laporan topologi real bank BI - PPP (CHAP&PAP).docx

24
SMKN 1 CIMAHI Nama : Mochamad Arsyad P Kelas : XII TKJ B No lap: PPP(Point to point) autentifikasi PAP dan CHAP pada topologi Real Diagnosa WAN Instruktur : - Dodi Permana, Spd - Rudy Haryadi, ST Tanggal : 6/11/2012 Paraf : I. Tujuan Agar siswa dapat memahami konfigurasi dan aplikasi dari protokol PPP dengan autentifikasi PAP dan CHAP II. Pendahuluan Secara default semua router cisco menggunakan enkapsulasi HDLC untuk interface serialnya. Meskipun HDLC merupakan enkapsulasi yang standard namun pada kenyataannya setiap vendor mengeluarkan HDLC versi mereka sendiri. Akibatnya, antara router yang berbeda merk akan bermasalah jika komunikasi serialnya menggunakan enkapsulasi HDLC.Solusinya adalah dengan menggunakan enkapsulasi PPP (point to point protocol). Sebenarnya PPP juga merupakan turunan dari HDLC namun PPP jauh lebih baik karena merupakan standard umum yang dipakai oleh semua vendor. Selain itu PPP juga dilengkapi dengan authentication dan PPP juga tidak bergantung pada salah satu protokol saja (independent protocol). Karena PPP merupakan independent protocol maka PPP dapat berjalan di protokol IP, IPX dan protokol layer tiga lainnya.Oleh karena itu, untuk menghubungkan router Cisco dan Non Cisco anda harus menggunakan enkapsulasi PPP. - Autentifikasi PAP Autentikasi terkadang diperlukan untuk koneksi dengan PPP, sehingga tidak sembarang routerbisa bergabung dengan router yang lain kecuali router tersebut terautentikasi oleh router yang lain. Salah satu autentikasi sederhana pada PPP adalah PAP. Kekurangannya adalah password pada autentikasi PAP dikirim dalam bentuk clear text, sehingga bisa disadap oleh pihak ketiga. - Autentifikasi CHAP Kelebihan autentikasi dengan CHAP adalah bahwa password dikirim dalam bentuk yang telah terenkripsi dengan MD5. Sehingga pihak ketiga tidak dapat membaca password yang tekirim kecuali yang telah terdaftar.

Transcript of laporan topologi real bank BI - PPP (CHAP&PAP).docx

Page 1: laporan topologi real bank BI - PPP (CHAP&PAP).docx

SMKN 1 CIMAHINama : Mochamad Arsyad PKelas : XII TKJ BNo lap:

PPP(Point to point) autentifikasi PAP dan CHAP pada topologi

Real

Diagnosa WANInstruktur :

- Dodi Permana, Spd- Rudy Haryadi, ST

Tanggal : 6/11/2012Paraf :

I. Tujuan Agar siswa dapat memahami konfigurasi dan aplikasi dari protokol PPP dengan autentifikasi PAP dan CHAP

II. PendahuluanSecara default semua router cisco menggunakan enkapsulasi HDLC untuk interface serialnya. Meskipun HDLC merupakan enkapsulasi yang standard namun pada kenyataannya setiap vendor mengeluarkan HDLC versi mereka sendiri. Akibatnya, antara router yang berbeda merk akan bermasalah jika komunikasi serialnya menggunakan enkapsulasi HDLC.Solusinya adalah dengan menggunakan enkapsulasi PPP (point to point protocol). Sebenarnya PPP juga merupakan turunan dari HDLC namun PPP jauh lebih baik karena merupakan standard umum yang dipakai oleh semua vendor. Selain itu PPP juga dilengkapi dengan authentication dan PPP juga tidak bergantung pada salah satu protokol saja (independent protocol). Karena PPP merupakan independent protocol maka PPP dapat berjalan di protokol IP, IPX dan protokol layer tiga lainnya.Oleh karena itu, untuk menghubungkan router Cisco dan Non Cisco anda harus menggunakan enkapsulasi PPP.

- Autentifikasi PAPAutentikasi terkadang diperlukan untuk koneksi dengan PPP, sehingga tidak sembarang routerbisa bergabung dengan router yang lain kecuali router tersebut terautentikasi oleh router yang lain. Salah satu autentikasi sederhana pada PPP adalah PAP. Kekurangannya adalah password pada autentikasi PAP dikirim dalam bentuk clear text, sehingga bisa disadap oleh pihak ketiga.

