Tuesday, November 1, 2016

Home » » Konfigurasi ACL Extended

Konfigurasi ACL Extended

8:05 AM    1 comment
Konfigurasi ACL Extended

1. Topologi



2. Konfigurasinya sebagai berikut
   
pemberian ip address pada server
   - address = 20.20.20.2
   - subnet mask = 255.255.255.0

Edit Http
  - klik server
  - pilih submenu services
  - klik http
  - lalu klik (edit) pada index.html
  - edit sesuai yang diinginkan
  - kemudian save

A. Router 0

Router>enable
Router#configure terminal
Router(config)#interface FastEthernet0/0
Router(config-if)#ip address 10.10.10.1 255.255.255.0
Router(config-if)#no shutdown
Router(config-if)#exit

Router(config)#interface FastEthernet0/1
Router(config-if)#ip address 192.168.10.1 255.255.255.0
Router(config-if)#no shutdown
Router(config-if)#exit

Router(config)#interface Ethernet0/1/0
Router(config-if)#ip address 192.168.20.1 255.255.255.0
Router(config-if)#no shutdown
Router(config-if)#exit

Router(config)#router ospf 1
Router(config-router)#net 10.10.10.0 0.0.0.255 area 0
Router(config-router)#net 20.20.20.0 0.0.0.255 area 0
Router(config-router)#net 192.168.10.0 0.0.0.255 area 0
Router(config-router)#net 192.168.20.0 0.0.0.255 area 0
Router(config-router)#exit

B. Router 1

Router>enable
Router#configure terminal
Router(config)#interface FastEthernet0/0
Router(config-if)#ip address 20.20.20.1 255.255.255.0
Router(config-if)#no shutdown
Router(config-if)#exit

Router(config)#interface FastEthernet0/1
Router(config-if)#ip address 10.10.10.2 255.255.255.0
Router(config-if)#no shutdown
Router(config-if)#exit

Router(config)#router ospf 1
Router(config-router)#net 10.10.10.0 0.0.0.255 area 0
Router(config-router)#net 20.20.20.0 0.0.0.255 area 0
Router(config-router)#net 192.168.10.0 0.0.0.255 area 0
Router(config-router)#net 192.168.20.0 0.0.0.255 area 0
Router(config-router)#exit
 
C. tambahkan perintah di bawah ini pada router 0 untuk mengaktifkan ACL

Router(config)#access-list 100 deny tcp 192.168.10.0 0.0.0.255 host 20.20.20.2   eq www

Router(config)#access-list 100 permit ip any any
Router(config)#int fa 0/1
Router(config-if)#ip access-group 100 in

3. Hasil Testing
   a. ketik 20.20.20.2 di browser pada pc1 


                    bila berhasil tampilan edit httpnya akan muncul

  b. ketik 20.20.20.2 di browser pada pc2

                        sedangkan pc2 harus request timeout

1 comment: