Ujian Ccna Lab Yang Pasti Keluar

7/23/2019 Ujian Ccna Lab Yang Pasti Keluar

1/16

Bab 1. LabCCNA

Edisi TujuhBelasAgustus, Indonesia65

QUESTION 1. LAB EIGRP

After adding R3 router, no routing updates are being exchanged between R3 and the newlocation. All other inter connectivity and Internet access for the existing locations of the

company are working properly.

The task is to identify the faults! and correct the router configuration to provide fullconnectivity between the routers.

Access to the router "#I can be gained by clicking on the appropriate host. All passwords onall routers are cisco.

I$ addresses are listed in the chart below.

R1

Fa0/0:192.168.77.33

S1/0:198.0.18.6

S0/1:192.168.60.25

R2

Fa0/0:192.168.60.97

Fa0/1:192.168.60.113

S0/0:192.168.36.14


2/16

R3

Fa0/0:192.168.77.34

Fa0/1:192.168.60.65

Fa1/0:192.168.60.81

R4

Fa0/0:192.168.60.129

Fa0/1:192.168.60.145

S0/1:192.168.60.26

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

Tentang AS Number

&. 'alankan perintah show run di semua router, pastikan semua memiliki A( number yangsama.

). (alah satu atau beberapa router pasti A( *umbernya ada yang berbeda.3. +aka hapus dulu A( number tersebut dan kmudian konfigurasikan yang benar.

+isalkan di soal smua A( number harus )&), tp di R3 menggunakan A( number &)R3!on"#g$% no router e#gr& 1'

. -emudian masukkan A( number yang benar yakni )&)R3!on"#g$% router e#gr& '1'

. -emudian daftarkan semua networknya, R3 punya 3 network dari table dan show run!

/a0102 &).&45.66.3 ).).).)0

/a01&2 &).&45.40.4 ).).).)0

/a&102 &).&45.40.5& ).).).)0

R3!on"#g(router$% networ) 1*'.1+,.--.3'R3!on"#g(router$% networ) 1*'.1+,.+.+/R3!on"#g(router$% networ) 1*'.1+,.+.,R3!on"#g(router$% no auto(summar0 harus #tambah)an$

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

Tentang Networ) 0ang &er2u #tambah)an

&. 'alankan perintah show #& #nter"a!e br#e" di semua router, pastikan semua ip yangtampil sudah dimasukkan ke dalam eigrp

). (alah satu atau beberapa router pasti ada yang networknya belum dimasukkan ke eigrp3. maka masuk ke 7I8R$ dulu dan kemudian tambahkan network tersebut

+isal pada R, ada 3 network tapi hanya ) yang didaftarkan.

/a0102 &).&45.40.&) ).).).)0 belum didaftarkan misalnya!

/a01&2 &).&45.40.& ).).).)0

(01&2 &).&45.40.)4 ).).).))

R/!on"#g$% router e#gr& '1'

R/!on"#g(router$% networ) 1*'.1+,.+.1',%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

Tentang Auto(Summar0'alankan perintah show run di semua router, pastikan pada bagian 7I8R$ sudah terdapat perintahno auto(summar0. -alau belum ada tambahkan.

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

Penge!e)an an er#"#)as#pastikan semua network bisa di ping, cek 'uga routing tabelnya dgn perintah show #& route


3/16

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

Sae )on"#gurs#setelah semua bisa diping, simpan konfigurasinya dengan mengetik !o&0 run start

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%


4/16

QUESTION '. LAB A44ESS(LISTA network associate is adding security to the configuration of the "orp& router. The user on host "should be able to use a web browser to access financial information from the /inance 9eb (erver. *oother hosts from the #A* nor the "ore should be able to use a web browser to access this server.(ince there are multiple resources for the corporation at this location including other resources onthe /inance 9eb (erver, all other traffic should be allowed.

The task is to create and apply an access:list with no more than three statements that will allow;*#< host " web access to the /inance 9eb (erver. *o other hosts will have web access to the/inance 9eb (erver. All other traffic is permitted.Access to the router "#I can be gained by clicking on the appropriate host.

All passwords have been temporarily set to =cisco=.The "ore connection uses an I$ address of &5.&5.&4.4The computers in the >osts #A* have been assigned addresses of &).&45.33.& : &).&45.33.)>ost A &).&45.33.&>ost ? &).&45.33.)>ost " &).&45.33.3>ost @ &).&45.33.

The servers in the (erver #A* have been assigned addresses of &6).)).)).&6 : &6).)).)).30The /inance 9eb (erver is assigned an I$ address of &6).)).)).)3.

