CCNA Lab Guidex

Lab 1 : Konfigurasi Cisco Catalyst Switch
Task 1: Konfigurasi awal Cisco Catalyst Switch

1A. switch ASW1-JKT
Menghapus konfigurasi router/switch:
> enable
# erase startup-config
# reload
Setelah switch selesai booting:
Would you like to enter the initial configuration dialog? [yes/no]: n masuk ke Command Line Interface (CLI)
> (user mode)
> enable
# (privileged/enabled/EXEC mode)
#?
help mode
# s?
# show ?
# show version melihat info perangkat (platform, IOS, interfaces)
# sh ver
# sh<tab> ver<tab>
# sh flash
melihat isi dari storage device
# show running-config ATAU #sh run
melihat isi dari config di RAM
# show startup-config ATAU # sh start
melihat isi dari config di NVRAM
# sh clock
# clock set 7:00:00 5 dec 2011 set jam sesuai GMT/UTC (WIB 7 jam)
# configure terminal
ATAU #conf t
(config)# (global config)
(config)# clock timezone WIB 7
(config)# end
# show clock
# conf t
(config)# hostname ASW1-JKT

(config)# enable secret cisco123
utk set password utk masuk privileged mode
(config)# username netadmin password cisco123
membuat user+password di local database
(config)# banner motd %
Authorized users only
Please login with your own username & password
All activities are logged
% akan muncul pada saat sukses login
(config)# interface vlan 1
ATAU (config)# int vlan 1
(config-if)# (interface config)
(config-if)# description *** logical interface vlan 1 ***
(config-if)# ip address 10.1.1.10 255.255.255.0
(config-if)# no shutdown
utk mengaktifkan interface
(config-if)# exit
(config)# ip default-gateway 10.1.1.1
router
agar bisa berkomunikasi dengan jaringan lain, gateway adalah
(config)# line vty 0 4

line pertama=0 ; line terakhir=4
(config-line)# (line config)
(config-line)# login local
agar nanya user+password yg ada di local database
(config-line)# exec-timeout 5 0 5 menit 0 detik
(config-line)# logging synchronous
agar prompt muncul lagi ketika ada logging
(config)# line console 0
(config-line)# end
# copy (source) (destination)
# copy running-config startup-config
# write memory
ATAU # wr
ATAU
# copy run start
# sh start
# sh run
# sh mac-address-table
1B. switch ASW2-JKT

> enable
# reload
> (user mode)
> enable
#?
help mode
# s?
# show ?
# sh ver
# sh<tab> ver<tab>
# sh flash
# sh clock
ATAU #conf t
(config)# end
# show clock
# conf t
(config)# hostname ASW2-JKT
(config-if)# exit
router

(config-line)# end
# write memory
ATAU # wr
ATAU
# copy run start
# sh start
# sh run
1C. switch CSW-JKT

> enable
# reload
> (user mode)
> enable
#?
help mode
# s?
# show ?
# sh ver
# sh<tab> ver<tab>
# sh flash
# sh clock
ATAU #conf t
(config)# end
# show clock
# conf t
(config)# hostname CSW-JKT

(config-if)# exit
router

(config-line)# end
# write memory
ATAU # wr
ATAU
# copy run start
# sh start
# sh run
1D. switch ASW-SBY

> enable
# reload
> (user mode)
> enable
#?
help mode
# s?
# show ?
# sh ver
# sh<tab> ver<tab>
# sh flash
# sh clock
ATAU #conf t
(config)# end
# show clock
# conf t
(config)# hostname ASW-SBY
(config-if)# exit
router

(config-line)# end
# write memory
ATAU # wr
# sh start
# sh run
ATAU
# copy run start
1E. switch ASW-MDN

> enable
# reload
> (user mode)
> enable
#?
help mode
# s?
# show ?
# sh ver
# sh<tab> ver<tab>
# sh flash
# sh clock
ATAU #conf t
(config)# end
# show clock
# conf t
(config)# hostname ASW-MDN
(config-if)# exit

router

(config-line)# end
# write memory
ATAU # wr
ATAU
# copy run start
# sh start
# sh run
Task 2: Konfigurasi Port-Security