- Autentifikasi CHAPKelebihan autentikasi dengan CHAP adalah bahwa password dikirim dalam bentuk yang telah terenkripsi dengan MD5. Sehingga pihak ketiga tidak dapat membaca password yang tekirim kecuali yang telah terdaftar.

Konfigurasi chap :

Konfigurasi kedua router dengan username dan password Username yang dipakai adalah hostname dari router remote Password yang dikonfigurasikan haruslah klop sama

III. Alat dan bahan- PC/laptop- Software packet tracert- topologi

IV. TopologiTopologi jaringan bank BI

Page 2: laporan topologi real bank BI - PPP (CHAP&PAP).docx

V. Lankah kerja1. Gambar topologi 2. Konfigurasi kedua router di atas dengan benar sampai kedua PC bisa saling koneksi.3. konfigurasi masing router sesuai dengan authentikasi yang digunakan seperti berikut

Konfigurasi router utama

Router(config)#router rip

Router(config-router)#

Router(config-router)#exit

Router(config)#interface Serial2/0

Router(config-if)#

%LINK-5-CHANGED: Interface Serial2/0, changed state to up

no shutdown

Router(config-if)#clock rate 9600

Page 3: laporan topologi real bank BI - PPP (CHAP&PAP).docx

Router(config-if)#

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up

ip address 10.10.4.1 255.0.0.0

Router(config-if)#ip address 10.10.4.1 255.255.255.252

Router(config-if)#

Router(config-if)#exit

Router(config)#interface Serial3/0

Router(config-if)#no shutdown

Router(config-if)#clock rate 19200

Router(config-if)#clock rate 9600

Router(config-if)#ip address 10.10.10.1 255.255.255.252

Router(config-if)#

Router(config-if)#exit

Router(config)#interface FastEthernet0/0

Router(config-if)#no shutdown

%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up

Router(config-if)#ip address 10.10.11.1 255.255.255.252

Router(config-if)#

%LINK-5-CHANGED: Interface Serial3/0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0, changed state to up

Page 4: laporan topologi real bank BI - PPP (CHAP&PAP).docx

Router con0 is now available

Press RETURN to get started.

Page 5: laporan topologi real bank BI - PPP (CHAP&PAP).docx

Router>en

Router#config t

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#ex

Router#

%SYS-5-CONFIG_I: Configured from console by console

Router#show inte

Router#show interfaces fa0/0

FastEthernet0/0 is up, line protocol is up (connected)

Hardware is Lance, address is 0001.c93d.b397 (bia 0001.c93d.b397)

Internet address is 10.10.11.1/30

MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

ARP type: ARPA, ARP Timeout 04:00:00,

Last input 00:00:08, output 00:00:05, output hang never

Last clearing of "show interface" counters never

Input queue: 0/75/0 (size/max/drops); Total output drops: 0

Queueing strategy: fifo

Output queue :0/40 (size/max)

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 44 bits/sec, 0 packets/sec

4 packets input, 112 bytes, 0 no buffer

Received 0 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort

Page 6: laporan topologi real bank BI - PPP (CHAP&PAP).docx

0 input packets with dribble condition detected

83 packets output, 11700 bytes, 0 underruns

0 output errors, 0 collisions, 2 interface resets

0 babbles, 0 late collision, 0 deferred

0 lost carrier, 0 no carrier

Router#cont t

^

% Invalid input detected at '^' marker.

Router#config t

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#int se2/0

Router(config-if)#encapsulation ppp

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to down

Router(config-if)#ex

Router(config)#ex

Router#

%SYS-5-CONFIG_I: Configured from console by console

Router#show int se2/0

Serial2/0 is up, line protocol is down (disabled)

Hardware is HD64570

Internet address is 10.10.4.1/30

MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec,

reliability 255/255, txload 1/255, rxload 1/255

Page 7: laporan topologi real bank BI - PPP (CHAP&PAP).docx

Encapsulation PPP, loopback not set, keepalive set (10 sec)

LCP Closed

Closed: LEXCP, BRIDGECP, IPCP, CCP, CDPCP, LLC2, BACP

Last input never, output never, output hang never

Last clearing of "show interface" counters never

Input queue: 0/75/0 (size/max/drops); Total output drops: 0

Queueing strategy: weighted fair

Output queue: 0/1000/64/0 (size/max total/threshold/drops)

Conversations 0/0/256 (active/max active/max total)

Reserved Conversations 0/0 (allocated/max allocated)

Available Bandwidth 96 kilobits/sec

5 minute input rate 24 bits/sec, 0 packets/sec

5 minute output rate 24 bits/sec, 0 packets/sec

87 packets input, 7684 bytes, 0 no buffer

Received 80 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort

90 packets output, 7480 bytes, 0 underruns

Router#config t

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#host

% Incomplete command.

