Router configuration CABLING Crossover Between host and routers Straight-through Between routers/switches and routers/switches OR host to switches

es Rollover/Console Between host and routers/switches Clear configuration Remove the startup configuration from NVRAM Switch#erase nvram Remove the VLAN database Switch#delete flash:vlan.dat Delete filename [vlan.dat]?[Enter] Delete flash:vlan.dat? [confirm] [Enter] Restart the software Switch#reload Basic configuration Privileged mode Router>enable Configuration mode Router#config term Enter configuration commands, one per line. End with CNTL/Z. Change device (prompt) name Router(config)#hostname Router1 Configure a login banner Router(config)#banner login Authorized Personnel Only! Configure a message of the day banner Router(config)#banner motd Authorized Personnel Only! Set the switch default gateway S1(config)#ip default-gateway 172.17.99.1 Disable DNS lookup S1(config)#no ip default-gateway Encrypt privileged exec password Router1(config)#enable secret class Set console access password Router1(config)#line console 0 Router1(config-line)#password cisco Router1(config-line)#login Router1(config-line)#logging synchronous Router1(config-line)#exec-timeout 5 Set telnet access password Router1(config-line)#line vty 0 4 Router1(config-line)#password cisco Router1(config-line)#login Router1(config-line)#logging synchronous Router1(config-line)#exec-timeout 5 Set the interface layer 3 address Page 1 of 12

Router1(config-line)#interface fa0/0 Router1(config-if)#ip address 192.168.7.126 255.255.255.128 Router1(config-if)#no shutdown Set the interface description Router1(config-if)#description connection to host1 Exit from configuration mode Router1(config-if)#end Router1#show run Configure the FastEthernet 0/1 interface on Router. R1(config)#interface fastethernet 0/1 R1(config-if)#ip address 192.168.1.1 255.255.255.0 R1(config-if)#no shutdown Configure the Serial 0/0/0 interface on Router DCE port. R1(config)#interface serial 0/0/0 R1(config-if)#ip address 192.168.2.1 255.255.255.0 R1(config-if)#clock rate 64000 R1(config-if)#no shutdown Configure the loopback interface. R1(config)#interface loopback0 R1(config-if)#ip address R1(config-if)#no shutdown Router1#show interface brief Initialize all ports in the shutdown state Switch#config term Switch(config)#interface range fa0/1-24 Switch(config-if-range)#shutdown Switch(config-if-range)#interface range gi0/1-2 Switch(config-if-range)#shutdown

189.54.69.254 255.255.255.252

Page 2 of 12

CONFIGURE SERIAL INTERFACES

Configure PPP encapsulation with CHAP authentication R1(config)#username R2 password cisco R1(config)#interface Serial0/0/0 R1(config-if)#encapsulation ppp R1(config-if)#ppp authentication chap R1(config-if)#exit Configure Frame Relay R1(config)#interface Serial0/0/1 R1(config-if)#encapsulation frame-relay R1(config-if)#frame-relay map ip 172.16.0.9 101 broadcast R1(config-if)#frame-relay map ip 172.16.0.10 101 broadcast R1(config-if)#frame-relay interface-dlci 101 R1(config-if)#no keepalive R1(config-if)#exit

Configure HDLC encapsulation R2(config)#interface Serial0/0/1 R2(config-if)# encapsulation hdlc

Router#show interface Serial0/0/0 Router#show frame-relay pvc Router#show frame-relay map

Page 3 of 12

CONFIGURE ROUTING PROTOCOLS

Configure RIP routing on Router1. R1(config)#router rip R1(config-router)#version 2 R1(config-router)#network 10.0.0.0 R1(config-router)#network 172.16.0.0 R1(config-router)#passive-interface fastEthernet0/1 R1(config-router)#no auto-summary Configure static default route on Router2. R2(config)#ip route 0.0.0.0 0.0.0.0 x.x.x.x or s 0/0 or loopback0

Configure RIP routing on Router2. R2(config)#router rip R2(config-router)#version 2 R2(config-router)#network 172.16.0.0 R2(config-router)#no auto-summary R2(config-router)#redistribute static Router#show ip protocols Router#show ip route

Configure OSPF routing on Router. R1(config)#router ospf 1 R1(config-router)#network 10.1.1.0 0.0.0.255 area 0 Configure OSPF priority R1(config)#interface fastethernet 0/0 R1(config)#ip ospf priority [255 to 0] Configure OSPF cost R1(config)#interface serial 0/0/0 R1(config)#ip ospf cost [1] 1 Configure EIGRP routing on Router. R1(config)#router eigrp 1 R1(config-router)#network 192.168.158.1 0.0.0.127 Discontiguous network. R1(config)#router eigrp 1 R1(config-router)#no auto-summary Configure static default route. R1(config)#ip route 0.0.0.0 0.0.0.0 x.x.x.x or s 0/0 or loopback Page 4 of 12

Configure DHCP server on route. Include 192.168.1.100 to 192.168.1.254 in the DHCP-POOL R1(config)#ip dhcp excluded-address 192.168.1.1 192.168.1.99 R1(config)#ip dhcp pool DHCP-POOL R1(dhcp-config)#network 192.168.1.0 255.255.255.0 R1(dhcp-config)#default-router 192.168.1.1 R1(dhcp-config)#dns-server 192.168.1.1 Configure DHCP client on route. R1(config)#interface fastether0/0 R1(config-if)#ip address dhcp R1(config-if)#no shutdown

