Ujikom BPN 14-10-2022





1. pasang ip pada masing masing end device terlebih dahulu
2. setting switch mode access, mode trunk,port-security dan ether-channel sesuai perintah di topologi

SW-01:
SW-01>en
SW-01#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW-01(config)#vlan 100
SW-01(config-vlan)#name Rumah-Emak
SW-01(config-vlan)#int ra fa0/3-4
SW-01(config-if-range)#sw mode acc
SW-01(config-if-range)#sw acc vlan 100
SW-01(config-if-range)#int gig 0/1
SW-01(config-if)#sw mode tru

(setting port-security)

SW-01(config-if)#int f0/4
SW-01(config-if)#sw port-security

*lakukan ping dahulu dari DNS-SVR ke DHCP-SVR agar mac-addressnya tercatat oleh Switch

SW-01(config-if)#sw port-security mac-address sticky
SW-01(config-if)#switchport port-security maximum 1
SW-01(config-if)#switchport port-security violation shutdown 

SW-02:
SW-02>en
SW-02#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW-02(config)#vlan 200
SW-02(config-vlan)#name Wisma
SW-02(config-vlan)#vlan 300
SW-02(config-vlan)#name Plaza
SW-02(config-vlan)#in
SW-02(config-vlan)#int r fa0/5-6
SW-02(config-if-range)#sw mode acc
SW-02(config-if-range)#sw acc vl 200
SW-02(config-if-range)#int r f0/1-2,f0/24
SW-02(config-if-range)#sw mode tru

(setting Ether-Channel)

SW-02(config-if-range)#int r fa0/1-2
SW-02(config-if-range)#channel-protocol lacp
SW-02(config-if-range)#channel-group 1 mode active

SW-03:
SW-03>en
SW-03#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW-03(config)#vlan 300
SW-03(config-vlan)#name Plaza
SW-03(config-vlan)#int r fa0/1-2
SW-03(config-if-range)#sw mode trunk
SW-03(config-if-range)#int r fa0/3-4
SW-03(config-if-range)#sw mode acc
SW-03(config-if-range)#sw acc vlan 300

(setting Ether-Channel)

SW-03(config-if-range)#int r fa0/1-2
SW-03(config-if-range)#channel-protocol lacp
SW-03(config-if-range)#channel-group 1 mode active 

SW-04:
SW-04>en
SW-04#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW-04(config)#vlan 600
SW-04(config-vlan)#name Grha
SW-04(config-vlan)#int r fa0/3-4
SW-04(config-if-range)#sw mode acc
SW-04(config-if-range)#sw acc vl 600
SW-04(config-if-range)#int r fa0/1-2
SW-04(config-if-range)#sw mode tru

(setting Ether-Channel)

SW-04(config-if-range)#int r fa0/1-2
SW-04(config-if-range)#channel-protocol lacp 
SW-04(config-if-range)#channel-group 2 mode active

SW-05:
SW-05>en
SW-05#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW-05(config)#vlan 400
SW-05(config-vlan)#name Srikandi
SW-05(config-vlan)#vlan 500
SW-05(config-vlan)#name Lombok6
SW-05(config-vlan)#vlan 600
SW-05(config-vlan)#name Grha
SW-05(config-vlan)#int r f0/1-2,f0/23-24,gig0/1
SW-05(config-if-range)#sw mode tr
SW-05(config-if-range)#int r f0/3-4
SW-05(config-if-range)#sw mode acc
SW-05(config-if-range)#sw acc vl 500

(setting Ether-Channel)

SW-05(config-if-range)#int r f0/1-2
SW-05(config-if-range)#channel-protocol lacp
SW-05(config-if-range)#channel-group 2 mode active 
SW-05(config-if-range)#int r f0/23-24
SW-05(config-if-range)#channel-protocol pagp 
SW-05(config-if-range)#channel-group 3 mode desirable 

SW-06:
SW-06>en
SW-06#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW-06(config)#vlan 400
SW-06(config-vlan)#name Srikandi
SW-06(config-vlan)#int r fa0/3-4
SW-06(config-if-range)#sw mode acc
SW-06(config-if-range)#sw acc vl 400
SW-06(config-if-range)#int r fa0/23-24
SW-06(config-if-range)#sw mode tru

(setting ether-channel)

SW-06(config-if-range)#int r fa0/23-24
SW-06(config-if-range)#channel-protocol pagp 
SW-06(config-if-range)#channel-group 3 mode desirable 

3.matikan semua interface switch yang tidak terpakai

SW-01:
SW-01>en
SW-01#conf t
Enter configuration commands, one per line.  End with CNTL/Z.

