Skip to content

Belajar Mengkonfigurasi SSH,HTTP dan HTTPS Dirouter Cisco

Belajar Mengkonfigurasi SSH,HTTP dan HTTPS
Dirouter Cisco
Langkah-langkahnya adalah sebagai berikut:
---------------------------------------
1.Aktifkan enable secret
---------------------------------------
Router(config)#enable secret xxxx
---------------------------------------
2.Buat user name
---------------------------------------
Router(config)#username iwing privilege 15 password 0 xxxx
---------------------------------------
-----------Konfigurasi SSH-------------
---------------------------------------
3.Konfigurasi host name
---------------------------------------
Router(config)#hostname cnc1
cnc1(config)#
---------------------------------------
4.Konfigurasi Domain name
---------------------------------------
cnc1(config)#ip domain-name iwingganteng.org
---------------------------------------
5.Konfigurasi RSA key
---------------------------------------
cnc1(config)#crypto key generate rsa
The name for the keys will be: cnc1.iwingganteng.org
Choose the size of the key modulus in the range of 360 to 2048 for your
 General Purpose Keys. Choosing a key modulus greater than 512 may take
 a few minutes.

How many bits in the modulus [512]: 1024
% Generating 1024 bit RSA keys, keys will be non-exportable...[OK]

cnc1(config)#
*Apr 16 13:12:53.199: %SSH-5-ENABLED: SSH 1.99 has been enabled
---------------------------------------
------Konfigurasi HTTP dan HTTPS-------
---------------------------------------
6.Mengaktifkan HTTP dan HTTPS Server
---------------------------------------
cnc1(config)#ip http server
cnc1(config)#ip http secure-server
% Generating 1024 bit RSA keys, keys will be non-exportable...[OK]

cnc1(config)#ip http authentication local
cnc1(config)#
---------------------------------------
7.Terakhir di line Vty Permit SSH
---------------------------------------
cnc1(config)#line vty 0 4
cnc1(config-line)#login local
cnc1(config-line)#privilege level 15
cnc1(config-line)#transport input ssh
cnc1(config-line)#^Z
cnc1#
*Apr 16 13:13:41.599: %SYS-5-CONFIG_I: Configured from console by consolewr mem
Building configuration...
[OK]
cnc1#
---------------------------------------
How to check:
---------------------------------------
cnc1#sh ip ssh
SSH Enabled - version 1.99
Authentication timeout: 120 secs; Authentication retries: 3
Minimum expected Diffie Hellman key size : 1024 bits
cnc1#

cnc1#sh ip http server status
HTTP server status: Enabled
HTTP server port: 80
HTTP server active supplementary listener ports:
HTTP server authentication method: local
HTTP server digest algorithm: md5
HTTP server access class: 0
HTTP server base path:
HTTP server help root:
Maximum number of concurrent server connections allowed: 5
Server idle time-out: 180 seconds
Server life time-out: 180 seconds
Maximum number of requests allowed on a connection: 1
HTTP server active session modules: ALL
HTTP secure server capability: Present
HTTP secure server status: Enabled
HTTP secure server port: 443
HTTP secure server ciphersuite: 3des-ede-cbc-sha des-cbc-sha rc4-128-md5 rc4-128-sha
HTTP secure server client authentication: Disabled
HTTP secure server trustpoint:
HTTP secure server active session modules: ALL
cnc1#
---------------------------------------
Screenshoot 1

---------------------------------------
---------------------------------------
Screenshoot 2

---------------------------------------
---------------------------------------
Screenshoot 3

---------------------------------------
---------------------------------------
Screenshoot 4

---------------------------------------
---------------------------------------
Screenshoot 5
Finally—yes! I am connected to SDM!

---------------------------------------
---------------------------------------
Konfigurasi Lengkap :
---------------------------------------
cnc1#sh run
Building configuration...

Current configuration : 2846 bytes
!
upgrade fpd auto
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname cnc1
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
enable secret 5 $1$uH3x$/F7Rjr0v2jG5jjFAFPKWT.
!
no aaa new-model
ip source-route
ip cef
!
ip domain name iwingganteng.org
no ipv6 cef
!
multilink bundle-name authenticated
!
voice dsp waitstate 0
!
crypto pki trustpoint TP-self-signed-4294967295
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-4294967295
 revocation-check none
 rsakeypair TP-self-signed-4294967295
!
!
crypto pki certificate chain TP-self-signed-4294967295
 certificate self-signed 01
 3082024D 308201B6 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
 69666963 6174652D 34323934 39363732 3935301E 170D3130 30343136 31333233
 32375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D34 32393439
 36373239 3530819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
 8100CD14 EE5C6A1F 5C8809CD DB4913A2 361B87A4 C5CECDD2 CDA7CB33 E5470318
 72011CEB EE40F881 79223945 4144CA4F 432A350B EABCC6F5 A056B806 EC81CD24
 20154CD6 E3B2DBBE 70309FDB F042ED64 6146A996 657A8589 CAFE9293 1780B636
 2989506C B6742A2E 619D60CB 6EE5FA51 107CE21E 2AB5ECC3 F47AAAB8 516A976C
 87F70203 010001A3 75307330 0F060355 1D130101 FF040530 030101FF 30200603
 551D1104 19301782 15636E63 312E6977 696E6767 616E7465 6E672E6F 7267301F
 0603551D 23041830 168014B3 67299564 5A5F0AEC E4ACFF81 1A8014E9 7AA75B30
 1D060355 1D0E0416 0414B367 2995645A 5F0AECE4 ACFF811A 8014E97A A75B300D
 06092A86 4886F70D 01010405 00038181 002025F1 9F2DAB1C 2EFF1C4A AF7B7F17
 B64864DB 7B7A84C5 8653F305 E5F683B0 CE110172 ABF09C87 610256D4 DBBCBC1E
 F2D069A8 2E02A8E8 1C251830 4FE062BA 1DE31D50 B3AD16AA AE614933 9C68A840
 6E06F934 08924280 343FA562 D2F32CE4 7DB90BF9 4AD6249A C2CF6A3B 9627D237
 FEBA3F7F AA4A1396 9FEE1951 14F50D64 36
 quit
memory-size iomem 0
username iwing privilege 15 password 7 xxxx
archive
 log config
 hidekeys
!
interface FastEthernet1/0
 ip address 192.168.10.1 255.255.255.0
 duplex auto
 speed auto
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
logging alarm informational
!
control-plane
!
mgcp fax t38 ecm
!
gatekeeper
 shutdown
!
line con 0
 stopbits 1
line aux 0
 stopbits 1
line vty 0 4
 privilege level 15
 password 7 xxxx
 login local
 transport input ssh
!
end

cnc1#

"--------Sekian dulu, semoga bermanfaat---------"
ref:
url:http//www.cisco.com, (april 2010)

No comments yet

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 27 other followers

%d bloggers like this: