 1 0 0

State FULL/BDR FULL/DROTHER FULL/ FULL/ -


Pri 1 255 0

State FULL/DROTHER FULL/DR FULL/ -

30

CCNA R&S Bootcamp

Lab 8 & Lab 9 Layer 2 Switching and Spanning Tree Protocol (STP) & VLAN

Hands-on Lab Pada Lab untuk Bab ini, anda akan melakukan beberapa konfigurasi dibawah ini: •

Konfigurasi Dasar dari Switch o Konfigurasi VTP o Konfigurasi Port Trunk o Konfigurasi Port Akses

•

Konfigurasi R1 sebagai Inter-VLAN Routing menggunakan protocol 802.1q

•

Verifikasi Konektifitas

•

Konfigurasi dan Verifikasi Spanning Tree Protocol o Optimisasi STP o Configure PVST Rapid Spanning Tree Protocol

•

Mengelola the MAC Address Table & Konfigurasi Port Security

31

CCNA R&S Bootcamp

•

Mengelola Sistem Operasi Switch dan File Konfigurasi o Backup dan Restore the Cisco IOS File ke Switch dari TFTP Server o Backup dan Restore Konfigurasi File dari TFTP Server o Recover Passwords on the Catalyst 2950



Perangkat (Hostname ) SW1 SW2

SW3 PC1 PC2

Default Gateway IOS Version c2600-i-mz.122-28.bin


Interface

IP Address

FastEthernet0/0 FastEthernet0/1.10 FastEthernet0/1.20 FastEthernet0/1.30 FastEthernet0/1.99 Serial0/0 VLAN 99 VLAN 99 VLAN 99 FastEthernet0 FastEthernet0 FastEthernet0

172.17.10.1/24 172.17.20.1/24 172.17.30.1/24 172.17.99.1 /24 172.17.99.11/24 172.17.99.12/24 172.17.99.13/24 172.17.10.21/24 172.17.20.22/24 172.17.30.23/24

Port

Fungsi

Network

Fa0/1 – 0/4 Fa0/1 – 0/4 Fa0/11 Fa0/18 Fa0/6 Fa0/1 – 0/4 FastEthernet0 FastEthernet0

802.1q Trunks (Native VLAN 99) 802.1q Trunks (Native VLAN 99) VLAN 10 – Faculty/Staff VLAN 20 – Students VLAN 30 – Guest (Default) 802.1q Trunks (Native VLAN 99) 172.17.10.21/24 172.17.20.22/24

172.17.99.0 /24 172.17.99.0 /24 172.17.10.0 /24 172.17.20.0 /24 172.17.30.0 /24 172.17.99.0 /24 172.17.10.1 172.17.20.1

32

172.17.99.1 172.17.99.1 172.17.99.1 172.17.10.1 172.17.20.1 172.17.30.1

CCNA R&S Bootcamp

PC3 Perangkat (Hostname ) SW1 SW2 SW3 VLAN VLAN 99 VLAN 10 VLAN 20 VLAN 30

FastEthernet0

172.17.30.23/24

172.17.30.1

VTP Mode Operasi

VTP Domain

VTP Password

Server Client Client

Lab Lab Lab

cisco cisco cisco

VLAN Name management faculty-staff students guest

Konfigurasi SW1: Switch>enable Switch#erase start Erasing the nvram filesystem will remove all configuration files! Continue? [confirm] [OK] Erase of nvram: complete %SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram

Switch#reload Proceed with reload? [confirm]

Switch>enable Switch#config t Switch(config)#hostname SW1 SW1(config)#enable secret cisco SW1(config)#line console 0 SW1(config-line)#password cisco SW1(config-line)#login SW1(config-line)#exit SW1(config)#line vty 0 4 SW1(config-line)#password cisco SW1(config-line)#login SW1(config-line)#exit SW1(config)#no ip domain lookup SW1(config)#ip default-gateway 172.17.99.1 SW1(config)#exit SW1#write Building configuration... [OK]

SW1# SW1#config t Enter configuration commands, one per line. SW1(config)#interface range fa0/1-24 SW1(config-if-range)#shutdown SW1(config-if-range)#exit SW1(config)#vtp mode server Device mode already VTP SERVER.

SW1(config)#vtp domain Lab Changing VTP domain name from NULL to Lab

SW1(config)#vtp password cisco

33

End with CNTL/Z.

CCNA R&S Bootcamp

Setting device VLAN database password to cisco

SW1(config)#interface range fa0/1-5 SW1(config-if-range)#switchport mode trunk SW1(config-if-range)#switchport trunk native vlan 99 SW1(config-if-range)#no shutdown SW1(config-if-range)#exit SW1(config)#vlan 99 SW1(config-vlan)#name management SW1(config-vlan)#exit SW1(config)#vlan 10 SW1(config-vlan)#name faculty-staff SW1(config-vlan)#exit SW1(config)#vlan 20 SW1(config-vlan)#name students SW1(config-vlan)#exit SW1(config)#vlan 30 SW1(config-vlan)#name guest SW1(config-vlan)#exit SW1(config)#interfac vlan 99 SW1(config-if)#ip address 172.17.99.11 255.255.255.0 SW1(config-if)#no shutdown SW1(config-if)#exit SW1(config)# SW1#show vlan brief VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------1 default active Fa0/1, Fa0/2, Fa0/5, Fa0/6 Fa0/7, Fa0/8, Fa0/9, Fa0/10 Fa0/11, Fa0/12, Fa0/13, Fa0/14 Fa0/15, Fa0/16, Fa0/17, Fa0/18 Fa0/19, Fa0/20, Fa0/21, Fa0/22 Fa0/23, Fa0/24 10 faculty-staff active 20 students active 30 guest active 99 management active 1002 fddi-default active 1003 token-ring-default active 1004 fddinet-default active 1005 trnet-default active

SW1#



34

CCNA R&S Bootcamp

Switch>enable Switch#config t Switch(config)#hostname SW2 SW2(config)#enable secret cisco SW2(config)#line console 0 SW2(config-line)#password cisco SW2(config-line)#login SW2(config-line)#exit SW2(config)#line vty 0 4 SW2(config-line)#password cisco SW2(config-line)#login SW2(config-line)#exit SW2(config)#no ip domain lookup SW2(config)#ip default-gateway 172.17.99.1 SW2(config)#exit SW2#write Building configuration...

SW2#config t SW2(config)#interface range fa0/1-24 SW2(config-if-range)#shutdown SW2(config-if-range)#exit SW2(config)#vtp mode client Setting device to VTP CLIENT mode.

