Lab FastTrack

CCNA FastTrack Lab
LAB 1:Basic Router Configuration
Roll-Over Cable
Basic Configuration:
1. Set Encryption Password for Privileged Exec Mode. Use Password: Cisco
2. Set Clear Password for Privileged Exec Mode. Use Password: Cisco2
3. Set Hostname to : Ro_HQ
4. Save Configuration to NVRAM
5. Restart router without using power button.
Basic Router Configuration
Untuk Masuk ke Privilleged Exec Mode:
Router>enable
Router#
Untuk Masuk ke Global Configuration Mode:

Router#conf t
Router(config)#
Mengaktifkan Password:
Router(config)#enable secret cisco
Router(config)#enable password cisco2
Mengubah Nama Router:

Router(config)#hostname Ro_HQ
Ro_HQ(config)#exit
Router_HQ#
Konfigurasi Dasar Router
Untuk menyimpan Konfigurasi Running:
Ro_HQ#copy running-config startup-config
Destination filename [startup-config]?
Untuk melihat Konfigurasi Router di RAM:

Ro_HQ#show running-config
Untuk melihat Konfigurasi Router di NVRAM:

Ro_HQ#show startup-config
Restart Router dgn perintah:

Ro_HQ#reload
Untuk menon-aktifkan perintah tambahkan kata "no“

contoh membatalkan password enkripsi:
Ro_HQ(config)#no enable secret
LAB 2:Setting IP Address
192.168.0.0/24
.1 .65 202.13.3.64/30 .66

.2
1. Set Banner Motd. Write your own Message
2. Set Password Requirement when Connect to router using Console Port. Using
Password: Cisco
3. Activate Telnet Connection on Ro_1. Use Password: Sanfran for Telnet Connection.
4. Set IP Address for all Interfaces. Use Clock Rate: 64000 for DCE
5. Try all connection using PING Command
6. Try connect to Router Via Telnet.
Menambahkan Banner di awal:
Router(config)#banner motd $
Enter TEXT message. End with the character ‘$'.
TULISKAN ISI PESAN DISINI
$
Router(config)#
Setting password console:
Router(config)#line console 0
Router(config-line)#password cisco
Router(config-line)#login
Mengaktifkan telnet untuk 5 channel:

Router(config)#line vty 0 4
Router(config-line)#password sanfran
Router(config-line)#login
Dari Client  Command Prompt:

C:>\ telnet Address_Router
Setting SSH:
Router(config)#hostname Ro_1
Ro_1(config)#ip domain-name cisco.com
Ro_1(config)#crypto key generate rsa
How many bits in the modulus [512]:1024
 masukkan nilai 1024
Ro_1(config)#username student password cisco
Ro_1(config)#line vty 0 4
Ro_1(config-line)#transport input ssh
Ro_1(config-line)#login local
SSH Client:
Ro_2#ssh -l student 192.168.0.1
Konfigurasi Interface FastEthernet:
Router(config)#int fa0/0
Router(config-if)#ip address 192.168.0.1 255.255.255.0
Router(config-if)#no shutdown
Tekan Ctrl+Z
Test Hasil koneksi dengan:

Router#ping 192.168.0.2
Hasil ping jika:

........ (Request TimeOut)
!!!!!!!! (Sukses)
.U.U.U.U. (Destination Unreacheable)
Konfigurasi Interface Serial(DCE):
Router(config)#int S0/0
Router(config-if)#clock rate 64000
Tekan Ctrl+Z
Konfigurasi Interface Serial(DTE):

Router(config)#int S0/0
Tekan Ctrl+Z
Lab 3: Manajemen IOS
1. Set Router IP Address, Hostname and Password on Router.
2. Install TFTP Server on Your PC. Set IP Address for PC
3. Backup Configuration from RAM to TFTP Server. Restart Router
4. Restore Configuration from TFTP Server to RAM.
5. Backup IOS to TFTP Server. Delete IOS.
6. Restore IOS from TFTP Server to Router
7. Recovery Router Password
8. Install IOS from ROMMON
Manajemen IOS
Perintah Backup Configuration File:

