Cisco-Forum.info

[nits]

Έκανα μια "βόλτα" και τσίμπησα τις βασικές εντολές...

Initial Setup

router>enable
router#config t
router(config)#hostname [i.e. rtA, rtB, New York]
rtA(config)#enable secret class
rtA(config)#line con 0
rtA(config-line)#password cisco
rtA(config-line)#login
rtA(config-line)#exit
rtA(config)#line vty 0 4
rtA(config-line)#password cisco
rtA(config-line)#login
rtA(config-line)#exit
rtA(config)#ip host [Hostname i.e. rtA, rtB] [ip address]
rtA(config)#banner motd #Authorized Access Only!!!#
rtA(config)#interface [i.e. s0,s1,e0,lo0,lo1]
rtA(config-if)#ip address [ip address] [Subnet mask]
rtA(config-if)#(if DCE) clockrate 56000
rtA(config-if)#description [Link to.....]
rtA(config-if)#no shutdown
rtA(config-if)#exit
rtA(config)#router rip
rtA(config-router)#version 2 (*If you are using version 2, skip if not)
rtA(config-router)#redistribute static (*If you redistribute default route, skip if not)
rtA(config-router)#network [Network address]
rtA(config-router)#exit
rtA(config)#copy run start

Setting up Static Routes

rtA(config)#ip route [Network Address of Destination] [Subnet Mask] [Interface or ip Address of Destination Gateway]

Setting up Default Routes

rtA(config)#ip route 0.0.0.0 0.0.0.0 [Outgoing Interface]

Standard Access Control Lists

rtA(config)#access-list [#1-99] [Permit/Deny] [Source Address] [Wild Card Mask]
rtA(config)#access-list [#1-99] [Permit] any
(Implicit Deny statement automatically applied)


rtA(config)#interface [Interface closest to the Destination that ACL will be applied, i.e. s0, s1, e0, lo0]
rtA(config-if)#ip access-group [#1-99] [In/Out]

Extended Access Control Lists

rtA(config)#access-list [#100-199, 2000-2699] [Permit/Deny] [Protocol, i.e. TCP, IP, UDP, ICMP] [Source Address] [Source Wild Card Mask] [Destination Address] [Destination Wild Card Mask] [Operator, i.e. lt (less than), eq (equal to), neq (not equal to)] [Port #] [Log]
rtA(config)#access-list [#100-199, 2000-2699] [Permit/Deny] [Protocol] any any
(Implicit Deny statement automatically applied)


rtA(config)#interface [Interface closest to the Source that Extended ACL will be applied, i.e. s0, s1, e0, lo0]
rtA(config-if)#ip access-group [#100-199, 2000-2699] [In/Out]

Named Access Control Lists

rtA(config)#ip access-list [Extended/Standard] [Name given to ACL, i.e. List 1, Host A]
rtA(config-ext-sacl)#[Use Permit/Deny statements like a Standard ACL]
rtA(config-ext-nacl)#[Use Permit/Deny statements like an Extended ACL]

rtA(config)#interface [If Standard ACL chosen, use interface closest to Destination; if Extended ACL chosen, use interface closest to Source]
rtA(config-if)#ip access-group [Name] [In/Out]

OSPF

rtA(config)#router ospf (process-id i.e. 1-65,535)
rtA(config-router)#network (network address) (address wildcard mask) area (area-id)
rtA(config-router)#log-adjacency-changes

rtA(config-if)#ip ospf priority (0-255, 0 prevents election, highest # will be DR, next highest BDR)
rtA(config-if)#bandwidth (eg. 56 = 56k)

rtA(config-if)#ip ospf authentication-key (password)
rtA(config-router)#area (area #) authentication

rtA(config-if)#ip ospf message-digest-key (key-id eg. 1-255) md5 (password)
rtA(config-router)#area (area #) authentication message-digest

rtA(config-router)#default-information originate (redistributes default route using OSPF)

EIGRP

rtA(config)#router eigrp (Autonomous system number 1-65,635)

rtA(config-router)#network (address of all networks to participate in eigrp network)

Switch Configuration

Switch(config)#hostname (name)
Switch(config)#line con 0
Switch(config-line)#password (password)
Switch(config-line)#login
Switch(config-line)#exit
Switch(config)#line vty 0 15
Switch(config-line)#password (password)
Switch(config-line)#login
Switch(config-line)#exit

VLAN Configuration

Switch(config)#interface VLAN 1
Switch(config-if)#ip address (ip address) subnet mask (mask)
Switch(config-if)#ip default-gateway (ip address)
Switch(config-if)#no shutdown (vlan 1 only!!!)