SW2(config)#vtp domain Lab Domain name already set to Lab. SW2(config)#vtp password cisco Setting device VLAN database password to cisco SW2(config)#interface range fa0/1-4 SW2(config-if-range)#switchport mode trunk SW2(config-if-range)#switchport trunk native vlan 99 SW2(config-if-range)#no shutdown SW2(config-if-range)#exit SW2(config)#interface fa0/11 SW2(config-if)#switchport access vlan 10 SW2(config-if)#no shutdown SW2(config-if)#exit SW2(config)#interface fa0/18 SW2(config-if)#switchport access vlan 20 SW2(config-if)#no shutdown SW2(config-if)#exit SW2(config)#interface fa0/6 SW2(config-if)#switchport access vlan 30 SW2(config-if)#no shutdown SW2(config-if)#exit SW2(config)#interface vlan 99 SW2(config-if)#ip address 172.17.99.12 255.255.255.0 SW2(config-if)#no shutdown SW2(config-if)#exit

35

CCNA R&S Bootcamp

SW2(config)#exit SW2#write Building configuration... [OK]

SW2# SW2#show vlan brief VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------1 default active Fa0/5, Fa0/7, Fa0/8, Fa0/9 Fa0/10, Fa0/12, Fa0/13, Fa0/14 Fa0/15, Fa0/16, Fa0/17, Fa0/19 Fa0/20, Fa0/21, Fa0/22, Fa0/23 Fa0/24

10 20 30 99

faculty-staff students guest management

active active active active

1002 1003 1004 1005

fddi-default token-ring-default fddinet-default trnet-default


Fa0/11 Fa0/18 Fa0/6

SW2#



Switch>enable Switch#config t Switch(config)#hostname SW3 SW3(config)#enable secret cisco SW3(config)#line console 0 SW3(config-line)#password cisco SW3(config-line)#login SW3(config-line)#exit SW3(config)#line vty 0 4 SW3(config-line)#password cisco SW3(config-line)#login SW3(config-line)#exit SW3(config)#no ip domain lookup SW3(config)#ip default-gateway 172.17.99.1 SW3(config)#exit SW3#write Building configuration...

SW3#config t

36

CCNA R&S Bootcamp

SW3(config)#interface range fa0/1-24 SW3(config-if-range)#shutdown SW3(config-if-range)#exit SW3(config)#vtp mode client Setting device to VTP CLIENT mode.

SW3(config)#vtp domain Lab Domain name already set to Lab. SW3(config)#vtp password cisco Setting device VLAN database password to cisco SW3(config)#interface range fa0/1-4 SW3(config-if-range)#switchport mode trunk SW3(config-if-range)#switchport trunk native vlan 99 SW3(config-if-range)#no shutdown SW3(config-if-range)#exit SW3(config)#interface vlan 99 SW3(config-if)#ip address 172.17.99.13 255.255.255.0 SW3(config-if)#no shutdown SW3(config-if)#exit SW3(config)#exit SW3#write Building configuration... [OK]

SW3# SW3#show vlan brief VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------1 default active Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Fa0/24

10 20 30 99

faculty-staff students guest management


1002 1003 1004 1005

fddi-default token-ring-default fddinet-default trnet-default


SW3#

Konfigurasi R1 sebagai Inter-VLAN Routing menggunakan protocol 802.1q: R1#erase startup-config Erasing the nvram filesystem will remove all configuration files! Continue? [confirm] [OK] Erase of nvram: complete %SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram

R1#reload Proceed with reload? [confirm]

Router>enable

37

CCNA R&S Bootcamp

Router#config t Router(config)#hostname R1 R1(config)#enable secret cisco R1(config)#line console 0 R1(config-line)#password cisco R1(config-line)#login R1(config-line)#exit R1(config)#line vty 0 4 R1(config-line)#password cisco R1(config-line)#login R1(config-line)#exit R1(config)#interface fa0/1 R1(config-if)#no ip address R1(config-if)#no shutdown R1(config-if)#exit R1(config)#interface fa0/1.10 R1(config-subif)#encapsulation dot1Q 10 R1(config-subif)#ip address 172.17.10.1 255.255.255.0 R1(config-subif)#exit R1(config)#interface fa0/1.20 R1(config-subif)#encapsulation dot1Q 20 R1(config-subif)#ip address 172.17.20.1 255.255.255.0 R1(config-subif)#exit R1(config)#interface fa0/1.30 R1(config-subif)#encapsulation dot1Q 30 R1(config-subif)#ip address 172.17.30.1 255.255.255.0 R1(config-subif)#exit R1(config)#interface fa0/1.99 R1(config-subif)#encapsulation dot1Q 99 native R1(config-subif)#ip address 172.17.99.1 255.255.255.0 R1(config-subif)#exit R1(config)#interface fa0/0 R1(config-if)#description "terhubung ke web/tftp server" R1(config-if)#ip address 172.17.50.1 255.255.255.0 R1(config-if)#no shutdown R1(config-if)#exit R1(config)#ip route 0.0.0.0 0.0.0.0 172.17.50.254 R1(config)#exit R1#write Building configuration... [OK]

R1#

Verifikasi Konektifitas PC1 dan SW1, lakukan sendiri untuk perangkat yang lain: PC1>ping 172.17.10.1 Pinging 172.17.10.1 with 32 bytes of data: Reply from 172.17.10.1: bytes=32 time=204ms TTL=255 Reply from 172.17.10.1: bytes=32 time=110ms TTL=255

38

CCNA R&S Bootcamp

Reply from 172.17.10.1: bytes=32 time=80ms TTL=255 Reply from 172.17.10.1: bytes=32 time=80ms TTL=255 Ping statistics for 172.17.10.1: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 80ms, Maximum = 204ms, Average = 118ms

PC1>ping 172.17.20.22 Pinging 172.17.20.22 with 32 bytes of data: Reply Reply Reply Reply

from from from from

172.17.20.22: 172.17.20.22: 172.17.20.22: 172.17.20.22:

bytes=32 bytes=32 bytes=32 bytes=32

time=188ms time=188ms time=172ms time=156ms

TTL=127 TTL=127 TTL=127 TTL=127

Ping statistics for 172.17.20.22: Packets: Sent = 4, Received = 3, Lost = 1 (25% loss), Approximate round trip times in milli-seconds: Minimum = 156ms, Maximum = 188ms, Average = 172ms


from from from from

172.17.30.23: 172.17.30.23: 172.17.30.23: 172.17.30.23:



TTL=127 TTL=127 TTL=127 TTL=127



from from from from

172.17.50.254: 172.17.50.254: 172.17.50.254: 172.17.50.254:



TTL=127 TTL=127 TTL=127 TTL=127


PC1> SW1#ping 172.17.99.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.17.99.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 31/34/47 ms

39

CCNA R&S Bootcamp

SW1#ping 172.17.50.254 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.17.50.254, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 35/57/63 ms

SW1#

Konfigurasi dan Verifikasi Spanning Tree Protocol: SW1#show spanning-tree vlan 10 VLAN0010 Spanning tree enabled protocol ieee Root ID Priority 32778 Address 0000.0C76.1D62 This bridge is the root Hello Time 2 sec Max Age 20 sec Bridge ID

Priority Address Hello Time Aging Time

Interface ---------------Fa0/1 Fa0/2 Fa0/3 Fa0/4 Fa0/5

Role ---Desg Desg Desg Desg Desg

Forward Delay 15 sec

32778 (priority 32768 sys-id-ext 10) 0000.0C76.1D62 2 sec Max Age 20 sec Forward Delay 15 sec 20

