RSS

Lab 2.3.5 Configuring Basic Routing and Switching

6:34 PM | Labels:

Step 1: Connect PC1 to the switch
a. Connect PC1 to Fast Ethernet switch port Fa0/1. Configure PC1 to use the IP address, mask, and gateway as shown in the topology diagram.
b. Establish a terminal emulation session to the switch from PC1

Step 2: Perform an initial configuration on the switch
a. Configure the hostname of the switch as Switch1.
b. Set the privileged EXEC mode password to cisco.
c. Set the privileged EXEC mode secret password to class
d. Configure the console and virtual terminal lines to use a password and require it at login.
e. Exit from the console session and log in again. Which password was required?
Jawaban : Password yang sudah kita konfigurasikan di console  session yaitu password yang ada pada terminal pertama. password yang digunakan ialah cisco
Why?
Karena pada saat pengaturan kita telah memerintahkan setiap melakukan login pada sebuah terminal maka kita harus memasukkan password. karena untuk mengakses kelas atau host yang telah dibentuk menggunakan konfigurasi pada switch, sehingga kelas tersebut bersifat tertutup, sehingga membutuhkan password untuk login.

Step 3: Configure the switch management interface on VLAN 1
a. Enter the interface configuration mode for VLAN 1.
b. Set the IP address, subnet mask, and default gateway for the management interface.
Why does interface VLAN1 require an IP address in this LAN?  Interface dari VLAN akan memenejmen IP address di setiap computer yang berada di LAN. dibutuhkan alamt IP pada VLAN ini karena mengkonfigurasi dua router dengan menggunakan rute statis dan kemudian menggunakan protokol routing
c. What is the purpose of the default gateway?
Jawaban : Tujuan dari Default gateway adalah untuk melewatkan IP address yang berada di LAN yang berbeda.

Step 4: Verify configuration of the switch

Step 5: Perform basic configuration of router R1
a. Connect switch port Fa0/3 to interface Fa0/0 of router R1.
b. Establish a terminal emulation session to router R1 from PC1.
c. Enter privileged EXEC mode, and then global configuration mode.
d. Configure the router name as R1.
e. Disable DNS lookup
Why would DNS lookup be disabled in a lab environment?
Jawaban : karena jika menggunakan DNS IP address yang telah terdaftar saja yang bisa menggunakan jaringan, karena pada pengaturan ini IP address terdaftar secara otomatis.
f.  Configure the EXEC mode password
Why is it not necessary to use the enable password password command? 

Jawaban : karena telah dikonfigurasi sebelumnya , yaitu member password pada pengaturan host, sehingga tidak diperlukan lagi password pada password command.
g. Configure a message-of-the-day banner using the banner motd command. Where does this banner display?Jawaban : Banner display berada di atas
h. Configure the console and virtual terminal lines to use a password and require it at login.

Step 6: Configure interfaces and static routing on router R1
a. Configure the FastEthernet 0/0 interface with the IP address 192.168.1.1/24.
b. Configure the Serial 0/0/0 interface with the IP address 192.168.2.1/24. Set the clock rate to 64000.
c. Return to global configuration mode.
d. Create a static route to enable R1 to reach the network attached to the R2 Fa0/0 interface. Use the next hop interface on R2 as the path to this network.
Why is this static route the only one required?
Jawaban : karena Konfigurasi interface dan statis routing pada router R1 telah mendaftarkan terlebih dahulu IP address statis yang diperlukan.
e. Return to privileged EXEC mode.
f.  Save the configuration.
g. Shut down R1.

Step 7: Connect PC2 to router R2
a. Connect PC2 to the Fast Ethernet interface 0/0 of router R2. What kind of cable is required to connect a host directly to a router Ethernet port?
Jawaban : jenis kabel twisted, atau UTP
b. Establish a terminal emulation session with router R2 from PC2

