7/25/2019 Cisco Commands - 2016-05-19

1/26

Router / Switch Erase ConfgurationRouter>enableRouter#dir # List Flash contentRouter#dir nvram: # List NVRAM contentRouter#delete vlan.datRouter#delete ash:multiple-s # Erases certifcatesRouter#erase startup-confg / wr e # Erases ash:confg.text and ash:priate!confg.textRouter#reload# "ste$ confguration has %een $odifed. "ae& 'es(no): no# *roceed +ith reload& 'confr$)

Router asic ConfgurationRouter>enableRouter#confg termRouter,confg-#alias e!ec c confg t #Aoids tping confg t/Router,confg-#no ip domain-loo"upRouter,confg-#ip tcp s#nwait $ #Aoid do$ain!loo0up 1or23 secRouter,confg-#ip classless / no ip classless #no ip classless 4class1ullRouter,confg-#hostname R%R5,confg-#enable secret ciscoR5,confg-#banner motd &'uthori(ed )ersonnel *nl#&R5,confg-#line console +R5,confg!line-#logging s#nchronousR5,confg!line-#no e!ec-timeout #6i$eouts 7erload the 8*9 onN"2R5,confg!line-#password ciscoR5,confg!line-#login,*ptional R5,confg!line-#no login #;isa%les pass+ord,*ptional R5,confg!line-#privilege level %$ #Auto!priileged $ode

R5,confg!line-#line vt# + R5,confg!line-#password cisco,*ptional R5,confg!line-#no login #;isa%les pass+ord,*ptional R5,confg!line-#privilege level %$ #Auto!priileged $odeR5,confg!line-#loginR5,confg!line-#interace a+/+R5,confg!i1-#description Connection to arsR5,confg!i1-#speed %++R5,confg!i1-#duple! ull,"erial Lin0- R5,confg!i1-#cloc" rate 01++R5,confg!i1-#ip address %02.%13.4.%21 2$$.2$$.2$$.%23 / no ip address%02.%13.4.%21 2$$.2$$.2$$.%23

R5,confg!i1-#no shutdownR5,confg!i1-#interace a+/%R5,confg!i1-#description connection to switch%R5,confg!i1-#ip address %02.%13.4.%0+ 2$$.2$$.2$$.%02R5,confg!i1-#no shutdownR5,confg!i1-#e!itR5,confg-#cop# running-confg startup-confg

7/25/2019 Cisco Commands - 2016-05-19

2/26

7/25/2019 Cisco Commands - 2016-05-19

3/26

Switch S> ?emplate Selection"+itch>enable"+itch#show sdm preer # sho+s de1ault te$plate

"+itch,confg-#sdm preer dual-ipv-and-ipv1 routing # allocates$e$or 1or ip operations on 2?3"+itch,confg-#sdm preer lanbase-routing # allocates $e$or 1orip operations on =@3"+itch,confg!i1-#e!it"+itch#reload

Switch asic ConfgurationRouter>enableRouter#confg termRouter,confg-#hostname S%"5,confg-#banner motd &'uthori(ed )ersonnel *nl#&"+itch5,confg-#vtp fle nvram: vlan.dat ,Router wor"ing as switch"5,confg-#enable secret cisco"5,confg-#no ip routing #;isa%les routing ,9sing L2 asL= deice-"5,confg-#ip routing #Ena%les routing on L2s+itches ,de14disa%led-"5,confg-#no ip domain-loo"up"5,confg-#vtp mode transparent / vtp transparent ,router

"5,confg-#line console +"5,confg!line-#logging s#nchronous"5,confg!line-#no e!ec-timeout #6i$eouts 7erload the 8*9 onN"2"5,confg!line-#password cisco"5,confg!line-#login,*ptional "5,confg!line-#no login #;isa%les pass+ord,*ptional "5,confg!line-#privilege level %$ #Auto!priileged $ode"5,confg!line-#line vt# + %$"5,confg!line-#password cisco"5,confg!line-#transport input telnet"5,confg!line-#login

,*ptional "5,confg!line-#no login #;isa%les pass+ord,*ptional "5confg!line-#privilege level %$ #Auto!priileged $ode"5,confg!line-#e!it"5,confg-#ip deault-gatewa# %42.%4.00.%"5,confg-#duple! auto"5,confg-#speed auto"5,confg-#int range +/+ - %$"5,confg!i1!range-#shutdown"5,confg!i1!range-#e!it"5#vlan database ,Router wor"ing as switch"5,lan-#vlan 00 name mgmt ,Router wor"ing as switch"5,lan-#e!it