Sts --FWD FWD FWD FWD FWD

Cost --------19 19 19 19 19

Prio.Nbr -------128.1 128.2 128.3 128.4 128.5

Type -------------------------------P2p P2p P2p P2p P2p

SW1#show spanning-tree vlan 20 VLAN0020 Spanning tree enabled protocol ieee Root ID Priority 32788 Address 0000.0C76.1D62 This bridge is the root Hello Time 2 sec Max Age 20 sec Bridge ID







Cost --------19 19 19 19 19

Prio.Nbr -------128.1 128.2 128.3 128.4 128.5

Type -------------------------------P2p P2p P2p P2p P2p

SW1#show spanning-tree vlan 30 VLAN0030 Spanning tree enabled protocol ieee Root ID Priority 32798 Address 0000.0C76.1D62 This bridge is the root Hello Time 2 sec Max Age 20 sec

40


CCNA R&S Bootcamp

Bridge ID






Cost --------19 19 19 19 19

Prio.Nbr -------128.1 128.2 128.3 128.4 128.5

Type -------------------------------P2p P2p P2p P2p P2p

SW1#show spanning-tree vlan 99 VLAN0099 Spanning tree enabled protocol ieee Root ID Priority 32867 Address 0000.0C76.1D62 This bridge is the root Hello Time 2 sec Max Age 20 sec Bridge ID







Cost --------19 19 19 19 19

Prio.Nbr -------128.1 128.2 128.3 128.4 128.5

Type -------------------------------P2p P2p P2p P2p P2p

SW1#

Optimisasi STP, dengan Memilih SW1 sebagai Root Bridge/Switch secara manual: Karena terdapat instance STP yang terpisah pada setiap VLAN yang aktif, maka pemilihan Root Bridge/Switch hanya terjadi pada VLAN tertentu saja. Secara default switch akan melakukan pemilihan bedasarkan kombinasi Priority dan MAC Address terkecil, dimana secara default Switch memiliki Priority adalah 32768. Sehingga penting sekali anda melakukan pemilihan Root secara manual karena beberapa alasan berikut: •

Karena Root Bridge/Switch bertanggung jawab men-generate (menghasilkan) BPDU pada STP 802.1D sehingga Root Switch/Bridge harus memiliki kemampuan untuk menangani Processing Load tambahan tersebut

•

Penempatan Root Bridge/Switch biasanya ditempat yang bisa dijangkau secara optimal oleh switch yang lain. Biasanya pada Switch Distribution

SW1#config t SW1(config)#spanningSW1(config)#spanning-tree vl SW1(config)#spanning-tree vlan 10 pri SW1(config)#spanning-tree vlan 10 priority ? <0-61440>

bridge priority in increments of 4096

SW1(config)#spanning-tree vlan 10 priority 4096 SW1(config)#spanning-tree vlan 20 priority 4096

41

CCNA R&S Bootcamp

SW1(config)#spanning-tree vlan 30 priority 4096 SW1(config)#spanning-tree vlan 99 priority 4096 SW1(config)#exit SW1#show spanning-tree vlan 10 VLAN0010 Spanning tree enabled protocol ieee

Root ID

Priority Address

4106 0000.0C76.1D62

This bridge is the root Hello Time 2 sec Max Age 20 sec Bridge ID






Cost --------19 19 19 19 19

Prio.Nbr -------128.1 128.2 128.3 128.4 128.5

Type -------------------------------P2p P2p P2p P2p P2p

SW1#

Configure PVST Rapid Spanning Tree Protocol: SW1#config t SW1(config)#spanning-tree mode ? pvst rapid-pvst

Per-Vlan spanning tree mode Per-Vlan rapid spanning tree mode

SW1(config)#spanning-tree mode rapid-pvst SW1(config)#exit SW1#write Building configuration... [OK]

SW1# SW2#config t SW2(config)#spanning-tree mode ? pvst rapid-pvst



SW2# SW3#config t SW3(config)#spanning-tree mode ? pvst rapid-pvst



42

CCNA R&S Bootcamp


SW3#

Mengelola the MAC Address Table & Konfigurasi Port Security: SW2#show mac-address-table Mac Address Table ------------------------------------------Vlan ---1 10 20 30 99

Mac Address -----------

Type --------

Ports -----

0003.e4bc.7c01 0003.e4bc.7c02 0003.e4bc.7c01 0003.e4bc.7c01 0003.e4bc.7c01

DYNAMIC DYNAMIC DYNAMIC DYNAMIC DYNAMIC

Fa0/2 Fa0/1 Fa0/2 Fa0/2 Fa0/2

SW2#config t SW2(config)#interface fa0/11 SW2(config-if)#switchport port-security ? mac-address maximum violation

Secure mac address Max secure addresses Security violation mode

SW2(config-if)#switchport port-security maximum 2 SW2(config-if)#switchport port-security mac-address ? H.H.H sticky

48 bit mac address Configure dynamic secure addresses as sticky

SW2(config-if)#switchport port-security mac-address sti SW2(config-if)#switchport port-security mac-address sticky SW2(config-if)#switchport port-security violation protect SW2(config-if)#exit SW2(config)#exit SW2#write Building configuration... [OK]

SW2#

Backup dan Restore the Cisco IOS File ke Switch dari TFTP Server: SW1#show flash Directory of flash:/ 1 2

-rw-rw-

3058048 796

c2950-i6q4l2-mz.121-22.EA4.bin vlan.dat

64016384 bytes total (60957540 bytes free)

SW1#copy flash tftp Source filename []? c2950-i6q4l2-mz.121-22.EA4.bin Address or name of remote host []? 172.17.50.254 Destination filename [c2950-i6q4l2-mz.121-22.EA4.bin]? Writing

c2950-i6q4l2-mz.121-

43

CCNA R&S Bootcamp

22.EA4.bin...!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! [OK - 3058048 bytes] 3058048 bytes copied in 3.39 secs (902000 bytes/sec)

SW1# SW1#copy tftp flash Address or name of remote host []? 172.17.50.254 Source filename []? c2950-i6q4l2-mz.121-22.EA8.bin Destination filename [c2950-i6q4l2-mz.121-22.EA8.bin]? Accessing tftp://172.17.50.254/c2950-i6q4l2-mz.121-22.EA8.bin... Loading c2950-i6q4l2-mz.121-22.EA8.bin from 172.17.50.254: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! [OK - 3117390 bytes] 3117390 bytes copied in 3.516 secs (886629 bytes/sec)

SW1#show flash: Directory of flash:/ 1 3 2

-rw-rw-rw-

3058048 3117390 796

c2950-i6q4l2-mz.121-22.EA4.bin c2950-i6q4l2-mz.121-22.EA8.bin vlan.dat

64016384 bytes total (57840150 bytes free)

SW1#delete flash: Delete filename []?c2950-i6q4l2-mz.121-22.EA4.bin Delete flash:/c2950-i6q4l2-mz.121-22.EA4.bin? [confirm]

SW1#config t SW1(config)#boot system ? WORD

pathlist of boot file(s) ... file1;file2;...

