MODUL 4

CONTENTS
This Test Project proposal consists of the following document/file:
SOAL-LKSJATENG2017.pdf

INTRODUCTION
The competition has a fixed start and finish time. You must decide how to best manage
your time.

Please read the following instructions carefully!

Before start the competition, please rename file SOAL-LKSJATENG2017.pka

SOAL_”SEAT NUMBER”_”FULL NAME”.pka

Example : SOAL_007_JAMES BOND.pka

DON’T FORGET TO SAVE YOUR PACKET TRACER FILE REGULARLY!

(Cisco Packet Tracer program may crash and you could lose marks! To avoid this risk,
please save your work periodically)

Soal-LKSJATENG2017 | NETWORK ISLAND | CISCO PACKET TRACER | 1

PART 1 - CONFIGURE WITH INSTRUCTION BELOW

IP ADDRESS LIST TABLE

DEVICE INTERFACE IPv4 IPv6 NOTE

Fa 0/0 25.10.21.200/23 -
ISP-Router
Se 0/1/0 24.10.20.17/29 2017:10:25:AAA::1/124

Fa 0/0 172.16.25.121/29 -

CORE-R1 Se 0/1/0 10.0.13.101/28 2017:0c:25:CCC::6/125

Lo 0 1.1.1.1/32 2017::1/128

Fa 0/0 172.16.25.122/29 -

CORE-R2 Se 0/1/0 10.0.23.202/29 2017:C:25:BBB::6/125

Lo 0 2.2.2.2/32 2017::2/128

Se 0/0/0 10.0.23.203/29 2017:C:25:BBB::1/125

Se 0/1/0 24.10.20.18/29 2017:10:25:AAA::E/124

CORE-R3
Se 0/1/1 10.0.13.103.28 2017:C:25:CCC::1/125

Lo 0 3.3.3.3/32 2017::3/128

Dist-SW Fa 0/4 10.0.0.1/32 -

Vlan1 172.16.25.123/29 -

Vlan10 10.10.10.1/28 -

R-GDG Fa 0/0 10.0.0.2/30 -

Fa 0/1.100 x -

Fa 0/1.200 x -

Fa 0/1.1000 x -

Fa 0 25.10.20.17/22 -
Server-Internet

DNS Server - 10.10.10.10 -

Mail Server - 10.10.10.11

A1 Fa 0 DHCP

Soal-LKSJATENG2017 | NETWORK ISLAND | CISCO PACKET TRACER | 2

 A2 Fa 0 DHCP

B1 Fa 0 DHCP

B2 Fa 0 DHCP

IPPHONE_A VLAN1000 DHCP

IPPHONE_B VLAN1000 DHCP

NB :
You don't have to configure Server-Internet and ISP-Router
X = ip address which you calculate by yourself

1. Configure hostname for each device according to the topology.

2. Configure the privileged with encryption password for each device below:
a) CORE-R1 : jateng1
b) CORE-R2 : jateng2
c) CORE-R3 : jateng3

Soal-LKSJATENG2017 | NETWORK ISLAND | CISCO PACKET TRACER | 3

 PART 2 - SWITCHING ADMINISTRATION

Dist-SW and SW-Fram-Server

1. Use protocol which can simplify VLAN configuration in a switched network.

2. Dist-SW can distributed their VLAN configuration to other switches in the same
domain, use lksjateng2017 for domain.
3. Protect this protocol with MD5 digest of ASCII string sayapastijuara!!!
4. Create VLAN 10 with name Server-farm on switch which can distributed their VLAN
configuration.
5. Configure the SW-Farm-Server so it can’t create, change, or delete VLAN on this
database
6. Verify the VLAN database on ALL switches have same value.

SW-GDG-MAIN, SW-GDA, and SW-GDB

7. Use protocol which can simplify VLAN configuration in a switched network.

8. SW-GDG-MAIN can distributed their VLAN configuration to other switches in the
same domain, use lksjateng for domain.
9. Protect this protocol with MD5 digest of ASCII string pastijuara!!!
10. Create VLAN for IP Phone, Room A and Room B with configuration below:

VLAN-ID VLAN NAME

100 ROOM-A

200 ROOM-B

1000 IPPHONE

11. Configure the others switches except SW-GDG-MAIN so they can’t create, change,
or delete VLAN on their database.
12. Verify the VLAN database on ALL switches have same value.

Soal-LKSJATENG2017 | NETWORK ISLAND | CISCO PACKET TRACER | 4

PART 3 - ROUTER ADMINISTRATION

CORE ROUTER DOMAIN

1. Configure IPv4 Address and IPv6 Address of the CORE Routers Domain (CORE-R1,
CORE-R2, CORE-R3) with ip addresses as the table IP ADDRESS LIST in above.
2. Verify thath CORE-R3 can ping CORE-R1 and CORE-R2
3. Configure VLAN1 in Dist-SW can reacheable from CORE-R1 and CORE-R2 with an IP
address as the table above.
4. Configure DHCP Server service for ROOM A, ROOM B and IP PHONE in R-GDG, with
requiretments below:
 Set DNS to local server in Server Farm
 Calculate the VLSM according to hosts which needed following table
below!
 Use the first IP address of the first subnet as gateway
 Dont use IP address below, because is reserved for server soon
 10 first IP address of range subnet 192.168.10.x/x is reserved
 2 last IP address of range subnet 192.168.10.x/x is reserved
 5 first IP address of range subnet 192.168.20.x/x is reserved
 7 last IP address of range subnet 192.168.20.x/x is reserved

VLAN NAME DHCP POOL NAME VLSM NETWORK

ROOM-A ROOM_A 11 host 192.168.10.x/x

ROOM-B ROOM_B 8 host 192.168.20.x/x

IPPHONE IPPHONE 2 host 10.10.20.Y/x

X is number of network, and use the first address as a gateway. In this case you can find out by
yourself!!

For Y on IPPHONE you can use the last address of the first subnet as gateway.

Soal-LKSJATENG2017 | NETWORK ISLAND | CISCO PACKET TRACER | 5

PART 4 - DYNAMIC ROUTING PROTOCOL

IPv4 ROUTING

1. Don’t CONFIGURE routing protocols on ISP-Router, Only devices store in local can use
this routing protocol.
2. Use routing protocol which can support unlimited hop count and allows scalability.
3. Configure the routing protocol’s identity for each router with the following
requirements:

hostname Identifier

CORE-R1 1001

CORE-R2 1002

CORE-R3 1003

Dist-SW 1000

R-GDG 1010

4. All loopback must be advertised as internal prefixes

5. Use loopback of CORE DOMAIN (CORE-R1, CORE-R2, CORE-R3) as router ID
6. Configure hierarchy to the routing network with requirements below:
a) All CORE DOMAIN (CORE-R1, CORE-R2, CORE-R3) include in backbone, except it
use non-backbone.
b) CORE-R2 and CORE-R3 as ABR
c) For non-backbone router use 12 for identification area.
7. Verify all router and each host can commuicated successfully.

IPv6 ROUTING

1. Configure IPv6 routing protocol only for devices which have IPv6 address following
the IP ADDRESS LIST TABLE
2. Remember don’t CONFIGURE routing protocols on ISP-Router, Only devices store in
local can use this routing protocol.

Soal-LKSJATENG2017 | NETWORK ISLAND | CISCO PACKET TRACER | 6

3. Use routing protocol for IPv6 addressing same as routing protocol which can you
chose in IPv4 addressing and run on the same identifier process.
4. All loopback IPv6 address must be advertised as internal prefixes
5. Advertise all interface each router in routing protocols.
6. Verify all loopback router can reachable in each router.

Soal-LKSJATENG2017 | NETWORK ISLAND | CISCO PACKET TRACER | 7

PART 5 - NAT
NAT

1. All PC/host and server in local can access server internet.

2. List address use ACL which control traffic depending of the source address only.
3. Create ACL using the highest ACL Number
4. Configure and verify that there is default route on the others router as an external
route.
5. Server-Internet can access domain web server on local using IP Public 24.10.20.20.

PART 6 - HSRP
HSRP

1. Configure HSRP with grup 12 and use the highest one an IP address of the subnet for
the Virtual IP.
2. Set priority 50 for router with the lowest one mac address as a standby
3. Check MAC Address between two routers. The lowest mac address router use priority
50 and the highest use default.

PART 7 - IP Telephony Service

IP Telephony

1. Configure IP Telephony with following requirements:

a) Use the lowest port as the service ip telephony.
b) Use gateway IPPHONE as a IP source-address.
c) Set only 3 for max number of IP Phones.
d) Set only 5 for maximum directory number supported.

Ephone Device Mac-Address Button Ephone-dn Number

1 IPPHONE_A 0006.2A84.4888 1:1 1 111

2 IPPHONE_B 0001.6345.38A2 1:2 2 222

2. Verify IP Phone in room A can dial IP Phone in room B

Soal-LKSJATENG2017 | NETWORK ISLAND | CISCO PACKET TRACER | 8

PART 8 - Remote Access Management

Remote Access Management

3. Configure Remote Access Management Service which have encryption and configure
with following requirements:
a) Use default version of remote access
b) domain lksjateng2017
c) Generate a certificate file which is used to encrypt the packet with the highest
value.
d) Limit number of users who can connect to router for 3 users only.
e) All routers in Core Domain can access using remote access only.

PART 9 - SERVER Management

DNS

1. Configure DNS Server with following requirements:

DOMAIN IP ADDRESS

lksjateng2017.com 10.10.10.10

lkssmk2017.net 25.10.20.17

mail.lksjateng2017.com 10.10.10.11

www.lksjateng2017.com 10.10.10.10

www.lkssmk2017.net 25.10.20.17

2. Configure DNS on Server Farm

FTP Server

1. Configure FTP Server on Server2 with following requirements:

a) Don’t use default user, so you must delete default user and create new user
with following requirementes:

Soal-LKSJATENG2017 | NETWORK ISLAND | CISCO PACKET TRACER | 9

 USER PASSWORD Priviledges

manager learn Have full access

engineer study Have full access

helper action Can’t modify, can

remove

support winner Can’t modify, can

remove

admin success Only can see file

Mail Server

2. Configure Mail Server on Server2 with following requirements:

a) Use domain mail.lksjateng2017.com
b) Create 2 users with following requirements:

USER PASSWORD

smk juara

tkj luarbiasa

Verify that PC in ROOM-A use “smk” user and ROOM-B use” tkj” user for sending email
successfully.

がんばってね

Soal-LKSJATENG2017 | NETWORK ISLAND | CISCO PACKET TRACER | 10