TERMINAL CONTROLS:
· Config# terminal
editing - allows for enhanced editing commands
· Config# terminal
monitor - shows output on telnet session
· Config# terminal
ip netmask-format hexadecimal|bit-count|decimal - changes the format
of subnet masks
HOST NAME:
HOST NAME:
· Config# hostname
ROUTER_NAME
BANNER:
BANNER:
· Config# banner
motd # TYPE MESSAGE HERE # - # can be
substituted for any character, must start and finish the message
DESCRIPTIONS:
DESCRIPTIONS:
· Config#
description THIS IS THE SOUTH ROUTER - can be entered at
the Config-if level
CLOCK:
CLOCK:
· Config# clock
timezone Central -6
# clock set hh:mm:ss dd month yyyy - Example: clock set 14:35:00 25 August 2003
CHANGING THE REGISTER:
# clock set hh:mm:ss dd month yyyy - Example: clock set 14:35:00 25 August 2003
CHANGING THE REGISTER:
· Config#
config-register 0x2100 - ROM Monitor Mode
· Config#
config-register 0x2101 - ROM boot
· Config#
config-register 0x2102 - Boot from NVRAM
BOOT SYSTEM:
BOOT SYSTEM:
· Config# boot
system tftp FILENAME SERVER_IP - Example: boot
system tftp 2600_ios.bin 192.168.14.2
· Config# boot
system ROM
· Config# boot
system flash - Then - Config#
reload
CDP:
CDP:
· Config# cdp run - Turns CDP on
· Config# cdp
holdtime 180 - Sets the time that a device remains.
Default is 180
· Config# cdp timer
30 - Sets the update timer.The default is
60
· Config# int
Ethernet 0
· Config-if# cdp
enable - Enables cdp on the interface
· Config-if# no cdp
enable - Disables CDP on the interface
· Config# no cdp
run - Turns CDP off
HOST TABLE:
HOST TABLE:
· Config# ip host
ROUTER_NAME INT_Address - Example: ip host lab-a 192.168.5.1
-or-
-or-
· Config# ip host
RTR_NAME INT_ADD1 INT_ADD2 INT_ADD3 - Example: ip host
lab-a 192.168.5.1 205.23.4.2 199.2.3.2 - (for e0, s0, s1)
DOMAIN NAME SERVICES:
DOMAIN NAME SERVICES:
· Config# ip
domain-lookup - Tell router to lookup domain names
· Config# ip
name-server 122.22.2.2 - Location of DNS server
· Config# ip
domain-name cisco.com - Domain to append to end of names
CLEARING COUNTERS:
CLEARING COUNTERS:
· # clear interface
Ethernet 0 - Clears counters on the specified
interface
· # clear counters - Clears all
interface counters
· # clear cdp
counters - Clears CDP counters
STATIC ROUTES:
STATIC ROUTES:
· Config# ip route
Net_Add SN_Mask Next_Hop_Add - Example: ip route
192.168.15.0 255.255.255.0 205.5.5.2
· Config# ip route
0.0.0.0 0.0.0.0 Next_Hop_Add - Default route
-or-
-or-
· Config# ip
default-network Net_Add - Gateway LAN network
IP ROUTING:
IP ROUTING:
· Config# ip
routing - Enabled by default
· Config# router
rip
-or-
-or-
· Config# router
igrp 100
· Config# interface
Ethernet 0
· Config-if# ip
address 122.2.3.2 255.255.255.0
· Config-if# no
shutdown
IPX ROUTING:
IPX ROUTING:
· Config# ipx
routing
· Config# interface
Ethernet 0
· Config# ipx
maximum-paths 2 - Maximum equal metric paths used
· Config-if# ipx
network 222 encapsulation sap - Also Novell-Ether,
SNAP, ARPA on Ethernet. Encapsulation HDLC on serial
· Config-if# no
shutdown
ACCESS LISTS:
ACCESS LISTS:
IP Standard
|
1-99
|
IP Extended
|
100-199
|
IPX Standard
|
800-899
|
IPX Extended
|
900-999
|
IPX SAP Filters
|
1000-1099
|
IP
STANDARD:
· Config#
access-list 10 permit 133.2.2.0 0.0.0.255 - allow all src ip’s
on network 133.2.2.0
-or-
-or-
· Config#
access-list 10 permit host 133.2.2.2 - specifies a
specific host
-or-
-or-
· Config#
access-list 10 permit any - allows any address
· Config# int
Ethernet 0
· Config-if# ip
access-group 10 in - also available: out
IP EXTENDED:
IP EXTENDED:
· Config#
access-list 101 permit tcp 133.12.0.0 0.0.255.255 122.3.2.0 0.0.0.255 eq telnet
-protocols: tcp, udp, icmp, ip (no sockets then), among others
-source then destination address
-eq, gt, lt for comparison
-sockets can be numeric or name (23 or telnet, 21 or ftp, etc)
-or-
-protocols: tcp, udp, icmp, ip (no sockets then), among others
-source then destination address
-eq, gt, lt for comparison
-sockets can be numeric or name (23 or telnet, 21 or ftp, etc)
-or-
· Config#
access-list 101 deny tcp any host 133.2.23.3 eq www
-or-
-or-
· Config#
access-list 101 permit ip any any
· Config# interface
Ethernet 0
· Config-if# ip
access-group 101 out
IPX STANDARD:
IPX STANDARD:
· Config#
access-list 801 permit 233 AA3 - source network/host
then destination network/host
-or-
-or-
· Config#
access-list 801 permit -1 -1 - “-1” is the same as
