Laporan pembuatan VPN menggunakan Cisco packet tracer PDF

Preview

Summary

LAPORAN VPN CISCO PACKET TRACER Laporan ini disusun untuk memenuhi salah satu tugas Mata Kuliah Jaringan Komputer Oleh Nama : Muhamad Solihin Ansurulloh NPM : 147006018 Kelas : 2014 A FAKULTAS TEKNIK TEKNIK INFORMATIKA UNIVERSITAS NEGERI SILIWANGI TASIKMALAYA 2015 BAB I A. CISCO PACKET TRACER 1. Pen...

Description

LAPORAN VPN CISCO PACKET TRACER Laporan ini disusun untuk memenuhi salah satu tugas Mata Kuliah Jaringan Komputer

Oleh Nama

: Muhamad Solihin Ansurulloh

NPM

: 147006018

Kelas

: 2014 A

FAKULTAS TEKNIK TEKNIK INFORMATIKA

UNIVERSITAS NEGERI SILIWANGI TASIKMALAYA 2015

BAB I A. CISCO PACKET TRACER 1.

Pengertian Cisco Packet Tracer Packet Tracer adalah simulator alat-alat jaringan Cisco yang sering digunakan sebagai media pembelajaran dan pelatihan, dan juga dalam bidang penelitian simulasi jaringan komputer. Program ini dibuat oleh Cisco Systems dan disediakan gratis untuk fakultas, siswa dan alumni yang telah berpartisipasi di Cisco Networking Academy. Tujuan utama Packet Tracer adalah untuk menyediakan alat bagi siswa dan pengajar agar dapat memahami prinsip jaringan komputer dan juga membangun skill di bidang alat-alat jaringan Cisco.

2.

Fitur Packet Tracer Packet Tracer terbaru yaitu versi 6.0.1. Dalam versi ini dapat mensimulasikan Application Layer protocols, Routing dasar RIP, OSPF, dan EIGRP, sampai tingkat yang dibutuhkan pada kurikulum CCNA yang berlaku, sehingga bila dilihat sekilas software ini bertujuan untuk kelas CCNA. Taget Packet Tracer yaitu menyediakan simulasi jaringan yang real, namun terdapat beberapa batasan berupa penghilangan beberapa perintah yang digunakan pada alat aslinya yaitu pengurangan command pada Cisco IOS. Dan juga Packet Tracer tidak bisa digunakan untuk memodelkan jaringan produktif/aktif. Dengan keluarnya versi 6, beberapa fitur ditambahkan, termasuk fitur BGP. BGP memang bukan termasuk kurikulum CCNA, akan tetapi termasuk kurikulum CCNP.

3.

Digunakan di Pendidikan Packet Tracer biasanya digunakan siswa Cisco Networking Academy melalui sertifikasi Cisco Certified Network Associate (CCNA).

1|Page

Dikarenakan batasan pada beberapa fiturnya, software ini digunakan hanya sebagai alat bantu belajar, bukan seabagai pengganti Cisco routers dan switches.

B. VPN (Virtual Private Network) 1.

Pengertian VPN VPN atau Virtual Private Network adalah suatu koneksi antara satu jaringan dengan jaringan lainnya secara privat melalui jaringan publik (Internet). VPN disebut Virtual network karena menggunakan jaringan publik (Internet) sebagai media perantaranya alias bukan koneksi langsung. Dan disebut Private network karena jaringannya bersifat privat, dimana hanya orang tertentu saja yang bisa mengaksesnya. Data yang dikirimkan pun terenkripsi sehingga aman dan tetap rahasia meskipun dikirim melalui jaringan publik.

2.

Cara Kerja VPN Cara kerja VPN ibarat seperti membuat jaringan di dalam jaringan atau biasa disebut tunneling (membuat terowongan). Tunneling adalah suatu cara untuk membuat jalur koneksi secara privat dengan menggunakan infrastruktur jaringan lain. Pada dasarnya VPN juga membutuhkan sebuah server sebagai penghubung dan pengatur antar client.

3.

Kelebihan VPN VPN memungkinkan karyawan/pengguna untuk terkoneksi dengan jaringan internal kantornya dari manapun diseluruh dunia, yang penting terhubung dengan internet. a. Efektif dan Efisien Waktu yang dibutuhkan untuk menghubungkan jaringan kantorkantor cabang ke jaringan kantor pusat lebih lebih cepat, karena hanya dengan menyediakan akses internet di kantor-kantor cabang otomatis kantor cabang tersebut bisa langsung dikoneksikan ke jaringan di

2|Page

kantor pusat. Sedangkan penggunaan leased line sebagai WAN akan membutuhkan waktu yang lama untuk membangun jalur koneksi khusus dari kantor cabang yang baru dengan perusahaan induknya. Dengan demikian penggunaan VPN secara tidak langsung akan meningkatkan efektivitas dan efisiensi kerja. b. Hemat Biaya Penggunaan VPN dapat mengurangi biaya operasional, karena VPN menggunakan infrastruktur jaringan publik yang sudah ada, sehingga tidak perlu membangun infrastruktur jaringan yang baru. c. Meningkatkan Skalabilitas Penggunaan VPN akan meningkatkan skalabilitas. Ketika Perusahaan berkembang dan membuat kantor cabang baru dibeberapa tempat akan lebih terhubung dengan jaringan lokal kantor pusat.

3|Page

BAB II A. HASIL DAN PEMBAHASAN 1.

Jalankan program Cisco Packet Tracer

2.

Setelah dijalankan buat Cloud-PT dengan cara klik icon WAN Emulation lalu pilih Generic Cloud-PT.

Gambar2.1 (Buat cloud)

3.

Buat 2 buah router dengan cara klik routers lalu pilih router 1841.

Gambar2.2 (Buat router)

4|Page

4.

Buat 2 buah switch 2950T-24.

Gambar2.3 (Buat swicth)

5.

Klik Router0 pada bagian physical matikan terlebih dahulu router dengan cara klik tombol on/off atau 1/0 pada physical device view.

Gambar2.4 (Router0 Physical device view)

6. Tambahkan hardware HWIC-2T pada Physical Device pada kotak kosong persegi panjang sebelah kiri.

5|Page

Kecepatan tinggi kartu antarmuka WAN serial dan asynchronous (HWICs) menyediakan koneksi yang sangat fleksibel untuk Cisco 1800, 2800, dan 3800 series pelayanan terpadu router. HWICs ini membantu pelanggan mengaktifkan aplikasi seperti akses WAN, warisan transportasi protokol, server konsol, dan dial akses server. Anda dapat mencampur dan mencocokkan HWICs untuk menyesuaikan solusi biaya-efektif untuk masalah jaringan umum seperti remote manajemen jaringan, akses dialmodem eksternal, low-density WAN agregasi, warisan transportasi protokol, dan dukungan tinggi-port-density

Gambar2.5 (Tambahkan HWIC-2T)

7.

Hidupkan kembali router.

6|Page

Gambar2.6 (Jalankan kembali router)

8.

Pada router1 pun tambahkan HWIC-2T pada phisycal device nya tapi sebelumnya matikan terlebih dahulu router nya.

7|Page

Gambar2.7 (Tambahkan HWIC-2T)

9.

Setelah menambahkan HWIC-2T pada physical device jalankan kembali routernya.

Gambar2.8 (Router1 Physical device view)

10.

Hubungkan router0 dengan cloud menggunakan Serial DCE. Pada router terhubung ke Serial0/1/0.

Gambar2.9 (Router serial0/1/0)

8|Page

11.

Pada cloud hubungkan ke serial0.

Gambar2.10 (Cloud serial0)

12.

Masih menggunakan serial DCE hubungkan serial1 dari cloud.

Gambar2.11 (Cloud serial1)

13.

Dari cloud masuk ke serial0/1/0 pada router1.

9|Page

Gambar2.12 (Router1 serial0/1/0)

14. Hubungkan dari switch FastEthernet0/1 switch2.

Gambar2.13 (FastEthernet0/1 switch2)

15.

Dari switch2 masuk ke FastEthernet0/0 di router0 menggunakan kabel copper straight-through.

10 | P a g e

Gambar2.14 (Hubungkan dari switch2 ke router0)

16.

Sama seperti sebelumnya pada switch FastEthernet0/1 dengan copper straight-through hubungkan ke router1.

Gambar2.15 (Switch3)

17.

Dari switch3 hubungkan ke router1 dengan FastEthernet0/0.

11 | P a g e

Gambar2.16 (Router1)

18.