Ru2es A!!ess(L#stsRingkasan yg diminta dari soal diatas kurang lebih sebagai berikut&. host " should be able to to access /inance 9eb (erver). *o other hosts from #A* nor the 4oreable to access /inance 9eb (erver3. All other traffic should be allowed.


5/16

-arena spesifik aplikasi web yang diminta maka kita menggunakan A"# 7xtended &00:&!

?erdasarkan rules diatas maka perintahnya seperti berikut&. $ermit host " &).&45.33.3 ! utk diperbolehkan mengakses ke web server &6).)).)).)3!

4or&1!on"#g$%a!!ess(2#st 1 &erm#t t!& host 1*'.1+,.33.3 host 1-'.''.'/'.'3 e5 ,

). tidak ada host lain any! yang boleh mengakses finance web server tersebut &6).)).)).)3!

4or&1!on"#g$%a!!ess(2#st 1 en0 t!& an0 host 1-'.''.'/'.'3 e5 ,

3. semua trafik selain diatas diperbolehkan4or&1!on"#g$%a!!ess(2#st 1 &erm#t #& an0 an0

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

Ass#gn A!!ess(L#sts )e #nter"a!eRouter "orp& memiliki ) interface yakni fa010 dan f01&. 'alankan perintah show run untukmengetahui interfacenya.

A. /a010 2 &).&45.33.) 1) 2 merupakan gateway host "?. /a01& 2 &6).)).)).30 1)5 2 merupakan gateway finance web server

(elan'utnya kita harus menentukan pada port manakah A"# akan diterapkan.

A"# extended dikonfigurasikan sedekat mungkin dengan source.

+aka kalau yang men'adi source adalah hanya host yang terdapat pada #A* interface f010

router sa'a, maka bisa diterapkan pada interface fa010 tersebut. Akan tetapi pada soal tertulis bahwa *o other hosts from #A* nor the 4oreable to access

/inance 9eb (erver dimana dalam hal ini core router 'uga men'adi source nya sehingga A"#harus diterapkan pada interface fa01& router.

4or&1!on"#g$%#nter"a!e "a614or&1!on"#g(#"$%#& a!!ess(grou& 1 out

@irection nya I* atau ;BT ditentukan dari arah source menu'u ke destination, kalau diterapkan padaf010 maka directionnya adalah I*, akan tetapi karena disini diterapkan pada f01& maka arahdirectionya yang tepat adalah ;BT

4or&1%!o&0 run start

7ANGAN LUPA SA8E 9ON:IGURASIN;A ATAU A9AN 9E


6/16

Bab 2. LabHotsot

Edisi TujuhBelasAgustus, Indonesia65


7/16

QUESTION A.


8/16

4ATATAN PENTING ====== SE>UA 7A?ABAN @IBA?A< >E>ERLU9AN PE>AAN TENTANG PERINTA< SENGGUNA9AN SE>UA PERINTA< ;ANG @IGUNA9AN BERI9UT

9hat interface did Sw(A43associate with source +A" address 1.Ca!.""baD

a! /a01&

b! /a013

QUESTION 1

9hat interface did Sw(A43associate with source +A" address 1.Ca!.""baD

c! /a01&

d! /a013

e! /a014

"$ :a6,

g! /a01

h! /a01&)

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

Bntuk mengetahui mac address tsb ada di port mana, ketikkan perintah show mac:address:table


9/16

+aka kemudian dapat diketahui mac address 00&0.a0c.ffba ada di port f015

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

QUESTION '9hat ports on Sw(A43are operating has trunks choose three!Da! /a01&b$ :a63c! /a01d! /a014e$ :a6*"$ :a61'%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

Bntuk mengetahui port mana sa'a yang men'adi trunk, ketik perintah show interface trunk


10/16

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

QUESTION 39hat kind of router is 8LAN(R1Da! &6)0b! &5&c! )4&&$ '+'%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%Untuk mengetahui seri router VLAN-R1, ketikkan perintah show cdp neighbor


11/16

QUESTION /9hich switch is the root bridge forE#A* &D

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%Untuk mengetahui switch mana yang menjadi root bridge kita ketikkan perintah show spanning-tree

+aka informasinya bisa dilihat pada bagian Root I@ nya dmana switch yang men'adi root bridge adalahyang terkoneksi ke port fa01&).-etikkan perintah show cdp neighbor untuk mengetahui poft fa01&) terkoneksi ke switch mana

+aka terlihat bahwa switch yang men'adi root bridge adalah switch (w:@(&

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%


12/16

QUESTION C9hat address should be configured as the default:gateway for the host connected to interface fa01 of (9:Ac3D%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%(ebelum mengetahui default:gateway nya, kita harus mencari tau dulu ada di vlan berapakah port tersebut,karena tentunya beda vlan, gateway nya 'uga berbeda.