Untuk melihat port mana saja yang aktif, lakukan perintah "do show interface status"

SW-01(config)#do sh int stat
Port      Name               Status       Vlan       Duplex  Speed Type
Fa0/1                        notconnect   1          auto    auto  10/100BaseTX
Fa0/2                        notconnect   1          auto    auto  10/100BaseTX
Fa0/3                        connected    100        auto    auto  10/100BaseTX
Fa0/4                        connected    100        auto    auto  10/100BaseTX
Fa0/5                        notconnect   1          auto    auto  10/100BaseTX
Fa0/6                        notconnect   1          auto    auto  10/100BaseTX
Fa0/7                        notconnect   1          auto    auto  10/100BaseTX
Fa0/8                        notconnect   1          auto    auto  10/100BaseTX
Fa0/9                        notconnect   1          auto    auto  10/100BaseTX
Fa0/10                       notconnect   1          auto    auto  10/100BaseTX
Fa0/11                       notconnect   1          auto    auto  10/100BaseTX
Fa0/12                       notconnect   1          auto    auto  10/100BaseTX
Fa0/13                       notconnect   1          auto    auto  10/100BaseTX
Fa0/14                       notconnect   1          auto    auto  10/100BaseTX
Fa0/15                       notconnect   1          auto    auto  10/100BaseTX
Fa0/16                       notconnect   1          auto    auto  10/100BaseTX
Fa0/17                       notconnect   1          auto    auto  10/100BaseTX
Fa0/18                       notconnect   1          auto    auto  10/100BaseTX
Fa0/19                       notconnect   1          auto    auto  10/100BaseTX
Fa0/20                       notconnect   1          auto    auto  10/100BaseTX
Fa0/21                       notconnect   1          auto    auto  10/100BaseTX
Fa0/22                       notconnect   1          auto    auto  10/100BaseTX
Fa0/23                       notconnect   1          auto    auto  10/100BaseTX
Fa0/24                       notconnect   1          auto    auto  10/100BaseTX
Gig0/1                       notconnect   trunk      auto    auto  10/100BaseTX
Gig0/2                       notconnect   1          auto    auto  10/100BaseTX
SW-01(config)#int range fa0/1-2,fa0/5-24,g0/2
SW-01(config-if-range)#sh

SW-02:
SW-01>en
SW-01#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW-01(config)#int range fa0/1-2,fa0/5-24,g0/2
SW-01(config-if-range)#sh

SW-03:

SW-03>en

SW-03#conf t

Enter configuration commands, one per line. End with CNTL/Z.

SW-03(config)#int ra fa0/5-24,gig0/1-2
SW-03(config-if-range)#sh

SW-04:

SW-04>en

SW-04#conf t

Enter configuration commands, one per line. End with CNTL/Z.

SW-04(config)#int r fa0/5-24, g0/1-2

SW-04(config-if-range)#sh


SW-05:

SW-05>en

SW-05#conf t

Enter configuration commands, one per line. End with CNTL/Z.

SW-05(config)#int r f0/5-22,g0/2

SW-05(config-if-range)#sh


SW-06:

SW-06>en

SW-06#conf t

Enter configuration commands, one per line. End with CNTL/Z.

SW-06(config)#int r fa0/1-2,f0/5-22,g0/1-2

SW-06(config-if-range)#sh


4.Pemberian IP Address pada masing-masing Router dan MLS


RT-01:

RT-01>en

RT-01#conf t

Enter configuration commands, one per line. End with CNTL/Z.

