Topologi
Pada lab ini kita akan mengkonfigurasi RIP, OSPF, EIGRP dan Redistribute. Access List untuk mengamankan Server, kemudian ASA WebVPN.
Pada bagian ini kita akan mengkonfigurasi Encapsulation PPP untuk koneksi point to point tiap Router, ada yang menggunakan CHAP dan PAP, Routing EIGRP untuk menghubungkan antar network, dan Access List untuk mengamankan Server.
Lanjut pada Client yang berikutnya.
Pada bagian ini kita akan mengkonfigurasi Routing protocol OSPF, dan DHCP Server untuk Client Wireless.
Pada bagian ini kita akan mengkonfigurasi Routing RIP dan ASA WebVPN.
Kemudian konfigurasi ASA WebVPN
Lalu konfigurasi User Manager.
Kemudian kita buka pada PC situs webvpn ASA nya.
Klik menu WebServer maka akan muncul konten yang ada di web server tersebut.
Konfigurasi Bagian 1
Router R1
Pertama IP Address dan PPP EncapsulationR1(config)#username cisco password cisco R1(config)#int s0/0/0 R1(config-if)#clock ra 4000000 R1(config-if)#encap ppp R1(config-if)#ppp auth pap R1(config-if)#ppp pap sent-use cisco pass cisco R1(config-if)#ip add 12.12.12.1 255.255.255.0 R1(config-if)#no sh R1(config-if)#ex R1(config)#int g0/0 R1(config-if)#ip add 10.10.10.1 255.255.255.0 R1(config-if)#no sh R1(config-if)#exKemudian konfigurasi Routing EIGRP.
R1(config)#router eigrp 1 R1(config-router)#no auto-sum R1(config-router)#net 10.10.10.0 0.0.0.255 R1(config-router)#net 12.12.12.0 0.0.0.255 R1(config-router)#exiLalu konfigurasi DHCP Server untuk PC Client.
R1(config)#ip dhcp pool net10 R1(dhcp-config)#net 10.10.10.0 255.255.255.0 R1(dhcp-config)#default-ro 10.10.10.1 R1(dhcp-config)#exi
Router R2
Pertama konfigurasi IP Address dan EncapsulationR2(config)#username cisco pass cisco R2(config)#user R3 password cisco R2(config)#int s0/0/0 R2(config-if)#encap ppp R2(config-if)#ppp auth pap R2(config-if)#ppp pap sent-use cisco pass cisco R2(config-if)#ip add 12.12.12.2 255.255.255.0 R2(config-if)#no sh R2(config-if)#ex R2(config)#int s0/0/1 R2(config-if)#clock ra 4000000 R2(config-if)#encap ppp R2(config-if)#ppp auth chap R2(config-if)#ip add 23.23.23.2 255.255.255.0 R2(config-if)#no sh R2(config-if)#exi R2(config)#int g0/0 R2(config-if)#ip add 20.20.20.1 255.255.255.0 R2(config-if)#no sh R2(config-if)#exKemudian knfigurasi Routing EIGRP.
R2(config)#router eigrp 1 R2(config-router)#no auto-sum R2(config-router)#net 23.23.23.0 0.0.0.255 R2(config-router)#net 20.20.20.0 0.0.0.255 R2(config-router)#net 12.12.12.0 0.0.0.255 R2(config-router)#exBuat access-list untuk membatasi akses PC Client pada Server.
R2(config)#access-list 100 permit icmp host 10.10.10.2 host 20.20.20.20 R2(config)#access-list 100 deny icmp host 10.10.10.3 host 20.20.20.20 R2(config)#access-list 100 permit tcp host 10.10.10.3 host 20.20.20.20 eq www R2(config)#access-list 100 deny tcp host 10.10.10.2 host 20.20.20.20 eq www R2(config)#access-list 100 permit ip any any R2(config)#int g0/0 R2(config-if)#ip access-gr 100 out R2(config-if)#exiKonfigurasi Static IP Address pada Server.
Router R3
Konfigurasi IP Address dan PPP Encapsulation.R3(config)#user R2 pass cisco R3(config)#int s0/0/0 R3(config-if)#encap ppp R3(config-if)#ppp auth chap R3(config-if)#ip add 23.23.23.3 255.255.255.0 R3(config-if)#no sh R3(config-if)#ex R3(config)#int s0/0/1 R3(config-if)#clock ra 4000000 R3(config-if)#ip add 34.34.34.3 255.255.255.0 R3(config-if)#no sh R3(config-if)#exi R3(config)#int g0/0 R3(config-if)#ip add 35.35.35.3 255.255.255.0 R3(config-if)#no sh R3(config-if)#exiKonfigurasi Routing EIGRP, OSPF, RIPv2
R3(config)#router ospf 1 R3(config-router)#net 34.34.34.0 0.0.0.255 ar 0 R3(config-router)#redistribute eigrp 1 subnets R3(config-router)#redistribute rip subnets R3(config-router)#exi R3(config)#router rip R3(config-router)#ver 2 R3(config-router)#no auto-sum R3(config-router)#net 35.35.35.0 R3(config-router)#redistribute eigrp 1 metric 10 R3(config-router)#redistribute ospf 1 metric 15 R3(config-router)#exi R3(config)#router eigrp 1 R3(config-router)#no auto-sum R3(config-router)#net 23.23.23.0 0.0.0.255 R3(config-router)#redistribute ospf 1 metric 1 1 1 1 1 R3(config-router)#redistribute rip metric 1 1 1 1 1 R3(config-router)#exiKemudian pada Client pertama kita coba konfigurasi IP DHCP kemudian testing akses ke Server.
Konfigurasi Bagian 2
Router R4
Pertama konfigurasi IP Address pada Inteface Router.R4(config)#int s0/0/0 R4(config-if)#ip add 34.34.34.4 255.255.255.0 R4(config-if)#no sh R4(config-if)#ex R4(config)#int g0/0 R4(config-if)#ip add 40.40.40.1 255.255.255.0 R4(config-if)#no sh R4(config-if)#exKonfigurasi Routing OSPF.
R4(config)#router ospf 1 R4(config-router)#net 40.40.40.0 0.0.0.255 ar 0 R4(config-router)#net 34.34.34.0 0.0.0.255 ar 0 R4(config-router)#exiKemudian konfigurasi DHCP Server.
R4(config)#ip dhcp pool net40 R4(dhcp-config)#net 40.40.40.0 255.255.255.0 R4(dhcp-config)#default-ro 40.40.40.1 R4(dhcp-config)#exiKita coba akses Server dari Client Wireless.
Konfiguasi Bagian 3
Router R5
Pertama konfigurasi IP AddressR5(config)#int g0/0 R5(config-if)#ip add 35.35.35.5 255.255.255.0 R5(config-if)#no sh R5(config-if)#exi R5(config)#int g0/1 R5(config-if)#ip add 50.50.50.1 255.255.255.0 R5(config-if)#no sh R5(config-if)#exiLalu konfigurasi RIPv2
R5(config)#router rip R5(config-router)#ver 2 R5(config-router)#no auto-sum R5(config-router)#net 35.35.35.0 R5(config-router)#net 50.50.50.0 R5(config-router)#exi
ASA WebVPN
Konfigurasi IP Address dan VLAN.ciscoasa(config)#int e0/1 ciscoasa(config-if)#sw acc vl 2 ciscoasa(config-if)#exi ciscoasa(config)#int e0/0 ciscoasa(config-if)#sw acc vl 1 ciscoasa(config-if)#exi ciscoasa(config)#int e0/2 ciscoasa(config-if)#sw acc vl 1 ciscoasa(config-if)#ex ciscoasa(config)#int vlan 1 ciscoasa(config-if)#no ip add ciscoasa(config-if)#ip add 50.50.50.2 255.255.255.0 ciscoasa(config-if)#no sh ciscoasa(config-if)#exi ciscoasa(config)#dhcpd address 50.50.50.10-50.50.50.30 in ciscoasa(config)#int vlan 2 ciscoasa(config-if)#ip add 192.168.2.1 255.255.255.0 ciscoasa(config-if)#no sh ciscoasa(config-if)#exi ciscoasa(config)#no dhcpd auto_config outside ciscoasa(config)#dhcp enable out ciscoasa(config)#dhcpd addr 192.168.2.2-192.168.2.20 outKemudian kita konfigurasi IP DHCP pada PC dan Server.
ciscoasa(config)#webvpn ciscoasa(config-webvpn)#en out ciscoasa(config-webvpn)#ex ciscoasa(config)#username vpn pass cisco ciscoasa(config)#group-pol political in ciscoasa(config)#group-pol political attr ciscoasa(config-group-policy)#webvpn ciscoasa(config-group-webvpn)#url-list val ASA ciscoasa(config-group-webvpn)#tunnel-gr ASA-GR type remote-acc ciscoasa(config)#tunnel-gr ASA-GR general-attr ciscoasa(config-tunnel-general)#default-group-pol political ciscoasa(config)#username vpn attr ciscoasa(config-username)#vpn-group-pol political ciscoasa(config-username)#exiKita tambahkan Server pada bookmark ASA WEBVPN.
Komentar
Posting Komentar