7/25/2019 Cisco Commands - 2016-05-19

4/26

7/25/2019 Cisco Commands - 2016-05-19

5/26

Switch EtherChannels between Switches"5,confg-#interace range +/4 - 3"5,confg!i1!range-#switchport mode trun""5,confg!i1!range-#switchport nonegotiate'2?3) "5,confg!i1!range-#switchport trun" encapsulation dot%D"5,confg!i1!range-#channel-group % mode desirable"5,confg!i1!range-#no shutdown"5,confg!i1!range-#e!it"5,confg-#end"5#show interace trun""5#show etherchannel summar#Switch ?ime Confguration"5#show cloc""5#cloc" set %:$:++ 20 ul# 2+%$"5#confg t"5,confg-#cloc" time(one C?S -1"5,confg-#cloc" summer-time C>? recurring"5,confg-#end"5#show cloc" detail

Switch ;?) aster"5#confg t"5,confg-#ntp master %+ #"tratu$ 5!5?>,*ptional- "5,confg-#ntp authenticate,*ptional- "5,confg-#ntp authentication-"e# % md$ paFFword,*ptional- "5,confg-#ntp trusted-"e# %"5,confg-#end"5#show ntp status #N6* $a ta0e up to ? $inutes tosnchroniGe"5#show ntp associationsAddress re1 cloc0 st +hen poll reach dela oHset dispIJ5=

7/25/2019 Cisco Commands - 2016-05-19

6/26

"5,confg-#access-list 2 permit %42.%1.+.+ +.+.2$$.2$$ #allo+s onldeices on 5ebug"5,confg-#end"5#debug snmp pac"ets"5#confg t"5,confg-#

ul 23 5:=

7/25/2019 Cisco Commands - 2016-05-19

7/26

7/25/2019 Cisco Commands - 2016-05-19

8/26

"=,confg!i1-#ipv1 dhcp rela# destination 2++%:db3:%%$:00::d% a+/% #C*"=,confg!i1-#ip helper-address %+.%.00.% #C*"=,confg!i1-#e!it

I) SG':C* "LA allo+s to $onitor net+or0 per1or$ance using generated traBc %et+een thedeices.

>GS%,confg-# ip sla %;L"5,confg!ip!sla-# icmp-echo %42.%1.%++.%+% # "erer at the other side o1 al= ( l2 deice;L"5,confg!ip!sla!echo-# exit

;L"5,confg-# ip sla 2;L"5,confg!ip!sla-# icmp-echo %42.%1.2++.%+% # "erer at the other side o1 al= ( l2 deice;L"5,confg!ip!sla!echo-# exit

;L"5,confg-# ip sla ;L"5,confg!ip!sla-# udp-Nitter %42.%1.00.%+% $+++ #L= s+itch at the otherside;L"5,confg!ip!sla!Qitter-# e!it

;L"5,confg-# ip sla ;L"5,confg!ip!sla-# udp-Nitter %42.%1.00.%+2 $+++ #Another L= s+itch atthe other side;L"5,confg!ip!sla!Qitter-# e!it

;L"5,confg-# ip sla schedule % lie orever start-time now;L"5,confg-# ip sla schedule 2 lie orever start-time now;L"5,confg-# ip sla schedule lie orever start-time now;L"5,confg-# ip sla schedule lie orever start-time now

'GS%,confg-#ip sla responder #Ena%les sending and receiingC* "LAs control pac0etsAL""5,confg-#ip sla responder udp-echo ipaddress %42.%1.00.% port $+++

# udp Qitter responder

;ote: 5

7/25/2019 Cisco Commands - 2016-05-19

9/26

>GS%,confg-# vlan ++ #"*AN Vlan;L"5,confg!lan-# name RE*?E6S)';;L"5,confg!lan-# remote-span

'GS%,confg-#monitor session % source interace La+/1 #6raBcsource

AL"5,confg-#monitor session % destination remote vlan ++AL"5# show monitor

'GS2,confg-# monitor session %+ source remote vlan ++ #6raBc destinationAL"=,confg-# monitor session %+ destination interace La+/4 # *8 +ith

