Tuesday, 27 October 2015

Konfigurasi Standart Access List pada Cisco Packet Tracer

   

Konfigurasi Standart Access List pada Cisco Packet Tracer 

Konfigurasi Standart Access List pada Cisco Packet Tracer

Lakukan konfigurasi supaya PC LAN dapat ping ke server.
- Konfigurasi interface dan routing pada Router0

Router(config)#int fa0/0
Router(config-if)#ip add 192.168.1.1 255.255.255.0
Router(config-if)#no sh
Router(config-if)#int se2/0
Router(config-if)#ip add 192.168.50.1 255.255.255.0
Router(config-if)#no sh
Router(config-if)#ip route 192.168.2.0 255.255.255.0 192.168.50.2

 - Konfigurasi interface dan routing pada Router1.

 Router(config)#int se2/0
Router(config-if)#ip add 192.168.50.2 255.255.255.0
Router(config-if)#no sh
Router(config-if)#int fa0/0
Router(config-if)#ip add 192.168.2.1 255.255.255.0
Router(config-if)#no sh
Router(config-if)#ip route 192.168.1.0 255.255.255.0 192.168.50.1

 - Berikan IP pada server terlebih dahulu.

Reza Saputra

 Coba cek web server melalui browser pada PC LAN.
Reza Saputra

 - Cek ping dari PC LAN ke web server.

 PC>ping 192.168.2.2

 Pinging 192.168.2.2 with 32 bytes of data:

 Reply from 192.168.2.2 : bytes=32 time=0ms TTL=126
Reply from 192.168.2.2 : bytes=32 time=0ms TTL=126
Reply from 192.168.2.2 : bytes=32 time=0ms TTL=126
Reply from 192.168.2.2 : bytes=32 time=0ms TTL=126

Ping statistics for 192.168.2.2 :
        Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
Approximate round trip times in milli-seconds:
        Minimum = 0ms, Maximum = 0ms, Average = 0ms

PC> 

- Sekarang konfigurasikan standard access list agar PC LAN tidak dapat mengakses web server. Set access list pada router dan interface yang paling dekat dengan destination.

Router(config)#access-list 10 deny 192.168.1.0 0.0.0.255
Router(config)#access-list 10 permit any
Router(config)#int fa0/0
Router(config-if)#ip access-group 1 out

 - Cek ping dan akses browser dari PC LAN ke web server.

PC>ping 192.168.2.2

 Pinging 192.168.2.2 with 32 bytes of data:

 Reply from 192.168.1.2 : Destination host unreacable
Reply from 192.168.1.2 : Destination host unreacable
Reply from 192.168.1.2 : Destination host unreacable
Reply from 192.168.1.2 : Destination host unreacable

Ping statistics for 192.168.2.2 :
        Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

PC> 

Reza Saputra

Cek access list pada Router1.
 
Router#show access-lists
Standard IP access list 10
deny 192.168.1.0 0.0.0.255 (64 match(es)) permit any (5 match(es))
Router#
 
Pada standard access list, semua service akan diblok, baik UDP untuk akses
browser atau ICMP untuk ping  

rezzo

About rezzo

© Copyright 2015 Reza Saputra BLC TELKOM. Designed by Rezza-Na. Powered by Reza Saputra.