RT-01(config)#int ra g0/0/0-2

RT-01(config-if-range)#no sh

RT-01(config-if-range)#

%LINK-5-CHANGED: Interface GigabitEthernet0/0/0, changed state to up


%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0/0, changed state to up


%LINK-5-CHANGED: Interface GigabitEthernet0/0/1, changed state to up


%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0/1, changed state to up


%LINK-5-CHANGED: Interface GigabitEthernet0/0/2, changed state to up


%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0/2, changed state to up

RT-01(config-router)#int g0/0/0

RT-01(config-if)#ip add 200.100.10.1 255.255.255.248

RT-01(config)#int g0/0/1.20

RT-01(config-subif)#

%LINK-5-CHANGED: Interface GigabitEthernet0/0/1.20, changed state to up


%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0/1.20, changed state to up


RT-01(config-subif)#encapsulation dot1Q 200

RT-01(config-subif)#ip add 10.10.20.1 255.255.255.192

RT-01(config-subif)#int g0/0/1.30

RT-01(config-subif)#

%LINK-5-CHANGED: Interface GigabitEthernet0/0/1.30, changed state to up


%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0/1.30, changed state to up


RT-01(config-subif)#encapsulation dot1Q 300

RT-01(config-subif)#ip add 10.10.30.1 255.255.255.224

RT-01(config-subif)#int g0/0/2

RT-01(config-if)#ip add 200.100.20.1 255.255.255.248

RT-01(config-if)#int loopback 0


RT-01(config-if)#

%LINK-5-CHANGED: Interface Loopback0, changed state to up


%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up


RT-01(config-if)#ip add 1.1.1.1 255.255.255.255


Untuk melihat ip address sudah terpasang atau belum, lakukan perintah "do show ip interface brief"


RT-01(config-if)#do sh ip int br

Interface              IP-Address    OK?   Method    Status               Protocol

GigabitEthernet0/0/0   20.100.10.1   YES   unset     up                   up

GigabitEthernet0/0/1   unassigned    YES   unset     up                   up

GigabitEthernet0/0/1.2010.10.20.1    YES   manual    up                   up

GigabitEthernet0/0/1.3010.10.30.1    YES   manual    up                   up

GigabitEthernet0/0/2   200.100.20.1  YES   manual    up                   up

Loopback0              1.1.1.1       YES   manual    up                   up

Vlan1                  unassigned    Y     unset administratively down    down


RT-02:

RT-02>en

RT-02#conf t

Enter configuration commands, one per line. End with CNTL/Z.

RT-02(config)#int r g0/0/0-2

RT-02(config-if-range)#no sh

RT-02(config-if-range)#int g0/0/0

RT-02(config-if)#ip add 200.100.20.2 255.255.255.248

RT-02(config)#int g0/0/1.10

RT-02(config-subif)#encapsulation dot1Q 100

RT-02(config-subif)#ip add 10.10.10.1 255.255.255.128

RT-02(config-if)#int g0/0/2

RT-02(config-if)#ip add 200.100.30.1 255.255.255.252

RT-02(config-if)#int loopback 0

RT-02(config-if)#ip add 2.2.2.2 255.255.255.255


MLS:

MLS>en

MLS#conf t

Enter configuration commands, one per line. End with CNTL/Z.

MLS(config)#int r g1/0/1-2, g1/0/23

MLS(config-if-range)#no sh


disini port g1/0/1 dan g1/0/2 pada MLS masih menjadi Switch L2, kita harus matikan dulu mode switchnya dengan command "no switchport"


MLS(config-if-range)#int r g 1/0/1-2

MLS(config-if)#no switchport

MLS(config-if)#

%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/1, changed state to down


%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/1, changed state to up


%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/2, changed state to down


%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/2, changed state to up


nah, kalo sudah kita lanjut ke pemberian IP pada interface Gigabit tersebut


MLS(config-if-range)#int g 1/0/1

MLS(config-if)#ip address 200.100.30.2 255.255.255.252

MLS(config-if)#int g1/0/2

MLS(config-if)#ip address 200.100.10.2 255.255.255.248


lanjut kita pembuatan vlan 400,500 dan 600 pada MLS. jangan lupa juga untuk pemberian namanya harus sesuai/SAMA


MLS(config-if)#vlan 400

MLS(config-vlan)#name Srikandi

MLS(config-vlan)#vlan 500

MLS(config-vlan)#name Lombok6

MLS(config-vlan)#vlan 600

MLS(config-vlan)#name Grha


nah, kalo sudah kita lanjut ke pemberian IP pada interface Vlan tersebut, juga interface Loopback.


MLS(config-vlan)#int vlan 400

MLS(config-if)#ip add 192.168.40.1 255.255.255.224

MLS(config-if)#int vlan 500

MLS(config-if)#ip add 192.168.50.1 255.255.255.240

MLS(config-if)#int vlan 600

MLS(config-if)#ip add 192.168.60.1 255.255.255.248

MLS(config-if)#int loopback 0

MLS(config-if)#ip add 3.3.3.3 255.255.255.255


sekarang kita setting g1/0/23 ke mode trunk untuk membuka jalur vlan ke switch 4,5 dan 6


MLS(config-if)#int g1/0/23

MLS(config-if)#switchport mode trunk


lanjut, kita masukkan perintah "ip routing" bisa routing antar vlan


MLS(config)#ip routing


5. SETTING SHCP SERVER PADA DHCP-SVR



6. ROUTING OSPF

RT-1:

RT-01>en

RT-01#conf t

Enter configuration commands, one per line. End with CNTL/Z

RT-01(config)#router ospf 10

RT-01(config-router)#network 200.100.10.0 0.0.0.7 area 0

RT-01(config-router)#network 10.10.20.0 0.0.0.63 area 0

RT-01(config-router)#network 10.10.30.0 0.0.0.31 area 0

RT-01(config-router)#network 200.100.20.0 0.0.0.7 area 0

RT-01(config-router)#network 1.1.1.1 0.0.0.0 area 0


Untuk melihat OSPF Table, lakukan perintah "do show ip ospf database"


RT-01(config-if)#do sh ip ospf database

OSPF Router with ID (1.1.1.1) (Process ID 10)


Router Link States (Area 0)


Link ID        ADV Router  Age     Seq#         Checksum Link    count

2.2.2.2        2.2.2.2     393     0x80000006   0x00fa4d         4

1.1.1.1        1.1.1.1     4       0x80000007   0x008389         5

3.3.3.3        3.3.3.3     4       0x80000008   0x000e1e         6


Net Link States (Area 0)

Link ID        ADV Router  Age     Seq#         Checksum

200.100.20.2   2.2.2.2     462     0x80000001   0x00940c

200.100.30.1   2.2.2.2     393     0x80000002   0x00b260

200.100.10.2   3.3.3.3     4       0x80000001   0x0054b2



RT-2:

RT-02>en

RT-02#conf

Configuring from terminal, memory, or network [terminal]? t

Enter configuration commands, one per line. End with CNTL/Z.

RT-02(config)#ro

RT-02(config)#router os

RT-02(config)#router ospf 10

RT-02(config-router)#ne

RT-02(config-router)#net

RT-02(config-router)#network 200.100.20.0 0.0.0.7 area 0

RT-02(config-router)#network 10.10.10.0 0.0.0.127 area 0

RT-02(config-router)#network 200.100.30.0 0.0.0.3 area 0

RT-02(config-router)#network 2.2.2.2 0.0.0.0 area 0


MLS:

MLS>en

MLS#conf t

Enter configuration commands, one per line. End with CNTL/Z.