ASW1-JKT & ASW2-JKT:
# conf t
(config)# int f0/1
(config-if)# description ***connected to Users PC***
(config-if)# switchport mode access
(config-if)# switchport port-security
(config-if)# switchport port-security maximum 1
(config-if)# switchport port-security mac-address sticky
(config-if)# switchport port-security violation shutdown
(config-if)#end
# sh port-security
# sh port-security address
# sh int f0/1
Utk menormalkan interface yg di-shutdown oleh port-security:
1. Copot MAC illegal, dan kembalikan MAC yg terdaftar
2. (config)# int f0/1
(config-if)# shutdown
(config-if)# end
# sh int f0/2
Utk menghapus konfigurasi Port-Security:
(config)# int f0/1
(config-if)# no switchport port-security maximum
(config-if)# no switchport port-security mac-address sticky

(config-if)# no switchport port-security
(config-if)#end
Task 3: Verifikasi protokol CDP (cisco discovery protocol)

ASW1-JKT, ASW2-JKT, CSW-JKT:
# sh cdp neighbor
# sh cdp neighbor detail
# sh cdp traffic
# sh cdp interface
(config)# no cdp run
(config)# cdp run
mematikan cdp di seluruh interface

mengaktifkan cdp di seluruh interface
(config)# int f0/5

(config-if)# no cdp enable
(config-if)# cdp enable
mematikan cdp di interface tertentu saja

mengaktifkan interface di interface tertentu saja
Task 4: Menggunakan TFTP server untuk Backup config & IOS

Backup config from Switch to TFTP server:
# copy run tftp://10.1.1.3/[nama-switch].cfg
Backup IOS from Switch to TFTP server:
# sh flash
#copy flash: tftp:
Source filename []? c2960-lanbase-mz.122-25.FX.bin
Address or name of remote host []? 10.1.1.3
Destination filename [c2960-lanbase-mz.122-25.FX.bin]? <enter aja>
Lab 2 : Konfigurasi VLAN pada Cisco Catalyst Switch
Task 1: Konfigurasi VTP

ASW1-JKT, ASW2-JKT, CSW-JKT
(config)# vtp mode transparent
(config)# vtp domain ccna
Task 2: Konfigurasi VLAN Trunking

ASW1-JKT:
(config)# int range f0/21 , f0/23
(config-if-range)# switchport mode trunk
(config-if-range)# no shutdown
ASW2-JKT:
(config)# int range f0/22 - 23
(config-if-range)# exit
CSW-JKT:
(config)# int range f0/21 - 22 , f0/24
(config-if-range)# exit
Task 3: Membuat VLAN

ASW1-JKT, ASW2-JKT & CSW-JKT:
(config)# vlan 2
(config-vlan)# name Engineer
(config-vlan)# vlan 3
(config-vlan)# name Sales
(config-vlan)# exit
Task 4: Konfigurasi VLAN-membership

ASW1-JKT & ASW2-JKT:
(config-if)# int f0/2
(config-if)# description *** connect to PC***
(config-if)# switchport access vlan 2

(config-if)# description *** connect to PC ***
(config-if)# switchport access vlan 3
ALL SWITCHES:
# copy run start ATAU # write memory
# sh int trunk
# sh int switchport
trunk port
# sh vlan
# sh vtp status
Task 5: Konfigurasi Router-on-a-stick

Router-JKT:
> enable
# erase start
# reload
Tunggu sampai selesai booting:
Would you like to enter initial configuration? n
> enable
# conf t
(config)# host Router-JKT
(config)# enable secret cisco
(config-line)# exec-timeout 5 0
(config-line)# end

5 menit 0 detik

5 menit 0 detik
(config)# int f0/0

(config-if)# int f0/0.1
(config-subif)# desc *** TO VLAN-1 ***
(config-subif)# encapsulation dot1q 1 native
(config-subif)# ip address 10.1.1.1 255.255.255.0
(config-subif)# encapsulation dot1q 2
(config-subif)# int f0/0.3
(config-subif)# encap dot1q 3