Page 5 of 12

Redistribute an eigrp default route R1(config)#interface loopback0 R1(config-if)#ip address 189.54.69.254 255.255.255.252 Configure a static default route R1(config)#ip route 0.0.0.0 0.0.0.0 loopback0 Propagate or redistribute the static default route to other routers R1(config)#router eigrp 1 R1(config-router)#redistribute static Redistribute an OSPF default route R1(config)#interface loopback0 R1(config-if)#ip address 189.54.69.254 255.255.255.252 Configure a static default route R1(config)#ip route 0.0.0.0 0.0.0.0 loopback0 Propagate or redistribute the static default route to other routers R1(config)#router ospf 1 R1(config-router)#default-information originate

Page 6 of 12

To view the routing table and the cost R1#show IP route R1#show ip interface brief To view info about routing protocol operation , the current router ID R1#show ip protocols To change router ID use loopback and issue R1#reload or R1#clear ip ospf process command. To view ospf configuration , the current router ID R1#show ip ospf To view neighbor adjacencies and DR, BDR, or DRother state R1#show ip ospf neighbor To view ospf DR, BDR, or DRother state, the current router ID, the router priority R1#show ip ospf interface

Page 7 of 12

CONFIGURE BASIC ROUTER SECURITY

Enable a secure Telnet login using local database R2(config)#username cisco password cisco R2(config)#aaa new-model R2(config)#aaa authentication login LOCAL_database local R2(config)#line vty 0 4 R2(config)#login authentication LOCAL_database

Disable unused services and interfaces R2(config)#no service pad R2(config)#no service finger R2(config)#no service udp-small-server R2(config)#no service tcp-small-server R2(config)#no ip bootp server R2(config)#no ip http server R2(config)#no ip finger R2(config)#no ip source-route R2(config)#no ip gratuitous-arps R2(config)#no cdp run

Page 8 of 12

CONFIGURE ACCESS CONTROL LISTS

Allow telnet to R1 and R3 from R2 only R1(config)#access-list R1(config)#access-list R1(config)#access-list R1(config)#access-list 101 101 101 101 permit permit deny permit tcp host 172.16.0.2 any eq 23 tcp host 172.16.0.5 any eq 23 tcp any any eq 23 ip any any

R1(config)#line vty 0 4 R1(config-line)#access-class 101 in R3(config)#access-list R3(config)#access-list R3(config)#access-list R3(config)#access-list 101 101 101 101 permit permit deny permit tcp host 172.16.0.2 any eq 23 tcp host 172.16.0.5 any eq 23 tcp any any eq 23 ip any any

R3(config)#line vty 0 4 R3(config-line)#access-class 101 in Do not allow HTTP, Telnet, and FTP traffic from Internet to PC1 R2(config)#access-list R2(config)#access-list R2(config)#access-list R2(config)#access-list R2(config)#access-list 102 102 102 102 102 deny tcp any host deny tcp any host deny tcp any host deny tcp any host permit ip any any 10.0.0.10 10.0.0.10 10.0.0.10 10.0.0.10 eq eq eq eq 80 23 21 20

R2(config)#interface Loopback0 R2(config-if)#ip access-group 102 in

Do not allow PC1 to receive traffic from the 10.0.0.128/25 network R3(config)#access-list 103 deny ip 10.0.0.128 0.0.0.127 host 10.0.0.10 R3(config)#access-list 103 permit ip any any R3(config)#interface Serial0/0/0 R3(config-if)#ip access-group 103 out R3(config)#interface Serial0/0/1 R3(config-if)#ip access-group 103 out Router#show ip access-lists

Page 9 of 12

CONFIGURE NAT
Allow PC3 to ping PC1 R3(config)#access-list 104 permit ip 10.0.0.128 0.0.0.127 any R3(config)#ip nat inside source list 104 interface Serial0/0/0 overload

R3(config)#interface fastEthernet0/1 R3(config-if)#ip access-group 104 in R3(config-if)#ip nat inside R3(config)#interface Serial0/0/0 R3(config-if)#ip nat outside R3(config)#interface Serial0/0/1 R3(config-if)#ip nat outside

R3#show ip access-lists

Page 10 of 12

Configure the trunking interface on Router. R1(config)#interface fastethernet 0/1 R1(config-if)#no shutdown R1(config-if)#interface fastethernet 0/1.1 R1(config-subif)#encapsulation dot1q 1 R1(config-subif)#ip address 172.17.1.1 255.255.255.0 R1(config-if)#interface fastethernet 0/1.10 R1(config-subif)#encapsulation dot1q 10 R1(config-subif)#ip address 172.17.10.1 255.255.255.0 R1(config-if)#interface fastethernet 0/1.20 R1(config-subif)#encapsulation dot1q 20 R1(config-subif)#ip address 172.17.20.1 255.255.255.0 R1(config-if)#interface fastethernet 0/1.99 R1(config-subif)#encapsulation dot1q 99 native R1(config-subif)#ip address 172.17.99.1 255.255.255.0

R1#show IP route Configure the server LAN interface R1(config)# interface FastEthernet0/0 R1(config-if)#ip address 172.17.50.1 255.255.255.0 R1(config-if)#description server interface R1(config-if)#no shutdown R1(config-if)#end Configure host PCs. Configure OSPF routing on Router. R1(config)#router ospf 1 R1(config-router)#network 10.1.1.0 0.0.0.255 area 0

R1#show IP route

Configure RIP routing on Router. R1(config)#router rip R1(config-router)#network 10.1.1.0

R1#show IP route

Configure EIGRP routing on Router. R1(config)#router eigrp 1 Page 11 of 12

R1(config-router)#network 10.1.1.0 0.0.0.255

R1#show IP route

Page 12 of 12