laporan topologi real bank bi - ppp (chap&pap).docx
TRANSCRIPT
SMKN 1 CIMAHINama : Mochamad Arsyad PKelas : XII TKJ BNo lap:
PPP(Point to point) autentifikasi PAP dan CHAP pada topologi
Real
Diagnosa WANInstruktur :
- Dodi Permana, Spd- Rudy Haryadi, ST
Tanggal : 6/11/2012Paraf :
I. Tujuan Agar siswa dapat memahami konfigurasi dan aplikasi dari protokol PPP dengan autentifikasi PAP dan CHAP
II. PendahuluanSecara default semua router cisco menggunakan enkapsulasi HDLC untuk interface serialnya. Meskipun HDLC merupakan enkapsulasi yang standard namun pada kenyataannya setiap vendor mengeluarkan HDLC versi mereka sendiri. Akibatnya, antara router yang berbeda merk akan bermasalah jika komunikasi serialnya menggunakan enkapsulasi HDLC.Solusinya adalah dengan menggunakan enkapsulasi PPP (point to point protocol). Sebenarnya PPP juga merupakan turunan dari HDLC namun PPP jauh lebih baik karena merupakan standard umum yang dipakai oleh semua vendor. Selain itu PPP juga dilengkapi dengan authentication dan PPP juga tidak bergantung pada salah satu protokol saja (independent protocol). Karena PPP merupakan independent protocol maka PPP dapat berjalan di protokol IP, IPX dan protokol layer tiga lainnya.Oleh karena itu, untuk menghubungkan router Cisco dan Non Cisco anda harus menggunakan enkapsulasi PPP.
- Autentifikasi PAPAutentikasi terkadang diperlukan untuk koneksi dengan PPP, sehingga tidak sembarang routerbisa bergabung dengan router yang lain kecuali router tersebut terautentikasi oleh router yang lain. Salah satu autentikasi sederhana pada PPP adalah PAP. Kekurangannya adalah password pada autentikasi PAP dikirim dalam bentuk clear text, sehingga bisa disadap oleh pihak ketiga.
- Autentifikasi CHAPKelebihan autentikasi dengan CHAP adalah bahwa password dikirim dalam bentuk yang telah terenkripsi dengan MD5. Sehingga pihak ketiga tidak dapat membaca password yang tekirim kecuali yang telah terdaftar.
Konfigurasi chap :
Konfigurasi kedua router dengan username dan password Username yang dipakai adalah hostname dari router remote Password yang dikonfigurasikan haruslah klop sama
III. Alat dan bahan- PC/laptop- Software packet tracert- topologi
IV. TopologiTopologi jaringan bank BI
V. Lankah kerja1. Gambar topologi 2. Konfigurasi kedua router di atas dengan benar sampai kedua PC bisa saling koneksi.3. konfigurasi masing router sesuai dengan authentikasi yang digunakan seperti berikut
Konfigurasi router utama
Router(config)#router rip
Router(config-router)#
Router(config-router)#exit
Router(config)#interface Serial2/0
Router(config-if)#
%LINK-5-CHANGED: Interface Serial2/0, changed state to up
no shutdown
Router(config-if)#clock rate 9600
Router(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up
ip address 10.10.4.1 255.0.0.0
Router(config-if)#ip address 10.10.4.1 255.255.255.252
Router(config-if)#
Router(config-if)#exit
Router(config)#interface Serial3/0
Router(config-if)#no shutdown
Router(config-if)#clock rate 19200
Router(config-if)#clock rate 9600
Router(config-if)#ip address 10.10.10.1 255.255.255.252
Router(config-if)#
Router(config-if)#exit
Router(config)#interface FastEthernet0/0
Router(config-if)#no shutdown
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
Router(config-if)#ip address 10.10.11.1 255.255.255.252
Router(config-if)#
%LINK-5-CHANGED: Interface Serial3/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0, changed state to up
Router con0 is now available
Press RETURN to get started.
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#ex
Router#
%SYS-5-CONFIG_I: Configured from console by console
Router#show inte
Router#show interfaces fa0/0
FastEthernet0/0 is up, line protocol is up (connected)
Hardware is Lance, address is 0001.c93d.b397 (bia 0001.c93d.b397)
Internet address is 10.10.11.1/30
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00,
Last input 00:00:08, output 00:00:05, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0 (size/max/drops); Total output drops: 0
Queueing strategy: fifo
Output queue :0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 44 bits/sec, 0 packets/sec
4 packets input, 112 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 input packets with dribble condition detected
83 packets output, 11700 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
Router#cont t
^
% Invalid input detected at '^' marker.
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#int se2/0
Router(config-if)#encapsulation ppp
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to down
Router(config-if)#ex
Router(config)#ex
Router#
%SYS-5-CONFIG_I: Configured from console by console
Router#show int se2/0
Serial2/0 is up, line protocol is down (disabled)
Hardware is HD64570
Internet address is 10.10.4.1/30
MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, loopback not set, keepalive set (10 sec)
LCP Closed
Closed: LEXCP, BRIDGECP, IPCP, CCP, CDPCP, LLC2, BACP
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0 (size/max/drops); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/0/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 96 kilobits/sec
5 minute input rate 24 bits/sec, 0 packets/sec
5 minute output rate 24 bits/sec, 0 packets/sec
87 packets input, 7684 bytes, 0 no buffer
Received 80 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
90 packets output, 7480 bytes, 0 underruns
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#host
% Incomplete command.
Router(config)#hosname router1
^
% Invalid input detected at '^' marker.
Router(config)#hostname router1
router1(config)#username router2 password tkj
router1(config)#int se2/0
router1(config-if)#encapsulation ppp
router1(config-if)#ppp authentication chap
router1(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up
router1(config-if)#en
% Ambiguous command: "en"
router1(config)#ex
router1#
%SYS-5-CONFIG_I: Configured from console by console
router1#e
% Ambiguous command: "e"
router1#ex
router1 con0 is now available
Press RETURN to get started.
router1>en
router1#config t
Enter configuration commands, one per line. End with CNTL/Z.
router1(config)#username router3 password tkj
router1(config)#int se3/0
router1(config-if)#encapsulation ppp
router1(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0, changed state to down
router1(config-if)#ppp authentication chap
router1(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0, changed state to up
Konfigurasi router gedung A
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#router rip
Router(config-router)#network 192.168.30.0
Router(config-router)#network 192.168.20.0
Router(config-router)#network 192.168.100.0
Router(config-router)#network 10.0.0.0
Router(config-router)#network 172.16.0.0
Router(config-router)#
Router(config-router)#exit
Router(config)#interface Serial2/0
Router(config-if)#
%LINK-5-CHANGED: Interface Serial2/0, changed state to up
no shutdown
Router(config-if)#clock rate 9600
Router(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up
ip address 10.10.10.2 255.0.0.0
Router(config-if)#ip address 10.10.10.2 255.255.255.252
Router(config-if)#
Router(config-if)#exit
Router(config)#interface Serial3/0
Router(config-if)#no shutdown
Router(config-if)#clock rate 9600
Router(config-if)#ip address 172.16.10.2 255.255.0.0
Router(config-if)#ip address 172.16.10.2 255.255.255.252
Router(config-if)#
Router(config-if)#exit
Router(config)#router rip
Router(config-router)#
%LINK-5-CHANGED: Interface Serial3/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0, changed state to up
%LINK-5-CHANGED: Interface Serial3/0, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0, changed state to down
%LINK-5-CHANGED: Interface Serial3/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0, changed state to up
Router con0 is now available
Press RETURN to get started.
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to down
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname router3
router3(config)#username router1 password tkj
router3(config)#int se2/0
router3(config-if)#enca
router3(config-if)#encapsulation ppp
router3(config-if)#ppp
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up
% Incomplete command.
router3(config-if)#ppp authentication chap
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to down
router3(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up
router3>en
router3#confing t
^
% Invalid input detected at '^' marker.
router3#config t
Enter configuration commands, one per line. End with CNTL/Z.
router3(config)#username router3 password tkj
router3(config)#int se3/0
router3(config-if)#encapsulation ppp
router3(config-if)#ppp authentication pap
router3(config-if)#ppp sent-username router router1 password tkj
^
% Invalid input detected at '^' marker.
router3(config-if)#ppp pap sent-username router1 password tkj
PPP: Warning: You have chosen a username/password combination that
is valid for CHAP. This is a potential security hole.