Pada router0 di menu config masuk ke sub menu FastEthernet0/0. Masukan IP address, subnet mask dan port status ceklis.

Gambar2.17 (Router0 config fastethernet)

19.

Lalu pada Serial0/1/0 centang port status, isikan IP Address dan subnetmask.

12 | P a g e

Gambar2.18 (Router0 config Serial0/1/0)

20.

Sama halnya pada router0, di router1 pun di menu config masuk ke sub menu FastEthernet0/0. Masukan IP address, subnet mask dan port status ceklis.

13 | P a g e

Gambar2.19 (Router1 config fastethernet)

21.

Lalu pada Serial0/1/0 centang port status, isikan IP Address dan subnetmask.

Gambar2.20 (Router1 config Serial0/1/0)

14 | P a g e

22.

Configurasi CLI router0. Router0 System Bootstrap, Version 12.3(8r)T8, RELEASE SOFTWARE (fc1) Cisco 1841 (revision 5.0) with 114688K/16384K bytes of memory. Self decompressing the image : ########################################################## ################ [OK] Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013. cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706

Cisco IOS Software, 1841 Software (C1841-ADVIPSERVICESK9M), Version 12.4(15)T1, RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2007 by Cisco Systems, Inc. Compiled Wed 18-Jul-07 04:52 by pt_team Image text-base: 0x60080608, data-base: 0x6270CD50 This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately. A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html If you require further assistance please contact us by

15 | P a g e

sending email to [email protected]. Cisco 1841 (revision 5.0) with 114688K/16384K bytes of memory. Processor board ID FTX0947Z18E M860 processor: part number 0, mask 49 2 FastEthernet/IEEE 802.3 interface(s) 191K bytes of NVRAM. 63488K bytes of ATA CompactFlash (Read/Write) Cisco IOS Software, 1841 Software (C1841-ADVIPSERVICESK9M), Version 12.4(15)T1, RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2007 by Cisco Systems, Inc. Compiled Wed 18-Jul-07 04:52 by pt_team --- System Configuration Dialog --Continue with configuration dialog? [yes/no]: System Bootstrap, Version 12.3(8r)T8, RELEASE SOFTWARE (fc1) Cisco 1841 (revision 5.0) with 114688K/16384K bytes of memory. Self decompressing the image : ########################################################## ################ [OK] Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013. cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706

Cisco IOS Software, 1841 Software (C1841-ADVIPSERVICESK9M), Version 12.4(15)T1, RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2007 by Cisco Systems, Inc. Compiled Wed 18-Jul-07 04:52 by pt_team Image text-base: 0x60080608, data-base: 0x6270CD50 This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not

16 | P a g e

imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately. A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html If you require further assistance please contact us by sending email to [email protected]. Cisco 1841 (revision 5.0) with 114688K/16384K bytes of memory. Processor board ID FTX0947Z18E M860 processor: part number 0, mask 49 2 FastEthernet/IEEE 802.3 interface(s) 2 Low-speed serial(sync/async) network interface(s) 191K bytes of NVRAM. 63488K bytes of ATA CompactFlash (Read/Write) Cisco IOS Software, 1841 Software (C1841-ADVIPSERVICESK9M), Version 12.4(15)T1, RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2007 by Cisco Systems, Inc. Compiled Wed 18-Jul-07 04:52 by pt_team --- System Configuration Dialog --Continue with configuration dialog? [yes/no]: n Press RETURN to get started!

Router>enable Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#interface FastEthernet0/0 Router(config-if)#ip address 192.168.10.1 255.255.255.0 Router(config-if)#no shutdown Router(config-if)# %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up

