Vous êtes sur la page 1sur 345

Agenda Training

Daftar Isi

Materi 1. Subnetting
1.1 Soal Subnetting Pretest

1.2 Soal Subnetting Latihan Lanjutan

1.3 Soal Subnetting PR

Materi 2. Pengenalan Dasar


2.1 Tujuh OSI Layer

2.2 Pengenalan Tipe Network

2.3 Pengenalan Router/Switch Cisco

Pengecekan Hardware

Router#show version
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-J1S3-M), Version 12.2(15)T7,
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2003 by cisco Systems, Inc.
Compiled Sat 09-Aug-03 07:18 by ccai
Image text-base: 0x80008098, data-base: 0x8195144C

RELEASE SOFTWARE (fc2)

ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)


Router uptime is 10 hours, 58 minutes
System returned to ROM by power-on
System image file is "flash:c2600-j1s3-mz.122-15.T7.bin"
cisco 2610 (MPC860) processor (revision 0x202) with 59392K/6144K bytes of memory.
Processor board ID JAD03337409 (4221326695)
M860 processor: part number 0, mask 49
Bridging software.
X.25 software, Version 3.0.0.
TN3270 Emulation software.
1 Ethernet/IEEE 802.3 interface(s)
2 Serial network interface(s)
32K bytes of non-volatile configuration memory.
16384K bytes of processor board System flash (Read/Write)
Configuration register is 0x2142 (will be 0x2102 at next reload)

Pengecekan Software atau IOS


Router#show version
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-J1S3-M), Version 12.2(15)T7,
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2003 by cisco Systems, Inc.
Compiled Sat 09-Aug-03 07:18 by ccai
Image text-base: 0x80008098, data-base: 0x8195144C

RELEASE SOFTWARE (fc2)

ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)


Router uptime is 10 hours, 58 minutes
System returned to ROM by power-on
System image file is "flash:c2600-j1s3-mz.122-15.T7.bin"
cisco 2610 (MPC860) processor (revision 0x202) with 59392K/6144K bytes of memory.
Processor board ID JAD03337409 (4221326695)
M860 processor: part number 0, mask 49
Bridging software.
X.25 software, Version 3.0.0.
TN3270 Emulation software.
1 Ethernet/IEEE 802.3 interface(s)
2 Serial network interface(s)
32K bytes of non-volatile configuration memory.
16384K bytes of processor board System flash (Read/Write)
Configuration register is 0x2142 (will be 0x2102 at next reload)

2.4 Konfigurasi Dasar Router & Switch


router>
router> ?
router> enable
router#
router# ?
router# disable
router>
router> enable
router#conf t
router(config)# ?

router#
router#
router#
router#
router#

show ?
sh version
sh flash
sh start
sh run

Router#sh run
Building configuration...
Current configuration : 852 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
>>> Hostname dari router
!
boot-start-marker
boot-end-marker
!
no aaa new-model
memory-size iomem 5
no ip icmp rate-limit unreachable
ip cef
!
no ip domain lookup
!
multilink bundle-name authenticated

!
archive
log config
hidekeys
!
!
ip tcp synwait-time 5
!
interface FastEthernet0/0 >>>> nama interface
no ip address
>>> IP address
shutdown
>>>>> Status port
duplex auto
speed auto
!
interface FastEthernet0/1 >>>> nama interface
no ip address
>>> IP address
shutdown
>>>>> Status port
duplex auto
speed auto
!
no ip http server
no ip http secure-server
!
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end

router# sh ip int brief


Interface
FastEthernet0/0
FastEthernet0/1

IP-Address
unassigned
unassigned

OK? Method Status


Protocol
YES NVRAM administratively down down
YES NVRAM administratively down down

router# conf t
router(config)# hostname SEMARANG
SEMARANG(config)#

SEMARANG# conf t
SEMARANG(config)# enable password rahasia
SEMARANG(config)# enable secret cisco

SEMARANG#show run
------------------------------------------------!
enable secret 5 $1$BpGg$rELq32AxPK6Z6AD4cdQyt/
enable password rahasia
!
--------------------------------------------------

SEMARANG#disable
SEMARANG>enable
Password:
Password:
SEMARANG #

>> ketikkan rahasia


>> ketikkan cisco , maka baru berhasil login

router(config)# service password-encryption


SEMARANG#show run
------------------------------------------------!
enable secret 5 $1$BpGg$rELq32AxPK6Z6AD4cdQyt/
enable password 7 111B180D1601020D
!
--------------------------------------------------

Router(config)#banner motd z
(TEKAN ENTER)
Enter the text followed by the 'z' to finish
SELAMAT DATANG DI ROUTERKU z
(TEKAN ENTER)
router(config)#(tekan ctrl+z)
router# exit

SELAMAT DATANG DI ROUTERKU

router# copy run start


atau
router# wr

SEMARANG#write erase
Erasing the nvram filesystem will remove all configuration files! Continue? [confirm]
>> (TEKAN ENTER)
semarang# delete flash:vlan.dat
SEMARANG#reload
Proceed with reload? [confirm] >> (TEKAN ENTER)

Materi 3. Lab Switch

Materi 3.1 VLAN

Belajar Membuat VLAN Pada Switch

Switch#configure terminal
Switch(config)#vlan 10
Switch(config-vlan)#name Marketing
Switch(config)#vlan 20
Switch(config-vlan)#name Sales
Switch(config)#int f0/1
Switch(config-if)#switchport
Switch(config-if)#switchport
Switch(config)#int f0/2
Switch(config-if)#switchport
Switch(config-if)#switchport
Switch(config)#int f0/3
Switch(config-if)#switchport
Switch(config-if)#switchport
Switch(config)#int f0/4
Switch(config-if)#switchport
Switch(config-if)#switchport

mode access
access vlan 10
mode access
access vlan 10
mode access
access vlan 20
mode access
access vlan 20

Switch#sh vlan
VLAN Name
Status
Ports
---- -------------------------------- --------- ------------------------------1
default
active
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11,Fa0/12
Fa0/13, Fa0/14, Fa0/15,Fa0/16
Fa0/17, Fa0/18, Fa0/19,Fa0/20
Fa0/21, Fa0/22, Fa0/23,Fa0/24
10
Marketing
active
Fa0/1, Fa0/2
20
Sales
active
Fa0/3, Fa0/4
1002 fddi-default
act/unsup
1003 token-ring-default
act/unsup
1004 fddinet-default
act/unsup
1005 trnet-default
act/unsup

Switch#show mac-address-table
Mac Address Table
------------------------------------------Vlan
---10
10
20
20

Mac Address
-----------

Type
--------

Ports
-----

0030.a3d3.8c27
0090.2b28.0093
0001.4350.7080
0060.3e41.3a8d

DYNAMIC
DYNAMIC
DYNAMIC
DYNAMIC

Fa0/1
Fa0/2
Fa0/4
Fa0/3

Belajar Menghubungkan Antar Switch

Sw1(config)#int fa0/10
Sw1(config-if)#switchport mode trunk

Sw2(config)#int fa0/10
Sw2(config-if)#switchport mode trunk

SW1#sh int trunk


Port
Mode
Fa0/10
on

Encapsulation
802.1q

Status
trunking

Native vlan
1

Port
Fa0/10

Vlans allowed on trunk


1-1005

Port
Fa0/10

Vlans allowed and active in management domain


1,10,20

Port
Fa0/10

Vlans in spanning tree forwarding state and not pruned


1,10,20

SW2#sh int trunk


Port
Mode
Fa0/10
on

Encapsulation
802.1q

Status
trunking

Native vlan
1

Port
Fa0/10

Vlans allowed on trunk


1-1005

Port
Fa0/10

Vlans allowed and active in management domain


1,10,20

Port
Fa0/10

Vlans in spanning tree forwarding state and not pruned


1,10,20,400,402

Belajar Menghubungkan Router ke Switch

SW1#conf t
SW1(config)#vlan 10
SW1(config)#vlan 20
SW2#conf t
SW2(config)#vlan 10
SW2(config)#vlan 20
SW1(config)#int f0/1

SW1(config-if)#switchport access vlan 10


SW1(config)#int f0/2
SW1(config-if)#switchport access vlan 20
SW2(config)#int f0/1
SW2(config-if)#switchport access vlan 10
SW2(config)#int f0/2
SW2(config-if)#switchport access vlan 20

SW1(config)#int f0/11
SW1(config-if)#switchport mode trunk
SW1(config)#int f0/12
SW1(config-if)#switchport mode trunk

router# sh ip int brief


Interface
FastEthernet0/0
FastEthernet0/1

IP-Address
unassigned
unassigned

OK? Method Status


Protocol
YES NVRAM administratively down down
YES NVRAM administratively down down

ROUTER(config)#int Fa0/0
ROUTER(config-if)#no shut
ROUTER(config)#int Fa0/0.10
>> SUB INTERFACE
ROUTER(config-subif)#encapsulation dot1q 10
ROUTER(config-subif)#ip addr 10.10.10.1 255.255.255.0
ROUTER(config)#int Fa0/0.20
ROUTER(config-subif)#encapsulation dot1q 20
ROUTER(config-subif)#ip addr 20.20.20.1 255.255.255.0

Router#sh ip int br
Interface
FastEthernet0/0
FastEthernet0/0.10
FastEthernet0/0.20

IP-Address
unassigned
10.10.10.2
20.20.20.1

OK?
YES
YES
YES

Method
unset
manual
manual

Status
up
up
up

Protocol
up
up
up

Router#show arp
Protocol Address
Internet 10.10.10.2
Internet 10.10.10.3
Internet 10.10.10.4
Internet 20.20.20.2
Internet 20.20.20.3
Internet 20.20.20.4

Age (min)
2
1
0
0
0
2

Hardware Addr
0090.2B28.0093
0030.A3D3.8C27
00D0.D39D.5A73
0001.4350.7080
0060.3E41.3A8D
000A.4134.4E8A

SW2#show mac-address-table
Mac Address Table
------------------------------------------Vlan
Mac Address
Type
--------------------1
0001.64b3.b601
DYNAMIC
1
00d0.d3e0.db0a
DYNAMIC
10
0001.64b3.b601
DYNAMIC
10
0030.a3d3.8c27
DYNAMIC
10
0090.2b28.0093
DYNAMIC
10
00d0.d39d.5a73
DYNAMIC
20
0001.4350.7080
DYNAMIC
20
0001.64b3.b601
DYNAMIC
20
000a.4134.4e8a
DYNAMIC
20
0060.3e41.3a8d
DYNAMIC

SW1(config)#vlan 30
SW1(config-vlan)#name MANAGEMENT
SW1(config-vlan)#int vlan 30
SW1(config-if)#ip address 30.30.30.1
255.255.255.0
SW1(config-if)#no shutdown
SW1(config-if)#ip default-gateway 30.30.30.30
SW1(config)#line vty 0 4
SW1(config-line)#password cisco
SW1(config-line)#login
SW1(config-line)#enable secret cisco
SW2(config)#vlan 30
SW2(config-vlan)#name MANAGEMENT

Type
ARPA
ARPA
ARPA
ARPA
ARPA
ARPA

Interface
FastEthernet0/0.10
FastEthernet0/0.10
FastEthernet0/0.10
FastEthernet0/0.20
FastEthernet0/0.20
FastEthernet0/0.20

Ports
----Fa0/2
Fa0/10
Fa0/2
Fa0/10
Fa0/10
Fa0/1
Fa0/10
Fa0/2
Fa0/3
Fa0/10

SW2(config-vlan)#int vlan 30
SW2(config-if)#ip address 30.30.30.2
255.255.255.0
SW2(config-if)#no shutdown
SW2(config-if)#ip default-gateway 30.30.30.30
SW2(config)#line vty 0 4
SW2(config-line)#password cisco
SW2(config-line)#login
SW2(config-line)#enable secret cisco
Tambahkan konfigurasi di sisi Router.
ROUTER(config)#int Fa0/0.30
ROUTER(config-if)#encapsulation dot1q 30
ROUTER(config-if)#ip addr 30.30.30.30 255.255.255.0

Belajar Menghubungkan Router ke Switch

switch(config)#vlan 10
switch(config)#vlan 20

switch(config)#int fa0/1
Switch(config-if)#switchport
switch(config-if)#switchport
switch(config)#int fa0/2
Switch(config-if)#switchport
switch(config-if)#switchport
switch(config)#int fa0/3
Switch(config-if)#switchport
switch(config-if)#switchport
switch(config)#int fa0/4
Switch(config-if)#switchport

mode access
access vlan 10
mode access
access vlan 10
mode access
access vlan 20
mode access

switch(config-if)#switchport access vlan 20

switch(config)#int vlan 10
switch(config-if)#ip address 10.10.10.1 255.255.255.0
switch(config)#int vlan 20
switch(config-if)#ip address 20.20.20.1 255.255.255.0

switch(config)#ip routing

Switch#show ip int br
Interface
IP-Address
FastEthernet0/1
unassigned
FastEthernet0/2
unassigned
FastEthernet0/3
unassigned
FastEthernet0/4
unassigned
FastEthernet0/5
unassigned
FastEthernet0/6
unassigned
FastEthernet0/7
unassigned
FastEthernet0/8
unassigned
FastEthernet0/9
unassigned
FastEthernet0/10
unassigned
FastEthernet0/11
unassigned
FastEthernet0/12
unassigned
GigabitEthernet0/1
unassigned
GigabitEthernet0/2
unassigned
Vlan1
unassigned
Vlan10
10.10.10.1
Vlan20
20.20.20.1
Switch#

OK? Method Status


Protocol
YES unset up
up
YES unset up
up
YES unset up
up
YES unset up
up
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset down
down
YES unset administratively down down
YES manual up
up
YES manual up
up

Switch#show mac-address-table
Mac Address Table
------------------------------------------Vlan
---10
10
20
20

Mac Address
----------0060.5c4c.4bb9
0060.7082.1b9d
0002.1762.2eb3
000c.cf4b.3ae9

Switch#show arp
Protocol Address

Type
-------DYNAMIC
DYNAMIC
DYNAMIC
DYNAMIC

Age (min)

Ports
----Fa0/1
Fa0/2
Fa0/4
Fa0/3

Hardware Addr

Type

Interface

Internet
Internet
Internet
Internet
Internet
Internet

10.10.10.1
10.10.10.2
10.10.10.3
20.20.20.1
20.20.20.2
20.20.20.3

9
0
0
9

00D0.BCA2.C9E6
0060.5C4C.4BB9
0060.7082.1B9D
00D0.BCA2.C9E6
000C.CF4B.3AE9
0002.1762.2EB3

ARPA
ARPA
ARPA
ARPA
ARPA
ARPA

Vlan10
Vlan10
Vlan10
Vlan20
Vlan20
Vlan20

Belajar mengkonfigurasikan Switch sebagai DHCP

switch(config)# ip dhcp pool VLAN10


switch(dhcp-config)# network 10.10.10.0 255.255.255.0
switch(dhcp-config)# dns-server 200.200.200.200
switch(dhcp-config)# default-router 10.10.10.1
switch(config)# ip dhcp pool VLAN20
switch(dhcp-config)# network 20.20.20.0 255.255.255.0
switch(dhcp-config)# dns-server 200.200.200.200
switch(dhcp-config)# default-router 20.20.20.1

switch(config)# ip dhcp excluded-address 10.10.10.1


switch(config)# ip dhcp excluded-address 20.20.20.1

10.10.10.10
20.20.20.20

Switch#show ip dhcp binding


IP address
Client-ID/
10.10.10.11
0060.5C4C.4BB9
10.10.10.12
0060.7082.1B9D
20.20.20.21
000C.CF4B.3AE9
20.20.20.22
0002.1762.2EB3

Lease expiration
-----

switch(config)# ip dhcp pool PC_MANAGER


switch(dhcp-config)# host 20.20.20.100
switch(dhcp-config)# default-router 20.20.20.1
switch(dhcp-config)# client-id 0102.c7f8.0004.22
switch(dhcp-config)# client-name Komputer_IDN

Type
Automatic
Automatic
Automatic
Automatic

Spanning Tree Portfast


Blocking ----------> Listening ----------> Learning ----------> Forwarding
(Max Age;optional)
(Forward Delay)
(Forward Delay)
20 S
15 S
15 S
SW1(config)# interface range fastethernet0/1 - 4
SW1 (config-if)# spanning-tree portfast
SW2(config)# interface range fastethernet0/1 - 4
SW2 (config-if)# spanning-tree portfast

Belajar Mengamankan Port Interface Pada Switch

interface FastEthernet0/1
switchport mode access
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation shutdown
!
interface FastEthernet0/2
switchport mode access
switchport port-security
switchport port-security mac-address sticky

switchport port-security violation Restrict

Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action


(Count)
(Count)
(Count)
-------------------------------------------------------------------Fa0/1
1
1
4
Restrict
Fa0/2
1
1
1
Shutdown
----------------------------------------------------------------------

Spanning Tree Protocol

o
o

o
o

o
MAC : A.A.A
Priorit y : 3276 8
ROOT BRIDGE

D
Speed 100Mbps
Cost = 19

Speed 100Mbps
Cost = 19

R
D

MAC : C.C.C
Priorit y : 3276 8

MAC : B.B.B
Priorit y : 3276 8

Speed 100Mbps
Cost = 19

NON-ROOT BRIDGE

NON-ROOT BRIDGE

Blocking Port

SW0#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID
Priority
32769
Address
0001.C926.B750
Cost
19
Port
1(FastEthernet0/1)
Hello Time 2 sec Max Age 20 sec
Bridge ID

Interface
---------------Fa0/1
Fa0/2

Priority
Address
Hello Time
Aging Time

Forward Delay 15 sec

32769 (priority 32768 sys-id-ext 1)


0060.4713.D9D6
2 sec Max Age 20 sec Forward Delay 15 sec
20

Role
Sts
Cost
Prio.Nbr Type
---- --- --------- -------- -------------------------------Root
FWD
19
128.1
P2p
Altn
BLK
19
128.2
P2p

SW1#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID
Priority
32769
Address
0001.C926.B750

This bridge is the root


Hello Time 2 sec Max Age 20 sec
Bridge ID

Interface
---------------Fa0/1
Fa0/2

Forward Delay 15 sec

Priority
32769 (priority 32768 sys-id-ext 1)
Address
0001.C926.B750
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
Role
Sts
Cost
Prio.Nbr Type
---- --- --------- -------- ------------------------------Desg
FWD
19
128.1
P2p
Desg
FWD
19
128.2
P2p

SW2(config)# spanning-tree vlan 1 priority 0

SW0#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID
Priority
1
Address
0060.4713.D9D6
This bridge is the root
Hello Time 2 sec Max Age 20 sec
Bridge ID

Priority
Address
Hello Time
Aging Time

Interface
---------------Fa0/1
Fa0/2

1 (priority 0 sys-id-ext 1)
0060.4713.D9D6
2 sec Max Age 20 sec Forward Delay 15 sec
20

Role
Sts
Cost
Prio.Nbr Type
---- --- --------- -------- ------------------------------Desg
FWD
19
128.1
P2p
Desg
FWD
19
128.2
P2p

SW1#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID
Priority
1
Address
0060.4713.D9D6
Cost
19
Port
1(FastEthernet0/1)
Hello Time 2 sec Max Age 20 sec
Bridge ID

Priority
Address
Hello Time
Aging Time

Interface
---------------Fa0/1
Fa0/2

Forward Delay 15 sec

32769 (priority 32768 sys-id-ext 1)


0001.C926.B750
2 sec Max Age 20 sec Forward Delay 15 sec
20

Role
Sts
Cost
Prio.Nbr Type
---- --- --------- -------- -------------------------------Root
FWD
19
128.1
P2p
Altn
BLK
19
128.2
P2p

SW2(config)#int f0/1
SW2(config-if)#speed 10
SW2(config-if)#do show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID
Priority
1
Address
0060.4713.D9D6
Cost
19
Port
2(FastEthernet0/2)
Hello Time 2 sec Max Age 20 sec
Bridge ID

Forward Delay 15 sec

Forward Delay 15 sec

Priority
32769 (priority 32768 sys-id-ext 1)
Address
0001.C926.B750
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20

Interface
---------------Fa0/1
Fa0/2
SW2(config-if)#

Role
Sts
Cost
Prio.Nbr Type
---- --- --------- -------- ------------------------------Altn
BLK
100
128.1
P2p
Root
FWD
19
128.2
P2p

Etherchannel

SW.KIRI(config)#int range fa0/1 - 3


SW.KIRI(config-if-range)#channel-group 1 mode active
SW.KIRI(config-if-range)#int port-channel 1
SW.KIRI(config-if)#switchport mode trunk
SW.KANAN(config)#int range fa0/1 - 3
SW.KANAN(config-if-range)#channel-group 1 mode active
SW.KANAN(config-if-range)#int port-channel 1
SW.KANAN(config-if)#switchport mode trunk

SW1#show etherchannel summary


Flags: D - down
P - in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3
S - Layer2
U - in use
f - failed to allocate aggregator
u - unsuitable for bundling
w - waiting to be aggregated

d - default port
Number of channel-groups in use: 1
Number of aggregators:
1
Group Port-channel
Protocol
Ports
------+-------------+-----------+---------------------------------------------1
Po1(SU)
LACP
Fa0/1(P) Fa0/2(P) Fa0/3(P)
SW1#show interface port-channel 1
Port-channel1 is up, line protocol is up (connected)
Hardware is EtherChannel, address is 0011.218e.9d81 (bia 0011.218e.9d81)
MTU 1500 bytes, BW 300000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Full-duplex, 100Mb/s
input flow-control is off, output flow-control is off
Members in this channel: Fa0/1 Fa0/2 Fa0/3

SW.KIRI(config)#int range fa0/1 - 3


SW.KIRI(config-if-range)#channel-group 1 mode desirable
SW.KIRI(config-if-range)#int port-channel 1
SW.KIRI(config-if)#switchport mode trunk
SW.KANAN(config)#int range fa0/1 - 3
SW.KANAN(config-if-range)#channel-group 1 mode desirable
SW.KANAN(config-if-range)#int port-channel 1
SW.KANAN(config-if)#switchport mode trunk
SW.KIRI(config)#int range fa0/1 - 3
SW.KIRI(config-if-range)#channel-group 1 mode on
SW.KIRI(config-if-range)#no switchport
SW.KIRI(config)#int port-channel 1
SW.KIRI(config-if)#no switchport
SW.KIRI(config-if)#ip addr 10.10.10.1 255.255.255.0
SW.KANAN(config)#int range fa0/1 - 3
SW.KANAN(config-if-range)#channel-group 1 mode on
SW.KANAN(config-if-range)#no switchport
SW.KANAN(config-if-range)#int port-channel 1
SW.KANAN(config-if)#no switchport
SW.KANAN(config-if)#ip address 10.10.10.2
255.255.255.0