Clearing the MAC Table

Switch(config)#clear mac-address-table

Creating Static Interfaces

Switch(config)#mac-address-table static (mac of host) interface fastethernet (interface #) vlan (vlan #)

Creating VLANs

Switch#vlan database
Switch(vlan)#vlan (vlan #) name (vlan name)
Switch(vlan)#exit

Assigning Ports to VLANs

Switch(config)#interface (eg. fa 0/1, fa 0/12)
Switch(config-if)#switchport access vlan (vlan #)

Creating Port Security

Switch(config-if)#switchport mode access
Switch(config-if)#switchport port-security
Switch(config-if)#switchport port-security maximum (1-132)
Switch(config-if)#switchport port-security mac-address sticky
Switch(config-if)#switchport port-security violation shutdown

Deleting VLANs

Switch(config)#delete vlan.dat
Switch(config)#erase startup-config
Switch(config)#reload

VLAN Trunking

Switch(config-if)#switchport mode trunk
Switch(config-if)#switchport trunk encapsulation dot1q

VTP Setup

Switch#vlan database
Switch(vlan)#vtp domain (name)
Switch(vlan)#vtp password (password)

Switch#vlan database
Switch(vlan)#vtp (server, client, transparent)

Inter-VLAN Routing

rtA(config)#interface fastethernet port.subinterface
rtA(config)#interface fa ( 0/0, 0/1)
rtA(config-if)#no shutdown
rtA(config)#in fa 0/1.1
rtA(config-subif)#description (eg. vlan 1, vlan 10)
rtA(config-subif)#encapsulation dot1q native
rtA(config-subif)#ip address [ip address] [subnet mask]

NAT Static

rtA(config)#ip nat inside source static [Inside local IP address] [Inside global IP address]

rtA(config)#in e0/0
rtA(config-if)#ip address [ip address] [subnet mask]
rtA(config-if)#ip nat inside

rtA(config)#in s0/0
rtA(config-if)#ip address [ip address] [subnet mask]
rtA(config-if)#ip nat outside

NAT Dynamic

rtA(config)#ip nat pool [pool name] [address range] netmask [network address mask]
rtA(config)#ip nat inside source list [list #] pool [name of nat-pool]

rtA(config)#in e0/0
rtA(config-if)#ip address [ip address] [subnet mask]
rtA(config-if)#ip nat inside

rtA(config)#in s0/0
rtA(config-if)#ip address [ip address] [subnet mask]
rtA(config-if)#ip nat outside

rtA(config)#access-list [same list # used above] permit [ip address] [wildcard mask]

PAT

rtA(config)#in e0/0
rtA(config-if)#ip address [ip address] [subnet mask]
rtA(config-if)#ip nat inside

rtA(config)#in s0/0
rtA(config-if)#ip address [ip address] [subnet mask]
rtA(config-if)#ip nat outside

rtA(config)#ip nat inside source list [list #] interface s0/0 overload

rtA(config)#access-list [list #] permit [network address] [subnet mask]
rtA(config)#access-list [list #] permit [network address] [subnet mask]

DHCP

rtA(config)#ip dhcp pool [pool name]
rtA(dhcp-config)#network [network address] [subnet mask]

rtA(config)#ip dhcp excluded-address [beginning address] [ending address]

*Available Commands w/in DHCP*

rtA(config)#default router [ip address of default router for DHCP routing]
rtA(config)#ip dns server [ip address of server]
rtA(config)#netbios-name
rtA(config)#domain-name

DHCP Relay

rtA(config)#ip helper-address (allows router to forward UDP broadcasts to look for address of DHCP server)

ISDN

rtA(config)#isdn switch-type [switch-type]
rtA(config-if)#isdn switch-type [switch-type]

rtA(config)#in bri
rtA(config-if)#encapsulation [ppp/frame-relay/hdlc/lapb/x25/cpp] (usually ppp)
rtA(config-if)#isdn spid 1 [spid #] [ldn #]
rtA(config-if)#isdn spid 2 [spid #] [ldn #]

rtA(config)#dialer-list 1 protocol ip permit

rtA(config-if)#dialer-group [group #]
rtA(config-if)#dialer-map [protocol] [next hop address] name [name of next hop router] speed 56 [broadcast] dial-string [5551000, 5552000]
rtA(config-if)#ppp authentication chap

ISDN Dialer Profiles

rtA(config)#interface dialer [dialer profile #]
rtA(config-if)#ip address [address of destination interface]
rtA(config-if)#encapsulation ppp
rtA(config-if)#ppp authentication chap
rtA(config-if)#dialer remote-name [name of next hop router]
rtA(config-if)#dialer string [dialer #] (i.e. 5551000)
rtA(config-if)#dialer string [dialer #2] (i.e. 5551001)
rtA(config-if)#dialer idle-timeout 60
rtA(config-if)#dialer-group [group #]
rtA(config-if)#dialer pool [pool #]
rtA(config-if)#ppp multilink
rtA(config-if)#dialer load-threshold [1-255] outbound

rtA(config-if)#dialer pool-member [pool #] (this goes on bri interface)

FRAME RELAY

rtA(config)#in s0/0
rtA(config-if)#ip address [ip address] [subnet mask]
rtA(config-if)#encapsulation frame-relay [cisco/ietf]

rtB(config)#in s0/0
rtA(config-if)#ip address [ip address] [subnet mask]
rtA(config-if)#encapsulation frame-relay [cisco/ietf]

rtA(config-if)#frame-relay map ip [next hop address] [dlci #] broadcast [cisco/ietf]

rtA(config-subif)#frame-relay interface-dlci [dlci #]