Ro3#copy running-config tftp
Address or name of remote host []? 192.168.20.2
Destination filename [Ro3-confg]?
!!
[OK - 348 bytes]
348 bytes copied in 0.086 secs (4000 bytes/sec)
Perintah Restore Configuration File:

Ro3#copy tftp running-config
Manajemen IOS
Source filename []? Ro3-confg
Destination filename [running-config]?
Accessing tftp://192.168.20.2/Ro3-confg....
Loading Ro3-confg from 192.168.20.2: !
[OK - 348 bytes]
Perintah Backup IOS:

Ro3#copy flash tftp
Destination filename [c2600-i-mz.122-28.bin]?
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 348 bytes]
Manajemen IOS
Perintah Restore IOS:
Ro3#copy tftp flash
Source filename []? c2600-i-mz.122-28.bin
Destination filename [c2600-i-mz.122-28.bin]? c2600-
i-mz.122-28.bin
Accessing tftp://192.168.20.2/c2600-i-mz.122-
28.bin...
Loading c2600-i-mz.122-28.bin from 192.168.20.2:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!
[OK - 5571584 bytes]
Manajemen IOS
Untuk menghapus File atau IOS:
Router#erase flash
Router#erase startup-config
Router#erase running-config
Password Recovery:
1. Booting ulang router dgn mematikan power.
2. Setelah Router menyala tekan tombol 'Ctrl+break'. PC sudah terkoneksi
ke console melalui hyperterminal)
3. Muncul prompt ROM Monitor:
monitor: command "boot" aborted due to user
interrupt
rommon 1 > ?
Manajemen IOS
4. Ubah Configuration-register menjadi 0x2142, kemudian reset router:
rommon 2 > confreg 0x2142
rommon 3 > reset
5. Router akan booting kembali dan masuk ke 'setup'. Lakukan
konfigurasi awal lagi dari Setup Dialog.
6. Jangan lupa setelah masuk ke privilleged mode, ubah Configure Register
kembali ke nilai 0x2102.
Ro3(config)#config-register 0x2102
Ro3(config)#exit
Ro3#copy run start
Destination filename [startup-config]?
Building configuration...
Manajemen IOS
INSTALASI IOS MELALUI rommon:
1. KONFIGURASI TERLEBIH DAHULU IP ADDRESS TFTP SERVER
(192.168.20.2)
2. Masuk ke rommon (tekan ctrl+break)
rommon 1 > tftpdnld
Missing or illegal ip address for variable
IP_ADDRESS
llegal IP address.
rommon 2 > IP_ADDRESS=192.168.20.1
rommon 3 > IP_SUBNET_MASK=255.255.255.0
rommon 4 > DEFAULT_GATEWAY=192.168.20.2
rommon 5 > TFTP_SERVER=192.168.20.2
rommon 6 > TFTP_FILE=c2600-i-mz.122-28.bin
Manajemen IOS
rommon 7 > tftpdnld
IP_ADDRESS: 192.168.20.1
IP_SUBNET_MASK: 255.255.255.0
DEFAULT_GATEWAY: 192.168.20.2
TFTP_SERVER: 192.168.20.2
TFTP_FILE: bbpom
Invoke this command for disaster recovery only.
WARNING: all existing data in all partitions on
flash will be lost!
Do you wish to continue? y/n: [n]: y

Manajemen IOS
Receiving c2600-i-mz.122-28.bin from 192.168.20.2
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!! !!!!!!!!!!!!
File reception completed.
Copying file c2600-i-mz.122-28.bin to flash.
rommon 8 > reset

KONFIGURASI STATIC ROUTING
• Setting all Hostname and IP Address.