VTP (VLAN Trunking Protocol)

SW1-4(config)# interface range fastethernet0/1


SW1-4(config-if)# switchport mode trunk

- 2

SW1(config)# interface vlan 1


SW1(config-if)# ip address 10.10.10.1 255.255.255.0
SW1(config-if)#no shutdown
SW2(config)# interface vlan 1
SW2(config-if)# ip address 10.10.10.2 255.255.255.0
SW2(config-if)#no shutdown
SW3(config)# interface vlan 1
SW3(config-if)# ip address 10.10.10.3 255.255.255.0
SW3(config-if)#no shutdown

SW4(config)# interface vlan 1


SW4(config-if)# ip address 10.10.10.4 255.255.255.0
SW4(config-if)#no shutdown
SW1(config)#
SW1(config)#
SW1(config)#

vtp mode server


vtp domain belajar
vtp password rahasia

SW2(config)#
SW2(config)#
SW2(config)#

vtp mode transparent


vtp domain belajar
vtp password rahasia

SW3(config)#
SW3(config)#
SW3(config)#

vtp mode client


vtp domain belajar
vtp password rahasia

SW4(config)#
SW4(config)#
SW4(config)#

vtp mode server


vtp domain belajar
vtp password rahasia

SW1(config)#
SW1(config)#

vlan 10
vlan 20

SW2(config)#
SW2(config)#

vlan 30
vlan 40

SW3(config)#
SW3(config)#

vlan 50
vlan 60

SW4(config)#
SW4(config)#

vlan 70
vlan 80

8c. Pengetesan & Verifikasi

Sw1#show vtp status


VTP Version capable
: 1 to 3
VTP version running
: 2
VTP Domain Name
: belajar
VTP Pruning Mode
: Disabled
VTP Traps Generation
: Disabled
Device ID
: aabb.cc00.0600
Configuration last modified by 1.1.1.1 at 0-0-00 00:00:00
Feature VLAN:
-------------VTP Operating Mode
Maximum VLANs supported locally
Number of existing VLANs
Configuration Revision

:
:
:
:

Transparent
1005
35
<<<<< jumlah vlan nya
0

PR/Tugas Hari-1

Materi 4. Lab Router

router#sh ip int brief


Interface
FastEthernet0/0
FastEthernet0/1

IP-Address
unassigned
unassigned

OK? Method Status


Protocol
YES NVRAM administratively down down
YES NVRAM administratively down down

router(config)# int fa0/0


router(config-if)# description ### LINK KE INTERNAL ###
router(config-if)# ip addr 10.10.10.1 255.255.255.0
router(config-if)# no shutdown

router#sh ip int brief


Interface
FastEthernet0/0
FastEthernet0/1

IP-Address
10.10.10.1
unassigned

router#sh run
------------------------------------------!
interface FastEthernet0/0
ip address 12.12.12.1 255.255.255.0
description ### LINK KE INTERNAL ###
-------------------------------------------

OK? Method Status


Protocol
YES NVRAM administratively down down
YES NVRAM administratively down down

Materi 4.1 Static Route


router(config)# ip route A.B.C.D (destination network/host) A.B.C.D (subnet mask)
A.B.C.D (Next Hop/IP Tetangga )

router(config)# ip route A.B.C.D (destination network/host) A.B.C.D (subnet mask) S 0/0


(Next Hop/IP Tetangga)

Router#conf t
Router(config)#line vty 0 4
Router(config-line)#login local
Router(config)#enable secret cisco
Router(config)#username cisco password cisco
Router(config)#hostname JAKARTA
JAKARTA(config)#int s0
JAKARTA(config-if)#ip addr 10.10.10.2 255.255.255.252
JAKARTA(config-if)#no shutdown
JAKARTA(config-if)#exit
JAKARTA(config)#ip route 192.168.0.0 255.255.255.252 10.10.10.1

Router#conf term
Router(config)#line vty 0 4

Router(config-line)#login local
Router(config)#enable secret cisco
Router(config)#username cisco password cisco
Router(config)#hostname SEMARANG
SEMARANG(config)#int s0
SEMARANG(config-if)#ip addr 10.10.10.1 255.255.255.252
SEMARANG(config-if)#no shut
SEMARANG(config-if)#exit
SEMARANG(config)#int eo
SEMARANG(config-if)#ip addr 192.168.0.1 255.255.255.252
SEMARANG(config-if)#no shut
SEMARANG(config-if)#exit

Router#conf t
Router(config)#line vty 0 4
Router(config-line)#login local
Router(config)#enable secret cisco
Router(config)#username cisco password cisco
Router(config)#hostname SURABAYA
SURABAYA(config)#int s0
SURABAYA(config-if)#ip addr 192.168.0.2 255.255.255.252
SURABAYA(config-if)#no shut
SURABAYA(config-if)#exit
SURABAYA(config)#ip route 10.10.10.0 255.255.255.252 192.168.0.1

Jakarta#sh ip route
10.0.0.0/30 is subnetted, 1 subnets
C
10.10.10.0 is directly connected, Serial0/0/0
192.168.0.0/30 is subnetted, 1 subnets
S
192.168.0.0 [1/0] via 10.10.10.1

Semarang#sh ip route
10.0.0.0/30 is subnetted, 1 subnets
C
10.10.10.0 is directly connected, Serial0/0/0
192.168.0.0/30 is subnetted, 1 subnets
C
192.168.0.0 is directly connected, FastEthernet0/0

Surabaya#sh ip route
10.0.0.0/30 is subnetted, 1 subnets
S
10.10.10.0 [1/0] via 192.168.0.1
192.168.0.0/30 is subnetted, 1 subnets
C
192.168.0.0 is directly connected, FastEthernet0/0

Dynamic Routing

Materi 4.2 Dynamic Routing - EIGRP

JAKARTA(config)#int loopback0
JAKARTA(config-if)#ip add 1.1.1.1 255.255.255.255
JAKARTA(config)#router eigrp 10
JAKARTA(config-router)#network 10.10.10.0
JAKARTA(config-router)#network 1.1.1.1
JAKARTA(config-router)#no auto-summary
SEMARANG(config)#int loopback0
SEMARANG(config-if)#ip add 2.2.2.2 255.255.255.255
SEMARANG(config)#router eigrp 10
SEMARANG(config-router)#network 10.10.10.0
SEMARANG(config-router)#network 192.168.0.0
SEMARANG(config-router)#network 2.2.2.2
SEMARANG(config-router)#no auto-summary
SURABAYA(config)#int loopback0
SURABAYA(config-if)#ip add 3.3.3.3 255.255.255.255
SURABAYA(config)#router eigrp 10
SURABAYA(config-router)#network 192.168.0.0
SURABAYA(config-router)#network 3.3.3.3
SURABAYA(config-router)#no auto-summary

Jakarta#sh ip route
C
D
D
C
D

1.0.0.0/32 is subnetted, 1 subnets


1.1.1.1 is directly connected, Loopback0
2.0.0.0/32 is subnetted, 1 subnets
2.2.2.2 [90/2297856] via 10.10.10.1, 00:02:03, Serial0/0/0
3.0.0.0/32 is subnetted, 1 subnets
3.3.3.3 [90/2300416] via 10.10.10.1, 00:01:16, Serial0/0/0
10.0.0.0/30 is subnetted, 1 subnets
10.10.10.0 is directly connected, Serial0/0/0
192.168.0.0/30 is subnetted, 1 subnets
192.168.0.0 [90/2172416] via 10.10.10.1, 00:02:03, Serial0/0/0

