Biasanyahal ini terjadi karena settingan firewall pada masing-masing komputer yang masih aktif. Berikut langkah-langkahnya : Cara Pertama : Matikan Firewall. buka cmd lalu ketik firewall.cpl. Cukup seperti itu saja maka komputer akan bisa saling bisa ping. Namun, cara yang pertama ini sebenarnya kurang tepat, karena firewall itu sesungguhnya Caranyaadalah ketik CMD di Run, lalu Setelah muncul layar Hitam Ketik : Ping (IP ini hanya Contoh saja), kemudian Enter. Pembuatan Jaringan Peer to Peer selsai, selanjutnya adalah Tutorial Sharing File.. 1. Pertama adalah Pilih folder yg akan di Share. Lalu Klik kanan pada folder tersebut. Untukmelakukan konfigurasi trunk pada switch cisco berikut ini adalah sintaksnya : Masuk pada mode konfigurasi interface yang akan dijadikan sebagai jalur trunk. Switch (config)# int fx/x. Kemudian ganti mode switchport mode menjadi trunk. Switch (config-if)# switchport mode trunk Switch (config-if)# exit. Merupakansebuah cara kerja firewall dengan memonitor paket yang masuk dan keluar, mengizinkannya untuk lewat atau tertahan berdasarkan alamat Internet Protocol (IP), protokol, dan portnya. Packet filtering biasanya cukup efektif digunakan untuk menahan serangan dari luar sebuah LAN. PANDUANKONFIGURASI FIREWALL DI CISCO PACKET TRACER - YouTube. Here in this article we will tell that how to configure Site-to-Site IPSEC VPN between a Cisco IOS Router and ASA Firewall. ASA configuration is not much different from Cisco IOS with regards to IPSEC VPN since the fundamental concepts are the same.. Consider the following diagram. The first site (Remote1) is equipped with a Cisco ASA firewall (any model) and the second site (Remote2) is Adayg tau cara setting modem ZTE ZXA10 F660? Ane pake koneksi Speedy udah punya username dan password. dengan bridge, dial dari mikrotik, setting routingan dan nat, firewall akhirnya bisa lagi deh port forward intinya MINTA GANTI KE MODE BRIDGE, DIAL DARI MIKTRotIK 24-07-2014 15:07 . 0. gigi_herang . 23-08-2014 01:19 . Kaskuser Posts: 149 #13. MIKROTIKFIREWALL Ebook ini berupa laporan praktikum Mikrotik, yang saya yakin akan sangat mudah difahami, karna di analisa dengan begitu detail. Laporan ini di susun oleh rekan-rekan elektro-informatika angkatan 2008. carablokir user yang suka download file. Blokir akses download file-file besar seperti iso, mp4, rar, dll. Sangat mudah dengan menggunakan mikrotik, sama seperti cara blokir trafik pada umumnya blokir file berdasarkan extension atau format-format file tertentu dapat menggunakan service atau layanan dari salah satu fitur mikrotik yaitu Firewall. CaraSetting Modem Router D-Link DSL-2640B menjadi Cara Setting Modem Huawei HG8245A/H Bridge Atau Ak Langkah-langkah Konfigurasi Modem Prolink ADSL PRN Kumpulan Soal-Soal tentang Subscriber Internet Tel KONFIGURASI VOIP PADA SKYPE; Fungsi Firewall Pada Jaringan Voip. Oktober (4) yMg3We. You’ve graduated from setting up that new wireless router and are ready for your next adventure setting up a firewall. Gulp. We know, seems really intimidating. But breathe easy, because we’ve broken it down to 6 simple steps that should help you on your way to network-security nirvana. And off we go… Step 2 Architect firewall zones and IP addresses No heavy lifting required. To best protect your network’s assets, you should first identify them. Plan out a structure where assets are grouped based on business and application need similar sensitivity level and function, and combined into networks or zones. Don’t take the easy way out and make it all one flat network. Easy for you is easy for attackers! All your servers that provide web-based services email, VPN should be organized into a dedicated zone that limits inbound traffic from the internet—often called a demilitarized zone, or DMZ. Alternatively, servers that are not accessed directly from the internet should be placed in internal server zones. These zones usually include database servers, workstations, and any point of sale POS or voice over internet protocol VoIP devices. If you are using IP version 4, internal IP addresses should be used for all your internal networks. Network address translation NAT must be configured to allow internal devices to communicate on the internet when necessary. After you have designed your network zone structure and established the corresponding IP address scheme, you are ready to create your firewall zones and assign them to your firewall interfaces or sub-interfaces. As you build out your network infrastructure, switches that support virtual LANs VLANs should be used to maintain level-2 separation between the networks. Step 3 Configure access control lists It’s your party, invite who you want. Once network zones are established and assigned to interfaces, you will start with creating firewall rules called access control lists, or ACLs. ACLs determine which traffic needs permission to flow into and out of each zone. ACLs are the building blocks of who can talk to what and block the rest. Applied to each firewall interface or