Step 8: Perform basic configuration of router R2

Step 9: Connect the internetwork

Step 10: Verify and test the configurations
a. To verify that PC1 and Switch1 are correctly configured, ping the switch IP address from PC1.
b. To verify that Switch1 and R1 are correctly configured, ping the router Fa0/0 interface (default gateway) IP address from the Switch1 CLI.
c. To verify that PC2 and R2 are correctly configured, ping the router Fa0/0 interface from PC2. Were the pings successful? Ya berhasil
d. Verify that the routing tables have routes to all configured networks by using the show ip route command. What does the “S” indicate?
Jawaban : symbol “S” merupaakn pembatasan hak akses yang berarti security, karena telah dikonfigurasikan pada tahapan awal tadi.
e. Verify the router interface configurations using the show ip interface brief command. What should the output indicate for correctly configured, active interfaces?
Jawaban : jika terminal R1 dan R2 telah terkoneksi
f. View devices from R1’s terminal session using the show cdp neighbors command. If an additional switch is added between PC2 and R2, would that switch appear in this command output? No. Why or why not?
Jawaban : maka perlu ditambahakn perintah
R2(config-if)# interface FastEthernet 0 / 0
R2 (config-if) # ip address PC2(alamat IP addressnya) 255.255.255.0
R2 (config-if) # shutdown tidak

Step 11: Remove Static Route and configure a routing protocol on router R1

Step 12: Remove Static Route and configure a routing protocol on router R2

Step 13: Verify and test the configurations
a. To verify that PC1 and Switch1 are correctly configured, ping the switch IP address from PC1.
b. To verify that Switch1 and R1 are correctly configured, ping the router Fa0/0 interface (default gateway) IP address from the Switch1 CLI.
c. To verify that PC2 and R2 are correctly configured, ping the router Fa0/0 interface from PC2. Were the pings successful?
d. Verify that the routing tables have routes to all configured networks by using the show ip route command. R2’s routing table should display:
What does the “R” indicate?
On R1, which route would be displayed with an “R”?
Jawaban : huruf R menunjukkan proses routing yang telah dikonfigurasikan untuk menghubungkan R1 dan R2 pada temapt yang berbeda.
e. Verify the router interface configurations using the show ip interface brief command.
f. View devices from R1’s terminal session using the show cdp neighbors command.

Step 14: Use the switch management interface
a. Open a command prompt on PC1, and enter the telnet command followed by the IP address assigned to management interface VLAN 1.
b. Enter the vty password configured in Step 2 to gain access to the switch.
c. At the switch prompt, issue the show version command. Switch1>show version
d. What is the Cisco IOS version of this switch?
e. Determine which MAC addresses the switch has learned by using the show mac-address-table command at the privileged EXEC mode prompt.
How can you determine the MAC address belonging to PC1?
dapat dilihat dari table mac address dan lihat computer PC1 .
Does PC1’s MAC address match one in the switch table? 
Jawaban : Ya
f. To allow the switch port FastEthernet 0/1 to accept only one device, configure port security as follows:
g. Check the port security settings. If a host other than PC1 attempts to connect to Fa0/1, what will happen?
Jawaban : Akan dimatikan secara otomatis.
h. Issue the show interfaces command. What is the duplex and speed setting for Fa0/5 now?
i. Enter quit at the switch command prompt to terminate the Telnet session.

Step 15: Reflection
a. Describe a situation in which you would use virtual terminal access to manage a switch, as you did in Step 11.
Jawaban : bisa di implementasika pada kantor kecil yang jaraknya dekat atau bersebelahan.
b. Which symbol is used to show a successful ping in the Cisco IOS software?
Jawaban : congratulation 
c. Which commands used in this lab would provide the best documentation for this network?
Jawaban : Switch1 # show mac-address-table
d. This lab gave you an opportunity to review and display your knowledge of configuration commands. If you were asked to state three rules for “best practices” in device configuration, what would they be?
Jawaban : 
1. Menetukan rute terbaik
2. memilih jenis protocol yang digunakan dan membatasi IP address
3. mendaftarkan MAC address
e. Erase and reload all devices.

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS
Read User's Comments(0)
Posted by Monica Fransisca

Lab 1.2.2 Capturing and Analyzing Network Traffic

6:32 PM | Labels:

Step 1: Connect the routers and configure
a.  Connect the two routers with a serial cable. RouterA will provide the clocking signal between the two routers. Use S0/0/0 on both routers to connect them.
b.  Use RIP as the protocol when configuring both routers. Advertise the appropriate networks on each router.
c.  Connect the Fa0/0 on RouterA with a crossover cable to the server running the Discovery Server Live CD.
d.  RouterB will use a straight-through cable from its Fa0/0 to connect to the switch through the Fa0/1. Configure the routers as shown in the topology diagram above.