MLS(config)#router ospf 10

MLS(config-router)#network 200.100.30.0 0.0.0.3 area 0

MLS(config-router)#network 200.100.30.0 0.0.0.7 area 0

MLS(config-router)#network 200.100.10.0 0.0.0.7 area 0

MLS(config-router)#network 192.168.40.0 0.0.0.31 area 0

MLS(config-router)#network 192.168.50.0 0.0.0.15 area 0

MLS(config-router)#network 192.168.60.0 0.0.0.7 area 0

MLS(config-router)#network 3.3.3.3 0.0.0.0 area 0


Lakukan pengujian Ping terlebih dahulu dari MLS ke DHCP-SVR,jika berhasil maka lanjut ke Langkah selanjutnya


7. SETTING IP HELPER-ADDRESS DI MLS

MLS>en

MLS#conf t

Enter configuration commands, one per line. End with CNTL/Z.

MLS(config)#interface vlan 400

MLS(config-if)#ip helper-address 10.10.10.10

MLS(config-if)#interface vlan 500

MLS(config-if)#ip helper-address 10.10.10.10

MLS(config-if)#interface vlan 600

MLS(config-if)#ip helper-address 10.10.10.10


8. IP DHCP CLIENT

masuk ke semua PC yang terhubung pada VLAN 400,500 dan 600 lalu konfig ip nya menjadi DHCP



9.SPANNING TREE PORTFAST
SW-01:

SW-01>en

SW-01#conf t

Enter configuration commands, one per line. End with CNTL/Z.

SW-01(config)#int r fa 0/3-4

SW-01(config-if-range)#spanning-tree portfast

%Warning: portfast should only be enabled on ports connected to a single

host. Connecting hubs, concentrators, switches, bridges, etc... to this

interface when portfast is enabled, can cause temporary bridging loops.

Use with CAUTION


%Portfast has been configured on FastEthernet0/3 but will only

have effect when the interface is in a non-trunking mode.

%Warning: portfast should only be enabled on ports connected to a single

host. Connecting hubs, concentrators, switches, bridges, etc... to this

interface when portfast is enabled, can cause temporary bridging loops.

Use with CAUTION


%Portfast has been configured on FastEthernet0/4 but will only

have effect when the interface is in a non-trunking mode.


SW-02:

SW-02>en

SW-02#conf t

Enter configuration commands, one per line. End with CNTL/Z.

SW-02(config)#int r fa 0/5-6

SW-02(config-if-range)#spanning-tree portfast


SW-03:

SW-03>en

SW-03#conf t

Enter configuration commands, one per line. End with CNTL/Z.

SW-03(config)#int r f 0/3-4

SW-03(config-if-range)#spanning-tree portfast


SW-04:

SW-04>en

SW-04#conf t

Enter configuration commands, one per line. End with CNTL/Z.

SW-04(config)#int r f0/3-4

SW-04(config-if-range)#spanning-tree portfasT


SW-05:

SW-05>en

SW-05#conf t

Enter configuration commands, one per line. End with CNTL/Z.

SW-05(config)#int r f0/3-

SW-05(config-if-range)#spanning-tree portfast


SW-06:

SW-06>en

SW-06#conf t

Enter configuration commands, one per line. End with CNTL/Z.

SW-06(config)#int r f0/3-4

SW-06(config-if-range)#spanning-tree portfast


10. NAT INSIDE-OUTSIDE

RT-1:

RT-01>en

RT-01#conf t

Enter configuration commands, one per line. End with CNTL/Z.

RT-01(config)#ip nat inside source static 10.10.10.2 200.100.10.1

RT-01(config)#interface gigabitEthernet 0/0/1.20

RT-01(config-subif)#ip nat inside

RT-01(config-subif)#interface gigabitEthernet 0/0/0

RT-01(config-if)#ip nat outside

RT-01(config-if)#interface gigabitEthernet 0/0/2

RT-01(config-if)#ip nat outside

RT-01(config-if)#


11.SSH
RT-1:

RT-01(config)#username adminssh secret ssh123!

RT-01(config)#enable secret admin123

RT-01(config)#ip domain-name bestpath-network.com

RT-01(config)#crypto key generate rsa

The name for the keys will be: RT-01.bestpath-network.com

Choose the size of the key modulus in the range of 360 to 4096 for your

General Purpose Keys. Choosing a key modulus greater than 512 may take

a few minutes.


