Wednesday, April 15, 2009

Lab Konfigurasi Access-List


Router Jakarta

# configure terminal

(config)# hostname Jakarta

Jakarta(config)# enable secret cisco

Jakarta(config)# interface fastethernet 0/0

Jakarta(config-if)# description Link to Local Area Network

Jakarta(config-if)# ip address 10.10.11.1 255.255.255.0

Jakarta(config-if)# ip address 10.10.12.1 255.255.255.0 secondary

Jakarta(config-if)# no shutdown

Jakarta(config-if)# exit

Jakarta(config)# interface serial 0/0

Jakarta(config-if)# description Link to Router Singapore

Jakarta(config-if)# ip address 172.31.11.1 255.255.255.252

Jakarta(config-if)# bandwidth 64

Jakarta(config-if)# clock rate 64000

Jakarta(config-if)# no shutdown

Jakarta(config-if)# exit

Jakarta(config)# interface serial 0/1

Jakarta(config-if)# description Link to Router Perth

Jakarta(config-if)# ip address 172.31.12.1 255.255.255.252

Jakarta(config-if)# bandwidth 64

Jakarta(config-if)# no shutdown

Jakarta(config-if)# exit

Jakarta(config)# interface serial 0/2

Jakarta(config-if)# description Link to Router Tokyo

Jakarta(config-if)# ip address 172.31.13.1 255.255.255.252

Jakarta(config-if)# bandwidth 64

Jakarta(config-if)# clock rate 64000

Jakarta(config-if)# no shutdown

Jakarta(config-if)# exit

Jakarta(config)# router ospf 100

Jakarta(config-router)# network 10.10.11.0 0.0.0.255 area 0

Jakarta(config-router)# network 10.10.12.0 0.0.0.255 area 0

Jakarta(config-router)# network 172.31.11.0 0.0.0.255 area 0

Jakarta(config-router)# network 172.31.12.0 0.0.0.255 area 0

Jakarta(config-router)# network 172.31.13.0 0.0.0.255 area 0

Jakarta(config)# banner motd #Welcome to Router Jakarta#

Jakarta(config)# line vty 0 4

Jakarta(config-line)# login

Jakarta(config-line)# password cisco

Jakarta(config-line)# Ctrl-Z

Jakarta#



Router Singapore

>enable

# configure terminal

(config)# hostname Singapore

Singapore(config)# enable secret cisco

Singapore(config)# interface ethernet 0

Singapore(config-if)# description Link to Local Area Network

Singapore(config-if)# ip address 10.10.21.1 255.255.255.0

Singapore(config-if)# ip address 10.10.22.1 255.255.255.0 secondary

Singapore(config-if)# no shutdown

Singapore(config-if)# exit

Singapore(config)# interface serial 0

Singapore(config-if)# description Link to Router Jakarta

Singapore(config-if)# ip address 172.31.11.2 255.255.255.252

Singapore(config-if)# bandwidth 64

Singapore(config-if)# no shutdown

Singapore(config-if)# exit

Singapore(config)# interface serial 1

Singapore(config-if)# description Link to Router Kuala Lumpur

Singapore(config-if)# ip address 172.31.14.1 255.255.255.252

Singapore(config-if)# bandwidth 64

Singapore(config-if)# clock rate 64000

Singapore(config-if)# no shutdown

Singapore(config-if)# exit

Singapore(config)# router ospf 100

Singapore(config-router)# network 10.10.21.0 0.0.0.255 area 1

Singapore(config-router)# network 10.10.22.0 0.0.0.255 area 1

Singapore(config-router)# network 172.31.11.0 0.0.0.255 area 0

Singapore(config-router)# network 172.31.14.0 0.0.0.255 area 2

Singapore(config)# banner motd #Welcome to Router Singapore#

Singapore(config)# line vty 0 4

Singapore(config-line)# login

Singapore(config-line)# password cisco

Singapore(config-line)# Ctrl-Z

Singapore#



Router Kuala Lumpur

>enable

# configure terminal

(config)# hostname KLumpur

KLumpur(config)# enable secret cisco

KLumpur(config)# interface ethernet 0

KLumpur(config-if)# description Link to Local Area Network

KLumpur(config-if)# ip address 10.10.31.1 255.255.255.0

KLumpur(config-if)# ip address 10.10.32.1 255.255.255.0 secondary

KLumpur(config-if)# no shutdown

KLumpur(config-if)# exit

KLumpur(config)# interface serial 0

KLumpur(config-if)# description Link to Router Singapore

KLumpur(config-if)# ip address 172.31.14.2 255.255.255.252

KLumpur(config-if)# bandwidth 64

KLumpur(config-if)# no shutdown

KLumpur(config-if)# exit

KLumpur(config)# router ospf 100

KLumpur(config-config)# network 10.10.31.0 0.0.0.255 area 2

KLumpur(config-config)# network 10.10.32.0 0.0.0.255 area 2

KLumpur(config-config)# network 172.31.14.0 0.0.0.255 area 2

KLumpur(config)# banner motd #Welcome to Router Kuala Lumpur#

KLumpur(config)# line vty 0 4


KLumpur(config-line)# login

KLumpur(config-line)# password cisco

KLumpur(config-line)# Ctrl-Z


Router Tokyo

# configure terminal

(config)# hostname Tokyo

Tokyo(config)# enable secret cisco

Tokyo(config)# interface ethernet 0

Tokyo(config-if)# description Link to Local Area Network

Tokyo(config-if)# ip address 10.10.61.1 255.255.255.0

Tokyo(config-if)# ip address 10.10.62.1 255.255.255.0 secondary

Tokyo(config-if)# no shutdown

Tokyo(config-if)# exit

Tokyo(config)# interface serial 0

Tokyo(config-if)# description Link to Router Jakarta

Tokyo(config-if)# ip address 172.31.13.2 255.255.255.252

Tokyo(config-if)# bandwidth 64

Tokyo(config-if)# no shutdown

Tokyo(config-if)# exit

Tokyo(config)# router ospf 100

Tokyo(config-config)# network 10.10.61.0 0.0.0.255 area 3

Tokyo(config-config)# network 10.10.62.0 0.0.0.255 area 3

Tokyo(config-config)# network 172.31.13.0 0.0.0.255 area 0

Tokyo(config)# banner motd #Welcome to Router Tokyo#

Tokyo(config)# line vty 0 4

Tokyo(config-line)# login

Tokyo(config-line)# password cisco

Tokyo(config-line)# Ctrl-Z

Tokyo#



Router Perth

# configure terminal

(config)# hostname Perth

Perth(config)# enable secret cisco

Perth(config)# interface ethernet 0

Perth(config-if)# description Link to Local Area Network

Perth(config-if)# ip address 10.10.41.1 255.255.255.0

Perth(config-if)# ip address 10.10.42.1 255.255.255.0 secondary

Perth(config-if)# no shutdown

Perth(config-if)# exit

Perth(config)# interface serial 0

Perth(config-if)# description Link to Router Jakarta

Perth(config-if)# ip address 172.31.12.2 255.255.255.252

Perth(config-if)# bandwidth 64

Perth(config-if)# clock rate 64000

Perth(config-if)# no shutdown

Perth(config-if)# exit

Perth(config)# interface serial 1

Perth(config-if)# description Link to Router Sydney

Perth(config-if)# ip address 172.31.15.1 255.255.255.252

Perth(config-if)# bandwidth 64

Perth(config-if)# clock rate 64000

Perth(config-if)# no shutdown

Perth(config-if)# exit

Perth(config)# router ospf 100

Perth(config-config)# network 10.10.41.0 0.0.0.255 area 4

Perth(config-config)# network 10.10.42.0 0.0.0.255 area 4

Perth(config-config)# network 172.31.12.0 0.0.0.255 area 0

Perth(config-config)# network 172.31.15.0 0.0.0.255 area 4

Perth(config)# banner motd #Welcome to Router Perth#

Perth(config)# line vty 0 4

Perth(config-line)# login

Perth(config-line)# password cisco

Perth(config-line)# Ctrl-Z

Perth#



Router Sydney

>enable

# configure terminal

(config)# hostname Sydney

Sydney(config)# enable secret cisco

Sydney(config)# interface ethernet 0

Sydney(config-if)# description Link to Local Area Network

Sydney(config-if)# ip address 10.10.51.1 255.255.255.0

Sydney(config-if)# ip address 10.10.52.1 255.255.255.0 secondary

Sydney(config-if)# no shutdown

Sydney(config-if)# exit

Sydney(config)# interface serial 0

Sydney(config-if)# description Link to Router Perth

Sydney(config-if)# ip address 172.31.15.2 255.255.255.252

Sydney(config-if)# bandwidth 64

Sydney(config-if)# no shutdown

Sydney(config-if)# exit

Sydney(config)# router ospf 100

Sydney(config-config)# network 10.10.51.0 0.0.0.255 area 4

Sydney(config-config)# network 10.10.52.0 0.0.0.255 area 4

Sydney(config-config)# network 172.31.15.0 0.0.0.255 area 4

Sydney(config)# banner motd #Selamat Datang di Router Sydney#

Sydney(config)# line vty 0 4

Sydney(config-line)# login

Sydney(config-line)# password cisco

Sydney(config-line)# Ctrl-Z

Sydney#



KLumpur#

Router Tokyo

# configure terminal

(config)# hostname Tokyo

Tokyo(config)# enable secret cisco

Tokyo(config)# interface ethernet 0

Tokyo(config-if)# description Link to Local Area Network

Tokyo(config-if)# ip address 10.10.61.1 255.255.255.0

Tokyo(config-if)# ip address 10.10.62.1 255.255.255.0 secondary

Tokyo(config-if)# no shutdown

Tokyo(config-if)# exit

Tokyo(config)# interface serial 0

Tokyo(config-if)# description Link to Router Jakarta

Tokyo(config-if)# ip address 172.31.13.2 255.255.255.252

Tokyo(config-if)# bandwidth 64



Tokyo(config-if)# no shutdown

Tokyo(config-if)# exit

Tokyo(config)# router ospf 100

Tokyo(config-config)# network 10.10.61.0 0.0.0.255 area 3

Tokyo(config-config)# network 10.10.62.0 0.0.0.255 area 3

Tokyo(config-config)# network 172.31.13.0 0.0.0.255 area 0

Tokyo(config)# banner motd #Welcome to Router Tokyo#

Tokyo(config)# line vty 0 4

Tokyo(config-line)# login

Tokyo(config-line)# password cisco

Tokyo(config-line)# Ctrl-Z

Tokyo#


Router Perth

# configure terminal

(config)# hostname Perth

Perth(config)# enable secret cisco

Perth(config)# interface ethernet 0

Perth(config-if)# description Link to Local Area Network

Perth(config-if)# ip address 10.10.41.1 255.255.255.0

Perth(config-if)# ip address 10.10.42.1 255.255.255.0 secondary

Perth(config-if)# no shutdown

Perth(config-if)# exit

Perth(config)# interface serial 0

Perth(config-if)# description Link to Router Jakarta

Perth(config-if)# ip address 172.31.12.2 255.255.255.252

Perth(config-if)# bandwidth 64

Perth(config-if)# clock rate 64000

Perth(config-if)# no shutdown

Perth(config-if)# exit

Perth(config)# interface serial 1

Perth(config-if)# description Link to Router Sydney

Perth(config-if)# ip address 172.31.15.1 255.255.255.252

Perth(config-if)# bandwidth 64

Perth(config-if)# clock rate 64000

Perth(config-if)# no shutdown

Perth(config-if)# exit

Perth(config)# router ospf 100

Perth(config-config)# network 10.10.41.0 0.0.0.255 area 4

Perth(config-config)# network 10.10.42.0 0.0.0.255 area 4

Perth(config-config)# network 172.31.12.0 0.0.0.255 area 0

Perth(config-config)# network 172.31.15.0 0.0.0.255 area 4

Perth(config)# banner motd #Welcome to Router Perth#

Perth(config)# line vty 0 4



Perth(config-line)# login

Perth(config-line)# password cisco

Perth(config-line)# Ctrl-Z

Perth#


Router Sydney

>enable

# configure terminal

(config)# hostname Sydney

Sydney(config)# enable secret cisco

Sydney(config)# interface ethernet 0

Sydney(config-if)# description Link to Local Area Network

Sydney(config-if)# ip address 10.10.51.1 255.255.255.0

Sydney(config-if)# ip address 10.10.52.1 255.255.255.0 secondary

Sydney(config-if)# no shutdown

Sydney(config-if)# exit

Sydney(config)# interface serial 0

Sydney(config-if)# description Link to Router Perth

Sydney(config-if)# ip address 172.31.15.2 255.255.255.252

Sydney(config-if)# bandwidth 64

Sydney(config-if)# no shutdown

Sydney(config-if)# exit

Sydney(config)# router ospf 100

Sydney(config-config)# network 10.10.51.0 0.0.0.255 area 4

Sydney(config-config)# network 10.10.52.0 0.0.0.255 area 4

Sydney(config-config)# network 172.31.15.0 0.0.0.255 area 4

Sydney(config)# banner motd #Selamat Datang di Router Sydney#

Sydney(config)# line vty 0 4

Sydney(config-line)# login

Sydney(config-line)# password cisco

Sydney(config-line)# Ctrl-Z

Sydney#


Router# show ip route

Router# show ip ospf

Router# show ip ospf neighbors

Router# show ip protocols

Router# show interface serial 1

Router# show interface serial 0/0

Router# show interface serial 0/1

Router# show interface serial 0/2

Router# show interface fastethernet 0/0

Router# show interface ethernet 0

Router# debug ip ospf

Access-list Configuration [Line vty Connection]

Jakarta# configure terminal

Jakarta(config)# access-list 12 permit 192.168.102.0 0.0.0.255

Jakarta# configure terminal

Jakarta(config)# line vty 0 4

Jakarta(config-line)# access-class 12 in

Router# show access-lists

Router# show interface ethetnet 0

Access-list Configuration [Ping]

Jakarta# configure terminal

Jakarta(config)# access-list 111 permit icmp [ip source] [ip destination] echo

Jakarta(config)# access-list 111 permit icmp [ip source] [ip destination] echo-reply

Jakarta(config)# interface ethernet 0

Jakarta(config-if)# ip access-group 111 out

Access-list Configuration [Web Browsing]

Jakarta# configure terminal

Jakarta(config)# access-list 100 permit tcp [ip source] [ip destination] eq 80

Jakarta(config)# access-list 100 permit tcp [ip source] [ip destination] eq 80

Jakarta# configure terminal

Jakarta(config)# interface fastethernet 0/0

Jakarta(config-if)# ip access-group 100 out

Jakarta# configure terminal

Jakarta(config)# access-list 199 deny tcp [ip source] [ip destination] eq 80

Jakarta(config)# access-list 199 deny tcp [ip source] [ip destination] eq 80

Jakarta(config)# access-list 199 permit ip any any

Jakarta# configure terminal

Jakarta(config)# interface fastethernet 0/0

Jakarta(config)# ip access-group 199 out


Jejen at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)