Jakarta#ping 2.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 31/31/32 ms
Jakarta#ping 3.3.3.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 34/53/63 ms
Jakarta#sh cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone

Device ID
Semarang

Local Intrfce
Ser 0/0/0

Holdtme
162

Jakarta#sh ip eigrp neighbors


IP-EIGRP neighbors for process 10
H
Address
Interface
0

10.10.10.1

Se0/0/0

Capability
R

Hold Uptime
(sec)
13
00:03:58

Platform
C2800

SRTT
(ms)
40

Port ID
Ser 0/0/0

RTO

Q
Cnt
1000 0

Jakarta#sh ip eigrp traffic


IP-EIGRP Traffic Statistics for process 10
Hellos sent/received: 138/58
Updates sent/received: 8/7
Queries sent/received: 0/2
Replies sent/received: 2/0
Acks sent/received: 8/10
Input queue high water mark 1, 0 drops
SIA-Queries sent/received: 0/0
SIA-Replies sent/received: 0/0
Jakarta#sh ip eigrp topology
IP-EIGRP Topology Table for AS 10
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - Reply status
P 10.10.10.0/30, 1 successors, FD is 2169856
via Connected, Serial0/0/0
P 1.1.1.1/32, 1 successors, FD is 128256
via Connected, Loopback0
P 192.168.0.0/30, 1 successors, FD is 2172416
via 10.10.10.1 (2172416/28160), Serial0/0/0
P 2.2.2.2/32, 1 successors, FD is 2297856
via 10.10.10.1 (2297856/128256), Serial0/0/0
P 3.3.3.3/32, 1 successors, FD is 2300416
via 10.10.10.1 (2300416/156160), Serial0/0/0

Seq
Num
17

Materi 4.3 Dynamic Routing - OSPF

A
rea 0

Area 10

JAKARTA(config)#router ospf 10
JAKARTA(config-router)#network 10.10.10.0
0.0.0.3 area 0
JAKARTA(config-router)#network 1.1.1.1
0.0.0.0 area 0

SEMARANG(config)#router ospf 10
SEMARANG(config-router)#network 10.10.10.0
0.0.0.3 area 0
SEMARANG(config-router)#network 192.168.0.0 0.0.0.3 area 10
SEMARANG(config-router)#network 2.2.2.2 0.0.0.0 area 10

SURABAYA(config)#router ospf 10
SURABAYA(config-router)#network 192.168.0.0
0.0.0.3 area 10
SURABAYA(config-router)#network 3.3.3.3 0.0.0.0 area 10

Semarang#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
O
1.1.1.1 [110/65] via 10.10.10.2, 00:08:02, Serial0/0/0
2.0.0.0/32 is subnetted, 1 subnets
C
2.2.2.2 is directly connected, Loopback0
3.0.0.0/32 is subnetted, 1 subnets
O
3.3.3.3 [110/2] via 192.168.0.2, 00:06:47, FastEthernet0/0
10.0.0.0/30 is subnetted, 1 subnets
C
10.10.10.0 is directly connected, Serial0/0/0
192.168.0.0/30 is subnetted, 1 subnets
C
192.168.0.0 is directly connected, FastEthernet0/0

Semarang#sh ip ospf neighbor

Neighbor ID
Pri
State
Dead Time
Address
Interface
1.1.1.1
0
FULL/ 00:00:38
10.10.10.2
Serial0/0/0
3.3.3.3
1
FULL/DR
00:00:30
192.168.0.2
FastEthernet0/0
Jakarta#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
C
1.1.1.1 is directly connected, Loopback0
2.0.0.0/32 is subnetted, 1 subnets
O IA
2.2.2.2 [110/65] via 10.10.10.1, 00:04:22, Serial0/0/0
3.0.0.0/32 is subnetted, 1 subnets
O IA
3.3.3.3 [110/66] via 10.10.10.1, 00:03:17, Serial0/0/0
10.0.0.0/30 is subnetted, 1 subnets
C
10.10.10.0 is directly connected, Serial0/0/0
192.168.0.0/30 is subnetted, 1 subnets
O IA
192.168.0.0 [110/65] via 10.10.10.1, 00:04:32, Serial0/0/0
Jakarta#sh ip ospf database
OSPF Router with ID (1.1.1.1) (Process ID 10)
Router Link States (Area 0)
Link ID
1.1.1.1
2.2.2.2

ADV Router
1.1.1.1
2.2.2.2

Age
1288
1286

Seq#
Checksum Link count
0x80000006 0x00feff 3
0x80000007 0x00feff 2

Link ID
192.168.0.0
2.2.2.2
3.3.3.3

Summary Net Link States (Area 0)


ADV Router
Age
Seq#
2.2.2.2
1282
0x80000004
2.2.2.2
1272
0x80000005
2.2.2.2
1203
0x80000006

Checksum
0x00fa02
0x00fa02
0x00fa02

Jakarta#ping 2.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 31/31/32 ms
Jakarta#ping 3.3.3.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 62/62/63 ms

Materi 4.4 Standard Access Lists

R2(config)#access-list 1 deny 10.10.10.0 0.0.0.255


R2(config)#access-list 1 permit any

R2(config)#int fa0/0
R2(config-if)#ip access-group 1 out

PC>ping 20.20.20.2

R2#show access-lists
Standard IP access list 1
deny 10.10.10.0 0.0.0.255 (4 match(es))
permit any

R1#ping
Protocol [ip]:
Target IP address: 20.20.20.2
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 1.1.1.1
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.20.20.2, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/6/10 ms

R2#sh ip access-lists
Standard IP access list 1
deny 10.10.10.0 0.0.0.255 (4 match(es))
permit any (5 match(es))

R1#ping
Protocol [ip]:
Target IP address: 20.20.20.2
Repeat count [5]: 11
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 10.10.10.1
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 11, 100-byte ICMP Echos to 20.20.20.2, timeout is 2 seconds:
Packet sent with a source address of 10.10.10.1
UUUUUUUUUUU
Success rate is 0 percent (0/11)

R2#sh access-lists
Standard IP access list 1
deny 10.10.10.0 0.0.0.255 (15 match(es))
permit any (5 match(es))

Konfigurasi ACL
R2(config)#access-list 2 deny 10.10.10.2 0.0.0.0
R2(config)#access-list 2 permit any
R2(config)#int fa0/0
R2(config-if)#ip access-group 2 out

PC>ping 20.20.20.2

R2#sh access-lists
Standard IP access list 1
deny 10.10.10.0 0.0.0.255 (15 match(es))
permit any (5 match(es))
Standard IP access list 2
deny host 10.10.10.2 (4 match(es))
permit any

PC>ipconfig
IP Address......................: 10.10.10.3
Subnet Mask.....................: 255.255.255.0
Default Gateway.................: 10.10.10.1
PC>ping 20.20.20.2

R2#sh access-lists
Standard IP access list 1
deny 10.10.10.0 0.0.0.255 (15 match(es))
permit any (5 match(es))
Standard IP access list 2
deny host 10.10.10.2 (4 match(es))
permit any (4 match(es))

Materi 4.5 Extended Access Lists

R2(config)#no access-list 1
R2(config)#no access-list 2

R1(config)#access-list 100 deny tcp 10.10.10.0 0.0.0.255 host 20.20.20.2 eq www


R1(config)#access-list 100 permit ip any any
R1(config)#int fa0/0

R1(config-if)#ip access-group 100 in

PC>ping 20.20.20.2

R1#sh access-lists
Extended IP access list 100
deny tcp 10.10.10.0 0.0.0.255 host 20.20.20.2 eq www (12 match(es))
permit ip any any (4 match(es))