sub-interface, your ACLs should be made specific as possible to the exact source and/or destination IP addresses and port numbers whenever possible. To filter out unapproved traffic, create a “deny all” rule at the end of every ACL. Next, apply both inbound and outbound ACLs to each interface. If possible, disable your firewall administration interfaces from public access. Remember, be as detailed as possible in this phase; not only test out that your applications are working as intended, but also make sure to test out what should not be allowed. Make sure to look into the firewalls ability to control next generation level flows; can it block traffic based on web categories? Can you turn on advanced scanning of files? Does it contain some level of IPS functionality. You paid for these advanced features, so don’t forget to take those "next steps" Step 4 Configure your other firewall services and logging Your non-vinyl record collection. If desired, enable your firewall to act as a dynamic host configuration protocol DHCP server, network time protocol NTP server, intrusion prevention system IPS, etc. Disable any services you don’t intend to use. To fulfill PCI DSS Payment Card Industry Data Security Standard requirements, configure your firewall to report to your logging server, and make sure that enough detail is included to satisfy requirement through of the PCI DSS. Step 5 Test your firewall configuration Don’t worry, it’s an open-book test. First, verify that your firewall is blocking traffic that should be blocked according to your ACL configurations. This should include both vulnerability scanning and penetration testing. Be sure to keep a secure backup of your firewall configuration in case of any failures. If everything checks out, your firewall is ready for production. TEST TEST TEST the process of reverting back to a configuration. Before making any changes, document and test your recovering procedure. Step 6 Firewall management All fires need stoking. Once your firewall is configured and running, you will need to maintain it so it functions optimally. Be sure to update firmware, monitor logs, perform vulnerability scans, and review your configuration rules every six months. Contents Table of Contents Troubleshooting Bookmarks Quick Links Cisco ASA 5500 Series Configuration Guide using ASDM Software Version for use with Cisco ASA 5500 Version Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA Tel 408 526-4000 800 553-NETS 6387 Fax 408 527-0883 Customer Order Number N/A, Online only Text Part Number OL-20339-01 Chapters Related Manuals for Cisco ASA 5505 Summary of Contents for Cisco ASA 5505 Table Of Contents Configuring a Simple Firewall Configure Access Lists Configure Inspection Rules Apply Access Lists and Inspection Rules to Interfaces Configuration Example Configuring a Simple Firewall The Cisco 850 and Cisco 870 series routers support network traffic filtering by means of access lists. The routers also support packet inspection and dynamic temporary access lists by means of Context-Based Access Control CBAC. Basic traffic filtering is limited to configured access list implementations that examine packets at the network layer or, at most, the transport layer, permitting or denying the passage of each packet through the firewall. However, the use of inspection rules in CBAC allows the creation and use of dynamic temporary access lists. These dynamic lists allow temporary openings in the configured access lists at firewall interfaces. These openings are created when traffic for a specified user session exits the internal network through the firewall. The openings allow returning traffic for the specified session that would normally be blocked back through the firewall. See the Cisco IOS Security Configuration Guide, Release for more detailed information on traffic filtering and firewalls. Figure 8-1 shows a network deployment using PPPoE or PPPoA with NAT and a firewall. Figure 8-1 Router with Firewall Configured 1 Multiple networked devices—Desktops, laptop PCs, switches 2 Fast Ethernet LAN interface the inside interface for NAT 3 PPPoE or PPPoA client and firewall implementation—Cisco 851/871 or Cisco 857/876/877/878 series access router, respectively 4 Point at which NAT occurs 5 Protected network 6 Unprotected network 7 Fast Ethernet or ATM WAN interface the outside interface for NAT In the configuration example that follows, the firewall is applied to the outside WAN interface FE4 on the Cisco 851 or Cisco 871 and protects the Fast Ethernet LAN on FE0 by filtering and inspecting all traffic entering the router on the Fast Ethernet WAN interface FE4. Note that in this example, the network traffic originating from the corporate network, network address is considered safe traffic and is not filtered. Configuration Tasks Perform the following tasks to configure this network scenario •Configure Access Lists •Configure Inspection Rules •Apply Access Lists and Inspection Rules to Interfaces A configuration example that shows the results of these configuration tasks is provided in the "Configuration Example" section. Note The procedures in this chapter assume that you have already configured basic router features as well as PPPoE or PPPoA with NAT. If you have not performed these configurations tasks, see Chapter 1 "Basic Router Configuration," Chapter 3 "Configuring PPP over Ethernet with NAT," and Chapter 4 "Configuring PPP over ATM with NAT," as appropriate for your router. You may have also configured DHCP, VLANs, and secure tunnels. Configure Access Lists Perform these steps to create access lists for use by the firewall, beginning in global configuration mode Command Purpose Step 1 access-list access-list-number {deny permit} protocol source source-wildcard [operator [port]] destination Example Routerconfig access-list 103 deny ip any any Routerconfig access-list 103 permit host eq isakmp any Routerconfig Creates an access list which prevents Internet- initiated traffic from reaching the local inside network of the router, and which compares source and destination ports. See the Cisco IOS IP Command Reference, Volume 1 of 4 Addressing and Services for details about this command. Configure Inspection Rules Perform these steps to configure firewall inspection rules for all TCP and UDP traffic, as well as specific application protocols as defined by the security policy, beginning in global configuration mode Command or Action Purpose Step 1 ip inspect name inspection-name protocol Example Routerconfig ip inspect name firewall tcp Routerconfig Defines an inspection rule for a particular protocol. Step 2 ip inspect name inspection-name protocol Example Routerconfig ip inspect name firewall rtsp Routerconfig ip inspect name firewall h323 Routerconfig ip inspect name firewall netshow Routerconfig ip inspect name firewall ftp Routerconfig ip inspect name firewall sqlnet Routerconfig Repeat this command for each inspection rule that you wish to use. Apply Access Lists and Inspection Rules to Interfaces Perform these steps to apply the ACLs and inspection rules to the network interfaces, beginning in global configuration mode Command Purpose Step 1 interface type number Example Routerconfig interface vlan 1 Routerconfig-if Enters interface configuration mode for the inside network interface on your router. Step 2 ip inspect inspection-name {in out} Example Routerconfig-if ip inspect firewall in Routerconfig-if Assigns the set of firewall inspection rules to the inside interface on the router. Step 3 exit Example Routerconfig-if exit Routerconfig Returns to global configuration mode. Step 4 interface type number Example Routerconfig interface fastethernet 4 Routerconfig-if Enters interface configuration mode for the outside network interface on your router. Step 5 ip access-group {access-list-number access-list-name}{in out} Example Routerconfig-if ip access-group 103 in Routerconfig-if Assigns the defined ACLs to the outside interface on the router. Step 6 exit Example Routerconfig-if exit Routerconfig Returns to global configuration mode. Configuration Example A telecommuter is granted secure access to a corporate network, using IPSec tunneling. Security to the home network is accomplished through firewall inspection. The protocols that are allowed are all TCP, UDP, RTSP, NetShow, FTP, and SQLNet. There are no servers on the home network; therefore, no traffic is allowed that is initiated from outside. IPSec tunneling secures the connection from the home LAN to the corporate network. Like the Internet Firewall Policy, HTTP need not be specified because Java blocking is not necessary. Specifying TCP inspection allows for single-channel protocols such as Telnet and HTTP. UDP is specified for DNS. The following configuration example shows a portion of the configuration file for the simple firewall scenario described in the preceding sections. ! Firewall inspection is set up for all TCP and UDP traffic as well as ! specific application protocols as defined by the security policy. ip inspect name firewall tcp ip inspect name firewall udp ip inspect name firewall rtsp ip inspect name firewall h323 ip inspect name firewall netshow ip inspect name firewall ftp ip inspect name firewall sqlnet interface vlan 1 ! This is the internal home network. ip inspect firewall in ! Inspection rules for the internal interface. interface fastethernet 4 ! FE4 is the outside or Internet-exposed interface. ! acl 103 permits IPSec traffic from the corp. router ! as well as denies Internet-initiated traffic inbound. ! acl 103 defines traffic allowed from the peer for the IPSec tunnel. access-list 103 permit udp host any eq isakmp access-list 103 permit udp host eq isakmp any access-list 103 permit esp host any ! Allow ICMP for debugging but should be disabled because of security implications. access-list 103 permit icmp any any access-list 103 deny ip any any ! Prevents Internet-initiated traffic inbound. ! acl 105 matches addresses for the ipsec tunnel to or from the corporate network. access-list 105 permit ip