• Implement Static Routing.
• Check Table Routing
• Test IP Routing
KONFIGURASI STATIC ROUTING
STERLING:
Router(config) #ip route 172.16.5.0 255.255.255.0 172.16.2.2
Router(config)#exit
Router#sh ip route
HOBOKEN:
Router(config)#exit
Router#sh ip route
WAYCROSS:
Router(config)#exit
Router#sh ip route
KONFIGURASI DEFAULT ROUTING
RTY(STUB NETWORK):
RTY(config) #ip route 0.0.0.0 0.0.0.0 172.16.1.2
RTY(config)#exit
RTY#sh ip route
KONFIGURASI RIP
BHM:
BHM#conf t
BHM(config)#router rip
BHM(config-router)#network 10.0.0.0
BHM(config-router)#network 192.168.13.0
GAD:
GAD#conf t
GAD(config)#router rip
GAD(config-router)#network 192.168.14.0
GAD(config-router)#network 192.168.13.0
KONFIGURASI RIP
BOAZ:
BOAZ#conf t
BOAZ(config)#router rip
BOAZ(config-router)#network 172.31.0.0
BOAZ(config-router)#network 192.168.14.0
Router#debug ip rip
Router#no debug ip rip
Router#sh ip protocols
KONFIGURASI OSPF
RoA:
RoA#conf t
RoA(config)#router ospf 1
RoA(config-router)#network 10.64.0.0 0.0.0.255 area 0
RoB:
RoB(config)#router ospf 1
RoB(config-router)#network 10.64.0.2 0.0.0.0 area 0
RoB(config-router)#network 10.2.1.2 0.0.0.0 area 0
KONFIGURASI EIGRP
MERINDA:
Merinda#conf t
Merinda(config)#interface Loopback1
Merinda(config-if)#ip address 172.16.1.1 255.255.255.0
Merinda(config-if)#interface Loopback2
Merinda(config-if)#interface FastEthernet0/0
Merinda(config-if)#no shut
Merinda(config-fi)#exit
Merinda(config-router)#router eigrp 1
Merinda(config-router)#network 172.16.0.0
Merinda(config-router)#network 192.168.20.0
KONFIGURASI EIGRP
VARGAS:
VARGAS#conf t
VARGAS(config)#interface Loopback1
VARGAS(config-if)#ip address 192.168.30.1 255.255.255.0
VARGAS(config-if)#interface Loopback2
VARGAS(config-if)#interface FastEthernet0/0
VARGAS(config-if)#no shut
VARGAS(config)#router eigrp 1
VARGAS(config-router)#network 192.168.20.0
VARGAS(config-router)#network 192.168.30.0
VARGAS(config-router)#exit
VARGAS(config)#interface fa 0/0
VARGAS(config-if)#ip summary-address eigrp 1 172.16.0.0
255.255.252.0
STANDARD ACL
GATEWAY:
Router(config)#hostname gateway
gateway(config)#access-list 2 permit 192.168.0.1 0.0.0.254
gateway(config)#int fa0/0