Step 2: Connect the host to the switch and configure

Step 3: Verify connectivity using ping
a.  To verify that the network is set up successfully, ping from the host to the server.
b.  If the ping is not successful, verify the connections and configurations again. Check to ensure that all cables are correct and that connections are seated. Check the host, server, and router configurations.
c.  Was the ping successful? 
Jawaban: Ya, karena adanya reply from.

Step 4: Launch Wireshark
NOTE: Wireshark may be downloaded from the Internet at www.wireshark.org and installed on each local host.  If this is not possible, Wireshark may be run from the Discovery Live CD. Check with your instructor to determine which procedure to follow.
a.  If running Wireshark from the local host, double-click on the icon to begin the application and proceed to step d.  If running Wireshark from the Discovery server, proceed to step b.
b. From the K Start menu on the server desktop, choose Internet> Wireshark Network Analyzer.
c.  Launch Wireshark if it is not already open. If prompted for a password, enter discoverit.
d.  To start data capture, go to the Capture menu click Options. The Options dialog provides a range of settings and filters that determine how much data traffic is captured.
e.  Ensure that Wireshark is set to monitor the correct interface. From the Interface drop-down list, select the network adapter in use. For most computers, this will be the connected Ethernet Adapter.
f.  Next, other options can be set. The two options highlighted below are worth examination: Capture packets in promiscuous mode and Enable transport name resolution.
•  Setting Wireshark to capture packets in promiscuous mode
•  Setting Wireshark for network name resolution
• Clicking the Start button starts the data capture process. A message box displays the progress of this process.
•  Create some traffic to be captured. Issue a ping and tracert from the host and watch for routing updates.
•   Clicking the Stop button terminates the capture process. The main screen is displayed.
•  The PDU (or Packet) List pane at the top of the diagram displays a summary of each packet captured. By clicking on packets in this pane, you control what is displayed in the other two panes.
•  The PDU (or Packet) Details pane in the middle of the diagram displays the packet selected in the Packet List Pane in more detail.
•  The PDU (or Packet) Bytes pane at the bottom of the diagram displays the actual data (in hexadecimal form representing the actual binary) from the packet selected in the Packet List pane, and highlights the field selected in the Packet Details pane.

Step 5: Ping PDU Capture
a. Launch Wireshark.
b.  Set the Capture Options as described in Step 4 and start the capture process.
c.  From the command line of the host, ping the IP address of the server on the other end of the lab topology. In this case, ping the Discovery Server Live CD using the command ping 172.17.1.1.
d.  After receiving the successful replies to the ping in the command-line window, stop the packet capture.

Step 6: Examine the Packet List pane
a.  The Packet List pane on Wireshark should now look similar to this:
b.  Look at the packets listed; we are interested in the packets numbered 3 through 10.
c.  Locate the equivalent packets on the packet list on your computer. The numbers may be different.
d.  From the Wireshark Packet List, answer the following questions:
1)  What protocol is used by ping? 
Jawaban : protocol yang digunakan adalah TCP
2)  What is the full protocol name? 
Jawaban : Inthernet Protocol,  Src : 192.168.174.14 (192.168.174.14) Dst : ( 192.168.172.1)
3)  What are the names of the two ping messages? 
Jawaban : Replay and Request
4)  Are the listed source and destination IP addresses what you expected?
5)  Why? 
Jawaban : Ya,  tercantum alamat IP situs yang diharapkan, karena wireshark sudah tersedia program packet list pane dan packet details pane.

Step 7: Examine the Packet Details pane
a.  Select (highlight) the first echo request packet on the list with the mouse. The Packet Detail pane will now display something similar to this:
b.  Click each of the four + to expand the information. The packet Detail Pane will now be similar to:
c.  Spend some time scrolling through this information. At this stage of the course, you may not fully understand the information displayed. Make a note of the information you do recognize.
d.  Locate the two different types of Source and Destination.
e.  Select a line in the Packets Detail pane (middle pane). Notice that all or part of the information in the Packet Bytes pane also becomes highlighted.
f.  Go to the File menu and click Close.
g. Click Continue without Saving when this message box appears.