SW1(config)#boot system 2950-i6q4l2-mz.121-22.EA8.bin SW1(config)#exit SW1#write Building configuration... [OK]

SW1#reload Proceed with reload? [confirm]

Recover Passwords on the Catalyst 2950: 1. Pastikan PC anda terhubung menggunakan Kabel Console ke Console port pada Switch, dan jangan lupa 2. 3.

aktifkan Hyperterminal sesuai dengan standar konfigurasi. Matikan Switch, kemudian nyalakan disaat bersamaan tekan tombol MODE dan tahan hingga SYS LED (lampu SYS) berhenti berkedip dan nyala Saat itu anda akan menemukan di Hyperterminal anda tulisan dibawah ini The system has been interrupted prior to initializing the flash files system. The following commands will initialize the flash files system, and finish loading the operating system software: flash_init load_helper boot

4. Setelah loading selesai, lakukan perintah dibawah ini, dan perhatian jangan lupa mengetik titik dua (:) setelah

44

CCNA R&S Bootcamp

perintah dir flash: switch:flash_init switch:load_helper switch:dir flash:

5. Kemudian ketik perintah dibawah ini agar mengganti nama file konfigurasi lama yang berisi password dengan nama lain:

rename flash:config.text flash:config.old

6. Restart sistem dengan perintah Boot 7. Setelah masuk ke Switch lakukan perintah berikut ini: Switch#rename flash:config.old flash:config.text Switch#copy flash:config.text system:running-config Source filename [config.text ]?[enter] Destination filename [running-config][enter] The configuration file is now reloaded. Change the old unknown passwords as follows: ALSwitch#configure terminal ALSwitch(config)#no enable secret ALSwitch(config)#enable secret class ALSwitch(config)#line console 0 ALSwitch(config-line)# password cisco ALSwitch(config-line)# exit ALSwitch(config)#line vty 0 15 ALSwitch(config-line)# password cisco ALSwitch(config-line)# end ALSwitch#copy running-config startup-config Destination filename [startup-config]?[enter] Building configuration... [OK] ALSwitch#

Lab 10 Security

Hands-on Labs Pada sesi ini, anda akan menyelesaikan dua lab yaitu Standard Access List dan Extended Accesslist dengan skenario masing-masing. Pastikan Anda konfigurasi jaringan anda menggunakan OSPF 10 area 10. •

Standard IP Access List o Scenario: PC1 tidak bisa akses ke PC3

•

Extended IP Access List o Skenario-1: PC3 tidak bisa P ING ke Server1 tetapi bisa Web Browsing o Skenario-2: PC2 bisa PING ke Server1 tetapi tidak bisa Web Browsing

45

CCNA R&S Bootcamp


c2600-i-mz.122-28.bin

R2

c2600-i-mz.122-28.bin

R3

c2600-i-mz.122-28.bin


IOS Version



IP Address 192.168.1.1/24 192.168.2.1/30 192.168.3.1/24 192.168.2.2/30 192.168.4.1/30 192.168.5.1/24 192.168.4.2/30 192.168.1.254/24 192.168.3.254/24 192.168.5.254/24

Standard Access List (Best Practice: Letakkan ACL dekat dengan Destination): R3#config t R3(config)#access-list 1 deny host 192.168.1.254 R3(config)#access-list 1 permit any R3(config)#int se0/0 R3(config-if)#ip access-group 1 in R3(config-if)#exit R3(config)#exit R3#write Building configuration... [OK]

R3# PC1>ping 192.168.5.254

46

CCNA R&S Bootcamp

Pinging 192.168.5.254 with 32 bytes of data: Request Request Request Request

timed timed timed timed

out. out. out. out.

Ping statistics for 192.168.5.254: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

PC1>

Extended Access List (Best Practice: Letakkan ACL dekat dengan Source): R1#config t R1(config)#access-list 100 deny icmp host 192.168.5.254 host 192.168.1.2 R1(config)#access-list 100 deny tcp host 192.168.3.254 host 192.168.1.2 eq 80 R1(config)#access-list 100 permit ip any any R1(config)#exit R1(config)#interface se0/0 R1(config-if)#ip access-group 100 in R1(config-if)#exit R1(config)#exit R1#write Building configuration... [OK]

R1# PC3>ping 192.168.1.2 Pinging 192.168.1.2 with 32 bytes of data:

Request Request Request Request

timed timed timed timed

out. out. out. out.

Ping statistics for 192.168.1.2: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

PC3>

47

CCNA R&S Bootcamp

PC2>ping 192.168.1.2 Pinging 192.168.1.2 with 32 bytes of data:

Reply Reply Reply Reply

from from from from

192.168.1.2: 192.168.1.2: 192.168.1.2: 192.168.1.2:



TTL=126 TTL=126 TTL=126 TTL=126


PC2>

48

CCNA R&S Bootcamp

49

CCNA R&S Bootcamp

Lab 11 Network Address Translation (NAT)

Hands-on Lab Pada Hands-on Lab Bab ini anda kan mencoba melakukan konfigurasi PAT (Port Address Translation) sesuai dengan Topologi dibawah ini, dimana R1 bertindak sebagai ISP yang akan mentranslasikan Network 192.168.3.0/24, 192.168.4.0/24, dan 192.168.5.0/24. Anda konfigurasi jaringan anda menggunakan OSPF 10 area 10 (LAB-7).

Perangkat (Hostname ) R1 (ISP)

c2600-i-mz.122-28.bin

R2

c2600-i-mz.122-28.bin

R3

c2600-i-mz.122-28.bin


IOS Version



50

IP Address 192.168.1.1/24 192.168.2.1/30 192.168.3.1/24 192.168.2.2/30 192.168.4.1/30 192.168.5.1/24 192.168.4.2/30 192.168.1.254/24 192.168.3.254/24 192.168.5.254/24

CCNA R&S Bootcamp

Hands-on Lab 11.1: Preparing for NAT R1#config t R1(config)#interface fa0/0 R1(config-if)#ip nat out R1(config-if)#ip nat outside R1(config-if)#exit R1(config)#interface se0/0 R1(config-if)#ip nat inside R1(config-if)#exit R1(config)#access-list 1 permit R1(config)#access-list 1 permit R1(config)#access-list 1 permit R1(config)#ip nat pool internet R1(config)#ip nat inside source R1(config)#exit

192.168.3.0 192.168.4.0 192.168.5.0 192.168.1.1 list 1 pool

0.0.0.255 0.0.0.255 0.0.0.255 192.168.1.1 netmask 255.255.255.0 internet overload

R1#write Building configuration... [OK]

R1# PC>ping 192.168.1.2 Pinging 192.168.1.2 with 32 bytes of data: Reply Reply Reply Reply

from from from from

192.168.1.2: 192.168.1.2: 192.168.1.2: 192.168.1.2:



TTL=126 TTL=126 TTL=126 TTL=126


PC> R1#show ip nat translations Pro Inside global icmp 192.168.1.1:10 icmp 192.168.1.1:11 icmp 192.168.1.1:12 icmp 192.168.1.1:9 tcp 192.168.1.1:1028 tcp 192.168.1.1:1029

Inside local 192.168.3.254:10 192.168.3.254:11 192.168.3.254:12 192.168.3.254:9 192.168.5.254:1028 192.168.5.254:1029

R1#

51

Outside local 192.168.1.2:10 192.168.1.2:11 192.168.1.2:12 192.168.1.2:9 192.168.1.2:80 192.168.1.2:80

Outside global 192.168.1.2:10 192.168.1.2:11 192.168.1.2:12 192.168.1.2:9 192.168.1.2:80 192.168.1.2:80

CCNA R&S Bootcamp

Lab 12 Cisco’s Wireless Technologies

Hands-on Labs Pada Hands-on Lab berikut, anda akan melakukan konfigurasi Wireless Router Cisco sesuai dengan topologi dibawah ini (LAB-7):

Perangkat (Hostname ) R1 (ISP)

c2600-i-mz.122-28.bin

R2

c2600-i-mz.122-28.bin

R3

c2600-i-mz.122-28.bin

SW1 SW2 SW3 PC1 PC2 PC3 Wireless Router3

IOS Version


Interface FastEthernet0/0 FastEthernet0/1 Serial0/0 FastEthernet0/0 FastEthernet0/1 Serial0/0 Serial0/1 FastEthernet0/0 FastEthernet0/1 Serial0/0 FastEthernet0/1 – 24 FastEthernet0/1 – 24 FastEthernet0/1 – 24 FastEthernet0 FastEthernet0 FastEthernet0 Internet0/0 Access Point LAN DHCP Range

52

IP Address 192.168.1.1/24 192.168.2.1/30 192.168.3.1/24 192.168.2.2/30 192.168.4.1/30 192.168.5.1/24 192.168.4.2/30 192.168.1.254/24 192.168.3.254/24 192.168.5.254/24 192.168.1.2/24 192.168.0.1/24 192.168.0.2/24 s.d 192.168.0.254/24

CCNA R&S Bootcamp

Konfigurasi Wireless Router3 Menggunakan Web Utility: 1. Akses melalui URL standar. Arahkan browser anda ke http://192.168.1.1.

2. Masukkan informasi autentikasi.

3. Ganti alamat Internet0/0 menjadi alamat static

53

CCNA R&S Bootcamp

4. Set alamat IP untuk interface Internet0/0 menjadi 192.168.1.2/24 dan Default-Gateway 192.168.1.1

5. Aktifkan DHCP Server dengan range Valid pada Network 192.168.0.0/24, dan jangan lupa di simpan (save)

6. Periksa koneksi pada Laptop3 PC>ping 192.168.1.2 Pinging 192.168.1.2 with 32 bytes of data: Reply Reply Reply Reply

from from from from

192.168.1.2: 192.168.1.2: 192.168.1.2: 192.168.1.2:



TTL=255 TTL=255 TTL=255 TTL=255

Ping statistics for 192.168.1.2: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds:

54

CCNA R&S Bootcamp

Minimum = 78ms, Maximum = 94ms, Average = 89ms

PC>

Lab 13 Internet Protocol Version 6 (IPv6)

Hands-On Lab Pada Hands-on Lab berikut, anda akan melakukan konfigurasi IPv6 pada setiap Router sesuai dengan topologi dibawah ini: •

Konfigurasi RIPng

•

Verifikasi RIPng

•

Konfigurasi EIGRPv6 (AS:10)

•

Verifikasi EIGRPv6

•

Konfigurasi OSPFv3 (Process-ID: 10, Area 0)

•

Verifikasi OSPFv3


c1841-advipservicesk9-mz.124-15.T1.bin

R2


R3


SW1 SW2 SW3

IOS Version

Interface FastEthernet0/0 FastEthernet0/1 Serial0/0/0 FastEthernet0/0 FastEthernet0/1 Serial0/0/0 Serial0/1/0 FastEthernet0/0 FastEthernet0/1 Serial0/0/0 FastEthernet0/1 – 24 FastEthernet0/1 – 24 FastEthernet0/1 – 24


55

IP Address 2001:DB8:0:1::1/64 FC00:0:0:1::1/64 2001:DB8:0:2::1/64 FC00:0:0:1::2/64 FC00:0:0:2::1/64 2001:DB8:0:3::1/64 FC00:0:0:2::2/64 -

CCNA R&S Bootcamp

FastEthernet0 FastEthernet0 FastEthernet0

PC1 PC2 PC3

Konfigurasi RIPng pada R1, R2, dan R3: Router>enable Router#config t Router(config)#hostname R1 R1(config)#ipv6 unicast-routing R1(config)#interface fa0/0 R1(config-if)#ipv6 enable R1(config-if)#ipv6 address 2001:DB8:0:1::1/64 R1(config-if)#ipv6 rip 1 enable R1(config-if)#no shut R1(config-if)#exit R1(config)#interface se0/0/0 R1(config-if)#ipv6 enable R1(config-if)#ipv6 address FC00:0:0:1::1/64 R1(config-if)#ipv6 rip 1 enable R1(config-if)#no shut R1(config-if)#exit R1(config)#exit R1#write Building configuration... [OK]

R1# Router>enable Router#config t Router(config)#hostname R2 R2(config)#ipv6 unicast-routing R2(config)#int se0/0/0 R2(config-if)#ipv6 enable R2(config-if)#ipv6 address FC00:0:0:1::2/64 R2(config-if)#ipv6 rip 1 enable R2(config-if)#clock rate 64000 R2(config-if)#no shut R2(config-if)#exit R2(config)#interface se0/1/0 R2(config-if)#ipv6 enable R2(config-if)#ipv6 address FC00:0:0:2::1/64 R2(config-if)#ipv6 rip 1 enable R2(config-if)#clock rate 64000 R2(config-if)#no shut R2(config-if)#exit R2(config)#interface fa0/0 R2(config-if)#ipv6 enable R2(config-if)#ipv6 address 2001:DB8:0:2::1/64 R2(config-if)#ipv6 rip 1 enable R2(config-if)#no shut R2(config-if)#exit

56

Autoconfig Autoconfig Autoconfig

CCNA R&S Bootcamp

R2(config)#exit R2#write Building configuration... [OK]

R2# Router>enable Router#config t Router#hostname R3 Router(config)#ipv6 unicast-routing R3(config)#int se0/0/0 R3(config-if)#ipv6 enable R3(config-if)#ipv6 add FC00:0:0:2::2/64 R3(config-if)#ipv6 rip 1 enable R3(config-if)#no shut R3(config-if)#exit R3(config)#int fa0/0 R3(config-if)#ipv6 enable R3(config-if)#ip R3(config-if)#ipv6 add 2001:DB8:0:3::1/64 R3(config-if)#ipv6 rip 1 enable R3(config-if)#no shut R3(config-if)#exit R3(config)#exit R3# R3#write Building configuration... [OK]

R3#

Verifikasi RIPng pada R1 dan PC1. (lakukan sendiri untuk R2, R3, PC2 dan PC3): R1#show ipv6 route IPv6 Routing Table - 8 entries Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP U - Per-user Static route, M - MIPv6 I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 D - EIGRP, EX - EIGRP external C 2001:DB8:0:1::/64 [0/0] via ::, FastEthernet0/0 L 2001:DB8:0:1::1/128 [0/0] via ::, FastEthernet0/0 R 2001:DB8:0:2::/64 [120/1] via FE80::206:2AFF:FE8E:BD6E, Serial0/0/0 R 2001:DB8:0:3::/64 [120/2] via FE80::206:2AFF:FE8E:BD6E, Serial0/0/0 C FC00:0:0:1::/64 [0/0] via ::, Serial0/0/0 L FC00:0:0:1::1/128 [0/0] via ::, Serial0/0/0 R FC00:0:0:2::/64 [120/1] via FE80::206:2AFF:FE8E:BD6E, Serial0/0/0 L FF00::/8 [0/0] via ::, Null0

57

CCNA R&S Bootcamp

R1#show ipv6 rip database RIP process "1" local RIB 2001:DB8:0:2::/64, 2001:DB8:0:2::/64, metric 1, installed Serial0/0/0/FE80::206:2AFF:FE8E:BD6E, expires in 169 sec 2001:DB8:0:3::/64, 2001:DB8:0:3::/64, metric 2, installed Serial0/0/0/FE80::206:2AFF:FE8E:BD6E, expires in 169 sec FC00:0:0:2::/64, metric 1, installed Serial0/0/0/FE80::206:2AFF:FE8E:BD6E, expires in 169 sec

R1# PC1>ping 2001:DB8:0:2:260:70FF:FED5:8002 Pinging 2001:DB8:0:2:260:70FF:FED5:8002 with 32 bytes of data: Reply Reply Reply Reply

from from from from

2001:DB8:0:2:260:70FF:FED5:8002: 2001:DB8:0:2:260:70FF:FED5:8002: 2001:DB8:0:2:260:70FF:FED5:8002: 2001:DB8:0:2:260:70FF:FED5:8002:



TTL=126 TTL=126 TTL=126 TTL=126

Ping statistics for 2001:DB8:0:2:260:70FF:FED5:8002: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 139ms, Maximum = 281ms, Average = 175ms

PC1>ping 2001:DB8:0:3:2E0:A3FF:FE79:8BEB Pinging 2001:DB8:0:3:2E0:A3FF:FE79:8BEB with 32 bytes of data: Reply Reply Reply Reply

from from from from

2001:DB8:0:3:2E0:A3FF:FE79:8BEB: 2001:DB8:0:3:2E0:A3FF:FE79:8BEB: 2001:DB8:0:3:2E0:A3FF:FE79:8BEB: 2001:DB8:0:3:2E0:A3FF:FE79:8BEB:



Ping statistics for 2001:DB8:0:3:2E0:A3FF:FE79:8BEB: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 174ms, Maximum = 297ms, Average = 208ms

PC1>

Konfigurasi EIGRPv6 (AS:10) pada R1, R2, dan R3: R1>enable R1#config t R1(config)#ipv6 router eigrp 10 R1(config-rtr)#router-id 1.1.1.1 R1(config-rtr)#no R1(config-rtr)#no shut R1(config-if)#exit R1(config)#interface fa0/0 R1(config-if)#no ipv6 rip 1 enable R1(config-if)#ipv6 eigrp ? <1-65535>

AS number

R1(config-if)#ipv6 eigrp 10 R1(config-if)#exit R1(config)#interface se0/0/0 R1(config-if)#no ipv6 rip 1 enable

58

TTL=125 TTL=125 TTL=125 TTL=125

CCNA R&S Bootcamp

R1(config-if)#ipv6 eigrp 10 R1(config-if)#exit R1(config)#exit R1#write Building configuration... [OK]

R1# R2>enable R2#config t R2(config)#ipv6 router eigrp 10 R2(config-rtr)#router-id 2.2.2.2 R2(config-rtr)#no R2(config-rtr)#no shutdown R2(config-rtr)#exit R2(config)#int se0/0/0 R2(config-if)#no ipv6 rip 1 enable R2(config-if)#ipv6 eigrp 10 R2(config-if)#exit R2(config)#int se0/1/0 R2(config-if)#no ipv6 rip 1 enable R2(config-if)#ipv6 eigrp 10 R2(config-if)#exit R2(config)#int fa0/0 R2(config-if)#no ipv6 rip 1 enable R2(config-if)#ipv6 eigrp 10 R2(config-if)#exit R2(config)#exit R2#write Building configuration... [OK]

R2# R3>enable R3#config t R3(config)#ipv6 router eigrp 10 R3(config-rtr)#router-id 3.3.3.3 R3(config-rtr)#no R3(config-rtr)#no shut R3(config-rtr)#exit R3(config)#int se0/0/0 R3(config-if)#no ipv6 rip 1 enable R3(config-if)#ipv6 eigrp 10 R3(config-if)#exit R3(config)#int fa0/0 R3(config-if)#no ipv6 rip 1 enable R3(config-if)#ipv6 eigrp 10 R3(config-if)#exit R3(config)#exit R3#write Building configuration... [OK]

R3#

59

CCNA R&S Bootcamp

Verifikasi erifikasi EIGRPv6 (AS:10) (AS:10) pada R1 dan PC1. (Lakukan (Lakukan sendiri sendiri untuk untuk R2, R3, PC2 dan PC3): R1#show ipv6 route IPv6 Routing Table - 8 entries Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP U - Per-user Static route, M - MIPv6 I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 D - EIGRP, EX - EIGRP external C 2001:DB8:0:1::/64 2001:DB8:0:1::/64 [0/0] via ::, FastEthernet0/0 L 2001:DB8:0:1::1/128 2001:DB8:0:1::1/128 [0/0] via ::, FastEthernet0/0 D 2001:DB8:0:2::/64 2001:DB8:0:2::/64 [90/20514560] [90/20514560] via FE80::206:2AFF:FE8E:BD6E, Serial0/0/0 D 2001:DB8:0:3::/64 2001:DB8:0:3::/64 [90/21026560] [90/21026560] via FE80::206:2AFF:FE8E:BD6E, Serial0/0/0 C FC00:0:0:1::/64 FC00:0:0:1::/64 [0/0] via ::, Serial0/0/0 L FC00:0:0:1::1/128 FC00:0:0:1::1/128 [0/0] via ::, Serial0/0/0 D FC00:0:0:2::/64 FC00:0:0:2::/64 [90/21024000] [90/21024000] via FE80::206:2AFF:FE8E:BD6E, Serial0/0/0 L FF00::/8 [0/0] via ::, Null0

R1#show ipv6 eigrp neighbors IPv6-EIGRP neighbors for process 10 H Address Interface Hold Uptime (sec) 0 FE80::206:2AFF:FE8E:BD6E FE80::206:2 AFF:FE8E:BD6ESe0/0/0 Se0/0/0 13

