Access List Pada Router CISCO

on
Setting Access-list
Dalam tutuorial kali ini akan dijelaskan mengenai setting access list pada cisco router menggunakan simulasi BOSON.
Dalam tutorial ini kita menggunakan satu router,switch,server dan tiga client untuk lebih jelasnya lihat gambar dibawah ini :





Disini kita akan membuat rule bahwa untuk client dengan nama pc1 dan pc2 dapat melakukan koneksi dengan server tetapi untuk client dengan nama pc3 dilarang untuk melakukan koneksi degan server. dengan adanya masalah diatas dapat disolusiakan dengan menggunakan access-list.
Berikut detail dari konfigurasi komputer client dan cisco router



Konfigurasi pc1
C>ipconfig /ip 10.1.1.1 255.255.255.0
C>ipconfig /dg 10.1.1.254
C>ipconfig
Ethernet adapter Local Area Connection:
IP Address. . . . . . . . . . . . : 10.1.1.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.1.1.254
Konfigurasi pc2
C>ipconfig /ip 10.1.1.2 255.255.255.0
C>ipconfig /dg 10.1.1.254
C>ipconfig
Ethernet adapter Local Area Connection:
IP Address. . . . . . . . . . . . : 10.1.1.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.1.1.254
Konfigurasi pc3
C>ipconfig /ip 10.1.1.3 255.255.255.0
C>ipconfig /dg 10.1.1.254
C>ipconfig
Ethernet adapter Local Area Connection:
IP Address. . . . . . . . . . . . : 10.1.1.3
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.1.1.254
Konfigurasi server
C>ipconfig /ip 10.1.2.1 255.255.255.0
C>ipconfig /dg 10.1.2.254
C>ipconfig
Ethernet adapter Local Area Connection:
IP Address. . . . . . . . . . . . : 10.1.2.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.1.2.254

Konfigurasi cisco router
Router>
Router>enable
Router#configure terminal
Router(config)#interface ethernet0
Router(config-if)#ip address 10.1.2.254 255.255.255.0
Router(config-if)#no shut
Router(config-if)#exit
Router(config)#interface ethernet1
Router(config-if)#ip address 10.1.1.254 255.255.255.0
Router(config-if)#no shut
Router(config-if)#^Z (Ctrl+z)
Router#ping 10.1.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
Router#ping 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
Router#configure terminal
Router(config)#ip route 10.1.1.0 255.255.255.0 10.1.2.254
Router(config)#interface ethernet1
Router(config-if)#ip access-group 1 in
Router(config-if)#exit
Router(config)#access-list 1 deny 10.1.1.3 0.0.0.0
Router(config)#access-list 1 permit 0.0.0.0 255.255.255.255

Hasil uji coba
dari pc1
Coba ping 10.1.2.1
Pinging 10.1.2.1 with 32 bytes of data:
Reply from 10.1.2.1: bytes=32 time=60ms TTL=241
Reply from 10.1.2.1: bytes=32 time=60ms TTL=241
Reply from 10.1.2.1: bytes=32 time=60ms TTL=241
Reply from 10.1.2.1: bytes=32 time=60ms TTL=241
Reply from 10.1.2.1: bytes=32 time=60ms TTL=241
Ping statistics for 10.1.2.1: Packets: Sent = 5, Received = 5, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 50ms, Maximum = 60ms, Average = 55ms

dari pc2
Coba ping 10.1.2.1
Pinging 10.1.2.1 with 32 bytes of data:
Reply from 10.1.2.1: bytes=32 time=60ms TTL=241
Reply from 10.1.2.1: bytes=32 time=60ms TTL=241
Reply from 10.1.2.1: bytes=32 time=60ms TTL=241
Reply from 10.1.2.1: bytes=32 time=60ms TTL=241
Reply from 10.1.2.1: bytes=32 time=60ms TTL=241
Ping statistics for 10.1.2.1: Packets: Sent = 5, Received = 5, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 50ms, Maximum = 60ms, Average = 55ms
dari pc3
Coba ping 10.1.2.1
Pinging 10.1.2.1 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 10.1.2.1:
Packets: Sent = 5, Received = 0, Lost = 5 (100% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

0 komentar:

Posting Komentar