Step 8: Perform an FTP PDU Capture
a.  Assuming that Wireshark is still running from the previous steps, start packet capture by clicking the Start option on the Wireshark Capture menu.
b.  At the command line on your host, enter ftp 172.17.1.1. When the connection is established, enter anonymous as the user.
c.  When successfully logged in, enter get  /pub/Discovery_1/document_1 and press the Enter key. Note that there is a space after get. This command will start downloading the file from the ftp server. The output will look similar to:
C:\> ftp 172.17.1.1
Connected to 172.17.1.1
220 Welcome to The CCNA-Discovery FTP service.
ftp> get /pub/Discovery_1/document_1
200 PORT command successful. Consider using PASV.
150 Opening BINARY mode data connection for pub/Discovery_1/document_1
<73 bytes>.
226 File send OK.
ftp: 73 bytes received in 0.03Seconds 2.35Kbytes/sec.
d.  When the file download is complete, enter quit.
ftp> quit
221 Goodbye.
C:\>
e.  Stop the PDU capture in Wireshark.

Step9: Examine the Packet List pane
a.  Increase the size of the Wireshark Packet List pane and scroll through the PDUs listed.
b.  Locate and note those PDUs associated with the file download. These will be the PDUs from the Layer 4 protocol TCP and the Layer 7 protocol FTP.
c.  Identify the three groups of PDUs associated with the file transfer. The first group is associated with the connection phase and logging into the server. List examples of messages exchanged in this phase.
d.  Locate and list examples of messages exchanged in the second phase that is the actual download request and the data transfer.
e.  The third group of PDUs relate to logging out and breaking the connection. List examples of messages exchanged during this process.
f.  Locate recurring TCP exchanges throughout the FTP process. What feature of TCP does this indicate?

Step 10: Examine Packet Details and Packet Byte panes
a.  Select (highlight) a packet on the list associated with the first phase of the FTP process. View the packet details in the Packet Details pane.
b.  What are the protocols encapsulated in the frame?
c.  Highlight the packets containing the username and password. Examine the highlighted portion in the Packet Byte pane. What does this say about the security of this FTP login process? As you can see, the details for each section and protocol can be expanded further.  Why are there two types? 
Jawaban : Karena masing masing memiliki fungsi tertentu, misalnya meskipun sama sama menampilkan alamat IP address akan tetapi yang pertama berfungsi sebagai koneksi dengan alamat tujuan beserta protocol yang digunakan, sedangkan yang kedua berfungsi sebagai penerjemah dari koneksi ping alamat yang dituju.
d. What protocols are in the Ethernet frame? 
Jawaban : HTTP

Step 11: Perform an HTTP PDU Capture
a.  Start packet capture. Assuming that Wireshark is still running from the previous steps, start packet
capture by clicking the Start option on the Wireshark Capture menu.
b.  Launch a web browser on the computer that is running Wireshark.
c.  Enter the IP address of the Discovery Server 172.17.1.1 in the address box. When the webpage has
fully downloaded, stop the Wireshark packet capture.

Step 12: Examine the Packet List pane
a.  Increase the size of the Wireshark Packet List pane and scroll through the PDUs listed.
b.  Locate and identify the TCP and HTTP packets associated with the webpage download.
c.  Note the similarity between this message exchange and the FTP exchange.

Step 13: Examine the Packet Details and Bytes panes
a.  In the Packet List pane, highlight an HTTP packet that has the notation (text/html) in the Info
column.
b.  In the Packet Details pane, click the + next to Line-based text data: html. When this information expands, what is displayed?
c.  Examine the highlighted portion of the Byte pane. This portion shows the HTML data carried by the packet.
d.  When finished, close the Wireshark file and continue without saving.

Step 14: Analyze the capture
a.  Look at the capture below and examine the various protocols being used in this network.
b.  List the protocols used on the network shown above.
c.  Examine the capture below.
d.  What two protocols are listed in this capture that was not listed in the previous capture?
e.  Compare the first capture in Step 14 with the second capture. What is one noticeable difference
between the HTTP and HTTPS protocols?

Step 15: Reflection
How are the OSI and TCP/IP Layer models reflected in the captured network data provided by Wireshark?
Jawaban : Pada wireshark disemulasikan proses pengiriman paket data sepertti halnya pada osi layer, akan tetapi pada wireshark dibagi menjadi 3 bagian, paket pertama menetukan secara umum alamat ip address dalam pengiriman data dan menggunakan protocol apa, pada paket ayng kedua jenis nya lebih merinci  kepada alamat yang akan digunakan sebagai pengirim dan penerima, dan pada paket ketiga bit bit data dikalkulasikan sehingga data bisa disimpan dalam bentuk file.

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS
Read User's Comments(0)
Posted by Monica Fransisca
Subscribe to: Posts (Atom)