Posted on by opik

Config Dasar Cisco Router di End User

Cisco Router dengan config standart sebagai router dan NAT internet, anggap saja dapet IP dari ISP Dedicated 172.16.254.248/29 dengan IP LAN-nya 192.168.254.0/24. 

Config menggunakan kabel console dan tampilan banner pada console saat booting seperti ini…

Copyright (c) 2000 by cisco Systems, Inc.
Initializing memory for ECC
..
c2811 processor with 524288 Kbytes of main memory
Main memory is configured to 64 bit mode with ECC enabled

Readonly ROMMON initialized

Self decompressing the image :
########################################################################## [OK]

              Restricted Rights Legend

Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

           cisco Systems, Inc.
           170 West Tasman Drive
           San Jose, California 95134-1706



Cisco Internetwork Operating System Software
IOS (tm) PT1000 Software (PT1000-I-M), Version 12.2(28), RELEASE SOFTWARE (fc5)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2005 by cisco Systems, Inc.
Compiled Wed 27-Apr-04 19:01 by miwang

PT 1001 (PTSC2005) processor (revision 0x200) with 60416K/5120K bytes of memory
.
Processor board ID PT0123 (0123)
PT2005 processor: part number 0, mask 01
Bridging software.
X.25 software, Version 3.0.0.
3 Gigabit Ethernet/IEEE 802.3 interface(s)
32K bytes of non-volatile configuration memory.
63488K bytes of ATA CompactFlash (Read/Write)

Press RETURN to get started!

Tekan Enter, dan ketik en untuk enable agar bisa menggunakan perintah di previleged. Ketik conf t untuk configure terminal agar masuk ke perintah-perintah terminal.

Router> en
Router# conf t
Enter configuration commands, one per line. End with CNTL/Z.

Config untuk interfaces WAN-nya di port 0 (Gi0/0) dengan IP 172.16.254.254/29…

Router(config)# int Gi0/0
Router(config-if)# ip address 172.16.254.254 255.255.255.248
Router(config-if)# ip nat outside
Router(config-if)# description "WAN"
Router(config-if)# no shutdown
Router(config-if)# exit

Keterangan:

  1. int Gi0/0 => interface 0 gigabit
  2. ip address 172.16.254.254 255.255.255.248 => penentuan IP dan netmask
  3. ip nat outside => menentukan interfaces yang menghadap ke WAN (Sisi luar)
  4. description “WAN” => memberikan nama interfaces
  5. no shutdown => mengaktifkan port
  6. exit => keluar dari config interfaces Gi0/0

Kemudian memberikan static route untuk default gateway-nya router.

Router(config)# ip route 0.0.0.0 0.0.0.0 172.16.254.249

Config untuk interfaces LAN-nya di port 1 (Gi1/0) dengan IP 192.168.254.1/24…

Router(config)# int Gi0/1
Router(config-if)# ip address 192.168.254.1 255.255.255.0
Router(config-if)# ip nat inside
Router(config-if)# description "LAN"
Router(config-if)# no shutdown
Router(config-if)# exit

Membuat NAT dari dalam dengan asal ip 192.168.254.0-192.168.254.255 dilemparkan ke interfaces Gi0/0…

Router(config)# ip nat inside source list 1 interface Gi0/0
Router(config)# access-list 1 permit 192.168.254.0 0.0.0.255

Membuat DHCP Server…

Router(config)# ip dhcp pool 1
Router(dhcp-config)# network 192.168.254.0 255.255.255.0
Router(dhcp-config)# default-router 192.168.254.1
Router(dhcp-config)# dns-server 8.8.8.8 8.8.4.4

Config global yang mendasar; memberikan nama perangkat RouterKKK dengan password pertama kali login adalah KKK123* dan bila tidak ada aktifitas selama 5 menit akan loguot. Dan mengaktifkan port telnet maupun ssh agar bisa di remote.

RouterKKK(config)# hostname "RouterKKK"
RouterKKK(config)# line console 0
RouterKKK(config-line)# password KKK123*
RouterKKK(config-line)# login
RouterKKK(config-line)# exec-timeout 5 0
RouterKKK(config-line)# exit
RouterKKK(config)# line vty 0
RouterKKK(config-line)# transport input all
RouterKKK(config-line)# password KKK123*
RouterKKK(config-line)# login
RouterKKK(config-line)# exec-timeout 5 0
RouterKKK(config-line)# exit

Memberikan password saat enable dengan password KKK**098!@#

RouterKKK(config)# enable secret KKK**098!@#

Meyimpan config…

RouterKKK(config)# do write

Checking hasil config…

RouterKKK(config)# do sh run

Building configuration...

Current configuration : 1030 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname RouterKKK
!
!
!
enable secret 5 $1$mERr$WdQjCr32Cg5lTxqX3DGvJ/
!
!
!
ip dhcp pool 1
network 192.168.254.0 255.255.255.0
default-router 192.168.254.1
dns-server 8.8.8.8 8.8.4.4
!
!
!
no ip cef
no ipv6 cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
description WAN
ip address 172.16.254.254 255.255.255.248
ip nat outside
duplex auto
speed auto
!
interface GigabitEthernet1/0
description LAN
ip address 192.168.254.1 255.255.255.0
ip nat inside
duplex auto
speed auto
!
interface GigabitEthernet2/0
no ip address
duplex auto
speed auto
shutdown
!
router rip
!
ip nat inside source list 1 interface GigabitEthernet0/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 172.16.254.249
!
ip flow-export version 9
!
!
access-list 1 permit 192.168.254.0 0.0.0.255
!
!
!
!
!
line con 0
exec-timeout 5 0
password KKK123*
login
!
line aux 0
!
line vty 0
 exec-timeout 5 0
 password KKK123*
 login
line vty 1 4
 login
!
!
!
end

Lakukan tester, port 1 (Gi1/0) sambungkan pada switch dan PC/Laptop client sambungkan pada switch dengan config IP DHCP, tester ping ke internet.