gateway(config-if)#ip address 192.168.0.1 255.255.255.0
gateway(config-if)#no shut
gateway(config-if)#int s0/0
gateway(config-if)#ip address 202.13.1.65 255.255.255.252
gateway(config-if)#no shut
STANDARD ACL
gateway(config-if)#ip access-group 2 out
gateway(config-if)#exit
gateway(config)#ip route 202.13.1.64 255.255.255.252
202.13.1.66
ISP:
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname ISP
ISP(config)#int s0/0
ISP(config-if)#ip address 202.13.1.66 255.255.255.252
ISP(config-if)#clock rate 64000
ISP(config-if)#no shut
ISP(config-if)#exit
ISP(config)#ip route 192.168.0.0 255.255.255.0 202.13.1.65
EXTENDED ACL
GATEWAY:
Router(config)#hostname Gateway
Gateway(config)#access-list 114 deny tcp 192.168.1.3 0.0.0.0
any eq www
Gateway(config)#access-list 114 deny icmp 192.168.1.2 0.0.0.0
191.10.2.2 0.0.0.0
Gateway(config)#access-list 114 permit ip any any
Gateway(config)#int fa0/0
Gateway(config-if)#ip address 192.168.1.1 255.255.255.0
Gateway(config-if)#no shut
Gateway(config-if)#int s0/0
EXTENDED ACL
Gateway(config-if)#int fa0/0
Gateway(config-if)#ip access-group 114 in
Gateway(config-if)#exit
Gateway(config)#ip route 0.0.0.0 0.0.0.0 202.1.2.66
ISP:
Router(config)#hostname ISP
ISP(config)#int fa0/0
ISP(config-if)#int s0/0
ISP(config-if)#clock rate 64000
ISP(config-if)#exit
ISP(config)#ip route 192.168.1.0 255.255.255.0 202.1.2.65
KONFIGURASI DHCP
192.168.0.0/24
192.168.0.1/24
Router#conf t
Gateway(config)#ip dhcp excluded-address 192.168.0.1 192.168.0.4
Gateway(config)#ip dhcp excluded-address 192.168.0.6
KONFIGURASI DHCP
Gateway(config)#ip dhcp pool LAN_KELAS
Gateway(dhcp-config)#network 192.168.0.0 255.255.255.0
Gateway(dhcp-config)#default-router 192.168.0.1
Gateway(dhcp-config)#dns-server 192.168.0.1
------------------------------------------------
SET DI PC CLIENT PILIHAN AUTOMATICALLY / DHCP DR COMMAND PROMPT :
• UNTUK MELIHAT KONFIGURASI IP KETIkk C:\> ipconfig /all
• UNTUK MELEPAS IP KETIK: C:\> ipconfig /release
• UNTUK MENDAPAT IP KETIK: C:\> ipconfig /renew
NAT OVERLOAD/PAT
Gateway(config)#ip route 0.0.0.0 0.0.0.0 190.40.12.1
Default Routing
RIP Version 2
RIP Version 2
RIP Version 2
DHCP Client
Gateway(config)#ip dhcp pool muhamadiyah

