Tuesday 17 November 2020

Cisco Switch sebagai DHCP Server

Ni Switch & PC baru, dalam ni belum configure apa2 pun lagi.

Switch tu kita akan jadikan DHCP Server.

PC tu jadi DHCP client. Jadi PC tu tak payah usik apa2. Sebab tu lah IP dia 0.0.0.0 .

.
Packet Tracer PC Command Line 1.0
C:\>ipconfig

FastEthernet0 Connection:(default port)

Connection-specific DNS Suffix..:
IPv4 Address....................: 0.0.0.0
Subnet Mask.....................: 0.0.0.0
Default Gateway.................: ::

0.0.0.0 

1st step kenalah set IP dulu dalam Switch. IP tu kena set dalam VLAN.

By default cuma ada VLAN 1 je, tapi tak digalakkan guna Default VLAN ni sebagai Management VLAN.

Jadi kita buat VLAN baru, katakan VLAN 90 untuk Management VLAN

1. Create VLAN 90 untuk Management

Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#vlan 90
Switch(config-vlan)#name Management
Switch(config-vlan)#exit
Switch(config)#

Guna command show vlan brief perhatikan VLAN 90 dah pun ada kat situ

Status active

Tapi Port takde lagi.

Switch#show vlan brief

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gig0/1, Gig0/2
90 Management active

Jadi kenala assign port dekat VLAN 90 tu

Switch(config)#int Fa0/1
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 90
Switch(config-if)#e

Dalam global config mode takleh run command show macam biasa. Kalau run jugak kuar error macam ni.

Switch(config)#show vlan brief
^
% Invalid input detected at '^' marker.
Switch(config)#

Tapi boleh je kalau nak run pun, letak do je kat depan tu.

Switch(config)#do show vlan brief

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/2, Fa0/3, Fa0/4, Fa0/5
Fa0/6, Fa0/7, Fa0/8, Fa0/9
Fa0/10, Fa0/11, Fa0/12, Fa0/13
Fa0/14, Fa0/15, Fa0/16, Fa0/17
Fa0/18, Fa0/19, Fa0/20, Fa0/21
Fa0/22, Fa0/23, Fa0/24, Gig0/1
Gig0/2
90 Management active Fa0/1

OK sekarang ni port Fa0/1 dah pun kita assign pada VLAN 90 (Management).

Tapi IP belum lagi kita set dekat VLAN 90 ni.

Switch#show ip interface brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0/1 unassigned YES manual up up
FastEthernet0/2 unassigned YES manual down down
FastEthernet0/3 unassigned YES manual down down
...
FastEthernet0/24 unassigned YES manual down down
GigabitEthernet0/1 unassigned YES manual down down
GigabitEthernet0/2 unassigned YES manual down down
Vlan1 unassigned YES manual administratively down down
Vlan90 unassigned YES manual up up
Switch#

Nak set IP dekat VLAN senang je

Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#interface vlan 90
Switch(config-if)#ip address 10.1.1.1 255.255.255.0
Switch(config-if)#e
Switch(config)#

Cek lagi sekali. Nampak tak IP dah ada, Status & Protocol pun up

Switch(config)#do show ip interface brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0/1 unassigned YES manual up up
...
GigabitEthernet0/2 unassigned YES manual down down
Vlan1 unassigned YES manual administratively down down
Vlan90 10.1.1.1 YES manual up up
Switch(config)#

Ok sekarang set DHCP server pulak dekat Switch. 2 line ni je cukup

Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#ip dhcp pool CUBAAN
Switch(dhcp-config)#network 10.1.1.0 255.255.255.0

Kalau tengok dekat show running-config atau sh run , ni lah config semasa DHCP

!
ip dhcp pool CUBAAN
network 10.1.1.0 255.255.255.0
!

Pergi kat PC, try renew IP, maka dapatlah IP & subnet mask.

Kalau DHCP request failed , cuba lagi macam kat bawah ni.


Gateway & DNS 0.0.0.0 sebab kita tak set tadi

C:\>ipconfig /renew

IP Address......................: 10.1.1.2
Subnet Mask.....................: 255.255.255.0
Default Gateway.................: 0.0.0.0
DNS Server......................: 0.0.0.0

Kalau nak guna Gateway atau DNS Server tambah je 2 command ni dalam dhcp-config tadi.