+ireshar0 on this portAL"=# show monitor

SMonitor "tation at destination 1a3( #class1ul nt+ $ust %e directedconnected to R5R5,confg!router-#networ" .3.3.3 #in order to %e adertised asde1ault route toorR5,confg-i-#ip summar#-address eigrp asO +.+.+.+ +.+.+.+#thatYs it D this isall is reuired

EIKR) >istribute list w/'CGs #ECR* FilteringR5,confg-#access-list % den# %.%.%.+ +.+.+.2$$ #"tandard A8L to %eused +ith ECR*R5,confg-#router eigrp %+ #flters %ased on su%netprefxesR5,confg!router-#distribute-list 5'CG8 5in 7 out8 5interace8

R5,confg!router-# distribute-list % in #int is optional

R5,confg-#access-list %+% den# ip host 2.2.2.2 %.%.%.+ +.+.+.2$$ #ExtendedA8L flters %ased onR5,confg-#router eigrp %+ #su%net prefxes ,5.5.5.x- andspecifcR5,confg!router-# distribute-list %+% in #neigh%or ,=.=.=.=-

EIKR) >istribute list w/)ref!-Gist #ECR* FilteringR5,confg-#ip pref!-list

7/25/2019 Cisco Commands - 2016-05-19

19/26

R5,confg-#ip pref!-list I;E seD 2+ den# 2.2.2.+/%1 #6here is an i$plicitden all at the end

R5,confg-#ip pref!-list cisco seD %+ den# %.%.%.+/2 #denies an updates onthe range 5.5.5.3(=R5,confg-#ip pref!-list cisco seD 2+ den# %.%.%.+/2 ge 2$ le + #to 5.5.5.3 (23

R5,confg-#ip pref!-list >EL'MG?6R*M?E seD %+ den# +.+.+.+/+ #$atchesde1ault route updateR5,confg-#ip pref!-list 'GG6)RELIQES seD %++ permit +.+.+.+/+ le 2#per$it eerthing through

# used to aoid thei$plicit denR5,confg-#router eigrp %+ #flters %ased on su%netprefxes and lengthsR5,confg!router-#distribute-list pref!-list 5pref!-list-name8 5in7out8 5intt#pe intO8R5,confg!router-# distribute-list pref!-list istribute w/Route-aps #ECR* fltering %ased on $orethan Qust C*sR5,confg-#route-map

7/25/2019 Cisco Commands - 2016-05-19

20/26

Router *S)LR5,confg-#ip classless / no ip classless #no ip classless 4class1ulR5,confg-#router osp % #54osp1 process does not needto $atchR5,confg!router-#no auto-summar# #disa%les auto!su$$arR5,confg!router-#networ" ntw-address 9wildcard-mas"9area O#adertisesspecifc su%net onlR5,confg!router-#networ" %.+.+.+ +.2$$.2$$.2$$ area +#R5,confg!router-#networ" %+.%+.%+.%+ +.+.+.+ area % #7"*F +ill ta0ethe su%net 1ro$ this int iporR5,confg-#inter1ace 13(3R5,confg!i1-#ip osp1 5 area 5 #7"*F ena%led at the inter1aceleel

R5,confg-i-#ip osp hello-interval

7/25/2019 Cisco Commands - 2016-05-19

21/26

Lor an entire area ,enables authentication or all the interaces in aspecifc area:R2,confg-#router osp1 5R2,confg!router-#area 3 authentication $essage!digest #tpe =authenticationR2,confg!router-#inter1ace "3(3(5R2,confg!i1-#ip osp1 $essage!digest!0e 5 $d? cisco5=2Lor a single interace:R=,confg-#inter1ace "3(3(5R=,confg!i1-#ip osp1 authentication $essage!digestR=,confg!i1-#ip osp1 $essage!digest!0e 5 $d? cisco5=2

R5#sho+ ip osp1 inter1ace int!tpe int!#R5#de%ug ip osp1 helloR5#de%ug ip osp1 adQ

7/25/2019 Cisco Commands - 2016-05-19

22/26

Router asic *S)L ConfgurationR5,confg-#router osp1 5R5,confg!router-#net+or0 5sho+ ip protocolssho+ ip osp1sho+ ip osp1 inter1ace

confgure loopbac"R5,confg-#inter1ace loop%ac0 3R5,confg!i1-#ip address 53.5.5.5 =??.=??.=??.=??

