11.6.2 lab-switch security configuration
Nama : aghnia sifaulinas
Kelas : xi tjkt b
Absen : 03
.png)
spanning tree bpduguard adalah filtur yang melindungi jaringan dari serangan jahat yang menganggu konfigurasi jaringan spanning tree.
port security adalah suatu keamanan jaringan yang dipakai oleh switch cisco yang berfungsi untuk membatasi jumlah host dan menentukan host lain yang bisa terkoneksi pada setiap port yang ada di switch.
1. masukan router, switch, dan pc lalu sambungkan menggunakan kabel straight sesuai di topology
2. klik router 1 lalu klik cli dan config seperti di bawah ini
enable
configure terminal
hostname R1
no ip domain-lookup
line con 0
password cisco
logging synchronous
exec-timeout 0 0
ip dhcp excluded-address 192.168.10.1 192.168.10.9
ip dhcp excluded-address 192.168.10.201 192.168.10.202
ip dhcp pool student network 192.168.10.0 255.255.255.0
default-router 192.168.10.1
default-name CCNA2.Lab-11.6.1
int loopback0
ip address 10.10.1.1 255.255.255.0
int g0/0/1
descrpton link to S1 port 5
ip dhcp relay nformation trusted
ip address 192.168.10.1 255.255.255.0
no shutdown
end
show ip int brief
close r 1
3. klik switch 1 lalu ke cli dan config seperti di bawah ini
enable
hostname S1
no ip domain-lookup
int f0/1
description link to S2
nt f0/5
description link to R1
int f0/6
description link to PC A - B
ip defalut-gateway 192.168.10.1
vlan 10
name Management
vlan 333
name Native
vlan 999
name Parking_Lot
int vlan 10
ip address 192.168.10.201 255.255.255.0
description management to SVI
no shutdown
nt f0/1
switchport mode trunk
switchport tunk vlan 333
switchport nenogotiate
ing f0/5-6
switchport mode access
switchport access vlan 10
interface range f0/2-4, f0/7-24, g0/1-2
switchport mode access S1
switchport vlan 999
shutdown
switchport port-security
switchport port-security violation restrict
switchport port-security maximum 3
switchport port-security time 60
switchport port-security aging type nactivity
int f0/6
spanning-tree bpduguard
4. klik S 2 lalu konciguraskan sepert configan d bawah ini
enable
configure terminal
hostname S2
no ip domain-lookup
int f0/1
description link to S2
nt f0/5
description link to R1
int f0/6
description link to PC A - B
ip defalut-gateway 192.168.10.1
vlan 10
name Management
vlan 333
name Native
vlan 999
name Parking_Lot
int vlan 10
ip address 192.168.10.201 255.255.255.0
description management to SVI
no shutdown
interface range f0/2-17, f0/19-24, g0/1-2
switchport mode access S2
switchport vlan 999
shutdown
int f0/18
switchport port-security S2
switchport port-security mac-address strictly
int f0/18
switchport port-security maximum 2
switchport port-security time 60
switchport port-security violation protect
p dhcp snooping vlan 10
ip dhcp snooping trust
ip dhcp snooping limit rate 5
int f0/6
spanning-tree bpduguard
jika tidak terlalu jelas silahkan klk link video di bawah ini
part 1
part 2
part 3
Komentar
Posting Komentar