Switch(dhcp-config)#default-router 10.1.1.1
Switch(dhcp-config)#dns-server 10.1.1.1
Switch(dhcp-config)#

Try, renew balik IP

C:\>ipconfig /renew

IP Address......................: 10.1.1.2
Subnet Mask.....................: 255.255.255.0
Default Gateway.................: 10.1.1.1
DNS Server......................: 10.1.1.1

C:\>

Kali ni Gateway atau DNS Server dah pun ada.

Sunday 15 November 2020

Jenis-jenis VLAN

 



Beberapa jenis VLAN

1. VLAN 1 - Default

2. Data VLAN. Contohnya


Buat 2 VLAN baru

VLAN 50 - Data VLAN

VLAN 90 - Management VLAN

show vlan brief / sh vl b

Switch#show vlan brief

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Gig0/1
Gig0/2
50 Data active Fa0/5, Fa0/6, Fa0/7, Fa0/8
90 Management active Fa0/24
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
Switch#

show ip interface brief / sh ip int b

Switch#sh ip int b
Interface IP-Address OK? Method Status Protocol
FastEthernet0/1 unassigned YES manual up up
FastEthernet0/2 unassigned YES manual down down
FastEthernet0/3 unassigned YES manual down down
FastEthernet0/4 unassigned YES manual down down
FastEthernet0/5 unassigned YES manual up up
FastEthernet0/6 unassigned YES manual down down
FastEthernet0/7 unassigned YES manual down down
FastEthernet0/8 unassigned YES manual down down
FastEthernet0/9 unassigned YES manual down down
FastEthernet0/10 unassigned YES manual down down
FastEthernet0/11 unassigned YES manual down down
FastEthernet0/12 unassigned YES manual down down
FastEthernet0/13 unassigned YES manual down down
FastEthernet0/14 unassigned YES manual down down
FastEthernet0/15 unassigned YES manual down down
FastEthernet0/16 unassigned YES manual down down
FastEthernet0/17 unassigned YES manual down down
FastEthernet0/18 unassigned YES manual down down
FastEthernet0/19 unassigned YES manual down down
FastEthernet0/20 unassigned YES manual down down
FastEthernet0/21 unassigned YES manual down down
FastEthernet0/22 unassigned YES manual down down
FastEthernet0/23 unassigned YES manual down down
FastEthernet0/24 unassigned YES manual up up
GigabitEthernet0/1 unassigned YES manual down down
GigabitEthernet0/2 unassigned YES manual down down
Vlan1 unassigned YES manual administratively down down
Vlan50 unassigned YES manual up up
Vlan90 10.1.90.2 YES manual up up
Switch#
Switch#

show interfaces status / sh int st

Switch#show interfaces status
Port Name Status Vlan Duplex Speed Type
Fa0/1 connected 1 auto auto 10/100BaseTX
Fa0/2 notconnect 1 auto auto 10/100BaseTX
Fa0/3 notconnect 1 auto auto 10/100BaseTX
Fa0/4 notconnect 1 auto auto 10/100BaseTX
Fa0/5 connected 50 auto auto 10/100BaseTX
Fa0/6 notconnect 50 auto auto 10/100BaseTX
Fa0/7 notconnect 50 auto auto 10/100BaseTX
Fa0/8 notconnect 50 auto auto 10/100BaseTX
Fa0/9 notconnect 1 auto auto 10/100BaseTX
Fa0/10 notconnect 1 auto auto 10/100BaseTX
Fa0/11 notconnect 1 auto auto 10/100BaseTX
Fa0/12 notconnect 1 auto auto 10/100BaseTX
Fa0/13 notconnect 1 auto auto 10/100BaseTX
Fa0/14 notconnect 1 auto auto 10/100BaseTX
Fa0/15 notconnect 1 auto auto 10/100BaseTX
Fa0/16 notconnect 1 auto auto 10/100BaseTX
Fa0/17 notconnect 1 auto auto 10/100BaseTX
Fa0/18 notconnect 1 auto auto 10/100BaseTX
Fa0/19 notconnect 1 auto auto 10/100BaseTX
Fa0/20 notconnect 1 auto auto 10/100BaseTX
Fa0/21 notconnect 1 auto auto 10/100BaseTX
Fa0/22 notconnect 1 auto auto 10/100BaseTX
Fa0/23 notconnect 1 auto auto 10/100BaseTX
Fa0/24 connected 90 auto auto 10/100BaseTX
Gig0/1 notconnect 1 auto auto 10/100BaseTX
Gig0/2 notconnect 1 auto auto 10/100BaseTX

