Simulasi Cisco-Pix 2 Interface

Posted on December 29, 2006 | 3 Comments

Pada kesempatan kali ini, saya akan mencoba membuat konfigurasi Cisco-PIX dalam tahap-tahap yang sangat mendasar.

Hostname
PIX(config)#hostname Cisco-PIX

Password Console
Cisco-PIX(config)#passwd cisco
Cisco-PIX(config)#enable password cisco

Konfigurasi Interface
Cisco-PIX(config)#nameif ethernet0 outside security0
Cisco-PIX(config)#nameif ethernet1 inside security100

Cisco-PIX(config)#interface ethernet0 auto
Cisco-PIX(config)#interface ethernet1 auto

Cisco-PIX(config)#ip address outside 192.168.10.2 255.255.255.240
Cisco-PIX(config)#ip address inside 192.168.1.1 255.255.255.0

Static Route
route outside 0.0.0.0 0.0.0.0 192.168.10.1

Konfigurasi NAT Statik
1. Mendefinisikan local address yang akan di translasi (nat)
2. Mendefinisikan global address

Cisco-pix(config)#nat(inside) 1 192.168.1.0 255.255.255.0
Cisco-pix(config)#global(outside) 1 192.168.10.3 netmask 255.255.255.240

Cisco-PIX(config)#static(inside,outside) 192.168.10.4 192.168.1.2 netmask 255.255.255.255
Cisco-PIX(config)#static(inside,outside) 192.168.10.5 192.168.1.3 netmask 255.255.255.255
Cisco-PIX(config)#static(inside,outside) 192.168.10.6 192.168.1.4 netmask 255.255.255.255

Membuat Policy
Cisco-PIX(config)#access-list out-in permit tcp any host 192.168.1.2 255.255.255.255 eq www

Cisco-PIX(config)#access-list out-in permit tcp any host 192.168.1.3 255.255.255.255 eq www
Cisco-PIX(config)#access-list out-in permit tcp any host 192.168.1.3 255.255.255.255 eq pop3
Cisco-PIX(config)#access-list out-in permit tcp any host 192.168.1.3 255.255.255.255 eq smtp

Cisco-PIX(config)#access-list out-in permit tcp any host 192.168.1.4 255.255.255.255 eq www

Cisco-PIX(config)#access-list out-in deny ip any any

Cisco-PIX(config)#access-group out-in in interface outside

Menyimpan konfigurasi
Cisco-PIX(config)#write memory

Wassalam

Adi Maulana

This entry was posted in Cisco. Bookmark the permalink.

3 responses to “Simulasi Cisco-Pix 2 Interface

  1. Pingback: Adi Maulana

  2. master | February 1, 2008 at 6:17 pm | Reply

    di nanya ni, bukan nanya tentang konfigurasi diatas, tapi nanya tentang training yang kau ikuti, aku lihat dijadwal cisco ada beberapa jenis materi knapa lu ambil ccnp? apa yang lain udah pernah lo ambil, atau ccnp lebih banyak digunakan di tempat kerja lo sekarang. nach kalo gue belum pernah ikutan kursusan kayak gitu dan pengin ikutan buat bisa kerja ditempat yang seperti sekarang lo apa gue harus ambil semua materi cisco (kayaknye gak mungkin ya). enaknya ambil materi yang mana di. ini juga ngitung ongkos juga yang minim, thanks bales ke mailku ya.

  3. Dedet Saputra | March 7, 2011 at 10:12 am | Reply

    mau tanya, untuk setting QoS Cisco Router 1700 Series,
    untuk Pembagian Bandwidth,
    1. VoIP
    2. Email
    3. Database

    salam,
    dede S

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s