Router(config)#hosname router1

^

% Invalid input detected at '^' marker.

Router(config)#hostname router1

Page 8: laporan topologi real bank BI - PPP (CHAP&PAP).docx

router1(config)#username router2 password tkj

router1(config)#int se2/0

router1(config-if)#encapsulation ppp

router1(config-if)#ppp authentication chap

router1(config-if)#

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up

router1(config-if)#en

% Ambiguous command: "en"

router1(config)#ex

router1#

%SYS-5-CONFIG_I: Configured from console by console

router1#e

% Ambiguous command: "e"

router1#ex

router1 con0 is now available

Page 9: laporan topologi real bank BI - PPP (CHAP&PAP).docx

Press RETURN to get started.

router1>en

router1#config t

Enter configuration commands, one per line. End with CNTL/Z.

router1(config)#username router3 password tkj

router1(config)#int se3/0

router1(config-if)#encapsulation ppp

router1(config-if)#

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0, changed state to down

Page 10: laporan topologi real bank BI - PPP (CHAP&PAP).docx

router1(config-if)#ppp authentication chap

router1(config-if)#

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0, changed state to up

Konfigurasi router gedung A

Router>enable

Router#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#router rip

Router(config-router)#network 192.168.30.0

Router(config-router)#network 192.168.20.0

Router(config-router)#network 192.168.100.0

Router(config-router)#network 10.0.0.0

Router(config-router)#network 172.16.0.0

Router(config-router)#

Router(config-router)#exit

Router(config)#interface Serial2/0

Router(config-if)#

%LINK-5-CHANGED: Interface Serial2/0, changed state to up

no shutdown

Router(config-if)#clock rate 9600

Router(config-if)#

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up

ip address 10.10.10.2 255.0.0.0

Router(config-if)#ip address 10.10.10.2 255.255.255.252

Page 11: laporan topologi real bank BI - PPP (CHAP&PAP).docx

Router(config-if)#

Router(config-if)#exit

Router(config)#interface Serial3/0

Router(config-if)#no shutdown

Router(config-if)#clock rate 9600

Router(config-if)#ip address 172.16.10.2 255.255.0.0

Router(config-if)#ip address 172.16.10.2 255.255.255.252

Router(config-if)#

Router(config-if)#exit

Router(config)#router rip

Router(config-router)#

%LINK-5-CHANGED: Interface Serial3/0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0, changed state to up

%LINK-5-CHANGED: Interface Serial3/0, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0, changed state to down

%LINK-5-CHANGED: Interface Serial3/0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0, changed state to up

Page 12: laporan topologi real bank BI - PPP (CHAP&PAP).docx

Router con0 is now available

Press RETURN to get started.

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to down

Page 13: laporan topologi real bank BI - PPP (CHAP&PAP).docx

Router>en

Router#config t

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#hostname router3

router3(config)#username router1 password tkj

router3(config)#int se2/0

router3(config-if)#enca

router3(config-if)#encapsulation ppp

router3(config-if)#ppp

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up

% Incomplete command.

router3(config-if)#ppp authentication chap

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to down

router3(config-if)#

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up

router3>en

router3#confing t

^

% Invalid input detected at '^' marker.

router3#config t

Enter configuration commands, one per line. End with CNTL/Z.

router3(config)#username router3 password tkj

router3(config)#int se3/0

router3(config-if)#encapsulation ppp

Page 14: laporan topologi real bank BI - PPP (CHAP&PAP).docx

router3(config-if)#ppp authentication pap

router3(config-if)#ppp sent-username router router1 password tkj

^

% Invalid input detected at '^' marker.

router3(config-if)#ppp pap sent-username router1 password tkj

PPP: Warning: You have chosen a username/password combination that

is valid for CHAP. This is a potential security hole.