show ip osp neighborsR5,confg!router-#router!id 53...Reload or R5# clear ip osp1 process

confgure *S)L cost ,and bandwidth,confg-#inter1ace serial3(3(3,confg!i1-#%and+idth or,confg-#inter1ace serial3(3(3,confg!i1-#ip osp1 cost 5?33R5,confg!router-#auto!cost re1erence!%and+idth 53333 ,pro%a%l +onZt %e used-

sho+ ip osp1 inter1ace

>eault RouteR5,confg-#inter1ace loop%ac05R5,confg!i1-#ip address 5

7/25/2019 Cisco Commands - 2016-05-19

23/26

R5#sho+ ip osp1 inter1ace serial3(3(3de%ug ip osp1 eents ,to see changes-

Confgure *S)L on a ulti-access ;etwor"on 5 port s+itch:router,confg-# no ip routingrouter ,confg-# int range 13(3 13(5 13(=router,confg!int!range- speed 533router,confg!int!range- duplex autorouter,confg!int!range- no shutdo+n other+ise the +ill %e do+nrouter,confg!int!range-exitrouter# sho+ inter1aces status

Confgure ospR2,confg-#router osp1 5R2,confg!router-#net+or0 5@=.5.5.3 3.3.3.=?? area 3

?o show >R >R >R*?JER#sho+ ip osp1 inter1ace#sho+ ip osp1 neigh%or

Mse the *S)L )riorit# to >etermine the >R and >R ,2$$ ma!A lowest +R5,confg-#inter1ace 1astEthernet3(3R5,confg!i1-#ip osp1 priorit =??R5,confg!i1-#shutdo+n ,on all-R5,confg!i1-#no shutdo+n ,on all-

>isable *S)L updates on an interaceR5,confg-#router osp1 5R5,confg!i1-#passie!inter1ace 13(3orR5,confg!router-#passie!inter1ace de1ault ,puts all inter1aces on passie $ode-R5,confg!router-#no passie!inter1ace s3(3(3 ,ena%le onl those inter1aces that ou+ant to send [ receie updates-

Tuic" view o Interaces Ips V statuses#sho+ ip inter1ace %rie1

>ispla# encapsulation and interace and line status#sho+ inter1ace serial s3(3(5

>ispla# >CE or >?E and the Cloc" Rate#sho+ controllers s3(3(5

))) / J>GC encapsulation ,*nl# on Serial InteracesR5,confg!i1-#encapsulation hdlc ( ppp

))) 'uthentication )') or CJ'),*nl# on Serial InteracesRouter R5:R5,confg-#userna$e R= pass+ord ciscoR5,confg!i1-#encapsulation pppR5,confg!i1-#ppp authentication pap ( chapR5,confg!i1-#ppp pap sent!userna$e R5 pass+ord cisco ,onl 1or pap-

Router R=:

7/25/2019 Cisco Commands - 2016-05-19

24/26

R5,confg-#userna$e R5 pass+ord ciscoR5,confg!i1-#encapsulation pppR5,confg!i1-#ppp authentication pap ( chapR5,confg!i1-#ppp pap sent!userna$e R= pass+ord cisco ,onl 1or pap-

Lrame-Rela#R5,confg-#inter1ace serial3(3(3R5,confg!i1-#ip address 5@=.5.5.5 =??.=??.=??.3R5,confg!i1-#encapsulation 1ra$e!rela ,8isco encapsulation-7rR5,confg!i1-#encapsulation 1ra$e!rela iet1 ,CE6F encapsulation-R5,confg!i1-#no shutdo+nR5,confg!i1-#1ra$e!rela $ap ip 53.53.53.= 53= %roadcast ,6o reach router R= use;L8C 53= located at C* address 53.53.53.=-R5,confg!i1-#1ra$e!rela $ap ip 53.53.53.2 532 %roadcast ,6o reach router R2 use;L8C 532 located at C* address 53.53.53.2-R5,confg!i1-#1ra$e!rela l$i!tpe ansi ,8onfgures the LMC 6pe to ansi-