“any” with network/host addresses
· Config# interface
Ethernet 0
· Config-if# ipx
access-group 801 out
IPX EXTENDED:
IPX EXTENDED:
· Config#
access-list 901 permit sap 4AA all 4BB all
- Permit protocol src_add socket dest_add socket
-“all” includes all sockets, or can use socket numbers
-or-
- Permit protocol src_add socket dest_add socket
-“all” includes all sockets, or can use socket numbers
-or-
· Config#
access-list 901 permit any any all any all
-Permits any protocol with any address on any socket to go anywhere
-Permits any protocol with any address on any socket to go anywhere
· Config# interface
Ethernet 0
· Config-if# ipx
access-group 901 in
IPX SAP FILTER:
IPX SAP FILTER:
· Config#
access-list 1000 permit 4aa 3 - “3” is the service
type
-or-
-or-
· Config#
access-list 1000 permit 4aa 0 - service type of “0”
matches all services
· Config# interface
Ethernet 0
· Config-if# ipx
input-sap-filter 1000 - filter applied to incoming packets
-or-
-or-
· Config-if# ipx
output-sap-filter 1000 - filter applied to outgoing packets
NAMED ACCESS LISTS:
NAMED ACCESS LISTS:
· Config# ip
access-list standard LISTNAME
-can be ip or ipx, standard or extended
-followed by the permit or deny list
-can be ip or ipx, standard or extended
-followed by the permit or deny list
· Config# permit
any
· Config-if# ip
access-group LISTNAME in
-use the list name instead of a list number
-allows for a larger amount of access-lists
PPP SETUP:
-use the list name instead of a list number
-allows for a larger amount of access-lists
PPP SETUP:
· Config-if#
encapsulation ppp
· Config-if# ppp
authentication chap pap
-order in which they will be used
-only attempted with the authentification listed
-if one fails, then connection is terminated
-order in which they will be used
-only attempted with the authentification listed
-if one fails, then connection is terminated
· Config-if# exit
· Config# username
Lab-b password 123456
-username is the router that will be connecting to this one
-only specified routers can connect
-or-
-username is the router that will be connecting to this one
-only specified routers can connect
-or-
· Config-if# ppp
chap hostname ROUTER
· Config-if# ppp
chap password 123456
-if this is set on all routers, then any of them can connect to any other
-set same on all for easy configuration
ISDN SETUP:
-if this is set on all routers, then any of them can connect to any other
-set same on all for easy configuration
ISDN SETUP:
· Config# isdn
switch-type basic-5ess - determined by telecom
· Config# interface
serial 0
· Config-if# isdn
spid1 2705554564 - isdn “phonenumber” of line 1
· Config-if# isdn
spid2 2705554565 - isdn “phonenumber” of line 2
·
Config-if# encapsulation PPP - or HDLC, LAPD
DDR - 4 Steps to setting up ISDN with DDR
DDR - 4 Steps to setting up ISDN with DDR
- Configure switch
type
Config# isdn switch-type basic-5ess - can be done at interface config
- Configure static
routes
Config# ip route 123.4.35.0 255.255.255.0 192.3.5.5 - sends traffic destined for 123.4.35.0 to 192.3.5.5
Config# ip route 192.3.5.5 255.255.255.255 bri0 - specifies how to get to network 192.3.5.5 (through bri0)
- Configure
Interface
Config-if# ip address 192.3.5.5 255.255.255.0
Config-if# no shutdown
Config-if# encapsulation ppp
Config-if# dialer-group 1 - applies dialer-list to this interface
Config-if# dialer map ip 192.3.5.6 name Lab-b 5551212
connect to lab-b at 5551212 with ip 192.3.5.6 if there is interesting traffic
can also use “dialer string 5551212” instead if there is only one router to connect to
- Specify
interesting traffic
Config# dialer-list 1 ip permit any
-or-
Config# dialer-list 1 ip list 101 - use the access-list 101 as the dialer list
- Other Options
Config-if# hold-queue 75 - queue 75 packets before dialing
Config-if# dialer load-threshold 125 either
-load needed before second line is brought up
-“125” is any number 1-255, where % load is x/255 (ie 125/255 is about 50%)
-can check by in, out, or either
Config-if# dialer idle-timeout 180
-determines how long to stay idle before terminating the session
-default is 120
FRAME
RELAY SETUP:
· Config# interface
serial 0
· Config-if#
encapsulation frame-relay - cisco by default,
can change to ietf
· Config-if#
frame-relay lmi-type cisco - cisco by default,
also ansi, q933a
· Config-if#
bandwidth 56
· Config-if#