router3(config-if)#

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0, changed state to up

router3(config-if)#

Konfigurasi router gedung B

Router>enable

Router#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#interface Serial6/0

Router(config-if)#no shutdown

%LINK-5-CHANGED: Interface Serial6/0, changed state to up

Router(config-if)#clock rate 9600

Router(config-if)#

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial6/0, changed state to up

ip address 172.16.11.2 255.255.0.0

Router(config-if)#ip address 172.16.11.2 255.255.255.252

Router(config-if)#

Page 15: laporan topologi real bank BI - PPP (CHAP&PAP).docx

Router(config-if)#exit

Router(config)#interface Serial3/0

Router(config-if)#

%LINK-5-CHANGED: Interface Serial3/0, changed state to up

no shutdown

Router(config-if)#clock rate 9600

Router(config-if)#

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0, changed state to up

ip address 172.16.12.2 255.255.255.252

Router(config-if)#

Router(config-if)#exit

Router(config)#interface Serial2/0

Router(config-if)#no shutdown

Router(config-if)#clock rate 9600

Router(config-if)#ip address 10.10.10.4 255.0.0.0

Router(config-if)#no ip address

Router(config-if)#ip address 10.10.4.2 255.0.0.0

Router(config-if)#ip address 10.10.4.2 255.255.255.252

Router(config-if)#

Router(config-if)#exit

Router(config)#router rip

Router(config-router)#network 192.168.20.0

Router(config-router)#network 192.168.30.0

Router(config-router)#network 192.168.100.0

Router(config-router)#network 172.16.0.0

Router(config-router)#network 10.0.0.0

Router(config-router)#

Page 16: laporan topologi real bank BI - PPP (CHAP&PAP).docx

Router(config-router)#exit

Router(config)#router rip

Router(config-router)#

Router(config-router)#exit

Router(config)#interface Serial6/0

Router(config-if)#

Router(config-if)#exit

Router(config)#interface Serial2/0

Router(config-if)#

%LINK-5-CHANGED: Interface Serial2/0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up

Router con0 is now available

Page 17: laporan topologi real bank BI - PPP (CHAP&PAP).docx

Press RETURN to get started.

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to down

Router>en

Router#config t

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#hostname router2

router2(config)#username router1 password tkj

router2(config)#int se2/0

router2(config-if)#encapsulation ppp

router2(config-if)#pp

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up

pp

Page 18: laporan topologi real bank BI - PPP (CHAP&PAP).docx

^

% Invalid input detected at '^' marker.

router2(config-if)#ppp authentication chap

router2(config-if)#

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up

router2(config-if)#

router2>en

router2#config t

Enter configuration commands, one per line. End with CNTL/Z.

router2(config)#usename router3 password tkj

^

% Invalid input detected at '^' marker.

router2(config)#username router3 password tkj

router2(config)#inf se6/0

^

% Invalid input detected at '^' marker.

router2(config)#int se6/0

router2(config-if)#encapsulation ppp

router2(config-if)#ppp authentication pap

router2(config-if)#ppp pap sent-username router4 password tkj

Page 19: laporan topologi real bank BI - PPP (CHAP&PAP).docx

router2(config-if)#

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial6/0, changed state to up

router2(config-if)#

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0, changed state to down

router2(config-if)#username router3 password tkj

router2(config)#int se3/0

router2(config-if)#ppp authentication pap

Must set encapsulation to PPP before using PPP subcommands

router2(config-if)#encapsulation ppp

router2(config-if)#ppp authentication pap

router2(config-if)#ppp pap sent-username router5 password tkj

router2(config-if)#

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0, changed state to up

konfigurasi router utama

Router>en

Router#config t

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#username router1

Router(config)#username router1 password tkj

Router(config)#int se2/0

Router(config-if)#encapsulation ppp

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to down

Page 20: laporan topologi real bank BI - PPP (CHAP&PAP).docx

Router(config-if)#ppp authentication pap

Router(config-if)#ppp pap sent-username router3 password tkj

Router(config-if)#

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up

Konfigurasi router karyawan

Router>en

Router#config t

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#username router4

Router(config)#username router4 password tkj

Router(config)#int se2/0

Router(config-if)#encapsulation ppp

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to down

Router(config-if)#ppp authentication pap

Router(config-if)#ppp pap sent-username router3 password tkj

Konfigurasi router office

Router>en

Router#config t

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#username router5 password tkj

Router(config)#int se2/0

Router(config-if)#encapsulation ppp

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to down

Router(config-if)#ppp authentication pap

Page 21: laporan topologi real bank BI - PPP (CHAP&PAP).docx

Router(config-if)#ppp pap sent-username router3 password tkj

Router(config-if)#

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up

VI. Hasil kerja1. kirim packet dari router gedung A ke router pusat jika successful, konfigurasi berhasil

2. kirim packet dari router gedung B ke router pusat jika successful, konfigurasi berhasil

3. kirim packet dari router office ke router gedung B jika successful, konfigurasi berhasil Kirim packet dari router karyawan ke router gedung B jika successful, konfigurasi berhasil Kirim packet dari router utama ke router gedung A jika successful, konfigurasi berhasil

VII. KesimpulanAgar siswa dapat memahami konfigurasi dan aplikasi dari protokol PPP pada topologi real dengan autentifikasi PAP dan CHAP