17 | P a g e

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up Router(config-if)#exit Router(config)#interface Serial0/1/0 Router(config-if)#ip address 10.0.0.1 255.0.0.0 Router(config-if)#no shutdown Router(config-if)# %LINK-5-CHANGED: Interface Serial0/1/0, changed state to up Router(config-if)#ena ^ % Invalid input detected at '^' marker. Router(config-if)#en % Ambiguous command: "en" Router(config)#router rip Router(config-router)#net 192.168.10.0 Router(config-router)#net 10.0.0.0 Router(config-router)#ex Router(config)#crypto isakmp policy 10 Router(config-isakmp)#auth Router(config-isakmp)#authentication pre-share Router(config-isakmp)#hash sha Router(config-isakmp)#encryp Router(config-isakmp)#encryption aes 256 Router(config-isakmp)#group 2 Router(config-isakmp)#lif Router(config-isakmp)#lifetime 86400 Router(config-isakmp)#ex Router(config)#crypto isakmp key toor addres 10.0.0.2 Router(config)#crypto ipsec transform-set TSET esp-aes esp-sha-hmac Router(config)#access-list 101 permit ip 192.168.10.0 0.0.0.255 192.168.20.0 0.0.0.255 Router(config)#crypto map CMAP 10 ipsec-isakmp % NOTE: This new crypto map will remain disabled until a peer and a valid access list have been configured. Router(config-crypto-map)#set peer 10.0.0.2 Router(config-crypto-map)#match addres 101 Router(config-crypto-map)#set transform-set TSET Router(config-crypto-map)#ex Router(config)#int Router(config)#interface fa0/1 Router(config-if)#crypto map CMAP *Jan 3 07:16:26.785: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is ON Router(config-if)#do wr Building configuration... [OK] Router(config-if)#ex Router(config)#ip dhcp pool IP10 Router(dhcp-config)#net 192.168.10.1 255.255.255.0

18 | P a g e

Router(dhcp-config)#default 192.168.10.1 Router(dhcp-config)#ex Router(config)# Router>en Router#conf t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#inte Router(config)#interface s0/1/0 Router(config-if)#enca Router(config-if)#encapsulation fram Router(config-if)#encapsulation frame-relay Router(config-if)# %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/0, changed state to up Router(config-if)#ex Router(config)#

23.

Konfigurasi CLI Router1. Router1 This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately. A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html If you require further assistance please contact us by sending email to [email protected]. Cisco 1841 (revision 5.0) with 114688K/16384K bytes of memory. Processor board ID FTX0947Z18E M860 processor: part number 0, mask 49 2 FastEthernet/IEEE 802.3 interface(s) 191K bytes of NVRAM. 63488K bytes of ATA CompactFlash (Read/Write)

19 | P a g e

Cisco IOS Software, 1841 Software (C1841-ADVIPSERVICESK9M), Version 12.4(15)T1, RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2007 by Cisco Systems, Inc. Compiled Wed 18-Jul-07 04:52 by pt_team --- System Configuration Dialog --Continue with configuration dialog? [yes/no]: System Bootstrap, Version 12.3(8r)T8, RELEASE SOFTWARE (fc1) Cisco 1841 (revision 5.0) with 114688K/16384K bytes of memory. Self decompressing the image : ######################################################### ################# [OK] Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013. cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706

Cisco IOS Software, 1841 Software (C1841-ADVIPSERVICESK9M), Version 12.4(15)T1, RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2007 by Cisco Systems, Inc. Compiled Wed 18-Jul-07 04:52 by pt_team Image text-base: 0x60080608, data-base: 0x6270CD50 This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately.

20 | P a g e

A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html If you require further assistance please contact us by sending email to [email protected]. Cisco 1841 (revision 5.0) with 114688K/16384K bytes of memory. Processor board ID FTX0947Z18E M860 processor: part number 0, mask 49 2 FastEthernet/IEEE 802.3 interface(s) 2 Low-speed serial(sync/async) network interface(s) 191K bytes of NVRAM. 63488K bytes of ATA CompactFlash (Read/Write) Cisco IOS Software, 1841 Software (C1841-ADVIPSERVICESK9M), Version 12.4(15)T1, RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2007 by Cisco Systems, Inc. Compiled Wed 18-Jul-07 04:52 by pt_team --- System Configuration Dialog --Continue with configuration dialog? [yes/no]: n Press RETURN to get started!

Router>enable Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#interface FastEthernet0/0 Router(config-if)#ip address 192.168.20.1 255.255.255.0 Router(config-if)#no shutdown Router(config-if)# %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up Router(config-if)#exit Router(config)#interface Serial0/1/0 Router(config-if)# Router(config-if)#exit Router(config)#interface FastEthernet0/0 Router(config-if)# Router(config-if)#exit

21 | P a g e

Router(config)#interface Serial0/1/0 Router(config-if)#ip address 10.0.0.2 255.0.0.0 Router(config-if)#no shutdown Router(config-if)# %LINK-5-CHANGED: Interface Serial0/1/0, changed state to up

Router con0 is now available

Press RETURN to get started.