SOAMAN: Konfigurasi ACL pada Router

Konfigurasi ACL pada Router

Konfigurasi pada Router 0 (Edmonton):Router>enRouter#conf tRouter(config)#hostname EdmontonEdmonton(config)#int fa0/0Edmonton(config-if)#ip add 172.16.10.1 255.255.255.0Edmonton(config-if)#no shutEdmonton(config-if)#exitEdmonton(config)#int fa1/0Edmonton(config-if)#ip add 172.16.20.1 255.255.255.0Edmonton(config-if)#no shutEdmonton(config-if)#exitEdmonton(config)#int ser2/0Edmonton(config-if)#ip add 172.16.30.1 255.255.255.252Edmonton(config-if)#clock rate 64000Edmonton(config-if)#no shutEdmonton(config-if)#exitEdmonton(config)#router ospf 1Edmonton(config-router)#network 172.16.10.0 0.0.0.255 area 0Edmonton(config-router)#network 172.16.20.0 0.0.0.255 area 0Edmonton(config-router)#network 172.16.30.0 0.0.0.3 area 0
Konfigurasi pada Router1( Red Deer) :Router>enRouter#conf tRouter(config)#hostname RedDeerRedDeer(config)#int fa0/0RedDeer(config-if)#ip add 172.16.40.1 255.255.255.0RedDeer(config-if)#no shutRedDeer(config-if)#exitRedDeer(config)#int fa1/0RedDeer(config-if)#ip add 172.16.50.1 255.255.255.0RedDeer(config-if)#no shutRedDeer(config-if)#exitRedDeer(config)#int ser2/0RedDeer(config-if)#ip add 172.16.30.2 255.255.255.252RedDeer(config-if)#no shutRedDeer(config-if)#exitRedDeer(config)#int ser3/0RedDeer(config-if)#ip add 172.16.60.1 255.255.255.252RedDeer(config-if)#clock rate 64000RedDeer(config-if)#no shutRedDeer(config-if)#exitRedDeer(config)#router ospf 1RedDeer(config-router)#network 172.16.30.0 0.0.0.3 area 0RedDeer(config-router)#network 172.16.40.0 0.0.0.255 area 0RedDeer(config-router)#network 172.16.50.0 0.0.0.255 area 0RedDeer(config-router)#network 172.16.60.0 0.0.0.3 area 0Konfigurasi pada Router2 ( Calgary):Router>enRouter#conf tRouter(config)#hostname CalgaryCalgary(config)#int fa0/0Calgary(config-if)#ip add 172.16.70.1 255.255.255.0Calgary(config-if)#no shutCalgary(config-if)#exitCalgary(config)#int fa1/0Calgary(config-if)#ip add 172.16.80.1 255.255.255.0Calgary(config-if)#no shutCalgary(config-if)#exitCalgary(config)#int ser3/0Calgary(config-if)#ip add 172.16.60.2 255.255.255.252Calgary(config-if)#no shutCalgary(config-if)#exitCalgary(config)#router ospf 1Calgary(config-router)#network 172.16.60.0 0.0.0.3 area 0Calgary(config-router)#network 172.16.70.0 0.0.0.255 area 0Calgary(config-router)#network 172.16.80.0 0.0.0.255 area 0 Setting pada PC dan Server :

PC dan Server

IP Address

Subnet Mask

Default Gateway

PC0

172.16.10.5

255.255.255.0

172.16.10.1

PC1

172.16.40.89

255.255.255.0

172.16.40.1

PC2

172.16.70.5

255.255.255.0

172.16.70.1

PC3

172.16.20.163

255.255.255.0

172.16.20.1

PC4

172.16.50.75

255.255.255.0

172.16.50.1

PC5

172.16.50.7

255.255.255.0

172.16.50.1

PC6

172.16.80.16

255.255.255.0

172.16.80.1

Server

172.16.70.2

255.255.255.0

172.16.70.1

Perintah ACL pada RedDeer:RedDeer(config)#access-list 10 deny 172.16.10.0 0.0.0.255RedDeer(config)#access-list 10 permit anyRedDeer(config)#int fa0/0RedDeer(config-if)#ip access-group 10 out Perintah ACL pada Edmonton:Edmonton(config)#access-list 115 deny ip host 172.16.10.5 host 172.16.50.7Edmonton(config)#access-list 115 permit ip any anyEdmonton(config)#int fa0/0Edmonton(config-if)#ip access-group 115 in Sehingga host 172.16.10.5 tidak akan dapat mengakses host 172.16.40.89 dan 172.16.50.7
  Perintah telnet pada router RedDeer :RedDeer(config)#access-list 20 permit host 172.16.10.5RedDeer(config)#line vty 0 4RedDeer(config-line)#access-class 20 in Hanya host 172.16.10.5 yang dapat melakukan telnet ke router RedDeer.
  Sedangkan hasil telnet host lain: