Senin, 01 Juli 2013

Konfigurasi ACL pada Router




Konfigurasi pada Router 0 (Edmonton):
Router>en
Router#conf t
Router(config)#hostname Edmonton
Edmonton(config)#int fa0/0
Edmonton(config-if)#ip add 172.16.10.1 255.255.255.0
Edmonton(config-if)#no shut
Edmonton(config-if)#exit
Edmonton(config)#int fa1/0
Edmonton(config-if)#ip add 172.16.20.1 255.255.255.0
Edmonton(config-if)#no shut
Edmonton(config-if)#exit
Edmonton(config)#int ser2/0
Edmonton(config-if)#ip add 172.16.30.1 255.255.255.252
Edmonton(config-if)#clock rate 64000
Edmonton(config-if)#no shut
Edmonton(config-if)#exit
Edmonton(config)#router ospf 1
Edmonton(config-router)#network 172.16.10.0 0.0.0.255 area 0
Edmonton(config-router)#network 172.16.20.0 0.0.0.255 area 0
Edmonton(config-router)#network 172.16.30.0 0.0.0.3 area 0

Konfigurasi pada Router1( Red Deer) :
Router>en
Router#conf t
Router(config)#hostname RedDeer
RedDeer(config)#int fa0/0
RedDeer(config-if)#ip add 172.16.40.1 255.255.255.0
RedDeer(config-if)#no shut
RedDeer(config-if)#exit
RedDeer(config)#int fa1/0
RedDeer(config-if)#ip add 172.16.50.1 255.255.255.0
RedDeer(config-if)#no shut
RedDeer(config-if)#exit
RedDeer(config)#int ser2/0
RedDeer(config-if)#ip add 172.16.30.2 255.255.255.252
RedDeer(config-if)#no shut
RedDeer(config-if)#exit
RedDeer(config)#int ser3/0
RedDeer(config-if)#ip add 172.16.60.1 255.255.255.252
RedDeer(config-if)#clock rate 64000
RedDeer(config-if)#no shut
RedDeer(config-if)#exit
RedDeer(config)#router ospf 1
RedDeer(config-router)#network 172.16.30.0 0.0.0.3 area 0
RedDeer(config-router)#network 172.16.40.0 0.0.0.255 area 0
RedDeer(config-router)#network 172.16.50.0 0.0.0.255 area 0
RedDeer(config-router)#network 172.16.60.0 0.0.0.3 area 0

Konfigurasi pada Router2 ( Calgary):
Router>en
Router#conf t
Router(config)#hostname Calgary
Calgary(config)#int fa0/0
Calgary(config-if)#ip add 172.16.70.1 255.255.255.0
Calgary(config-if)#no shut
Calgary(config-if)#exit
Calgary(config)#int fa1/0
Calgary(config-if)#ip add 172.16.80.1 255.255.255.0
Calgary(config-if)#no shut
Calgary(config-if)#exit
Calgary(config)#int ser3/0
Calgary(config-if)#ip add 172.16.60.2 255.255.255.252
Calgary(config-if)#no shut
Calgary(config-if)#exit
Calgary(config)#router ospf 1
Calgary(config-router)#network 172.16.60.0 0.0.0.3 area 0
Calgary(config-router)#network 172.16.70.0 0.0.0.255 area 0
Calgary(config-router)#network 172.16.80.0 0.0.0.255 area 0
Setting pada PC dan Server :
PC dan Server
IP Address
Subnet Mask
Default Gateway
PC0
172.16.10.5
255.255.255.0
172.16.10.1
PC1
172.16.40.89
255.255.255.0
172.16.40.1
PC2
172.16.70.5
255.255.255.0
172.16.70.1
PC3
172.16.20.163
255.255.255.0
172.16.20.1
PC4
172.16.50.75
255.255.255.0
172.16.50.1
PC5
172.16.50.7
255.255.255.0
172.16.50.1
PC6
172.16.80.16
255.255.255.0
172.16.80.1
Server
172.16.70.2
255.255.255.0
172.16.70.1


Perintah ACL pada RedDeer:
RedDeer(config)#access-list 10 deny 172.16.10.0 0.0.0.255
RedDeer(config)#access-list 10 permit any
RedDeer(config)#int fa0/0
RedDeer(config-if)#ip access-group 10 out

Perintah ACL pada Edmonton:
Edmonton(config)#access-list 115 deny ip host 172.16.10.5 host 172.16.50.7
Edmonton(config)#access-list 115 permit ip any any
Edmonton(config)#int fa0/0
Edmonton(config-if)#ip access-group 115 in

Sehingga host 172.16.10.5 tidak akan dapat mengakses host  172.16.40.89 dan 172.16.50.7


Perintah telnet pada router RedDeer :
RedDeer(config)#access-list 20 permit host 172.16.10.5
RedDeer(config)#line vty 0 4
RedDeer(config-line)#access-class 20 in

Hanya host 172.16.10.5 yang dapat melakukan telnet ke router RedDeer.


Sedangkan hasil telnet host lain:


Diposting oleh di
Label:

1 komentar:

  1. Unknown21 Juli 2013 pukul 23.48

    *nyengir

    hai... xD

    Owh... baru tahu tentang perintah access list... Mungkin mirip sama proxy ya... tapi bener" full block kalo access list... ^ w ^

    Cuma mampir sebagai rekan~ adieu~ xD

    BalasHapus

Langganan: Posting Komentar (Atom)