Materi 4.6 Static NAT

R1(config)#no access-list 100

R1(config)#no router ospf 10


R2(config)#no router ospf 10

R1(config)#ip route 0.0.0.0

0.0.0.0 12.12.12.2

R1(config)#ip nat inside source static


R1(config)#int fa0/0
R1(config-if)#ip nat inside
R1(config)#int Fa0/1
R1(config-if)#ip nat outside

10.10.10.2

12.12.12.12

SERVER>ping 12.12.12.12
Reply from 12.12.12.12: bytes=32 time=6ms TTL=126

SERVER>ping 10.10.10.2
Reply from 20.20.20.1: Destination host unreachable.
Ping statistics for 10.10.10.2:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
R1#sh ip nat statistics
Total translations: 1 (1 static, 0 dynamic, 0 extended)
Outside Interfaces: Serial2/0
Inside Interfaces: FastEthernet0/0
Hits: 4 Misses: 8
Expired translations: 4
Dynamic mappings:
R1#sh ip nat translations
Pro Inside global
Inside local
--12.12.12.12
10.10.10.2

Outside local
---

Outside global
---

R1#sh ip route
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
C
C
C
S*

1.0.0.0/32 is subnetted, 1 subnets


1.1.1.1 is directly connected, Loopback0
10.0.0.0/24 is subnetted, 1 subnets
10.10.10.0 is directly connected, FastEthernet0/0
12.0.0.0/24 is subnetted, 1 subnets
12.12.12.0 is directly connected, Serial2/0
0.0.0.0/0 is directly connected, Serial2/0

Materi 4.7 Dynamic NAT with Overload

R1(config)#ip nat inside source list 1 interface F0/1 overload


R1(config)#access-list 1 permit 10.10.10.0 0.0.0.255

R1# debug ip nat


PC>ping 20.20.20.2

Reply from 20.20.20.2: bytes=32 time=15ms TTL=126

NAT: s=10.10.10.3->12.12.12.1, d=20.20.20.2 [217]


NAT*: s=20.20.20.2, d=12.12.12.1->10.10.10.3 [42]
NAT: s=10.10.10.3->12.12.12.1, d=20.20.20.2 [218]
NAT*: s=20.20.20.2, d=12.12.12.1->10.10.10.3 [43]
R1#show ip nat translations
Pro Inside global
Inside local
Outside local
icmp 12.12.12.1:88
10.10.10.3:88
20.20.20.2:88
icmp 12.12.12.1:89
10.10.10.3:89
20.20.20.2:89
icmp 12.12.12.1:90
10.10.10.3:90
20.20.20.2:90
icmp 12.12.12.1:91
10.10.10.3:91
20.20.20.2:91

Outside global
20.20.20.2:88
20.20.20.2:89
20.20.20.2:90
20.20.20.2:91

Materi 4.8 HDLC

R1#conf t
R1(config)#int s2/0
R1(config-if)#no sh
sh int s2/0
Serial0/0 is up, line protocol is up
Hardware is GT96K Serial
Internet address is 12.12.12.1/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
R1#conf t
R1(config)#int s2/0
R1(config-if)#no sh
R2#sh int s0/0
Serial0/0 is up, line protocol is up
Hardware is GT96K Serial
Internet address is 12.12.12.2/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set

Materi 4.9 PPP (Point-to-Point Protocol)

router(config)#hostname R1
R1(config)#username R2 password idn
R1(config)#int s2/0
R1(config-if)#encapsulation ppp
R1(config-if)# ppp authentication chap
router(config)#hostname R2
R2(config)#username R1 password idn
R2(config)#int s2/0
R2(config-if)#encapsulation ppp
R2(config-if)# ppp authentication chap

R2#sh ip int br

R1# debug ppp authentication


PPP authentication debugging is on
*Mar 1 00:05:08.639: Se0/0 PPP: Authorization required
*Mar 1 00:05:08.651: Se0/0 CHAP: O CHALLENGE id 13 len 23 from "R1"
*Mar 1 00:05:08.655: Se0/0 CHAP: I CHALLENGE id 9 len 23 from "R2"
*Mar 1 00:05:08.663: Se0/0 CHAP: Using hostname from unknown source
*Mar 1 00:05:08.663: Se0/0 CHAP: Using password from AAA
*Mar 1 00:05:08.667: Se0/0 CHAP: O RESPONSE id 9 len 23 from "R1"
*Mar 1 00:05:08.735: Se0/0 CHAP: I RESPONSE id 13 len 23 from "R2"

*Mar
*Mar
*Mar
*Mar
*Mar
*Mar
*Mar
*Mar
*Mar
*Mar
*Mar

1
1
1
1
1
1
1
1
1
1
1

00:05:08.743:
00:05:08.751:
00:05:08.755:
00:05:08.759:
00:05:08.763:
00:05:08.767:
00:05:08.767:
00:05:08.771:
00:05:08.775:
00:05:08.783:
00:05:08.803:

Se0/0
Se0/0
Se0/0
Se0/0
Se0/0
Se0/0
Se0/0
Se0/0
Se0/0
Se0/0
Se0/0

PPP: Sent CHAP LOGIN Request


PPP: Received LOGIN Response PASS
PPP: Sent LCP AUTHOR Request
PPP: Sent IPCP AUTHOR Request
CHAP: I SUCCESS id 9 len 4
LCP: Received AAA AUTHOR Response PASS
IPCP: Received AAA AUTHOR Response PASS
CHAP: O SUCCESS id 13 len 4
PPP: Sent CDPCP AUTHOR Request
CDPCP: Received AAA AUTHOR Response PASS
PPP: Sent IPCP AUTHOR Request

R1#debug ppp authentication

R1#
*Mar 1
*Mar 1
*Mar 1
*Mar 1
*Mar 1
*Mar 1
*Mar 1
*Mar 1
*Mar 1
*Mar 1
*Mar 1
changed
*Mar 1
*Mar 1
*Mar 1
*Mar 1
*Mar 1
*Mar 1
*Mar 1
*Mar 1
*Mar 1
*Mar 1

00:08:44.083:
00:08:44.095:
00:08:44.095:
00:08:44.103:
00:08:44.111:
00:08:44.111:
00:08:44.111:
00:08:44.115:
00:08:44.119:
00:08:44.123:
00:08:45.079:
state to down
00:08:46.163:
00:08:48.211:
00:08:48.211:
00:08:48.219:
00:08:48.223:
00:08:48.223:
00:08:48.227:
00:08:48.231:
00:08:48.235:
00:08:48.239:

Se0/0 PPP: Authorization required


Se0/0 CHAP: O CHALLENGE id 15 len 23 from "R1"
Se0/0 CHAP: I CHALLENGE id 11 len 23 from "R2"
Se0/0 CHAP: I RESPONSE id 15 len 23 from "R2"
Se0/0 CHAP: Using hostname from unknown source
Se0/0 CHAP: Using password from AAA
Se0/0 CHAP: O RESPONSE id 11 len 23 from "R1"
Se0/0 PPP: Sent CHAP LOGIN Request
Se0/0 PPP: Received LOGIN Response FAIL
Se0/0 CHAP: O FAILURE id 15 len 25 msg is "Authentication failed"
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0,
Se0/0
Se0/0
Se0/0
Se0/0
Se0/0
Se0/0
Se0/0
Se0/0
Se0/0
Se0/0