Gateway(dhcp-config)#network 172.16.8.0 255.255.255.0
Gateway(dhcp-config)#default-router 172.16.8.1
NAT OVERLOAD/PAT
Ro_0:
Ro_0#conf t
Ro_0(config)#int fa0/0
Ro_0(config-if)#ip address 190.40.12.2 255.255.255.0
Ro_0(config-if)#no shut
Ro_0(config-if)#int fa0/1
Ro_0(config-if)#exit
Ro_0(config)#ip route 0.0.0.0 0.0.0.0 190.40.12.1
Ro_0(config)#access-list 1 permit 172.16.0.0 0.0.255.255
Ro_0(config)#ip nat inside source list 1 interface fa 0/0
overload
NAT OVERLOAD/PAT
Ro_0(config-if)#ip nat outside
Ro_0(config-if)#int fa0/1
Ro_0(config-if)#ip nat inside
Ro_1:
Ro_1#conf t
Ro_1(config-)#int fa0/0
Ro_1(config-if)#int S0/0
NAT OVERLOAD/PAT
Ro_1(config)#router rip
Ro_1(config-router)#network 190.40.12.0
Ro_1(config-router)#exit
Ro_2:
Ro_2#conf t
NAT OVERLOAD/PAT
Ro_2(config-if)#clock rate 64000
Ro_2(config)#router rip
Ro_3:
Ro_3#conf t
NAT OVERLOAD/PAT
Ro_3(config#router rip
VLAN
KONFIGURASI VLAN
KONFIGURASI SWITCH:
Switch#vlan database
Switch(vlan)#vlan 2 name ENGINEERING
Switch(vlan)#vlan 3 name SALES
Switch#conf t
Switch(config)#int fa0/3
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 3
KONFIGURASI TRUNK:
Switch#conf t
Switch(config)#int fa0/1
Switch(config-if)#switchport mode trunk
KONFIGURASI VLAN
KONFIGURASI ROUTER:
Gateway(config-if)#int fa0/0.1
Gateway(config-subif)#encapsulation dot1Q 1
Gateway(config-subif)#ip address 192.168.0.1 255.255.255.0
Gateway(config-subif)#int fa0/0.2
Gateway(config-subif)#int fa0/0.3
PPP
Ro_1:
Ro_1#conf t
Ro_1(config)#hostname Ro1
Ro_1(config)#username Ro2 password cisco
PPP
Ro_1(config)#int s0/0
Ro_1(config-if)#encapsulation ppp
Ro_1(config-if)#ppp authentication chap
Ro_2:
Ro_2#conf t
Ro_2(config)#hostname Ro2
PPP
Ro_2(config)#username Ro1 password cisco
Ro_2(config)#int s0/0
Ro_2(config-if)#encapsulation ppp
Ro_2(config-if)#ppp authentication chap
IPSec
IPSec
Konfigurasi Router A (Head Office - Jakpus)
ip access-list extended jakpus-to-jakbar
permit ip 10.10.1.0 0.0.0.255 10.30.1.0 0.0.0.255
Crypto isakmp policy 1
encr 3des
authentication pre-share group 2
crypto isakmp key vpnxyz address 192.168.1.2
crypto ipsec transform-set 6 transvpnxyz esp-3des esp-sha-hmac
crypto map map-vpn-xyz 1 ipsec-isakmp
set peer 192.168.1.2
set transform set transvpnxyz
match address jakpus-to-jakbar
Interface FastEthernet0/1
ip address 192.168.1.1 255.255.255.192
crypto map map-vpn-xyz
ip address 10.1.1.1 255.255.255.0
ip route 0.0.0.0 0.0.0.0 10.10.1.9 - IP Core Switch
ip route 10.30.1.0 255.255.255.0 192.168.1.2
IPSec
Konfigurasi Router B (Branch – Jakarta Barat)
ip access-list extended jakbar-to-jakpus
permit ip 10.30.1.0 0.0.0.255 10.10.1.0 0.0.0.255
crypto isakmp policy 1
encr 3des
authentication pre-share group 2
crypto isakmp key vpnxyz address 192.168.1.1
crypto ipsec transform-set 6 transvpnxyz esp-3des esp-sha-hmac
crypto map map-vpn-xyz 1 ipsec-isakmp set peer 192.168.1.1
set transform set transvpnxyz
match address jakbar-to-jakpus
ip address 192.168.1.2 255.255.255.192
crypto map map-vpn-xyz
ip address 10.30.1.1 255.255.255.0
ip route 0.0.0.0 0.0.0.0 1 192.168.1.1
IPSec
Konfigurasi Switch Core (Head office - Jakpus)
ip route 10.30.1.0 255.255.255.0 10.10.1.1
ip route 192.168.1.0 255.255.255.192 10.10.1.1
Testing Koneksi VPN