(config-subif)# end
# sh ip route
# ping 10.1.1.10
# ping 10.1.1.20
melihat routing table
Verifikasi:
Dari semua PC ping ke subinterface Router-JKT:
C:> ping 10.1.1.1
C:> ping 10.1.2.1
C:> ping 10.1.3.1
LAB 3: SPANNING-TREE PROTOCOL
Task 1: Portfast
Switch:
(config)# int range f0/1 - 3
(config-if)# spanning-tree portfast
Task 2: PVST
# sh spanning-tree
[cari siapa yg menjadi Root Bridge]
CSW-JKT (dijadikan Root Bridge):
(config)# spanning-tree vlan 1 priority 0
ATAU
(config)# spanning-tree vlan 1 root primary
Task 3: PVRST
# sh spanning-tree
# conf t
(config)# spanning-tree mode rapid-pvst
(config)# end
# sh spanning-tree
Lab 4 : Konfigurasi Dasar Cisco Router
Router-JKT:
> enable
# clock set 7:00:00 5 dec 2011 jam GMT/UTC (WIB 7)
# conf t
(config)# end
# sh clock
# conf t
(config)# hostname Router-JKT
(config-line)# line console 0
(config-line)# exit
(config-if)# int s0/0/0
(config-if)# desc *** CONNECTED TO S0/0/0 ROUTER-SBY ***
(config-if)# clock rate 512000
(config-if)# bandwidth 512
(config-if)# desc *** CONNECTED TO S0/0/0 ROUTER-MDN ***
(config-if)# end
ROUTER-SBY:
> enable
# erase start
# reload
Tunggu sampai router selesai booting:
> enable
# conf t
(config)# end
# sh clock
# conf t
(config)# hostname Router-SBY
(config-line)# exit
(config)# int f0/0
(config-if)# description *** CONNECT TO LAN SBY ***

(config-if)# desc *** CONNECTED TO S0/0/0 ROUTER-JKT ***
(config-if)# end
ROUTER-MDN:
> enable
# erase start
# reload
Tunggu sampai router selesai booting:
> enable
# conf t
(config)# end
# sh clock
# conf t
(config)# hostname Router-MDN
(config-line)# exit
(config)# int f0/0
(config-if)# description *** CONNECT TO LAN MDN ***

(config-if)# desc *** CONNECTED TO S0/0/1 ROUTER-JKT ***
(config-if)# end
ALL ROUTERS (JKT, SBY, MDN):
# copy run start ATAU # write
# sh ip route melihat routing-table
# sh ip int brief melihat status semua interface
# sh int f0/0
# sh controller s0/0/0 utk ngecek kabel serial di router (DTE/DCE)
# ping [ip address router terdekat]
Lab 5: Konfigurasi Static & Default Route
Task 1: Membuat Static & Default Route:

Router-SBY:
(config)# ip route 0.0.0.0 0.0.0.0 10.1.0.1
ATAU
(config)# ip route 0.0.0.0 0.0.0.0 s0/0/0
Router-MDN:
(config)# ip route 0.0.0.0 0.0.0.0 10.1.0.5
ATAU
(config)# ip route 0.0.0.0 0.0.0.0 s0/0/0
STATIC ROUTE:
Router-JKT:
(config)# ip route 10.1.4.0 255.255.255.0 10.1.0.2
(config)# ip route 10.1.5.0 255.255.255.0 10.1.0.6
# sh ip route
# ping [ke semua router]
Task 2: Menghapus static & default route

Router-SBY & MDN:
(config)# no ip route 0.0.0.0 0.0.0.0
(config)# end
Router-JKT:
(config)# end
# sh ip route
s0/0/0
s0/0/1
Lab 6: Konfigurasi RIP
ALL ROUTERS (SBY, JKT, MDN):

(config)# router rip
(config-router)# version 2
pakai versi 2 (classless routing protocol)
(config-router)# network 10.0.0.0
(config-router)# no auto-summary
manual-summarization
(config-router)# passive-interface f0/0 agar tidak sending paket RIP ke interface tersebut
(config-router)# end
# sh ip route melihat routing table, harus ada kode R
# sh ip protocol melihat routing protocol di router kita
# debug ip rip melihat proses send-receive update RIP
# terminal monitor
utk liat debug, khusus bagi yg telnet
# no debug all
ATAU
# undebug all
Menghapus konfigurasi RIP:
(config)# no router rip
(config)# end
# copy run start
Lab 7: Konfigurasi single-area OSPF
Loopback 0 JKT: 10.100.100.1/32

Loopback 0 SBY: 10.100.100.2/32
Loopback 0 MDN: 10.100.100.3/32
Task 1: Konfigurasi OSPF

Router-JKT:
(config)# int loopback 0
(config-if)# description *** as Router-ID for OSPF ***
(config-if)# router ospf 1
(config-router)# network 10.1.0.1 0.0.0.0 area 0
(config-router)# passive-interface f0/0
Router-MDN:
Router-SBY:
ALL ROUTERS (SBY, JKT, MDN):
# sh ip ospf
# sh ip ospf interface
# sh ip ospf neighbor melihat neighbor table
# sh ip ospf database melihat topology table
# sh ip route
melihat routing table
# sh ip protocols
melihat semua routing protocol di router
#debug ip ospf events
#debug ip ospf packet
#terminal monitor
#undebug all
Task 2: menghapus proses routing OSPF

ALL ROUTERS (SBY, MDN, JKT):
(config)# no int loopback 0
(config)# no router ospf 1
Lab 8 : Konfigurasi EIGRP
Task 1: Konfigurasi EIGRP

ALL ROUTERS (SBY, MDN, JKT):
(config)# router eigrp 65000
(config-router)# network 10.0.0.0
(config-router)# no auto-summary
# sh ip eigrp interface
# sh ip eigrp neighbor
# sh ip eigrp topology
# sh ip route
# sh ip protocol
# debug ip eigrp
show interface yg aktif send-receive EIGRP packets

neighbor table
topology table P = passive ; artinya jaringan tersebut stabil (tidak up/down)
routing table
Lab 9 : Konfigurasi ACL
Task 1: Standard ACL utk mengeblok telnet dari luar

Router-SBY:
(config)# access-list 7 remark ***permit user dari LAN***
(config)# access-list 7 permit 10.1.4.0 0.0.0.255
(config-line)# access-class 7 in
(config-line)# end
Router-MDN:
(config-line)# end
Router-JKT:
(config-line)# end
# sh access-list
Menghapus konfigurasi standard ACL:
(config-line)# no access-class 7 in
(config-line)# exit
(config)# no access-list 7
(config)# end
# sh access-list
Task 2: Extended ACL utk mengeblok FTP & TFTP dari luar
Router-JKT:
(config)# access-list 100 deny udp any host 10.1.1.3 eq 69 log
(config)# access-list 100 deny tcp any host 10.1.1.3 range 20 21 log
(config)# access-list 100 permit ip any any log
(config)# int s0/0/0
(config-if)# ip access-group 100 in
(config-if)# ip access-group 100 in
(config-if)# end
# sh access-list
# sh ip int s0/0/0
# sh ip int s0/0/1
Menghapus konfigurasi extended ACL:
(config-if)# no ip access-group 100 in
(config-if)# no ip access-group 100 in
(config-if)# exit
(config)# no access-list 100
ATAU eq tftp
ATAU range ftp-data ftp
Lab 10 : Konfigurasi NAT
Task 1: Konfigurasi Static NAT

static NAT (router JKT):
10.1.1.3 202.1.1.3 (Public TFTP & FTP server)
Router-JKT:
(config-if)# description connect to Internet
(config-if)# exit
(config)# ip route 0.0.0.0 0.0.0.0 s0/1/0
membuat default route mengarah ke ISP
(config)# ip nat inside source static 10.1.1.3 202.1.1.3

(config-if)# ip nat outside
(config-if)# ip nat inside
(config-if)# end
# sh ip nat translation
(config-if)# no ip nat inside
(config-if)# exit
(config)# no ip nat inside source static 10.1.1.11 202.1.2.3
Task 2: Konfigurasi Dynamic PAT