PPP: Authorization required


CHAP: O CHALLENGE id 16 len 23 from "R1"
CHAP: I CHALLENGE id 12 len 23 from "R2"
CHAP: Using hostname from unknown source
CHAP: Using password from AAA
CHAP: O RESPONSE id 12 len 23 from "R1"
CHAP: I RESPONSE id 16 len 23 from "R2"
PPP: Sent CHAP LOGIN Request
PPP: Received LOGIN Response FAIL
CHAP: O FAILURE id 16 len 25 msg is "Authentication failed"

Materi 4.10 High Availability

Materi 4.11 HSRP

R1(config)#int s2/0
R1(config-if)#ip add 13.13.13.1 255.255.255.0
R1(config-if)# description ### LINK KE INET ###
R1(config)#int Fa0/0
R1(config-if)#ip add 12.12.12.1 255.255.255.0
R1(config-if)#standby 1 ip 12.12.12.12
R1(config-if)#standby 1 preempt
R1(config-if)# description ### LINK KE LOCAL ###
R1(config)#router eigrp 1
R1(config-router)#network 12.12.12.0
R1(config-router)#network 13.13.13.0
R1(config-router)#passive-interface fa0/0 (port menuju switch)
R2(config)#int s2/0
R2(config-if)#ip add 23.23.23.2 255.255.255.0
R2(config-if)# description ### LINK KE INET ###
R2(config)#int Fa0/0

R2(config-if)#ip add 12.12.12.2 255.255.255.0


R2(config-if)#standby 1 ip 12.12.12.12
R2(config-if)#standby 1 preempt
R2(config-if)#standby 1 priority 105
R2(config-if)#standby 1 track s2/0
R2(config-if)# description ### LINK KE LOCAL ###
R2(config)#router eigrp 1
R2(config-router)#network 23.23.23.0
R2(config-router)#network 12.12.12.0
R2(config-router)#passive-interface f0/0 (port menuju switch)

R3(config)#interface s2/0
R3(config-if)# ip address 13.13.13.3
255.255.255.0
R3(config)#interface S3/0
R3(config-if)# ip address 23.23.23.3 255.255.255.0
R3(config)# interface Loopback 0
R3(config-if)# ip address 3.3.3.3 255.255.255.255
R3(config)# router eigrp 1
R3(config-router)# net 0.0.0.0
R3(config-router)#no auto-summary

PC1 : IP 12.12.12.101/24, GW : 12.12.12.12


PC2 : IP 12.12.12.102/24, GW : 12.12.12.12

R1,2# show standby brief


PC1 : ping 3.3.3.3
PC1 : trace 3.3.3.3

R2#sh standby brief


Interface
Grp
Fa0/0
1

Prio
105

P State
P Active

Active
local

Standby
12.12.12.1

Virtual IP
12.12.12.12

Materi 4.9 VRRP

R1(config)#Int f0/0
R1(config-if)#no standby 1
R2(config)#Int f0/0
R2(config-if)#no standby 1

interface FastEthernet0/0
ip address 12.12.12.1 255.255.255.0
vrrp 1 ip 12.12.12.12
vrrp 1 priority 110
vrrp 1 track 1 decrement 20
!
track 1 ip route 3.3.3.3/32 reachability

interface FastEthernet0/0
ip address 12.12.12.2 255.255.255.0
vrrp 1 ip 12.12.12.12

PC1 : IP 12.12.12.101/24, GW : 12.12.12.12


PC2 : IP 12.12.12.102/24, GW : 12.12.12.12

R1#show vrrp brief


Interface Grp
Pri
Fa0/0
1
110

Time
3570

Own

Pre
Y

State
Master

Master addr
12.12.12.1

Group addr
12.12.12.12

R2#show vrrp brief


Interface Grp
Pri
Fa0/0
1
100

Time
3609

Own

Pre
Y

State
Backup

Master addr
12.12.12.1

Group addr
12.12.12.12

R1(config)#int f0/0
R1(config-if)#shutdown
*Mar 1 03:56:07.083: %VRRP-6-STATECHANGE: Fa0/0 Grp 1 state Master -> Init
*Mar 1 03:56:09.087: %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to
administratively down
R2(config-if)#
*Mar 1 03:56:07.707: %VRRP-6-STATECHANGE: Fa0/0 Grp 1 state Backup -> Master
R1(config-if)#do sh vrrp brief
Interface
Grp
Pri
Time Own
Fa0/0
1
110
3570

Pre
Y

State
Master addr
Init 0.0.0.0

Group addr
12.12.12.12

R2(config-if)#DO SH VRRP BRIEF


Interface
Grp Pri
Time Own
Fa0/0
1
100
3609

Pre
Y

State
Master

Group addr
12.12.12.12

Master addr
12.12.12.2

Materi 4.10 GLBP

R1(config-if)#default int f0/0


R2(config-if)#default int f0/0

interface FastEthernet0/0
ip address 12.12.12.1 255.255.255.0
glbp 1 ip 12.12.12.12
Konfigurasi di R2
interface FastEthernet0/0
ip address 12.12.12.2 255.255.255.0
glbp 1 ip 12.12.12.12

PC1 : IP 12.12.12.101/24, GW : 12.12.12.12


PC2 : IP 12.12.12.102/24, GW : 12.12.12.12

R1#show glbp brief


Interface Grp Fwd Pri
Fa0/0
1
- 100
Fa0/0
1
1
Fa0/0
1
2
-

State
Standby
Listen
Active

R2#sh glbp brief


Interface Grp Fwd Pri
Fa0/0
1
- 100
Fa0/0
1
1
Fa0/0
1
2
-

State
Active
Active
Listen

Address
Active router
12.12.12.12
12.12.12.2
0007.b400.0101 12.12.12.2
0007.b400.0102 local

Address
12.12.12.12
0007.b400.0101
0007.b400.0102

PC1#traceroute 3.3.3.3
Type escape sequence to abort.
Tracing the route to 3.3.3.3
1 12.12.12.2 40 msec 44 msec 20 msec
2 23.23.23.3 64 msec * 72 msec

PC2#traceroute 3.3.3.3
Type escape sequence to abort.
Tracing the route to 3.3.3.3
1 12.12.12.1 56 msec 28 msec 36 msec
2 13.13.13.3 64 msec * 88 msec

Active router
local
local
12.12.12.1

Standby router
local
-

Standby router
12.12.12.1
-

Materi 4.6 OSPFv3

JAKARTA(config)#ipv6 router ospf 10


JAKARTA(config-router)#router-id 1.1.1.1
JAKARTA(config)#int s0
JAKARTA(config-if)#ipv6 add 12::1/120
JAKARTA(config-if)#ipv6 ospf 10 area 0
JAKARTA(config)#int Lo0
JAKARTA(config-if)#ipv6 add 1::1/128
JAKARTA(config-if)#ipv6 ospf 10 area 0

SEMARANG(config)#ipv6 router ospf 10


SEMARANG(config-router)#router-id 2.2.2.2
SEMARANG(config)#int s0
JAKARTA(config-if)#12::2/120
SEMARANG(config-if)#ipv6 ospf 10 area 0
SEMARANG(config)#int Ethernet0
JAKARTA(config-if)#23::2/120
SEMARANG(config-if)#ipv6 ospf 10 area 0
SEMARANG(config)#int Lo0
JAKARTA(config-if)#2::2/128
SEMARANG(config-if)#ipv6 ospf 10 area 0

SURABAYA(config)#ipv6 router ospf 10


SURABAYA(config-router)#router-id 3.3.3.3
SURABAYA(config)#int Ethernet0
JAKARTA(config-if)#23::3/120
SURABAYA(config-if)#ipv6 ospf 10 area 0
SURABAYA(config)#int Lo0
JAKARTA(config-if)#3::3/128
SURABAYA(config-if)#ipv6 ospf 10 area 0

