Scribd Logo
Upload

Welcome to Scribd!

  • Cisco Ccna 640-801 Command Reference Guide

    Uploaded by

    andreoa
    53 views7 pages
    This document provides a summary of commands for configuring various Cisco router and switch features including: - Basic router configuration commands such as hostname, IP addresses, passwords, and saving configurations. - NAT configuration for translating private to public IP addresses. - VLAN routing using a router on a stick configuration across a switch and router. - Routing protocol configurations including RIP, IGRP, OSPF, EIGRP. - STP and etherchannel configuration on switches. - Switch port security and PPP configuration over serial links. - HDLC and ISDN configurations for serial links.

    Original Description:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides a summary of commands for configuring various Cisco router and switch features including: - Basic router configuration commands such as hostname, IP addresses, passwords, and saving configurations. - NAT configuration for translating private to public IP addresses. - VLAN routing using a router on a stick configuration across a switch and router. - Routing protocol configurations including RIP, IGRP, OSPF, EIGRP. - STP and etherchannel configuration on switches. - Switch port security and PPP configuration over serial links. - HDLC and ISDN configurations for serial links.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    53 views7 pages

    Cisco Ccna 640-801 Command Reference Guide

    Uploaded by

    andreoa
    This document provides a summary of commands for configuring various Cisco router and switch features including: - Basic router configuration commands such as hostname, IP addresses, passwords, and saving configurations. - NAT configuration for translating private to public IP addresses. - VLAN routing using a router on a stick configuration across a switch and router. - Routing protocol configurations including RIP, IGRP, OSPF, EIGRP. - STP and etherchannel configuration on switches. - Switch port security and PPP configuration over serial links. - HDLC and ISDN configurations for serial links.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 7

    CCNA 640-801 exam command reference guide

    by bilke@bsd.org.yu

    Contents Basic router conguration NAT router conguration VLAN routing (router on a stick)
    2950 switch conguration: Cisco Router conguration:

    2 2 3 3 3 4 4 4 4 5 5 5 6 6 7 7
    5 5 3 3

    RIP router IGRP router OSPF router EIGRP router STP and EtherChannel conguration Switch port conguration PPP conguration on Serial link
    Zugspitze router conguration: Zuerich router conguration:

    HDLC conguration on Serial link ISDN Legacy DDR conguration ISDN Legacy DDR conguration with multiple locations ISDN DDR conguration with Dialer Proles Frame Relay conguration Access Lists conguration

    Basic router conguration


    enable congure terminal hostname hannover ip host mannheim 192.168.1.1 192.168.1.5 ... enable secret passau baner motd # wann immer wir kraft geben, geben wir das beste # line vty 0 4 login password hamburg interface Serial 0 ip address 192.168.10.1 255.255.255.0 clock rate 64000 description Berlin WAN no shutdown copy running-cong startup-cong switch from user exec to priviledge exec mode (disable to go back in user mode) enter global conguration mode set router hostname dene static host to ip entry (show hosts to see (amont the other) this map) set enable password which is md5 cryptd by default set message of the day that would be displayed before login prompt jump in lines conguration mode from global conguration turn on logging for vtys (telnet) set password for vtys (telnet) enter interface cong mode set ip address/netmask on interface set clock rate on serial inteface. do this only on router in which is plugged DCE end of cable set descriptive comment on inteface dont forget no shutdown on the inteface that you just congured save running conguration in nvram

    NAT router conguration


    inteface Ethernet 0 ip nat inside interface Serial 0 ip nat outside ip nat inside source static 192.168.1.1 80.131.9.1 ip nat pool karlsbad 80.131.9.1 80.131.9.100 netmask 255.255.255.0 ip nat inside source list 10 inteface Serial 0 overload ip nat inside source list 10 pool karlsbad ip nat inside source list 10 pool karlsbad overload enter ehernet 0 inteface conguration mode dene inside inteface for address translation enter serial 0 interface conguration mode dene outside interface for address translation set static (one to one) address translation in global conguration mode

    acess-list 10 permit 192.168.1.1 0.0.0.255 dene range of private ip addesses to be translated in NAT setup dene pool of public ip addresses to be used in NAT setup set dynamic (many to one; PAT) address translation set dynamic (many to many; no PAT) address translation set dynamic (many to many; PAT) address translation

    VLAN routing (router on a stick)


    2950 switch conguration:
    vlan database vlan 10 interface Fastethernet 0/1 interface range Fastethernet 0/1 - 8 switchport mode access switchport access vlan 10 interface Fastethernet 0/9 switchport mode trunk enter vlan database cong mode create vlan with vlan number 10 enter fastethernet interface conguration from global cong mode enter range of interfaces conguration from global cong mode put port in vlan membership mode put port in vlan 10 enter fastethernet 0/9 conf mode put interface in trunk mode unconditionaly

    Cisco Router conguration:


    interface Fastethernet 0 ip address 192.168.1.1 255.255.255.0 interface Fastethernet 0.10 ip address 192.168.10.1 255.255.255.0 encapsulation dot1q 10 enter fasteth0 interface cong mode on cisco router set ip address for vlan 1 (native vlan) enter fasteth0 subinterface confg mode set ip address for vlan 10 set subinterfaces encapsulation and vlan id

    RIP router
    router rip network 192.168.1.0 version 2 passive-interface default passive-interface Ethernet 0 maximum-paths 4 global conguration mode command to enable rip router router subcommand to enable routing on network set rips version (default is version 1) supress sending rip updates on all intefaces supress sending rip updates only on particular interface route trafc over 4 equal paths (max 6 paths)

    IGRP router
    router igrp 5 network 192.168.1.0 variance 2 maximum-paths 4 trafc-share min trafc-share balance global cong mode command to enable igrp router. 5 is as number router subcommand to enable routing on network multiplier used to control load balancing over not equal paths route trafc over 4 equal or unequal (see variance) paths to the same destination (max 6 paths) route trafc over path with minimum metric paths route trafc inversely proportional to metric over 4 paths

    OSPF router
    router ospf 1 network 192.168.1.0 0.0.0.255 area 0 ip ospf cost 100 bandwidth 1000 global cong mode command to enable ospf router. 1 is ospf process id, and dont have global signicant. valid range is 1 - 65535 router subcommand to enable routing on network for specied area area is integer from 0 to 4294967295 interface subcommand to set ospf cost for specied interface interface subcommand to set bandwidth on interface from which ospf derive cost using formula 108/bandwidth*1000

    EIGRP router
    router eigrp 5 network 192.168.1.0 variance 2 maximum-paths 4 trafc-share min trafc-share balance global cong mode command to enable eigrp router. 5 is as number router subcommand to enable routing on network multiplier used to control load balancing over not equal paths route trafc over 4 equal or unequal (see variance) paths to the same destination (max 6 paths) route trafc over path with minimum metric paths route trafc inversely proportional to metric over 4 paths

    STP and EtherChannel conguration


    spanning-tree vlan 5 root spanning-tree vlan 5 priority 24576 spanning-tree cost 19 channel-group 2 mode on global cong mode command to change this switch into root switch global conf mode command to change this switch priority interface command that change cost STP cost on this interface interface command that enable etherchannel on the interface (could also be auto and desirable)

    Switch port conguration


    duplex full speed 10 switchport port-security mac-address 00:04:AE:15:1D:93 switchport port-security mac-address sticky switchport port-security maximum 10 switchport port-security violation protect interface subcommand. put inteface in full duplex. could also be half and auto interface subcommand. set speed on interface. other values: 100, 1000, auto, nonegotiate interface subcommand that statically add MAC address as only allowed address on interface interface subcommand that tells switch to learn address and place them as secure MAC addresses for that port global command that dene maximum number of secure addresses that can be congured on interface global command that tells switch what to do when inappropiate address connect on port where port-security is turned on

    PPP conguration on Serial link


    Zugspitze router conguration:
    hostname zugspitze username zuerich password zeitgeist interface Serial 0 encapsulation ppp ppp authentication chap clock rate 64000 no shutdown global conf mode command that set name of router global conf mode command that add username of remote router and set password enter Serial 0 interface conguration interface subcommand that sets ppp as encapsulation on serial interface interface subcommand that sets CHAP ppp authentication on serial link set speed of serial link to 64000 bits per second. set this only on DCE side of link. bring inteface up

    Zuerich router conguration:


    hostname zuerich username zugspitze password zeitgeist interface Serial 0 encapsulation ppp ppp authentication chap no shutdown global conf mode command that set name of router global conf mode command that add username of remote router and set password enter Serial 0 interface conguration interface subcommand that sets ppp as encapsulation on serial interface interface subcommand that sets CHAP ppp authentication on serial link bring interface up

    HDLC conguration on Serial link


    interface Serial 0 clock rate 64000 no shutdown enter interface Serial 0 on router that is connected on DCE end of cable set speed of serial link to 64000 bits per second. (on DCE side of link) bring interface up

    ISDN Legacy DDR conguration


    isdn switch-type basic-1tr6 ip route 192.168.3.0 255.255.255.0 192.168.2.2 access-list 101 permit tcp any 192.168.3.0 0.0.0.255 eq 80 dialer-list 1 protocol ip permit dialer-list 1 protocol ip list 101 interface bri 0 encapsulation ppp ip address 192.168.2.1 255.255.255.0 dialer-group 1 dialer-string 381638235510 dialer idle-timeout 300 denine switch type used by telco. global or interface subcommand global conf mode command that route packets out of interface to be dialed access list in which we dene interesting trafc. in this example interesting trafc is http request on any server in 192.168.3.0/24 global conf mode command that dene what is to be considerd as interesting trafc. this example consider all ip as interseting global conf mode command that dene what is to be considered as interesting trafc. this example consider access-lists 101 rules enter interface bri 0 conguration set encapsulation on bri 0 interface interface subcommand. set bri 0 interfaces ip address bri interface subcommand that referes to dialer-list in order to determen which trafc is to be considered interesting interface subcommand that dene number to be called optionaly interface subcommand that dene when call is to be teardown when there is no more interesting trafc

    ISDN Legacy DDR conguration with multiple locations


    isdn switch-type basic-1tr6 ip route 192.168.3.0 255.255.255.0 192.168.2.2 ip route 192.168.5.0 255.255.255.0 192.168.2.3 username rosenheim password oktober username augsburg password fest access-list 101 permit tcp any host 192.168.3.15 eq 80 denine switch type used by telco. global or interface subcommand global conf mode command that route packets out of interface to be dialed global conf mode command that route packets out of interface to be dialed global conf. add username for chap support to rst router to be dialed global conf. add username for chap support to second router to be dialed global conf. access-list that dene interesting trafc

    access-list 101 permit tcp any 192.168.5.0 global conf. access-list that dene interesting trafc 0.0.0.255 eq 21 dialer-list 1 protocol ip list 101 interface bri 0 ip address 192.168.2.1 255.255.255.0 encapsulation ppp ppp authentication chap isdn spid1 00014555555559 isdn spid2 88012455937559 global conf. dene what is to be considered interesting. this example consider accesslists 101 rules enter interface bri 0 set bri 0 interface ip address set ppp encapsulation on bri 0 interface turn on chap authentication protocol optionaly bri int command. set security num. delegatet from telco optionaly bri int command. set security num. delegatet from telco

    dialer map ip 192.168.2.2 broadcast name map ip address with number and username to be send rosenheim 381638235510 dialer map ip 192.168.2.3 broadcast name map ip address with number and username to be send augsburg 38163277202 dialer-group 1 bri interface subcommand that referes to dialer-list in order to determen which trafc is to be considered interesting

    ISDN DDR conguration with Dialer Proles


    isdn switch-type basic-1tr6 ip route 192.168.3.0 255.255.255.0 192.168.2.2 ip route 192.168.5.0 255.255.255.0 192.168.2.3 username rosenheim password oktober username augsburg password fest access-list 101 permit tcp any host 192.168.3.15 eq 80 access-list 101 permit tcp any 192.168.5.0 0.0.0.255 eq 21 dialer-list 1 protocol ip list 101 interface dialer 0 ip address 192.168.2.1 255.255.255.0 encapsulation ppp denine switch type used by telco. global or interface subcommand global conf mode command that route packets out of interface to be dialed global conf mode command that route packets out of interface to be dialed global conf. add username for chap support to rst router to be dialed global conf. add username for chap support to second router to be dialed global conf. access-list that dene interesting trafc global conf. access-list that dene interesting trafc global conf. dene what is to be considered interesting. this example consider accesslists 101 rules create virtual dialer 0 interface set dialer 0 interface ip address set ppp encapsulation on dialer 0 interface

    ppp authentication chap dialer idle-timeout 300 dialer fast-idle 120

    turn on chap authentication protocol no interesting trafc for 5 minutes bring connection down no interesting trafc for 2 minutes and another call pending bring connection down

    dialer map ip 192.168.2.2 broadcast name map ip address with number and username to be send rosenheim 381638235510 dialer map ip 192.168.2.3 broadcast name map ip address with number and username to be send augsburg 38163277202 dialer-group 1 dialer-pool 2 interface bri 0 encapsulation ppp ppp authentication chap isdn spid1 00014555555559 isdn spid2 88012455937559 dialer pool-member 2 interface bri 1 encapsulation ppp ppp authentication chap isdn spid1 00014555555559 isdn spid2 88012455937559 dialer pool-member 2 dialer interface subcommand that referes to dialer-list in order to determen which trafc is to be considered interesting tell dialer inteface which dialer pool to use enter bri interface conguration set encapsulation to ppp enable chap authentication optionaly bri int command. set security num. delegatet from telco optionaly bri int command. set security num. delegatet from telco delegate bri 0 inteface in bri intefaces pool number 2 enter bri inteface conguration set encapsulation ppp enable chap anthentication optionaly bri int command. set security num. delegatet from telco optionaly bri int command. set security num. delegatet from telco delegate bri 1 inteface in bri interfaces pool number 2

    Frame Relay conguration


    interface serial 0.100 point-to-point encapsulation frame-relay frame-relay lmi-type ansi frame-relay map ip 192.168.2.1 100 broadcast frame-relay interface-dlci 100 global conf command that create serial0s subinteface set frame relay encapsulation and type on cisco. ietf type can be congured for frame relay between cisco and non cisco device set fr lmi type. default is autosense, other options are q933a and cisco map remote ip address with local dlci (usr local dlci to aim on remote address) optionaly allow broadcast to be sent over link subinterface command that associate subinterface to dlci

    Access Lists conguration


    access-list 10 permit 192.168.1.0 0.0.0.255 access-list 100 deny tcp any 192.168.10.15 0.0.0.0 eq 53 ip access-group 100 in access-class 10 in access-list 100 remark stop dns server standard access list statement that permit 192.168.1.0/24 subnet extended access list statement that deny connection to tcp/53 port of 192.168.10.15 interface subcommand. enable access-list 100 (direction in or out) line subcommand. enable access list 10 on line (telnet restrictions) give descriptive comment to access list. can be useful!

    You might also like