VPN Lab 1 : GRE Tunnel
LAB 1
VPN ini biasa digunakan untuk menghubungkan 2 jaringan local yang terpisah melalui Internet. Contoh nyaa kita mempunyai 1 kantor cabang dan 1 kantor pusat. Kantor Pusat memiliki resource server yang biasa digunakan untuk memanagement seluruh jaringan kantor cabang.
Kita ingin agar Jaringan local yang ada di kantor pusat dapat berkomunikasi dengan jaringan local yang ada di kantor cabang melalui internet , maka masalah itu dapat di selesaikan menggunakan teknik VPN ini. Cara kerjanya kedua router akan membuat sebuah jalur Tunnel (Terowongan) untuk dapat berkomunikasi. Tunnel yang paling simple yang biasa digunakan adalah GRE Tunnel.
Configurasi IP
R1
R1(config)#interface f0/0
R1(config-if)#ip address 12.12.12.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#interface f0/1
R1(config-if)#ip address 13.13.13.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#interface lo0
R1(config-if)#ip add 8.8.8.8 255.255.255.255
R1(config-if)#exi
R1(config-if)#ip address 12.12.12.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#interface f0/1
R1(config-if)#ip address 13.13.13.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#interface lo0
R1(config-if)#ip add 8.8.8.8 255.255.255.255
R1(config-if)#exi
R2
R2(config)#interface f0/0
R2(config-if)#ip address 12.12.12.2 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#interface lo0
R2(config-if)#ip add 2.2.2.2 255.255.255.255
R2(config-if)#exit
R2(config-if)#ip address 12.12.12.2 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#interface lo0
R2(config-if)#ip add 2.2.2.2 255.255.255.255
R2(config-if)#exit
R3
R3(config)#interface f0/0
R3(config-if)#ip add 13.13.13.3 255.255.255.0 R3(config-if)#no shutdown
R3(config-if)#exit
R3(config)#interface lo0
R3(config-if)#ip add 3.3.3.3 255.255.255.255
R3(config-if)#exit
R3(config-if)#ip add 13.13.13.3 255.255.255.0 R3(config-if)#no shutdown
R3(config-if)#exit
R3(config)#interface lo0
R3(config-if)#ip add 3.3.3.3 255.255.255.255
R3(config-if)#exit
Tambahkan Default route di R2 dan R3.
R2
R2(config)#ip route 0.0.0.0 0.0.0.0 12.12.12.1
R3
R3(config)#ip route 0.0.0.0 0.0.0.0 13.13.13.1
Lalu test ping antara R2 dan R3
R2
R2(config)#do ping 8.8.8.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/28/64 ms
R3
R3(config)#do ping 3.3.3.3
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/8 ms
Dan sekarang kita akan lakukan membuat interface tunnel nya antara kantor
pusat dan cabang,.
R2
R2(config)#interface tunnel23
R2(config-if)#tunnel source f0/0
R2(config-if)#tunnel destination 13.13.13.3
R2(config-if)#ip address 172.16.10.1 255.255.255.252
R2(config-if)#exit
R3
R2(config)#interface tunnel23
R2(config-if)#tunnel source f0/0
R2(config-if)#tunnel destination 12.12.12.2
R2(config-if)#ip address 172.16.10.2 255.255.255.252
R2(config-if)#exit
Lakukan verifikasi pada R2 dan pastikan sudah “up” ya gaes dan kita lakukan
ping.
R2
R2(config)#do show int tunnel 23 | i protocol
Tunnel23 is up, line protocol is up
Tunnel protocol/transport GRE/IP
0 unknown protocol drops
R2(config)#do ping 172.16.10.2
Sending 5, 100-byte ICMP Echos to 172.16.10.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/38/116 ms
Oke sekarang interface tunnel nya sudah up dan sudah berhasil,
sekarang kita akan konfigurasi routing EIGRP nya.
R2 (Kantor pusat)
R2(config)#router eigrp 23
R2(config-router)#network 172.16.10.1 0.0.0.0
R2(config-router)#network 2.2.2.2 0.0.0.0
R2(config-router)#no auto-summary
R2(config-router)#exit
R3 (Kantor cabang)
R3(config)#router eigrp 23
R3(config-router)#network 3.3.3.3 0.0.0.0
R3(config-router)#network 172.16.10.2 0.0.0.0
R3(config-router)#no auto-summary
Verifikasi pada routing table R2 dan R3
R2
R2(config)#do show ip route eigrp
3.0.0.0/32 is subnetted, 1 subnets
D…………3.3.3.3 [90/27008000] via 172.16.10.2, 00:00:32, Tunnel23
R3
R3(config)#do show ip route eigrp
2.0.0.0/32 is subnetted, 1 subnets
D……….2.2.2.2 [90/27008000] via 172.16.10.1, 00:01:46, Tunnel32
Test ping
R2
R2(config)#do ping 3.3.3.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/31/44 ms
R3
R3(config)#do ping 2.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/35/52 ms
Jika ditraceroute maka traffic nya akan diarahkan via interface tunnel
R2
R2#traceroute 3.3.3.3 source 2.2.2.2
Type escape sequence to abort. Tracing the route to 3.3.3.3
1 172.16.10.2 52 msec 20 msec 36 msec
Comments
Post a Comment