interface serial 0.100 point-to-point - subinterface
· Config-if# ip
address 122.1.1.1 255.255.255.0
· Config-if#
frame-relay interface-dlci 100
-maps the dlci to the interface
-can add BROADCAST and/or IETF at the end
-maps the dlci to the interface
-can add BROADCAST and/or IETF at the end
· Config-if#
interface serial 1.100 multipoint
· Config-if# no
inverse-arp - turns IARP off; good to do
· Config-if#
frame-relay map ip 122.1.1.2 48 ietf broadcast
-maps an IP to a dlci (48 in this case)
-required if IARP is turned off
-ietf and broadcast are optional
-maps an IP to a dlci (48 in this case)
-required if IARP is turned off
-ietf and broadcast are optional
·
Config-if# frame-relay map ip 122.1.1.3 54 broadcast
SHOW COMMANDS
· Show access-lists - all access lists on
the router
· Show cdp - cdp timer and
holdtime frequency
· Show cdp entry * - same as next
· Show cdp
neighbors detail - details of neighbor with ip add and
ios version
· Show cdp
neighbors - id, local interface, holdtime,
capability, platform portid
· Show cdp
interface - int’s running cdp and their
encapsulation
· Show cdp traffic - cdp packets sent
and received
· Show controllers
serial 0 - DTE or DCE status
· Show dialer - number of times
dialer string has been reached, other stats
· Show flash - files in flash
· Show frame-relay
lmi - lmi stats
· Show frame-relay
map - static and dynamic maps for PVC’s
· Show frame-relay
pvc - pvc’s and dlci’s
· Show history - commands entered
· Show hosts - contents of host
table
· Show int f0/26 - stats of f0/26
· Show interface
Ethernet 0 - show stats of Ethernet 0
· Show ip - ip config of switch
· Show ip
access-lists - ip access-lists on switch
· Show ip interface - ip config of
interface
· Show ip protocols - routing protocols
and timers
· Show ip route - Displays IP routing
table
· Show ipx
access-lists - same, only ipx
· Show ipx
interfaces - RIP and SAP info being sent and
received, IPX addresses
· Show ipx route - ipx routes in the
table
· Show ipx servers - SAP table
· Show ipx traffic - RIP and SAP info
· Show isdn active - number with active
status
· Show isdn status - shows if SPIDs are
valid, if connected
· Show
mac-address-table - contents of the dynamic table
· Show protocols - routed protocols
and net_addresses of interfaces
· Show
running-config - dram config file
· Show sessions - connections via
telnet to remote device
· Show
startup-config - nvram config file
· Show terminal - shows history size
· Show trunk a/b - trunk stat of port
26/27
· Show version - ios info, uptime,
address of switch
· Show vlan - all configured
vlan’s
· Show
vlan-membership - vlan assignments
·
Show vtp - vtp configs
CATALYST COMMANDS
For Native IOS - Not CatOS
For Native IOS - Not CatOS
SWITCH ADDRESS:
· Config# ip
address 192.168.10.2 255.255.255.0
· Config# ip
default-gateway 192.168.10.1
DUPLEX MODE:
DUPLEX MODE:
· Config# interface
Ethernet 0/5 - “fastethernet” for 100 Mbps ports
· Config-if# duplex
full - also, half | auto | full-flow-control
SWITCHING MODE:
SWITCHING MODE:
· Config#
mac-address-table permanent aaab.000f.ffef e0/2 - only this mac will
work on this port
· Config#
mac-address-table restricted static aaab.000f.ffef e0/2 e0/3
-port 3 can only send data out port 2 with that mac
-very restrictive security
-port 3 can only send data out port 2 with that mac
-very restrictive security
· Config-if# port
secure max-mac-count 5 - allows only 5 mac addresses mapped to
this port
VLANS:
VLANS:
· Config# vlan 10
name FINANCE
· Config# interface
Ethernet 0/3
· Config-if#
vlan-membership static 10
TRUNK LINKS:
TRUNK LINKS:
· Config-if# trunk
on - also, off | auto | desirable |
nonegotiate
· Config-if# no
trunk-vlan 2
-removes vlan 2 from the trunk port
-by default, all vlans are set on a trunk port
CONFIGURING VTP:
-removes vlan 2 from the trunk port
-by default, all vlans are set on a trunk port
CONFIGURING VTP:
· Config# delete
vtp - should be done prior to adding to a
network
· Config# vtp
domain Camp - name doesn’t matter, just so all
switches use the same
· Config# vtp
password 1234 - limited security
· Config# vtp
pruning enable - limits vtp broadcasts to only
switches affected
· Config# vtp
pruning disable
FLASH UPGRADE:
· Config# copy
tftp://192.5.5.5/configname.ios opcode -
“opcode” for ios upgrade, “nvram” for startup config FLASH UPGRADE:
No comments:
Post a Comment