Scribd
Upload
107 views3 pages

CCNA4 ACL (Access Control List) : Konfigurasi Router. R1

1. The document describes configurations of routers R1 and R2 including IP addresses and ACL rules. 2. It configures a standard ACL on R2 to deny access from odd IPs on LAN R1 to LAN R2 and tests connectivity before and after. 3. It then configures an extended ACL on R1 to allow even IPs on LAN R1 to only access port 80 on LAN R2 and tests connectivity before and after.

Uploaded by

Yoki Wahyudi
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
107 views3 pages

CCNA4 ACL (Access Control List) : Konfigurasi Router. R1

1. The document describes configurations of routers R1 and R2 including IP addresses and ACL rules. 2. It configures a standard ACL on R2 to deny access from odd IPs on LAN R1 to LAN R2 and tests connectivity before and after. 3. It then configures an extended ACL on R1 to allow even IPs on LAN R1 to only access port 80 on LAN R2 and tests connectivity before and after.

Uploaded by

Yoki Wahyudi
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
You are on page 1/ 3

CCNA4 ACL (Access Control List)

Konfigurasi Router.
R1 :
Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname R1
R1(config)#int serial 0/0/0
R1(config-if)#ip add 10.10.10.1 255.255.255.252
R1(config-if)#clock rate 128000
R1(config-if)#no shut
R1(config-if)#int f0/0
R1(config-if)#ip add 192.168.1.1 255.255.255.0
R1(config-if)#no shut
R1(config)#ip dhcp pool LAN
R1(dhcp-config)#network 192.168.1.0 255.255.255.0
R1(dhcp-config)#default-router 192.168.1.1

R2 :
Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname R2
R2(config)#int serial 0/0/0
R2(config-if)#ip add 10.10.10.2 255.255.255.252
R2(config-if)#no shut
R2(config-if)#int f0/0
R2(config-if)#ip add 192.168.2.1 255.255.255.0
R2(config-if)#no shut
R2(config-if)#exit
R2(config)#ip dhcp pool LAN
R2(dhcp-config)#network 192.168.2.0 255.255.255.0
R2(dhcp-config)#default-router 192.168.2.1

Konfigurasi ACL
1. Standard ACL (Posisi sebisa mungkin di network tujuan)

Rule : IP Ganjil LAN R1 tidak boleh mengakses Lokal Lan R2


Konfigurasi ACL di R2 :

R2(config)#access-list 5 deny 192.168.1.1 0.0.0.254


R2(config)#access-list 5 permit any

Penempatan ACL (Access-group) :


R2(config)#int f0/0
R2(config-if)#ip access-group 5 out

Hasil sebelum ACL :


PC>ipconfig

IP Address......................: 192.168.1.5
Subnet Mask.....................: 255.255.255.0
Default Gateway.................: 192.168.1.1

PC>

PC>ping 192.168.2.3

Pinging 192.168.2.3 with 32 bytes of data:

Reply from 192.168.2.3: bytes=32 time=219ms TTL=126


Reply from 192.168.2.3: bytes=32 time=140ms TTL=126
Reply from 192.168.2.3: bytes=32 time=113ms TTL=126
Reply from 192.168.2.3: bytes=32 time=141ms TTL=126

Ping statistics for 192.168.2.3:


Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 113ms, Maximum = 219ms, Average = 153ms

Hasil Setelah ACL :


PC>ping 192.168.2.3

Pinging 192.168.2.3 with 32 bytes of data:

Reply from 10.10.10.2: Destination host unreachable.


Reply from 10.10.10.2: Destination host unreachable.
Reply from 10.10.10.2: Destination host unreachable.
Reply from 10.10.10.2: Destination host unreachable.

Ping statistics for 192.168.2.3:


Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
2. ACL Extended (Posisi sebisa mungkin di network sumber)

Rule : IP Genap LAN R1 hanya boleh mengakses port 80 ke lokal LAN R2

Konfigurasi ACL di R1 :
R1(config)#access-list 120 permit tcp 192.168.1.0 0.0.0.254 192.168.2.0
0.0.0.255 eq www

Penempatan ACL :
R1(config)#int f0/0
R1(config-if)#ip access-group 120 in

Hasil sebelum :

PC>ipconfig

IP Address......................: 192.168.1.2
Subnet Mask.....................: 255.255.255.0
Default Gateway.................: 192.168.1.1

PC>ping 192.168.2.3

Pinging 192.168.2.3 with 32 bytes of data:

Reply from 192.168.2.3: bytes=32 time=172ms TTL=126


Reply from 192.168.2.3: bytes=32 time=140ms TTL=126
Reply from 192.168.2.3: bytes=32 time=156ms TTL=126
Reply from 192.168.2.3: bytes=32 time=125ms TTL=126

Ping statistics for 192.168.2.3:


Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 125ms, Maximum = 172ms, Average = 148ms

PC>

Hasil setelah :
PC>ping 192.168.2.3

Pinging 192.168.2.3 with 32 bytes of data:

Request timed out.


Request timed out.
Request timed out.
Request timed out.

Ping statistics for 192.168.2.3:


Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

PC>

You might also like