How many bits in the modulus [512]: 1024

% Generating 1024 bit RSA keys, keys will be non-exportable...[OK]


*Mar 1 0:44:56.334: %SSH-5-ENABLED: SSH 1.99 has been enabled


RT-01(config)#line vty 0 4

RT-01(config-line)#transport input ssh

RT-01(config-line)#login local



RT-2:

RT-02>en

RT-02#conf t

Enter configuration commands, one per line. End with CNTL/Z.

RT-02(config)#username adminssh secret ssh123!

RT-02(config)#enable secret admin123

RT-02(config)#ip domain-name bestpath-network.com

RT-02(config)#crypto key generate rsa

The name for the keys will be: RT-02.bestpath-network.com

Choose the size of the key modulus in the range of 360 to 4096 for your

General Purpose Keys. Choosing a key modulus greater than 512 may take

a few minutes.


How many bits in the modulus [512]: 1024

% Generating 1024 bit RSA keys, keys will be non-exportable...[OK]


*Mar 1 0:46:4.79: %SSH-5-ENABLED: SSH 1.99 has been enabled


RT-02(config)#line vty 0 4

RT-02(config-line)#transport input ssh

RT-02(config-line)#login local




Postingan populer dari blog ini

ROUTING STATIC Metode Floating

Gambar
 Pasang IP di PC-0 : 192.168.10.10/24                            PC-1  : 192.168.30.10/24 Pasang  HWIC-2T di masing-masing Router, pasang persis seperti ini: Router0: Router>en Router#conf t Enter configuration commands, one per line.  End with CNTL/Z. Router(config)#int f0/0 R-0(config)# hostname R-0 R-0(config-if)#ip add 192.168.10.1 255.255.255.0 R-0(config-if)#no sh R-0(config-if)#int se0/0/0 R-0(config-if)#ip add 192.168.20.1 255.255.255.252 R-0(config-if)#no sh R-0(config-if)#int se0/0/1 R-0(config-if)#ip add 192.168.20.5 255.255.255.252 R-0(config-if)#no sh Router1: Router>en Router#conf t Enter configuration commands, one per line.  End with CNTL/Z. Router(config)#hostname R-1 R-1(config)#int f0/0 R-1(config-if)#ip add 192.168.30.1 255.255.255.0 R-1(config-if)#no sh R-1(config-if)#int se0/0/0 R-1(config-if)#ip add 192.168.20.2 255.255.255.252 R-1(config-if)#no sh R-1(co...
Baca selengkapnya

KONFIGURASI VLAN + ROUTING STATIC DI H3C

Gambar
 Topologi: disini saya menggunakan Multi Layer Switch(MLS) H3C 29850 Series, saya akan menggunakan penyebutan MLS-1 untuk S9850-1,dan juga MLS-2/3 pada masing-masing perangkat. konfigurasi hostname dan point-to-point antar MLS pada masing-masing MLS MLS-1: <H3C>system-view System View: return to User View with Ctrl+Z. [H3C]hostname MLS-1 [MLS-1]interface HundredGigE 1/0/1 (interface ke arah MLS-2) [MLS-1-HundredGigE1/0/1]ip address 192.168.100.2 255.255.255.252 [MLS-1-HundredGigE1/0/1]no shutdown [MLS-1-HundredGigE1/0/1]quit MLS-2: <H3C>system-view System View: return to User View with Ctrl+Z. [H3C]hostname MLS-2 [MLS-2]interface HundredGigE 1/0/1  (interface ke arah MLS-1) [MLS-2-HundredGigE1/0/1]ip address 192.168.100.1 255.255.255.252 [MLS-2-HundredGigE1/0/1]no shutdown [MLS-2-HundredGigE1/0/1]quit [MLS-2]interface HundredGigE 1/0/2  (interface ke arah MLS-3) [MLS-2-HundredGigE1/0/2]ip address 192.168.200.1 255.255.255.252 [MLS-2-HundredGigE1/0/2]no shutdow...
Baca selengkapnya