Konfigurasi Kederhana ACL ( Access Control List) pada Packet Tracer
Pada tutuorial kali ini akan dijelaskan mengenai setting access list pada cisco router menggunakan packet tracer.
Komponen yang digunakan
Komponen yang digunakan
- 1 router
- 1 switch
- 1 server dan
- 3 buah client (PC/Laptop)
untuk lebih jelasnya perhatikan gambar dibawah ini:
Ketentuan: client dengan nama Pc1 dan Pc3 dapat melakukan koneksi dengan Server tetapi untuk client dengan nama Pc2 dilarang untuk melakukan koneksi degan Server.
kita dapat mengatasi masalah diatas dengan solusi menggunakan access-list.
Video tutorialnya dapat diakses pada :Access Control List; konfigurasi sederhana ACL
Berikut detail dari konfigurasi komputer client dan cisco router
Berikut detail dari konfigurasi komputer client dan cisco router
Ethernet adapter Local Area Connection:
IP Address. . . . . . . . . . . . : 192.168.1.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
Konfigurasi Pc2
Ethernet adapter Local Area Connection:
IP Address. . . . . . . . . . . . : 192.168.1.3
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
Konfigurasi Pc3
Ethernet adapter Local Area Connection:
IP Address. . . . . . . . . . . . : 192.168.1.4
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
Konfigurasi server
Ethernet adapter Local Area Connection:
IP Address. . . . . . . . . . . . : 192.168.2.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.254
Konfigurasi cisco router
Router>
Router>enable
Router#configure terminal
Router(config)#interface ethernet0
Router(config-if)#ip address 192.168.1.1 255.255.255.0
Router(config-if)#no shut
Router(config-if)#exit
Router(config)#interface ethernet1
Router(config-if)#ip address 192.168.2.254 255.255.255.0
Router(config-if)#no shut
Router(config-if)#^Z (Ctrl+z)
Router#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
Router#ping 192.168.2.254
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.254, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
Konfigurasi ACL
Router#configure terminal
Router(config)#interface fastethernet 0/0
Router(config-if)#ip access-group 1 in
Router(config-if)#exit
Router(config)#access-list 1 deny 192.168.1.3 255.255.255.0
Router(config)#access-list 1 permit any
Router(config)#exit
Router#show access-list
Standard IP access list 1
deny 0.0.0.3 255.255.255.0 (2 match(es))
permit any (8 match(es))
untuk mengembalikan access seperti sebelumnya :
Router#no access-list 1
------------------------------------------------------------------------------------------------------------
Hasil uji coba :
Pada Pc1
Router#ping 192.168.2.1
Pinging 192.168.2.1 with 32 bytes of data:
Reply from 192.168.2.1: bytes=32 time=60ms TTL=241
Reply from 192.168.2.1: bytes=32 time=60ms TTL=241
Reply from 192.168.2.1: bytes=32 time=60ms TTL=241
Reply from 192.168.2.1: bytes=32 time=60ms TTL=241
Reply from 192.168.2.1: bytes=32 time=60ms TTL=241
Ping statistics for 192.168.2.1: Packets: Sent = 5, Received = 5, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 50ms, Maximum = 60ms, Average = 55ms
Pada Pc2
Router#ping 192.168.2.1
Pinging 192.168.2.1 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.2.1:
Packets: Sent = 5, Received = 0, Lost = 5 (100% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
Pada Pc3
Router#ping 192.168.2.1
Pinging 192.168.2.1 with 32 bytes of data:
Reply from 192.168.2.1: bytes=32 time=60ms TTL=241
Reply from 192.168.2.1: bytes=32 time=60ms TTL=241
Reply from 192.168.2.1: bytes=32 time=60ms TTL=241
Reply from 192.168.2.1: bytes=32 time=60ms TTL=241
Reply from 192.168.2.1: bytes=32 time=60ms TTL=241
Ping statistics for 192.168.2.1: Packets: Sent = 5, Received = 5, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 50ms, Maximum = 60ms, Average = 55ms
Selamat mencoba dan semoga bermanfaat 😄😄😄😄
IP Address. . . . . . . . . . . . : 192.168.1.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
Konfigurasi Pc2
Ethernet adapter Local Area Connection:
IP Address. . . . . . . . . . . . : 192.168.1.3
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
Konfigurasi Pc3
Ethernet adapter Local Area Connection:
IP Address. . . . . . . . . . . . : 192.168.1.4
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
Konfigurasi server
Ethernet adapter Local Area Connection:
IP Address. . . . . . . . . . . . : 192.168.2.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.254
Konfigurasi cisco router
Router>
Router>enable
Router#configure terminal
Router(config)#interface ethernet0
Router(config-if)#ip address 192.168.1.1 255.255.255.0
Router(config-if)#no shut
Router(config-if)#exit
Router(config)#interface ethernet1
Router(config-if)#ip address 192.168.2.254 255.255.255.0
Router(config-if)#no shut
Router(config-if)#^Z (Ctrl+z)
Router#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
Router#ping 192.168.2.254
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.254, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
Konfigurasi ACL
Router#configure terminal
Router(config)#interface fastethernet 0/0
Router(config-if)#ip access-group 1 in
Router(config-if)#exit
Router(config)#access-list 1 deny 192.168.1.3 255.255.255.0
Router(config)#access-list 1 permit any
Router(config)#exit
Router#show access-list
Standard IP access list 1
deny 0.0.0.3 255.255.255.0 (2 match(es))
permit any (8 match(es))
untuk mengembalikan access seperti sebelumnya :
Router#no access-list 1
------------------------------------------------------------------------------------------------------------
Hasil uji coba :
Pada Pc1
Router#ping 192.168.2.1
Pinging 192.168.2.1 with 32 bytes of data:
Reply from 192.168.2.1: bytes=32 time=60ms TTL=241
Reply from 192.168.2.1: bytes=32 time=60ms TTL=241
Reply from 192.168.2.1: bytes=32 time=60ms TTL=241
Reply from 192.168.2.1: bytes=32 time=60ms TTL=241
Reply from 192.168.2.1: bytes=32 time=60ms TTL=241
Ping statistics for 192.168.2.1: Packets: Sent = 5, Received = 5, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 50ms, Maximum = 60ms, Average = 55ms
Pada Pc2
Router#ping 192.168.2.1
Pinging 192.168.2.1 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.2.1:
Packets: Sent = 5, Received = 0, Lost = 5 (100% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
Pada Pc3
Router#ping 192.168.2.1
Pinging 192.168.2.1 with 32 bytes of data:
Reply from 192.168.2.1: bytes=32 time=60ms TTL=241
Reply from 192.168.2.1: bytes=32 time=60ms TTL=241
Reply from 192.168.2.1: bytes=32 time=60ms TTL=241
Reply from 192.168.2.1: bytes=32 time=60ms TTL=241
Reply from 192.168.2.1: bytes=32 time=60ms TTL=241
Ping statistics for 192.168.2.1: Packets: Sent = 5, Received = 5, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 50ms, Maximum = 60ms, Average = 55ms
Selamat mencoba dan semoga bermanfaat 😄😄😄😄
0 komentar:
Posting Komentar