SRTT RTO (ms) 00:10:01 40

Q Seq Cnt Num 1000 0

R1#show ipv6 eigrp topology IPv6-EIGRP Topology Table for AS 10/ID(1.1.1.1) Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply, r - Reply status P 2001:DB8:0:1::/64, 1 successors, FD is 28160 via Connected, FastEthernet0/0 P FC00:0:0:1::/64, 1 successors, FD is 20512000 via Connected, Serial0/0/0 P FC00:0:0:2::/64, 1 successors, FD is 21024000 via FE80::206:2AFF:FE8E:BD6E (21024000/20512000), Serial0/0/0 P 2001:DB8:0:2::/64, 1 successors, FD is 20514560 via FE80::206:2AFF:FE8E:BD6E (20514560/28160), Serial0/0/0 P 2001:DB8:0:3::/64, 1 successors, FD is 21026560 via FE80::206:2AFF:FE8E:BD6E (21026560/20514560), Serial0/0/0

R1# PC1>ping 2001:DB8:0:2:260:70FF:FED5:8002 Pinging 2001:DB8:0:2:260:70FF:FED5:8002 with 32 bytes of data: Reply from 2001:DB8:0:2:260:70FF:FED5:8002: bytes=32 time=141ms TTL=126 Reply from 2001:DB8:0:2:260:70FF:FED5:8002: bytes=32 time=156ms TTL=126 Reply from 2001:DB8:0:2:260:70FF:FED5:8002: bytes=32 time=125ms TTL=126

60

5

CCNA R&S Bootcamp

Reply from 2001:DB8:0:2:260:70FF:FED5:8002: bytes=32 time=141ms TTL=126 Ping statistics for 2001:DB8:0:2:260:70FF:FED5:8002: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 125ms, Maximum = 156ms, Average = 140ms

PC1>ping 2001:DB8:0:3:2E0:A3FF:FE79:8BEB Pinging 2001:DB8:0:3:2E0:A3FF:FE79:8BEB with 32 bytes of data: Reply Reply Reply Reply

from from from from




Ping statistics for 2001:DB8:0:3:2E0:A3FF:FE79:8BEB: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 172ms, Maximum = 187ms, Average = 175ms

PC1>

Konfigurasi OSPFv3 (Process-ID:10, Area:0) pada R1, R2, dan R3: R1#config t R1(config)#no ipv6 router eigrp 10 R1(config)#ipv6 router ospf 10 R1(config-rtr)#router-id 1.1.1.1 R1(config-rtr)#exit R1(config)#int fa0/0 R1(config-if)#no ipv6 eigrp 10 R1(config-if)#ipv6 ospf 10 area 0 R1(config-if)#exit R1(config)#int se0/0/0 R1(config-if)#no ipv6 eigrp 10 R1(config-if)#ipv6 ospf 10 area 0 R1(config-if)#exit R1(config)#exit R1#write Building configuration... [OK]

R1# R2>enable R2#config t R2(config)#no ipv6 router eigrp 10 R2(config)#ipv6 router ospf 10 R2(config-rtr)#router-id 2.2.2.2 R2(config-rtr)#exit R2(config)#int se0/0/0 R2(config-if)#no ipv6 eigrp 10 R2(config-if)#ipv6 ospf 10 area 0 R2(config-if)#exit R2(config)#int fa0/0

61

TTL=125 TTL=125 TTL=125 TTL=125

CCNA R&S Bootcamp

R2(config-if)#no ipv6 eigrp 10 R2(config-if)#ipv6 ospf 10 area 0 R2(config-if)#exit R2(config)#int se0/1/0 R2(config-if)#no ipv6 eigrp 10 R2(config-if)#ipv6 ospf 10 area 0 R2(config-if)#exit R2(config)#exit R2#write Building configuration... [OK]

R2# R3>enable R3#config t R3(config)#no ipv6 router eigrp 10 R3(config)#ipv6 router ospf 10 R3(config-rtr)#router-id 3.3.3.3 R3(config-rtr)#exit R3(config)#int se0/0/0 R3(config-if)#no ipv6 eigrp 10 R3(config-if)#ipv6 ospf 10 area 0 R3(config-if)#exit R3(config)#int fa0/0 R3(config-if)#no ipv6 eigrp 10 R3(config-if)#ipv6 ospf 10 area 0 R3(config-if)#exit R3(config)#exit R3#write Building configuration... [OK]

R3#

Verifikasi OSPFv3 (Process-ID:10, Area:0) pada R1 dan PC1, (lakukan sendiri pada R2, R3, PC2, dan PC3): R1#show ipv6 route IPv6 Routing Table - 8 entries Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP U - Per-user Static route, M - MIPv6 I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 D - EIGRP, EX - EIGRP external C 2001:DB8:0:1::/64 [0/0] via ::, FastEthernet0/0 L 2001:DB8:0:1::1/128 [0/0] via ::, FastEthernet0/0 O 2001:DB8:0:2::/64 [110/781] via FE80::206:2AFF:FE8E:BD6E, Serial0/0/0 O 2001:DB8:0:3::/64 [110/1562] via FE80::206:2AFF:FE8E:BD6E, Serial0/0/0 C FC00:0:0:1::/64 [0/0] via ::, Serial0/0/0 L FC00:0:0:1::1/128 [0/0]

62

CCNA R&S Bootcamp

O L

via ::, Serial0/0/0 FC00:0:0:2::/64 [110/781] via FE80::206:2AFF:FE8E:BD6E, Serial0/0/0 FF00::/8 [0/0] via ::, Null0

R1#show ipv6 ospf neighbor Neighbor ID 2.2.2.2

Pri 0

State FULL/

-

Dead Time 00:00:31

Interface ID 3

Interface Serial0/0/0

R1#show ipv6 ospf database OSPF Router with ID (1.1.1.1) (Process ID 10) Router Link States (Area 0) ADV Router 1.1.1.1 2.2.2.2 3.3.3.3

Age 317 114 114

Seq# 0x80000002 0x80000003 0x80000002

Link count Bits 1 2 1

ADV Router 1.1.1.1 1.1.1.1 2.2.2.2

Link (Type-8) Link States (Area 0) Age Seq# Link ID 448 0x80000001 1 321 0x80000003 3 317 0x80000002 3

ADV Router 1.1.1.1 2.2.2.2 3.3.3.3

Intra Area Prefix Link Age Seq# 426 0x80000002 223 0x80000003 92 0x80000002

States (Area 0) Link ID Ref-lstype 2 0x2001 2 0x2001 2 0x2001

Ref-LSID 0 0 0

R1# PC1>ping 2001:DB8:0:2:260:70FF:FED5:8002 Pinging 2001:DB8:0:2:260:70FF:FED5:8002 with 32 bytes of data: Reply Reply Reply Reply

from from from from

2001:DB8:0:2:260:70FF:FED5:8002: 2001:DB8:0:2:260:70FF:FED5:8002: 2001:DB8:0:2:260:70FF:FED5:8002: 2001:DB8:0:2:260:70FF:FED5:8002:


time=94ms TTL=126 time=141ms TTL=126 time=141ms TTL=126 time=156ms TTL=126

Ping statistics for 2001:DB8:0:2:260:70FF:FED5:8002: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 94ms, Maximum = 156ms, Average = 133ms

PC>ping 2001:DB8:0:3:2E0:A3FF:FE79:8BEB Pinging 2001:DB8:0:3:2E0:A3FF:FE79:8BEB with 32 bytes of data: Reply Reply Reply Reply

from from from from




Ping statistics for 2001:DB8:0:3:2E0:A3FF:FE79:8BEB: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

63

TTL=125 TTL=125 TTL=125 TTL=125

CCNA R&S Bootcamp

Approximate round trip times in milli-seconds: Minimum = 156ms, Maximum = 188ms, Average = 171ms

PC1>

Lab 14 Wide Area Networks

Hands-on Lab Pada sesi ini, anda akan mengkonfigurasi beberapa poin dibawah ini •

Konfigurasi dan verifikasi Enkapsulasi PPP menggunakan Autentikasi CHAP

•

Konfigurasi dan Verifikasi Frame Relay

Konfigurasi dan verifikasi Enkapsulasi PPP menggunakan Autentikasi CHAP Pastikan anda telah melakukan konfigurasi OSPF (Process-ID: 10, Area:0) untuk topologi dibawah ini (gunakan stepby-step pada Hands-on Lab Bab 7):


c2600-i-mz.122-28.bin

R2

c2600-i-mz.122-28.bin

R3

c2600-i-mz.122-28.bin

IOS Version

Interface FastEthernet0/0 FastEthernet0/1 Serial0/0 FastEthernet0/0 FastEthernet0/1 Serial0/0 Serial0/1 FastEthernet0/0 FastEthernet0/1 Serial0/0

64

IP Address 192.168.1.1/24 192.168.2.1/30 192.168.3.1/24 192.168.2.2/30 192.168.4.1/30 192.168.5.1/24 192.168.4.2/30

CCNA R&S Bootcamp



FastEthernet0/1 – 24 FastEthernet0/1 – 24 FastEthernet0/1 – 24 FastEthernet0 FastEthernet0 FastEthernet0

192.168.1.254/24 192.168.3.254/24 192.168.5.254/24

R1#config t R1(config)#username R2 password cisco R1(config)#interface se0/0 R1(config-if)#encapsulation ppp R1(config-if)#ppp authentication chap R1(config-if)#exit R1(config)#exit R1#write Building configuration... [OK]

R1# R2#config t R2(config)#username R1 password cisco R2(config)#username R3 password cisco R2(config)#interface se0/0 R2(config-if)#encapsulation ppp R2(config-if)#ppp authentication chap R2(config-if)#exit R2(config)#exit R2#write Building configuration... [OK]

R2# R3#config t R3(config)#username R2 password cisco R3(config)#interface se0/0 R3(config-if)#encapsulation ppp R3(config-if)#ppp authentication chap R3(config-if)#exit R3(config)#exit R3#write Building configuration... [OK]

R3# Verifikasi pada R1, lakukan sendiri pada R2 dan R3:

R1#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route

65

CCNA R&S Bootcamp

Gateway of last resort is not set C C O R O O

192.168.1.0/24 is directly connected, FastEthernet0/0 192.168.2.0/30 is subnetted, 1 subnets 192.168.2.0 is directly connected, Serial0/0 192.168.3.0/24 [110/782] via 192.168.2.2, 00:07:28, Serial0/0 192.168.4.0/24 is variably subnetted, 2 subnets, 2 masks 192.168.4.0/24 [120/1] via 192.168.2.2, 00:00:06, Serial0/0 192.168.4.0/30 [110/1562] via 192.168.2.2, 00:06:34, Serial0/0 192.168.5.0/24 [110/1563] via 192.168.2.2, 00:06:23, Serial0/0

R1#show interface se0/0 Serial0/0 is up, line protocol is up (connected) Hardware is HD64570 Description: "terhubung ke R2 se-0/0" Internet address is 192.168.2.1/30 MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation PPP , loopback not set, keepalive set (10 sec) LCP Open Open: IPCP, CDPCP Last input never, output never, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0 (size/max/drops); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/0/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 96 kilobits/sec 5 minute input rate 30 bits/sec, 0 packets/sec 5 minute output rate 30 bits/sec, 0 packets/sec 26 packets input, 1820 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 22 packets output, 1404 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up

R1#

66

CCNA R&S Bootcamp

Konfigurasi dan Verifikasi Frame Relay Pastikan anda telah melakukan konfigurasi OSPF (Process-ID: 10, Area:0) untuk topologi dibawah ini (gunakan stepby-step pada Hands-on Lab Bab 7):


c2600-i-mz.122-28.bin

R2

c2600-i-mz.122-28.bin

R3

c2600-i-mz.122-28.bin


IOS Version


Interface FastEthernet0/0 FastEthernet0/1 Serial0/0 (DLCI: 102) FastEthernet0/0 FastEthernet0/1 Serial0/0 Serial0/1 FastEthernet0/0 FastEthernet0/1 Serial0/0 (DLCI: 201) FastEthernet0/1 – 24 FastEthernet0/1 – 24 FastEthernet0/1 – 24 FastEthernet0 FastEthernet0 FastEthernet0

FR-Switch#config t

67

IP Address 192.168.1.1/24 192.168.2.1/30 192.168.5.1/24 192.168.2.2/30 192.168.1.254/24 192.168.3.254/24 192.168.5.254/24

CCNA R&S Bootcamp

FR-Switch(config)#frame-relay switching FR-Switch(config)#interface serial 0/0 FR-Switch(config-if)#clock rate 64000 FR-Switch(config-if)#encapsulation frame-relay FR-Switch(config-if)#frame-relay intf-type dce FR-Switch(config-if)#frame-relay route 102 interface serial 0/1 201 FR-Switch(config-if)#no shutdown FR-Switch(config-if)#exit FR-Switch(config)#interface serial 0/1 FR-Switch(config-if)#clock rate 64000 FR-Switch(config-if)#encapsulation frame-relay FR-Switch(config-if)#frame-relay intf-type dce FR-Switch(config-if)#frame-relay route 201 interface serial 0/0 102 FR-Switch(config-if)#no shutdown FR-Switch(config-if)#exit FR-Switch(config)#exit FR-Switch#write Building configuration... [OK]

FR-Switch# R1#config t R1(config)#interface serial 0/0 R1(config-if)#encapsulation frame-relay R1(config-if)#no frame-relay inverse-arp R1(config-if)#frame-relay map ip 192.168.2.2 102 broadcast R1(config-if)#no shutdown R1(config-if)#exit R1(config)#exit R1#write Building configuration... [OK]

R1# R2#config t R2(config)#interface serial 0/0 R2(config-if)#encapsulation frame-relay R2(config-if)#no frame-relay inverse-arp R2(config-if)#frame-relay map ip 192.168.2.1 201 broadcast R2(config-if)#no shutdown R2(config-if)#exit R2(config)#exit R2#write Building configuration... [OK]

R2# R1#ping 192.168.2.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.2.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms

68

CCNA Bootcamp

Recommend Documents