Bntuk mengetahui port tersebut ada di vlan berapa, gunakan perintah show vlan

@ari tampilan diatas, bisa kita ketahui bahwa port f01 ada di vlan .

@ari informasi yang ada pada soal, bisa diketahui bahwa gateway vlan adalah &).&45..)%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

QUESTION +/rom which switch did (w:Ac3 receive E#A* information D%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%Bntuk mengetahui switch mana yang mengupdate vlan pada switch (w:A"3, kita harus mengetikkan perintahshow vtp status

@ari perintah tersebut didapat bahwa switch tersebut mendapat update dari I$ &43..5.3+aka kita harus mengetahui I$ tersebut ip switch yang mana, maka ketik show cdp neighbor detail


13/16

(ehingga bisa diketahui bahwa switch yang mengupdate vlan switch (w:Ac3 adalah (witch (w:A").%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

QUESTION -Re"er to the eD#b#t sw#t!h Sw was ta)en out o" the &rou!t#on networ) "or ma#ntenan!e. It w#22 bereconnected to the /a 01&4 port of (w:Ac3. 9hat happens to the network when it is reconnected and a trunkexists between the two switchesD

A. All E#A*s except the default E#A* win be removed from allswitches

?. All existing switches will have the students, admin, faculty, (ervers, +anagement, $roduction, and no:

where E#A*s

". The E#A*s (ervers, +anagement, $roduction and no:where will replace the E#A*s on (wF

@. The E#A*s (ervers, +anagement, $roduction and no:where will be removed from existing switches

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%-etika switch F dikoneksikan ke (w:A"3, maka yang perlu diperhatikan adalah nilai "onfiguration Revisionnya.

(wF memiliki nilai configuration revision yang lebih tinggi dbanding (w:A"3, maka tentunya vlan yang ada pada(wF akan mereplace semua E#A* yang ada pada (9:A"3


14/16

$ada kondisi sebelumnya di switch (9:A"3 terdapat vlan servers, management, production dan no where. Elan)tersebut akan hilang tergantikan oleh vlan) yang ada pada switch (9:F yakni vlan students, admin dan faculty%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%QUESTION ,;ut of which ports will a frame be forwarded that has source mac:address 1.Ca!.",+and destinationmac:address a.,a/-.e+1'D "hoose three!%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%-ita harus mengecek terlebih dahulu mac:address source dan destination tersebut ada di port mana dan adapada vlan berapa. 8unakan perintah show mac:address:table untuk menampilkan informasi mac:address tablenya.

@ari tampilan tersebut, mac address source ada di port fa014 vlan 33, namun informasi mac address

destination tidak diketahui. (ehingga mekanisme berikutnya switch akan mengirim ke semua port kecuali pengirimnya.

(emua port disini adlh semua port dalam vlan yang sama serta port yang men'adi trunk.

Bntuk itu gunakan perintah show vlan utk mengetahui port mana sa'a yang ada dalam vlan 33

(erta perintah show interface trunk untuk mengetahui port mana yang men'adi trunk


15/16

/rame akan dikirim ke fa01&, fa01), fa01 dan fa016 E#A* 33! serta pada port f013, fa01 dan fa01&) Trunk!%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

QUESTION *If one of the host connected to (w:A"3 wants to send message to ip &0.0.). or any ip on a different subnet!what will be the destination +A" address D%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%Bntuk mengirimkan data ke host yang berbeda network, maka mac address destinationnya adalah mac addressinterface router.-etikkan perintah show rundan cari baris ip default:gateway yang merupakan ip routernya.

(etelah ip address router diketahui, selan'utnya ketikkan perintah show !& ne#ghbor eta#2untuk mengetahuipada port berapa router tersebut dikoneksikan.

?erdasarkan informasi diatas didapatkan bahwa portnya router adalah port fa013, gunakan perintah show mac:address:table untuk mengetahui mac:address port f013


16/16

@ari tampilan diatas diketahui mac:address nya router adalah a.b-e*.,3+

Ujian Ccna Lab Yang Pasti Keluar

Documents

Transcript of Ujian Ccna Lab Yang Pasti Keluar