Switch#

...

Lab VLAN 3: Management VLAN

Masa ni Switch takde IP Address lagi,

Kalau nak manage Switch ni, kita kenalah set IP.

IP tu set pada Management VLAN.

Elakkan guna VLAN 1 sebagai Management VLAN.

Create VLAN lain, katakan VLAN 90, dan assign IP untuk dijadikan Management VLAN.

PC1

C:\>ipconfig 10.1.10.1 255.255.255.0
C:\>ipconfig

FastEthernet0 Connection:(default port)

Connection-specific DNS Suffix..:
IPv4 Address....................: 10.1.10.1
Subnet Mask.....................: 255.255.255.0

PC2

C:\>ipconfig 10.1.20.1 255.255.255.0
C:\>ipconfig

FastEthernet0 Connection:(default port)

Connection-specific DNS Suffix..:
IPv4 Address....................: 10.1.20.1
Subnet Mask.....................: 255.255.255.0
PC3

C:\>ipconfig 10.1.90.1 255.255.255.0
C:\>ipconfig

FastEthernet0 Connection:(default port)

Connection-specific DNS Suffix..:
IPv4 Address....................: 10.1.90.1
Subnet Mask.....................: 255.255.255.0

1. Create VLAN 90 untuk Management

Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#vlan 90
Switch(config-vlan)#name Management
Switch(config-vlan)#exit
Switch(config)#

2. Assign port pada VLAN 90

Switch(config)#int f0/24
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 90
Switch(config-if)#


3. Assign IP pada VLAN 90

Switch(config)#interface vlan 90
Switch(config-if)#
%LINK-5-CHANGED: Interface Vlan90, changed state to up

Switch(config-if)#ip address 10.1.90.2 255.255.255.0
Switch(config-if)#
Switch(config-if)#end
Switch#

Kalau semua ok, Status dan Protocol akan up

Switch#sh ip int b
Interface IP-Address OK? Method Status Protocol
...
Vlan90 10.1.90.2 YES manual up up
Switch#

Kalau tertinggal satu step, katakan tak assign port pada VLAN 90, Status up tapi Protocol down macam ni haaa

Switch#sh ip int b
Interface IP-Address OK? Method Status Protocol
...
Vlan90 10.1.90.2 YES manual up down
Switch#

.

Lab VLAN 2: Buat 2 VLAN baru

 VLAN 10 & VLAN 50


Switch>enable
Switch#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#

Nama VLAN tak boleh ada space

Switch(config)#vlan 10
Switch(config-vlan)#name Kewangan
Switch(config-vlan)#vlan 50
Switch(config-vlan)#name Sumber-Manusia
Switch(config-vlan)#exit Switch(config)#

Masa ni dah ada 2 VLAN tambahan, tapi belum ada ports assign dekat VLAN 10 & VLAN 50

Switch(config)#do show vlan brief

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gig0/1, Gig0/2
10 Kewangan active
50 Sumber-Manusia active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
Switch(config)#d

Assign port FastEthernet 0/1-4 pada VLAN 10
Switch(config)#interface range FastEthernet 0/1-4
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 10
Switch(config-if-range)#end
Switch#

Sh run
Switch#show running-config
Building configuration...

Current configuration : 1284 bytes
!
...
!
interface FastEthernet0/1
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/2
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/3
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/4
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/5
!
...

Masa ni, port FastEthernet 0/1-4 dah pun di assign pada VLAN 10

Switch#show vlan brief

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gig0/1, Gig0/2
10 Kewangan active Fa0/1, Fa0/2, Fa0/3, Fa0/4
50 Sumber-Manusia active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
Switch#

Masa ni, port FastEthernet 0/1-4 dah pun di assign pada VLAN 10 (Kewangan)

PC1 tak boleh lagi ping PC2 dan begitu juga sebaliknya sebab kedua-duanya ada dalam VLAN yang berbeza.

PC1 - VLAN 10
PC2 - VLAN 1 (default)

C:\>ping 10.1.1.2

Pinging 10.1.1.2 with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 10.1.1.2:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

C:\>

Ulang langkah sama pada VLAN 50
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#int range f0/5-8
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 50
Switch(config-if-range)#end
Switch#
%SYS-5-CONFIG_I: Configured from console by console

Switch#

Verify
Switch#show vlan b

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gig0/1, Gig0/2
10 Kewangan active Fa0/1, Fa0/2, Fa0/3, Fa0/4
50 Sumber-Manusia active Fa0/5, Fa0/6, Fa0/7, Fa0/8
..

Lab VLAN 1: 2 PC, 1 Switch, VLAN 1, Default VLAN

 Masa ni PC1 masih boleh ping PC2 dan sebaliknya sebab masih dalam VLAN yang sama. Default VLAN iaitu VLAN 1


PC1
C:\>ipconfig 10.1.1.1 255.255.255.0
C:\>ipconfig

FastEthernet0 Connection:(default port)

Connection-specific DNS Suffix..:
IPv4 Address....................: 10.1.1.1
Subnet Mask.....................: 255.255.255.0
Default Gateway.................: ::
0.0.0.0

PC2
C:\>ipconfig 10.1.1.2 255.255.255.0
C:\>ipconfig

FastEthernet0 Connection:(default port)

Connection-specific DNS Suffix..:
IPv4 Address....................: 10.1.1.2
Subnet Mask.....................: 255.255.255.0
Default Gateway.................: ::
0.0.0.0

Ping PC1 ke PC2

C:\>ping 10.1.1.2

Pinging 10.1.1.2 with 32 bytes of data:

Reply from 10.1.1.2: bytes=32 time=1ms TTL=128
Reply from 10.1.1.2: bytes=32 time<1ms TTL=128
Reply from 10.1.1.2: bytes=32 time<1ms TTL=128
Reply from 10.1.1.2: bytes=32 time<1ms TTL=128

Ping statistics for 10.1.1.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 1ms, Average = 0ms

C:\>

Ping PC2 ke PC1

C:\>ping 10.1.1.1

Pinging 10.1.1.1 with 32 bytes of data:

Reply from 10.1.1.1: bytes=32 time=1ms TTL=128
Reply from 10.1.1.1: bytes=32 time<1ms TTL=128
Reply from 10.1.1.1: bytes=32 time<1ms TTL=128
Reply from 10.1.1.1: bytes=32 time<1ms TTL=128

Ping statistics for 10.1.1.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 1ms, Average = 0ms

C:\>

Switch

Default VLAN

Semua ports masih lagi dalam VLAN 1

Switch#show vlan brief

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gig0/1, Gig0/2
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
Switch#

...

Saturday 7 November 2020

Cara download Cisco Packet Tracer

1. Pergi ke https://www.netacad.com/courses/packet-tracer/introduction-packet-tracer


2. Scroll bawah, letakkan tetikus (mouse) pada Sign up today!

3. Klik English

4. Pop-up akan bawak ke tab baru ... https://www.netacad.com/portal/self-enroll/m/133944


5. Isi maklumat yang diminta

6. Kemudian tekan butang Submit

7. Cek email


8. Klik Confirm email address >>

9. Pergi ke https://www.netacad.com/ untuk Login


10. Scroll bawah sket

11. Download ikut OS masing-masing


12. Andaikata tak jumpa link untuk download tu lepas login, terus ke https://www.netacad.com/portal/resources/packet-tracer

Nota: Pastikan dah login siap-siap masa tu, kalau tak dia akan redirect balik ke login page atau https://www.netacad.com/

scroll bawah sekali dan patutnya jumpa link untuk download tu jugak


13. Install seperti biasa