Jakarta#sh ipv6 route


IPv6 Routing Table - 7 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route, M - MIPv6
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
D - EIGRP, EX - EIGRP external
C
1::1/128 [0/0]
via ::, Loopback0
O
2::2/128 [110/64]
via FE80::230:F2FF:FE62:7801, Serial0/0/0
O
3::3/128 [110/65]
via FE80::230:F2FF:FE62:7801, Serial0/0/0
C
12::/120 [0/0]
via ::, Serial0/0/0
L
12::1/128 [0/0]
via ::, Serial0/0/0
O
23::/120 [110/64]
via FE80::230:F2FF:FE62:7801, Serial0/0/0
L
FF00::/8 [0/0]
via ::, Null0
Jakarta#sh ipv6 ospf neighbor
Neighbor ID
2.2.2.2

Pri
0

State
FULL/

Dead Time
00:00:34

Interface ID
3

Interface

Jakarta#ping 2::2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2::2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 31/31/32 ms
Jakarta#ping 3::3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3::3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 31/56/63 ms

Materi 4.7 EIGRP IPV6

JAKARTA(config)#ipv6 router eigrp 10


JAKARTA(config-router)#router-id 1.1.1.1
JAKARTA(config-router)#no shutdown
JAKARTA(config)#int s0
JAKARTA(config-if)#ipv6 eigrp 10
JAKARTA(config)#int Lo0
JAKARTA(config-if)# ipv6 eigrp 10

SEMARANG(config)#ipv6 router eigrp 10


SEMARANG(config-router)#router-id 2.2.2.2
SEMARANG(config-router)#no shut
SEMARANG(config)#int s0
SEMARANG(config-if)# ipv6 eigrp 10
SEMARANG(config)#int Ethernet0
SEMARANG(config-if)# ipv6 eigrp 10
SEMARANG(config)#int Lo0
SEMARANG(config-if)# ipv6 eigrp 10

SURABAYA(config)#ipv6 router eigrp 10


SURABAYA(config-router)#router-id 3.3.3.3
SURABAYA(config-router)#no shut
SURABAYA(config)#int Ethernet0
SURABAYA(config-if)# ipv6 eigrp 10
SURABAYA(config)#int Lo0
SURABAYA(config-if)# ipv6 eigrp 10
Jakarta#sh ipv6 route
IPv6 Routing Table - 7 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route, M - MIPv6
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
D - EIGRP, EX - EIGRP external
C
1::1/128 [0/0]
via ::, Loopback0
D
2::2/128 [90/2297856]
via FE80::230:F2FF:FE62:7801, Serial0/0/0
D
3::3/128 [90/2300416]
via FE80::230:F2FF:FE62:7801, Serial0/0/0
C
12::/120 [0/0]
via ::, Serial0/0/0
L
12::1/128 [0/0]
via ::, Serial0/0/0
D
23::/120 [90/2172416]
via FE80::230:F2FF:FE62:7801, Serial0/0/0
L
FF00::/8 [0/0]
via ::, Null0
Jakarta#ping 3::3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3::3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 47/56/63 ms
Jakarta#ping 2::2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2::2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 18/28/32 ms

PR/Tugas Hari-2

Materi 5. Lab NMS

PRTG

WHATSUP GOLD

TFTP SERVER

Switch#
Switch#show flash:
Directory of flash:/
2 -rwx
3 -rwx
25.SEE2.bin
4 -rwx
409 -rwx

1299
7963038

Mar 1 1993 00:17:04 +00:00


Mar 1 1993 03:04:24 +00:00

config.text
c3560-advipservicesk9-mz.122-

24
3463

Mar 1 1993 00:17:04 +00:00


Feb 5 2008 16:03:58 +00:00

private-config.text
config.old

32514048 bytes total (16392704 bytes free)


Switch#

Switch#copy flash: tftp:


(tekan ENTER)
Source filename []? c3560-advipservicesk9-mz.122-25.SEE2.bin
MASUKKAN NAMA IOS-nya KEMUDIAN TEKAN ENTER
Address or name of remote host []? 10.10.10.2
MASUKKAN IP ADDRESS DARI LAPTOP KITA
Destination filename [c3560-advipservicesk9-mz.122-25.SEE2.bin]?
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
7963038 bytes copied in 17.792 secs (447563 bytes/sec)
Switch#

KIWI CATTOOLS

Syslog Server
-

R1(config)#logging 10.10.10.2

MYLANVIEWER

Netflow Analyzer

router(config)#interface FastEthernet 0/0


router(config-if)#ip route-cache flow
router(config-if)#exit
router(config)#ip flow-export destination 10.10.10.10 9996
router(config)#ip flow-export version 5
router#show ip flow export
router#show ip cache flow

Materi 6. Network Design

GNS 3

Reset Konfigurasi Router/Switch Cisco

rommon1 >

Rommon2 >confreg 0x2142


Rommon3 >Reset

Router>enable
Router#
Router#copy start run
Router#conf t
Router(config)#enable secreet idn
Router(config)#config-register 0x2102
Router#write

The system has been interrupted prior to initializing the flash file system to finish
loading the operating system software:
flash_init
load_helper
boot
switch:

switch:flash_init
switch:load_helper
switch: dir flash:
Directory of flash:/
2
-rwx 1803357
<date>
c3500xl-c3h2s-mz.120-5.WC7.bin
4
-rwx 1131
<date>
config.text
5
-rwx 109
<date>
info
6
-rwx 389
<date>
env_vars
7
drwx 640
<date>
html
18
-rwx 109
<date>
info.ver
403968 bytes available (3208704 bytes used)
Switch: rename flash:config.text flash:config.text.old
Switch: boot

Daftar Cisco Partner

Materi 8. Persiapan Ujian

Bab 1. Lab CCNA

R3(config)# no router eigrp 12


R3(config)# router eigrp 212

R3(config-router)#
R3(config-router)#
R3(config-router)#
R3(config-router)#

network 192.168.77.32
network 192.168.60.64
network 192.168.60.80
no auto-summary (harus ditambahkan)

R4(config)# router eigrp 212


R4(config-router)# network 192.0.18.4

Corp1(config)#access-list 100 permit tcp host 192.168.33.3 host 172.22.242.23 eq 80

Corp1(config)#access-list 100 deny tcp any host 172.22.242.23 eq 80

Corp1(config)#access-list 100 permit ip any any

Corp1(config)#interface fa0/1
Corp1(config-if)#ip access-group 100 out

Corp1#copy run start

Pilihan Ganda
Exam A

Correct Answer: D
Explanation

Exam B

Exam C

Exam D

Exam E

Exam G

Exam H

==================================================================

====================================================================

=======================================================================

Exam I

Exam J

Exam K

Explanation/Reference: Answer: Router>enable Router#config terminal Router(config)#hostname


R2

R2(config)#enable secret Cisco 1


R2(config)#line console 0
R2(config-line)#password Cisco 2
R2(config-line)#exit
R2(config)#line vty 0 4
R2(config-line)#password Cisco 3
R2(config-line)#login
R2(config-line)#exit
R2(config)#interface faO/0
R2(config-if)#ip address 209.165.201.1 255.255.255.224 R2(config)#interface s0/0/0
R2(config-if)#ip address 192.0.2.176 255.255.255.240 R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#router rip
R2(config-router)#version 2
R2(config-router)#network 209.165.201.0
R2(config-router)#network 192.0.2.176
R2(config-router)#end
R2#copy run start

Exam L

R1(config-if)#standby 1 timers ?
<1-254> Hello interval in seconds
msec Specify hello interval in milliseconds
R1(config-if)#standby 1 timers 1 ?
<2-255> Hold time in seconds