TOPOLOGY
langkah-langkah:
1. tambahkan 1 buah ROUTER, 2 buah SWITCH, dan 2 buah PC
2. lalu sambungkan menggunakan kabel straight
3. klik R1 > CLI
ketikan:
enable
configure terminal
hostname R1
no ip domain lookup
ip dhcp excluded-address 192.168.10.1 192.168.10.9
ip dhcp excluded-address 192.168.10.201 192.168.10.202
!
ip dhcp pool Students
network 192.168.10.0 255.255.255.0
default-router 192.168.10.1
domain-name CCNA2.Lab-11.6.1
!
interface Loopback0
ip address 10.10.1.1 255.255.255.0
!
interface GigabitEthernet0/0/1
description Link to S1 Port 5
ip dhcp relay information trusted
ip address 192.168.10.1 255.255.255.0
no shutdown
!
line con 0
logging synchronous
exec-timeout 0 0
R1# show ip int brief
4. klik S1 > CLI
ketikan:
Switch# config t
Switch(config)# hostname S1
S1(config)# no ip domain-lookup
S1(config)# interface f0/1
S1(config-if)# description Link to S2
S1(config-if)# interface f0/5
S1(config-if)# description Link to R1
S1(config-if)# interface f0/6
S1(config-if)# description Link to PC-A
S1(config)# ip default-gateway
S1(config)# vlan 10
S1(config-vlan)# name Management
S1(config)# interface vlan 10
S1(config-if)# ip address 192.168.10.201 255.255.255.0
S1(config-if)# description Management SVI
S1(config-if)# no shutdown
S1(config)# vlan 333
S1(config-vlan)# name Native
S1(config-vlan)# vlan 999
S1(config-vlan)# name ParkingLot
5. klik S2 > CLI
ketikan:
Switch# config t
Switch(config)# hostname S2(config)# no ip domain-lookup
S2(config)# interface f0/1
S2(config-if)# description Link to S1
S2(config-if)# interface f0/18
S2(config-if)# description Link to PC-B
S2(config)# ip default-gateway 192.168.10.1
S2(config)# vlan 10
S2(config-vlan)# name Management
S2(config)# interface vlan 10
S2(config-if)# ip address 192.168.10.202 255.255.255.0
S2(config-if)# description Management SVI
S2(config-if)# no shutdown
S2(config)# vlan 333
S2(config-vlan)# name Native
S2(config-vlan)# vlan 999
S2(config-vlan)# name ParkingLot
6. kembali lagi ke S1 > CLI
ketikan:
S1(config)# interface f0/1
S1(config-if)# switchport mode trunk
S1(config-if)# switchport trunk native vlan 333
S1# show interface trunk
S1(config)# interface f0/1
S1(config-if)# switchport nonegotiate
S1# show interfaces f0/1 switchport | include Negotiation
S1(config)# interface range f0/5-6
S1(config-if)# switchport mode access
S1(config-if)# switchport access vlan 10
S1(config)# interface range f0/2-4 , f0/7-24, g0/1-2
S1(config-if-range)# switchport mode access
S1(config-if-range)# switchport access vlan 999
S1(config-if-range)# shutdown
7. klik kembali S2 > CLI
ketikan:
S2(config)# interface f0/1
S2(config-if)# switchport mode trunk
S2(config-if)# switchport trunk native vlan 333
S2(config)# interface f0/1
S2(config-if)# switchport nonegotiate
S2# show interfaces f0/1 switchport
S2(config)# interface f0/18
S2(config-if)# switchport mode access
S2(config-if)# switchport access vlan 10
S2(config)# interface range f0/2-17 , f0/19-24, g0/1-2
S2(config-if-range)# switchport mode access
S2(config-if-range)# switchport access vlan 999
S2(config-if-range)# shutdown
8. klik S1
ketikan:
S1(config)# interface f0/6
S1(config-if)# switchport port-security
S1(config-if)# switchport port-security maximum 3
S1(config-if)# switchport port-security violation restrict
S1(config-if)# switchport port-security aging time 60
S1(config-if)# switchport port-security aging type inactiv
S1 #show port-security interface f0/6
S1 (config)# interface range f0/5-6
S1(config-if)# spanning-tree portfast
S1(config)# interface f0/6
S1(config-if)# spanning-tree bpduguard enable
S1# show spanning-tree interface f0/6 detail
9. klik S2
ketikan:
S2(config)# interface f0/18
S2(config-if)# switchport port-security
S2(config-if)# switchport port-security mac-address sticky
S2(config)# interface f0/18
S2(config-if)# switchport port-security aging time 60
S2(config-if)# switchport port-security maximum 2
S2(config-if)# switchport port-security violation protect
S2# show port-security interface f0/18
S2# show port-security address
S2(config)# ip dhcp snooping
S2(config)# ip dhcp snooping vlan 10
S2(config)# interface f0/1
S2(config-if)# ip dhcp snooping trust
2(config)# interface f0/18
S2(config-if)# ip dhcp snooping limit rate 5
S2# show ip dhcp snooping
S2# show ip dhcp snooping binding
S2(config)# interface f0/18
S2(config-if)# spanning-tree portfast
S2(config)# interface f0/18
S2(config-if)# spanning-tree bpduguard enable
jika belum mengerti, silahkan klik link di bawah:
https://drive.google.com/drive/folders/1_Sxd_v9eontrU74ys-5mq2slkUuy7INH?usp=sharing
Comments
Post a Comment