Kamis, 04 Juli 2013

Access Control Lists untuk Menyaring Trafik




Konfigurasikan router-edmonton:
Router>en
Router#conf t
Router(config)#hostname Edmonton
Edmonton(config)#int fa0/0
Edmonton(config-if)#ip add 172.16.10.1 255.255.255.0
Edmonton(config-if)#no sh
Edmonton(config-if)#^Z
Edmonton#
Edmonton#conf t
Edmonton(config)#int fa1/0
Edmonton(config-if)#ip add 172.16.20.1 255.255.255.0
Edmonton(config-if)#no sh
Edmonton(config-if)#^Z
Edmonton#
Edmonton#conf t
Edmonton(config)#int se2/0
Edmonton(config-if)#ip add 172.16.30.1 255.255.255.252
Edmonton(config-if)#clock rate 64000
Edmonton(config-if)#no sh
Edmonton(config-if)#^Z
Edmonton#
Konfigurasikan router-RedDeer
Router>en
Router#conf t
Router(config)#hostname RedDeer
RedDeer(config)#int fa0/0
RedDeer(config-if)#ip add 172.16.40.1 255.255.255.0
RedDeer(config-if)#no sh
RedDeer(config-if)#^Z
RedDeer#
RedDeer#conf t
RedDeer(config)#int fa1/0
RedDeer(config-if)#ip add 172.16.50.1 255.255.255.0
RedDeer(config-if)#no sh
RedDeer(config-if)#^Z
RedDeern#
RedDeer#conf t
RedDeer(config)#int se2/0
RedDeer(config-if)#ip add 172.16.30.2 255.255.255.252
RedDeer(config-if)#no sh
RedDeer(config-if)#^Z
RedDeer#
RedDeer#conf t
RedDeer(config)#int se3/0
RedDeer(config-if)#ip add 172.16.60.2 255.255.255.252
RedDeer (config-if)# clock rate 64000
RedDeer (config-if)#no sh
RedDeer (config-if)#^Z
Konfigurasikan router-calgary
Router>en
Router#conf t
Router(config)#hostname Calgary
Calgary(config)#int fa0/0
Calgary(config-if)#ip add 172.16.70.1 255.255.255.0
Calgary(config-if)#no sh
Calgary(config-if)#^Z
Calgary#
Calgary#conf t
Calgary(config)#int fa1/0
Calgary(config-if)#ip add 172.16.80.1 255.255.255.0
Calgary(config-if)#no sh
Calgary(config-if)#^Z
Calgary#
Calgary#conf t
Calgary(config)#int se3/0
Calgary(config-if)#ip add 172.16.60.2 255.255.255.252
Calgary(config-if)#no sh
Calgary(config-if)#^Z
Calgary#
Hubungkan masing masing router agar bisa saling terkoneksi
*      Untuk router edmonton
Edmonton>en
Edmonton#sh ip route
                                                172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
C       172.16.10.0/24 is directly connected, FastEthernet0/0
C       172.16.20.0/24 is directly connected, FastEthernet1/0
C       172.16.30.0/30 is directly connected, Serial2/0
Edmonton#conf t
Edmonton(config)#router eigrp 90
Edmonton(config-router)# net 172.16.10.0 0.0.0.255
Edmonton(config-router)# net 172.16.20.0 0.0.0.255
Edmonton(config-router)# net 172.16.30.0 0.0.0.3
Edmonton(config-router)#^Z
*      Untuk router RedDeer
RedDeer>en
RedDeer#sh ip route
                                                172.16.0.0/16 is variably subnetted, 8 subnets, 2 masks
C       172.16.30.0/30 is directly connected, Serial2/0
C       172.16.40.0/24 is directly connected, FastEthernet0/0
C       172.16.50.0/24 is directly connected, FastEthernet1/0
C       172.16.60.0/30 is directly connected, Serial3/0Edmonton#conf t
RedDeer(config)#router eigrp 90
RedDeer(config-router)# net 172.16.30.0 0.0.0.3
RedDeer(config-router)# net 172.16.40.0 0.0.0.255
RedDeer(config-router)# net 172.16.50.0 0.0.0.255
RedDeer(config-router)# net 172.16.60.0 0.0.0.3
RedDeer(config-router)#^Z
RedDeer#
*      Untuk router calgary
Calgary#sh ip route
                                                172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
C       172.16.60.0/30 is directly connected, Serial3/0
C       172.16.70.0/24 is directly connected, FastEthernet0/0
C       172.16.80.0/24 is directly connected, FastEthernet1/0
Calgary#conf t
Calgary(config)# router eigrp 90
Calgary(config-router)# net 172.16.60.0 0.0.0.3
Calgary(config-router)# net 172.16.70.0 0.0.0.255
Calgary(config-router)# net 172.16.80.0 0.0.0.25
Calgary(config-router)#^Z
Calgary#

Setting IP Address
LAN 10.1

Ip Address          172.16.10.5
Subnet mask      255.255.255.0
Defaul gateway                172.16.10.1
LAN 50.1

Ip Address          172.16.50.7
Subnet mask      255.255.255.0
Defaul gateway                172.16.50.1
LAN 20.1

Ip Address          172.16.20.163
Subnet mask      255.255.255.0
Defaul gateway                172.16.20.1
LAN 70.1

Ip Address          172.16.70.5
Subnet mask      255.255.255.0
Defaul gateway                172.16.70.1
LAN 40.1

Ip Address          172.16.40.89
Subnet mask      255.255.255.0
Defaul gateway                172.16.40.1
LAN 70.1

Ip Address          172.16.70.2
Subnet mask      255.255.255.0
Defaul gateway                172.16.70.1
LAN 50.1

Ip Address          172.16.50.75
Subnet mask      255.255.255.0
Defaul gateway                172.16.50.1
LAN 80.1

Ip Address          172.16.80.16
Subnet mask      255.255.255.0
Defaul gateway                172.16.80.1

Terapkan ACL

*      ACL Standart
RedDeer#conf t
RedDeer(config)#access-list 10 deny 172.16.10.0 0.0.0.255
RedDeer(config)#access-list 10 permit any
RedDeer(config)#int fa0/0
RedDeer(config-if)#ip access-group 10 out
RedDeer(config-if)#
*      ACL Extended
Edmonton#conf t
Edmonton(config)#access-list 115 deny ip host 172.16.10.5 host 172.16.50.7
Edmonton(config)#access-list 115 permit ip any any
Edmonton(config)#int fa0/0
Edmonton(config-if)#ip access-group 115 in
Edmonton(config-if)#
*      ACL Standart
RedDeer#conf t
RedDeer(config)#access-list 20 permit host 172.16.10.5
RedDeer(config)#line vty 0 4
RedDeer(config-line)#access-class 20 in
RedDeer(config-line)#
Uji koneksi dengan ping
Ada masalah saat melakukan pengujian ping :

  •   Pada PC yang IP address nya 172.16.40.89, tidak bisa terkoneksi dengan ip 172.16.10.0. tetapi dengan PC lain bisa terkoneksi.
  •  Pada PC yang ip address nya 172.16.10.5, bisa terkoneksi dengan PC yang lain tetapi jika melakukan pengujian dengan ip 172.16.50.7 yang terjadi adalah (RTO) dan dengan ip 172.16.40.89 malah (Destination host unreachable).









Diposting oleh di Tidak ada komentar:

Minggu, 09 Juni 2013

VLSM






Guys, posting kali ini kita bakal belajar about VLSM, huft gua lupa apaan tuh singkatannya!! Kayae sih V-nya Virtual, mungkin.
Oke capcus aja dah…
Dari gambit diatas ni ye, kita analisis dulu….


Kebutuhan :

4 lan dan 3 wan

/24 = 1 blok  = 254 host        
/25 = 2 blok  = 126 host                  
/26 = 4 blok  = 62  host                  
/27 = 8 blok  = 30 host
/28 = 16 blok = 14 host          
/29 = 32 blok = 6 host
/30 = 64 blok = 2 host

Cara menghitung host

2n-2
Contoh: /29  : 11111000
                23-2=8-2  =6

Okeh, setelah kita analisis, langsung aja kita mulai langkah-langkahnya…

1.      Analisis host yang paling banyak
# disini host yang paling banyak di Jakarta ada 58 host
2.    Pilih /… yang jumlahhostnyamendekatidari host yang terbanyak
# kitapilih /26 karena di /26 terdiridari 62 host

Karena /26 terdiridari 4 blok , kitabuatalamatip address masing” blok
no
Network
host
broadcasat
1.
192.168.1.0/26
192.168.1.1 –
192.168.1.62
192.168.1.63
2.
192.168.1.64/26


+
/27
192.168.1.64
(pekalongan)
192.168.1.65–
192.168.1.94
192.168.1.95
++
/27
192.168.1.96


*
/28
192.168.1.96
(semarang)
192.168.97 –
192.168.110
192.168.1.111
**
/28
192.168.1.112
(Surabaya)
192.168.1.113 –
192.168.1.126
192.168.1.127
3
192.168.1.128/26



*
/30   192.168.1.128
        (WAN 1)
192.168.1.129 –
192.168.1.130
192.168.1.131

**
/30  192.168.1.132
        (WAN 2)
192.168.1.133 –
192.168.1.134
192.168.1.135

***
/30  192.168.1.136
            (WAN 3)
192.168.1.137 –
192.168.1.138
192.168.1.139

4
192.168.1.192/26




Nah gitu dah…. Tinggal kita masuk-masukin aja kekonfigurasinya…
Tapi yang gua bingung, tuh gambar diatas masa Router bisa dicolokin 4 kabel, padahal kan yang namanya router Cuma punya 2 colokan, tuh sebenarnya gua yang bego apa gua yang o’on sih???
Haerap dimaklumi ye…
Moga berhasil aja dah,

Diposting oleh di Tidak ada komentar:
Langganan: Postingan (Atom)