Router-JKT:
(config)# ip nat inside source list 2 int s0/1/0 overload
(config)# end
# sh ip nat translation
# debug ip nat
# no debug all
# copy run start
Lab 11 : Konfigurasi IPv6
Task 1: Konfigurasi Dual-Stack Router

Router-SBY:
(config)# ipv6 unicast-routing
(config-if)# ipv6 address 2001:10:1:0::2/64
static manual address assignment
(config)# int f0/0

(config-if)# ipv6 address 2001:10:1:4::/64 eui-64 static eui-64 address assignment
(config-if)# end
Router-MDN:
(config-if)# ipv6 address 2001:10:1:0::6/64 static manual address assignment
(config)# int f0/0
(config-if)# end
Router-JKT:
(config)# int f0/0.1

(config-if)# end
Verify:
# sh ipv6 int brief
# sh ipv6 int
# sh ipv6 route
Static Route
JKT:
ipv6 route 2001:10:1:4::/64 s0/0/0
ipv6 route 2001:10:1:5::/64 s0/0/1
ATAU
ATAU
ipv6 route 2001:10:1:4::/64 2001:10:1:0::2

ipv6 route 2001:10:1:5::/64 2001:10:1:0::6
SBY:
(config)# ipv6 route ::/0 s0/0/0
ATAU
ipv6 route ::/0 2001:10:1:0::1
MDN:
(config)# ipv6 route ::/0 s0/0/0
ATAU
ipv6 route ::/0 2001:10:1:0::5
Menghapus Default Route di Router-SBY & Router-MDN:

(config)# no ipv6 route ::/0
Menghapus Static Route di Router-JKT:
ipv6 route 2001:10:1:4::/64
ipv6 route 2001:10:1:5::/64
Task 2: Konfigurasi RIPng

Router-SBY:
(config)# ipv6 router rip SBY
(config-if)# ipv6 rip SBY enable
(config)# int f0/0
(config-if)# ipv6 rip SBY enable
(config-if)# end
Router-MDN:
(config)# ipv6 router rip MDN
(config-if)# ipv6 rip MDN enable
(config)# int f0/0
(config-if)# ipv6 rip MDN enable
(config-if)# end
Router-JKT:
(config)# ipv6 router rip JKT
(config-if)# ipv6 rip JKT enable

(config-if)# end
Verify:
# sh ipv6 rip
# sh ipv6 protocol
# sh ipv6 route
Task 3: Menghapus konfigurasi IPv6 & RIPng

Router-SBY:
(config-if)# no ipv6 address
(config)# int f0/0
(config-if)# exit
(config)# no ipv6 router rip SBY
(config)# no ipv6 unicast-routing
(config)# end
# copy run start
Router-MDN:
(config)# int f0/0
(config-if)# exit
(config)# no ipv6 router rip MDN
(config)# end
Router-JKT:

(config-if)# exit
(config)# no ipv6 router rip JKT
(config)# end
# copy run start
Lab 12 : PPP Authentication
Task 1: CHAP authentication

# debug ppp authentication
# terminal monitor
khusus bagi telnet
Router-JKT:
# conf t
(config)# hostname Router-JKT
(config)# user Router-SBY password ccna1
(config)# user Router-MDN password ccna2
(config-if)# shut
(config-if)# encap ppp
(config-if)# ppp authentication chap
(config-if)# no shut
(config-if)# shut
(config-if)# end
Router-MDN:
# conf t
(config)# hostname Router-MDN
(config)# user Router-JKT password ccna2
(config-if)# shut
(config-if)# end
Router-SBY:
nama router lawan & shared password
# conf t
(config)# hostname Router-SBY
(config)# user Router-JKT password ccna1
(config)# int s0/1
(config-if)# shut
(config-if)# end
# sh int serial 0/0/0
# sh int serial 0/0/1
Lab 13 : Frame-Relay connection
Task 1: Frame-Relay Point-to-Point subinterface

Router-SBY:
(config)# int serial 0/0/1
(config-if)# no ip address
(config-if)# encapsulation frame-relay
(config-if)# int s0/0/1.100 point-to-point
(config-subif)# description pvc to JKT
(config-subif)# frame-relay interface-dlci 100
(config-subif)# bandwidth 2048
(config-subif)# end
# copy run start
Router-MDN:
(config-subif)# description pvc to JKT
(config-subif)# end
Router-JKT:
(config-subif)# description pvc to SBY
(config-subif)# int s0/1/1.102 point-to-point