Router-A#show cry ipsec sa
FRAME RELAY
Washington:
washington#conf t
washington(config)#hostname washington
washington(config)#int s0/0
washington(config-if)#ip address 192.168.1.1 255.255.255.0
washington(config-if)#clock rate 64000
washington(config-if)#no shut
washington(config-if)#int fa0/0
washington(config-if)#ip address 192.168.3.1 255.255.255.0
washington(config-if)#no shut
FRAME RELAY
washington(config)#int s0/0
washington(config-if)#encapsulation frame-relay ietf
washington(config-if)#no keepalive
washington(config-if)#frame-relay map ip 192.168.1.2 201
ietf broadcast
washington(config-if)#bandwidth 64
washington(config-if)#exit
washington(config)#ip route 192.168.2.0 255.255.255.0
192.168.1.2
Dublin:
dublin#conf t
dublin(config)#hostname dublin
dublin(config)#int s0/0
dublin(config-if)#ip address 192.168.1.2 255.255.255.0
dublin(config-if)#no shut
FRAME RELAY
dublin(config-if)#int fa0/0
dublin(config-if)#ip address 192.168.2.1 255.255.255.0
dublin(config-if)#no shut
dublin(config)#int s0/0
dublin(config-if)#encapsulation frame-relay ietf
dublin(config-if)#no keepalive
dublin(config-if)#frame-relay map ip 192.168.1.1 201 ietf
broadcast
dublin(config-if)#bandwidth 64
dublin(config-if)#exit
dublin(config)#ip route 192.168.3.0 255.255.255.0
192.168.1.1
FRAME SWITCH
Frame Switch Configuration
FRAME_SWITCH#show run interface Serial1
version 12.0 no ip address
service timestamps debug uptime no ip directed-broadcast
service timestamps log uptime encapsulation frame-relay
no service password-encryption logging event subif-link-status
! logging event dlci-status-change
hostname FRAME_SWITCH clockrate 64000
! no frame-relay inverse-arp
! frame-relay intf-type dce
ip subnet-zero frame-relay route 221 interface Serial0 122
no ip domain-lookup !
frame-relay switching ip classless
! !
! !
! line con 0
interface FastEthernet0 exec-timeout 0 0
no ip address logging synchronous
no ip directed-broadcast transport input none
shutdown line aux 0
! line vty 0 4
login
interface Serial 0 !
no ip address end
no ip directed-broadcast
encapsulation frame-relay FRAME_SWITCH#show frame route
logging event subif-link-status Input Intf Input Dlci Output Ietf Output Dlci
logging event dlci-status-change Status
clockrate 64000 Serial0 122 Serial1 221 active
no frame-relay inverse-arp Serial1 221 Serial0 122 active
frame-relay intf-type dce
frame-relay route 122 interface Serial1 221
!
Frame Relay Configuration
Ro_1 Configuration: Ro_2 Configuration:
Ro_1#show run Ro_2#show run
version 12.0 version 12.0
service timestamps debug uptime service timestamps debug uptime
service timestamps log uptime service timestamps log uptime
no service password-encryption no service password-encryption
! !
hostname Ro_1 hostname Ro_2
! !
ip subnet-zero ip subnet-zero
no ip domain-lookup no ip domain-lookup
! !
interface FastEthernet0 interface FastEthernet0
ip address 192.168.0.1 255.255.255.0 ip address 10.0.1.1 255.255.255.0
no ip directed-broadcast no ip directed-broadcast
! !
interface Serial0 interface serial 0
no ip address encapsulation frame-relay ietf
no ip directed-broadcast no keepalive
shutdown ip address 202.12.1.2 255.255.255.0
! frame-relay map ip 202.12.1.1 221 ietf broadcast
interface serial1 !
encapsulation frame-relay ietf interface Serial1
no keepalive no ip address
ip address 202.12.1.1 255.255.255.0 no ip directed-broadcast
frame-relay map ip 202.12.1.2 122 ietf broadcast shutdown
! !
router rip router rip
network 202.12.1.0 network 202.12.1.0
network 192.168.0.0 network 10.0.1.0
! !

Lab FastTrack

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Lab FastTrack

Caricato da

Copyright:

Formati disponibili

CCNA FastTrack Lab

LAB 1:Basic Router Configuration

Untuk Masuk ke Global Configuration Mode:

Mengubah Nama Router:

Untuk melihat Konfigurasi Router di RAM:

Untuk melihat Konfigurasi Router di NVRAM:

Restart Router dgn perintah:

Untuk menon-aktifkan perintah tambahkan kata "no“

.1 .65 202.13.3.64/30 .66

Mengaktifkan telnet untuk 5 channel:

Dari Client  Command Prompt:

Test Hasil koneksi dengan:

Hasil ping jika:

Konfigurasi Interface Serial(DTE):

Perintah Backup Configuration File:

Perintah Restore Configuration File:

Perintah Backup IOS:

Do you wish to continue? y/n: [n]: y

rommon 8 > reset

• Setting all Hostname and IP Address.

Gateway(config)#ip dhcp pool muhamadiyah

Testing Koneksi VPN

Potrebbero piacerti anche