Langsung ke konten utama

11.6.2 Lab - Switch Security Configuration

 


Halaww manteman perkenalkan nama saya Bunga Clara dari kelas XI TJKT, disini saya mau berbagi cara mengconfig 11.6.2 Lab - Switch Security Configuration

---------------------------------------------------------------------------------------------------------------------------

1. klik R1 >CLI >ketik perintah berikut: 

enable
configure terminal
hostname R1
no ip domain lookup
ip dhcp excluded-address 192.168.10.1 192.168.10.9
ip dhcp excluded-address 192.168.10.201 192.168.10.202
!
ip dhcp pool Students
 network 192.168.10.0 255.255.255.0
 default-router 192.168.10.1
 domain-name CCNA2.Lab-11.6.1
!
interface Loopback0
 ip address 10.10.1.1 255.255.255.0
!
interface GigabitEthernet0/0/1
 description Link to S1 Port 5
 ip dhcp relay information trusted
 ip address 192.168.10.1 255.255.255.0
 no shutdown
!
line con 0
 logging synchronous
 exec-timeout 0 0

R1# show ip interface brief

2.klik s1 >CLI  >ketik perintah berikut:

Switch# config t
Switch(config)# hostname S1
S1(config)# no ip domain-lookup
S1(config)# interface f0/1
S1(config-if)# description Link to S2
S1(config-if)# interface f0/5
S1(config-if)# description Link to R1
S1(config-if)# interface f0/6
S1(config-if)# description Link to PC-A
S1(config)# ip default-gateway 
S1(config)# vlan 10
S1(config-vlan)# name Management
S1(config)# interface vlan 10
S1(config-if)# ip address 192.168.10.201 255.255.255.0
S1(config-if)# description Management SVI
S1(config-if)# no shutdown
S1(config)# vlan 333
S1(config-vlan)# name Native
S1(config-vlan)# vlan 999
S1(config-vlan)# name ParkingLot
S1(config)# interface f0/1
S1(config-if)# switchport mode trunk
S1(config-if)# switchport trunk native vlan 333
S1# show interface trunk
S1(config)# interface f0/1
S1(config-if)# switchport nonegotiate
S1# show interfaces f0/1 switchport | include Negotiation
S1(config)# interface range f0/5-6
S1(config-if)# switchport mode access
S1(config-if)# switchport access vlan 10
S1(config)# interface range f0/2-4 , f0/7-24, g0/1-2
S1(config-if-range)# switchport mode access
S1(config-if-range)# switchport access vlan 999
S1(config-if-range)# shutdown
S1# show interfaces status
S1(config)# interface f0/6
S1(config-if)# switchport port-security
S1(config-if)# switchport port-security maximum 3
S1(config-if)# switchport port-security violation restrict
S1(config-if)# switchport port-security aging time 60
S1(config-if)# switchport port-security aging type inactiv
S1 #show port-security interface f0/6
S1 (config)# interface range f0/5-6
S1(config-if)# spanning-tree portfast
S1(config)# interface f0/6
S1(config-if)# spanning-tree bpduguard enable
S1# show spanning-tree interface f0/6 detail

3.klik s2 >CLI >ketik perintah berikut:

Switch# config t
Switch(config)# hostname S2(config)# no ip domain-lookup
S2(config)# interface f0/1
S2(config-if)# description Link to S1
S2(config-if)# interface f0/18
S2(config-if)# description Link to PC-B
S2(config)# ip default-gateway 192.168.10.1
S2(config)# vlan 10 
S2(config-vlan)# name Management
S2(config)# interface vlan 10
S2(config-if)# ip address 192.168.10.202 255.255.255.0
S2(config-if)# description Management SVI
S2(config-if)# no shutdown
S2(config)# vlan 333
S2(config-vlan)# name Native
S2(config-vlan)# vlan 999
S2(config-vlan)# name ParkingLot
S2(config)# interface f0/1
S2(config-if)# switchport mode trunk
S2(config-if)# switchport trunk native vlan 333
S2(config)# interface f0/1
S2(config-if)# switchport nonegotiate
S2# show interfaces f0/1 switchport
S2(config)# interface f0/18
S2(config-if)# switchport mode access
S2(config-if)# switchport access vlan 10
S2(config)# interface range f0/2-17 , f0/19-24, g0/1-2
S2(config-if-range)# switchport mode access
S2(config-if-range)# switchport access vlan 999
S2(config-if-range)# shutdown
S2# show interfaces status
S2(config)# interface f0/18
S2(config-if)# switchport port-security
S2(config-if)# switchport port-security mac-address sticky
S2(config)# interface f0/18
S2(config-if)# switchport port-security aging time 60
S2(config-if)# switchport port-security maximum 2
S2(config-if)# switchport port-security violation protect
S2# show port-security interface f0/18
S2# show port-security address
S2(config)# ip dhcp snooping
S2(config)# ip dhcp snooping vlan 10
S2(config)# interface f0/1
S2(config-if)# ip dhcp snooping trust
2(config)# interface f0/18
S2(config-if)# ip dhcp snooping limit rate 5
S2# show ip dhcp snooping
S2# show ip dhcp snooping binding
S2(config)# interface f0/18
S2(config-if)# spanning-tree portfast
S2(config)# interface f0/18
S2(config-if)# spanning-tree bpduguard enable