(config-subif)# description pvc to MDN
(config-subif)# end
Verify (all routers: JKT, SBY, MDN):
# sh frame-relay map
# sh frame-relay pvc
# sh frame-relay lmi
# sh int s0/0/1 di SBY & MDN
# sh int s0/1/1 di JKT
# debug frame-relay lmi
# terminal monitor
# sh ip route
# ping .
FRS configurations:
(config)# frame-relay switching
(config-if)# description connect to Router-SBY
(config-if)# frame-relay intf-type dce
(config-if)# frame-relay route 100 int s0/0/0 101
(config-if)# int serial 0/0/0
(config-if)# description connect to Router-JKT
(config-if)# int serial 0/1/0
(config-if)# description connect to Router-MDN
(config-if)# end
# copy run start

CCNA Lab Guidex

Diunggah oleh

Informasi Dokumen

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

CCNA Lab Guidex

Diunggah oleh

Hak Cipta:

Format Tersedia

Lab 1 : Konfigurasi Cisco Catalyst Switch

Task 1: Konfigurasi awal Cisco Catalyst Switch

(config)# hostname ASW1-JKT

agar bisa berkomunikasi dengan jaringan lain, gateway adalah

(config)# line vty 0 4

# copy run start

1B. switch ASW2-JKT

agar bisa berkomunikasi dengan jaringan lain, gateway adalah

(config)# line vty 0 4

# copy run start

1C. switch CSW-JKT

% akan muncul pada saat sukses login

agar bisa berkomunikasi dengan jaringan lain, gateway adalah

(config)# line vty 0 4

# copy run start

1D. switch ASW-SBY

agar bisa berkomunikasi dengan jaringan lain, gateway adalah

(config)# line vty 0 4

# copy run start

1E. switch ASW-MDN

(config)# ip default-gateway 10.1.5.1

agar bisa berkomunikasi dengan jaringan lain, gateway adalah

(config)# line vty 0 4

# copy run start

Task 2: Konfigurasi Port-Security

(config-if)# no switchport port-security mac-address sticky

Task 3: Verifikasi protokol CDP (cisco discovery protocol)

mematikan cdp di seluruh interface

(config)# int f0/5

mematikan cdp di interface tertentu saja

Task 4: Menggunakan TFTP server untuk Backup config & IOS

Lab 2 : Konfigurasi VLAN pada Cisco Catalyst Switch

Task 1: Konfigurasi VTP

Task 2: Konfigurasi VLAN Trunking

Task 3: Membuat VLAN

Task 4: Konfigurasi VLAN-membership

(config-if)# int f0/3

Task 5: Konfigurasi Router-on-a-stick

line pertama=0 ; line terakhir=4

agar nanya user+password yg ada di local database

(config)# int f0/0

(config-subif)# ip address 10.1.3.1 255.255.255.0

melihat routing table

LAB 3: SPANNING-TREE PROTOCOL

Lab 4 : Konfigurasi Dasar Cisco Router

(config-if)# int s0/0/0

(config-if)# int s0/0/0

Lab 5: Konfigurasi Static & Default Route

Task 1: Membuat Static & Default Route:

Task 2: Menghapus static & default route

Lab 6: Konfigurasi RIP

ALL ROUTERS (SBY, JKT, MDN):

Lab 7: Konfigurasi single-area OSPF

Loopback 0 JKT: 10.100.100.1/32

Task 1: Konfigurasi OSPF

Task 2: menghapus proses routing OSPF

Lab 8 : Konfigurasi EIGRP

Task 1: Konfigurasi EIGRP

show interface yg aktif send-receive EIGRP packets

Lab 9 : Konfigurasi ACL

Task 1: Standard ACL utk mengeblok telnet dari luar

Lab 10 : Konfigurasi NAT

Task 1: Konfigurasi Static NAT

membuat default route mengarah ke ISP