router3(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0, changed state to up
router3(config-if)#
Konfigurasi router gedung B
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#interface Serial6/0
Router(config-if)#no shutdown
%LINK-5-CHANGED: Interface Serial6/0, changed state to up
Router(config-if)#clock rate 9600
Router(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial6/0, changed state to up
ip address 172.16.11.2 255.255.0.0
Router(config-if)#ip address 172.16.11.2 255.255.255.252
Router(config-if)#
Router(config-if)#exit
Router(config)#interface Serial3/0
Router(config-if)#
%LINK-5-CHANGED: Interface Serial3/0, changed state to up
no shutdown
Router(config-if)#clock rate 9600
Router(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0, changed state to up
ip address 172.16.12.2 255.255.255.252
Router(config-if)#
Router(config-if)#exit
Router(config)#interface Serial2/0
Router(config-if)#no shutdown
Router(config-if)#clock rate 9600
Router(config-if)#ip address 10.10.10.4 255.0.0.0
Router(config-if)#no ip address
Router(config-if)#ip address 10.10.4.2 255.0.0.0
Router(config-if)#ip address 10.10.4.2 255.255.255.252
Router(config-if)#
Router(config-if)#exit
Router(config)#router rip
Router(config-router)#network 192.168.20.0
Router(config-router)#network 192.168.30.0
Router(config-router)#network 192.168.100.0
Router(config-router)#network 172.16.0.0
Router(config-router)#network 10.0.0.0
Router(config-router)#
Router(config-router)#exit
Router(config)#router rip
Router(config-router)#
Router(config-router)#exit
Router(config)#interface Serial6/0
Router(config-if)#
Router(config-if)#exit
Router(config)#interface Serial2/0
Router(config-if)#
%LINK-5-CHANGED: Interface Serial2/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up
Router con0 is now available
Press RETURN to get started.
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to down
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname router2
router2(config)#username router1 password tkj
router2(config)#int se2/0
router2(config-if)#encapsulation ppp
router2(config-if)#pp
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up
pp
^
% Invalid input detected at '^' marker.
router2(config-if)#ppp authentication chap
router2(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up
router2(config-if)#
router2>en
router2#config t
Enter configuration commands, one per line. End with CNTL/Z.
router2(config)#usename router3 password tkj
^
% Invalid input detected at '^' marker.
router2(config)#username router3 password tkj
router2(config)#inf se6/0
^
% Invalid input detected at '^' marker.
router2(config)#int se6/0
router2(config-if)#encapsulation ppp
router2(config-if)#ppp authentication pap
router2(config-if)#ppp pap sent-username router4 password tkj
router2(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial6/0, changed state to up
router2(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0, changed state to down
router2(config-if)#username router3 password tkj
router2(config)#int se3/0
router2(config-if)#ppp authentication pap
Must set encapsulation to PPP before using PPP subcommands
router2(config-if)#encapsulation ppp
router2(config-if)#ppp authentication pap
router2(config-if)#ppp pap sent-username router5 password tkj
router2(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0, changed state to up
konfigurasi router utama
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#username router1
Router(config)#username router1 password tkj
Router(config)#int se2/0
Router(config-if)#encapsulation ppp
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to down
Router(config-if)#ppp authentication pap
Router(config-if)#ppp pap sent-username router3 password tkj
Router(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up
Konfigurasi router karyawan
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#username router4
Router(config)#username router4 password tkj
Router(config)#int se2/0
Router(config-if)#encapsulation ppp
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to down
Router(config-if)#ppp authentication pap
Router(config-if)#ppp pap sent-username router3 password tkj
Konfigurasi router office
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#username router5 password tkj
Router(config)#int se2/0
Router(config-if)#encapsulation ppp
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to down
Router(config-if)#ppp authentication pap
Router(config-if)#ppp pap sent-username router3 password tkj
Router(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up
VI. Hasil kerja1. kirim packet dari router gedung A ke router pusat jika successful, konfigurasi berhasil
2. kirim packet dari router gedung B ke router pusat jika successful, konfigurasi berhasil
3. kirim packet dari router office ke router gedung B jika successful, konfigurasi berhasil Kirim packet dari router karyawan ke router gedung B jika successful, konfigurasi berhasil Kirim packet dari router utama ke router gedung A jika successful, konfigurasi berhasil
VII. KesimpulanAgar siswa dapat memahami konfigurasi dan aplikasi dari protokol PPP pada topologi real dengan autentifikasi PAP dan CHAP