jika kalian kebingungan kalian bisa menonton tutorialnya disini:


Komentar

Posting Komentar

Postingan populer dari blog ini

1.1.7-packet-tracer---basic-switch-configuration---physical-mode

 1.1.7-packet-tracer---basic-switch-configuration---physical-mode Halaww manteman perkenalkan nama saya Bunga Clara dari kelas XI TJKT, disini saya mau berbagi cara mengconfig  1.1.7-packet-tracer---basic-switch-configuration---physical-mode > sambungkan S1 f0/6 dengan Pc F0 menggunakan cable Copper Straight-through  > sambungkan S1 Console dengan Pc RS232 menggunakan cable Console Langkah-langkah: 1. klik pc> ip configuration> masukan ip address pc   ipv4 address:192.168.1.10 subnet:255.255.255.0 default gateway:192.168.1.1 ipv6 address:2001:db8:acad:1::10/64 default gateway:fe80::1 2. masuk ke terminal pc>ketikan perintah berikut: enable conf t no ip domain lookup h S1 service password-encryption enable secret class banner motd #Unauthorized access is strictly prohibited .# int vlan 99 ip address 192.168.1.2 255.255.255.0 ipv6 address 2001:db8:acad:1::2/64 ipv6 address fe80::2 link-local ip default-gateway 192.168.1.1 note: jika completion nya tidak ...
Posting Komentar
Baca selengkapnya

Menginstal dan Mengconfig mail server (postfix dan dovecot)

Mail Server  Pengertian:      Mail server adalah server atau layanan komputer yang digunakan untuk mengirim, menerima, menyimpan, dan mengelola email antar pengguna dalam jaringan lokal atau internet. 1. Menginstal postfix dan dovecot. Gambar 1.1 2. Mengaktifkan dan Menjalankan Postfix Dovecot. Gambar 1.2 3. Mengetikan nano /etc/postfix/main.cf untuk mengubah isi filenya. Gambar 1.3 4. Mengubah hostname,domain, dan menambahkan seperti di tampilkan pada Gambar 1.4 Gambar 1.4 5. Menambahkan mydestination menggunakan domain. Gambar 1.5 6. Mengubah inet interface dan protocols. Gambar 1.6 7. Membuat user baru seperti yang di tampilkan pada Gambar 1.7 untuk akun yang mengirim dan menerikan pesan email. Gambar 1.7 8. Membuka port yang di butuhkan Mail server seperti yang di tampilkan pada Gambar 1.8 agar layanan server tetap terjaga keamanannya dari gangguan pihak luar. Gambar 1..8 9. Menginstal aplikasi thunderbird.  https://www.thunderbird.net/en-US/desktop/ Gambar ...
Posting Komentar
Baca selengkapnya

Menginstal MariaDB versi 10.6.22 Red Hat Enterprise Linux (RHEL 9)

  1. Mengetikan perintah seperti yang di tampilkan Gambar 1.1 Gambar 1.1 2. Mengetikan isi file  Gambar 1.2 3. Menginstal Mariadb Gambar 1.3 4.  Mengaktifkan dan Memulai Mariadb Gambar 1.4 Gambar 1.5
Posting Komentar
Baca selengkapnya