Setting VLAN on OPNsense – GNS3 LAB60

Setting VLAN pada OPNsense – GNS3 LAB60

  • OPNsense WAN: 220.10.10.10/24
  • OPNsense VLAN 10: 192.168.10.1/24
  • OPNsense VLAN 20: 192.168.20.1/24
  • OPNsense Gateway: 220.10.10.1

  • Setting VLAN pada interface LAN (em1)
  • Interfaces > Other Types > VLAN > Add (+)
  • Devices: vlan0.10 > Parent: em1 [LAN] > VLAN tag: 10 > VLAN priority: Best Effort > Save
  • Devices: vlan0.20 > Parent: em1 [LAN] > VLAN tag: 20 > VLAN priority: Best Effort > Save
  • Tambahkan interface VLAN
  • Interfaces > Assignments > New Interface: vlan0.10 > Description: VLAN10 > New Interface: vlan0.20 > Description: VLAN20 > Add (+) > Save
  • Setting IP address VLAN
  • Interfaces > VLAN10 > Enabel Interface > Description: VLAN10 > IPv4 Configuration Type: IPv4 > IPv4 address: 192.168.10.1 /24 > IPv4 Upstream Gateway: Auto-detect > Save
  • Interfaces > VLAN20 > Enabel Interface > Description: VLAN20 > IPv4 Configuration Type: IPv4 > IPv4 address: 192.168.20.1 /24 > IPv4 Upstream Gateway: Auto-detect > Save
  • Setting DHCP Server VLAN
  • Services > DHCPv4 > VLAN10 > Enabel DHCP server > Range from: 192.168.10.11 to: 192.168.10.20 > DNS server: 8.8.8.8 1.1.1.1 > Gateway: 192.168.10.1 > Save
  • Services > DHCPv4 > VLAN20 > Enabel DHCP server > Range from: 192.168.20.11 to: 192.168.20.20 > DNS server: 8.8.8.8 1.1.1.1 > Gateway: 192.168.20.1 > Save
  • Tambahkan Rule Firewall VLAN
  • Firewall > Rules > VLAN10 / VLAN20 > Add (+)
  • Action: Pass > Interface: VLAN10 > Direction: In > TCP/IP Version: IPv4/IPv6 > Protocol: any > Source: any > Destination: any > Save
  • Action: Pass > Interface: VLAN20 > Direction: In > TCP/IP Version: IPv4/IPv6 > Protocol: any > Source: any > Destination: any > Save

  • Setting VLAN pada Switch Cisco 3640
SW1# vlan database
SW1(vlan)# vlan 10 name vlan10
SW1(vlan)# vlan 20 name vlan20
SW1(vlan)# exit

SW1# configure terminal
SW1(config)# interface fastEthernet 0/0
SW1(config-if)# switchport mode trunk
SW1(config-if)# switchport trunk encapsulation dot1q
SW1(config-if)# no shutdown
SW1(config-if)# exit

SW1(config)# interface range fastEthernet 0/1 - 5
SW1(config-if-range)# switchport mode access
SW1(config-if-range)# switchport access vlan 10
SW1(config-if-range)# no shutdown
SW1(config-if-range)# exit

SW1(config)# interface range fastEthernet 0/6 - 10
SW1(config-if-range)# switchport mode access
SW1(config-if-range)# switchport access vlan 20
SW1(config-if-range)# no shutdown
SW1(config-if-range)# end

SW1# copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]

Pengujian

  • Cek IP address pada PC1, ping ke PC2 dan IP gateway
PC1> ip dhcp
DORA IP 192.168.10.11/24 GW 192.168.10.1

PC1> show ip
NAME        : PC1[1]
IP/MASK     : 192.168.10.11/24
GATEWAY     : 192.168.10.1
DNS         : 8.8.8.8  1.1.1.1
DHCP SERVER : 192.168.10.1
DHCP LEASE  : 6424, 6429/3214/5625
DOMAIN NAME : sys-ops.id
MAC         : 00:50:79:66:68:00
LPORT       : 10048
RHOST:PORT  : 127.0.0.1:10049
MTU:        : 1500

PC1> ping 192.168.20.11
84 bytes from 192.168.20.11 icmp_seq=1 ttl=63 time=2.379 ms
84 bytes from 192.168.20.11 icmp_seq=2 ttl=63 time=2.290 ms
84 bytes from 192.168.20.11 icmp_seq=3 ttl=63 time=2.200 ms
84 bytes from 192.168.20.11 icmp_seq=4 ttl=63 time=2.428 ms
84 bytes from 192.168.20.11 icmp_seq=5 ttl=63 time=2.253 ms

PC1> ping 220.10.10.1
84 bytes from 220.10.10.1 icmp_seq=1 ttl=63 time=2.205 ms
84 bytes from 220.10.10.1 icmp_seq=2 ttl=63 time=1.937 ms
84 bytes from 220.10.10.1 icmp_seq=3 ttl=63 time=1.943 ms
84 bytes from 220.10.10.1 icmp_seq=4 ttl=63 time=1.940 ms
84 bytes from 220.10.10.1 icmp_seq=5 ttl=63 time=1.932 ms
  • Cek IP address pada PC2, ping ke PC1 dan IP gateway
PC2> ip dhcp
DDORA IP 192.168.20.11/24 GW 192.168.20.1

PC2> show ip
NAME        : PC2[1]
IP/MASK     : 192.168.20.11/24
GATEWAY     : 192.168.20.1
DNS         : 8.8.8.8  1.1.1.1
DHCP SERVER : 192.168.20.1
DHCP LEASE  : 7020, 7200/3600/6300
DOMAIN NAME : sys-ops.id
MAC         : 00:50:79:66:68:01
LPORT       : 10046
RHOST:PORT  : 127.0.0.1:10047
MTU:        : 1500

PC2> ping 192.168.10.11
84 bytes from 192.168.10.11 icmp_seq=1 ttl=63 time=2.326 ms
84 bytes from 192.168.10.11 icmp_seq=2 ttl=63 time=2.264 ms
84 bytes from 192.168.10.11 icmp_seq=3 ttl=63 time=2.064 ms
84 bytes from 192.168.10.11 icmp_seq=4 ttl=63 time=2.447 ms
84 bytes from 192.168.10.11 icmp_seq=5 ttl=63 time=2.154 ms

PC2> ping 220.10.10.1
84 bytes from 220.10.10.1 icmp_seq=1 ttl=63 time=2.042 ms
84 bytes from 220.10.10.1 icmp_seq=2 ttl=63 time=1.973 ms
84 bytes from 220.10.10.1 icmp_seq=3 ttl=63 time=1.937 ms
84 bytes from 220.10.10.1 icmp_seq=4 ttl=63 time=1.879 ms
84 bytes from 220.10.10.1 icmp_seq=5 ttl=63 time=2.006 ms

herdiana3389

A system administrator with skills in system administration, virtualization, linux, windows, networking, cloud computing, container, etc.