Lrame-Rela# Sub-InteracesR5,confg-#inter1ace s3(3(3R5,confg!i1-#no ip addressR5,confg!i1-#encapsulation 1ra$e!rela ,8isco encapsulation-7rR5,confg!i1-#encapsulation 1ra$e!rela iet1 ,CE6F encapsulation-R5,confg!i1-#1ra$e!rela l$i!tpe ansi ,8onfgures the LMC 6pe to ansi-R5,confg!i1-#no shutdo+nR5,confg!i1-#ExitR5,confg-#inter1ace s3(3(3.53= point!to!point ,53= is the ;L8C nu$%er-R5,confg!i1-#ip address 53.5.5.5 =??.=??.=??.=?=R5,confg!i1-#%and+idth R5,confg!i1-#1ra$e!rela inter1ace!dlci 53=R5,confg!i1-#exitR5,confg-#inter1ace s3(3(3.532 point!to!point ,532 is the ;L8C nu$%er-R5,confg-#ip address 53.5.5.? =??.=??.=??.=?=R5,confg-#%and+idth R5,confg-#1ra$e!rela inter1ace!dlci 532R5,confg-#exit

6hen create static routes to the distant net+or0s9sing the re$ote ip addresses ! exa$ple:R5,confg-#ip route 5@=.5.=.3 =??.=??.=??.3 53.5.5.= =??.=??.=??.=?=R5,confg-#ip route 5@=.5..3 =??.=??.=??.3 53.5.5. =??.=??.=??.=?=

Gogging 'ctivit#R5,confg-#logging 5@=.5.53.53 ,ip address o1 the sslog serer-

R5,confg-#logging trap 0e+ord ,0e+ords 4 e$ergencies ( alerts ( critical (errors ( +arnings ( notifcations ( in1or$ational ( de%ugging-

'CGsWe# Tuestions:9se a standard or extended A8L&8onfgure the A8L on +hich router&Appl the A8L to +hich inter1ace&Appl the A8L in +hich direction&

Standard ;umbered 'CGsR5,confg-#access!list 53 den 5@=.5.53.3 3.3.3.=??

7/25/2019 Cisco Commands - 2016-05-19

25/26

R5,confg-#access!list 53 per$it anR5,confg-#inter1ace 1a3(5R5,confg!i1-#ip access!group 53 out

Standard ;amed 'CGsR2,confg-#ip access!list standard N7UA88E""R2,confg!std!nacl-#den host 5@=.5.23.5=R2,confg!std!nacl-#per$it anR2,confg-#inter1ace 1a3(3R2,confg!i1-#ip access!group N7UA88E"" in

E!tended ;umbered 'CGsR5,confg-#access!list 553 den tcp 5@=.5.53.3 3.3.3.=?? an e telnetR5,confg-#access!list 553 den udp 5@=.5.53.3 3.3.3.=?? host 5@=.5.=3.=?e t1tpR5,confg-#access!list 553 per$it ip an anR5,confg-#inter1ace 1a3(3R5,confg!i1-#ip access!group 553 in

R2,confg-#access!list 523 den ip 5@=.5.23.3 3.3.3.=?? 5@=.5.=3.3 3.3.3.=??R2,confg-#access!list 523 per$it ip 5@=.5.23.3 3.3.3.5=< anR2,confg-#access!list 523 per$it ip 5@=.5.23.5= 3.3.3.5=< 5@=.5.53.33.3.3.=??R2,confg-#access!list 523 per$it ip 5@=.5.23.5= 3.3.3.5=< 5@=.5.55.33.3.3.=??R2,confg-#access!list 523 per$it tcp 5@=.5.23.5= 3.3.3.5=< an e +++R2,confg-#access!list 523 per$it ic$p 5@=.5.23.5= 3.3.3.5=< anR2,confg-#access!list 523 den ip an anR2,confg-#inter1ace 1a3(3R2,confg!i1-#ip access!group 523 in

Exa$ple: Posts 53.5.?3.5 through 53.5.?3.2 are not allo+ed +e% access toCntranet serer at 53.5.3.5:PK,confg-#access!list 535 den tcp 53.5.?3.3 3.3.3.2 host 53.5.3.5 e +++PK,confg-#access!list 535 per$it ip an an

E!tended ;amed 'CGsR=,confg-#ip access!list extended FCREALLR=,confg!ext!nacl-#per$it tcp an host 5@=.5.=3.=? e +++R=,confg!ext!nacl-#per$it tcp an an esta%lishedR=,confg!ext!nacl-#per$it ic$p an an echo!replR=,confg!ext!nacl-#den ip an anR2,confg-#inter1ace s3(5(3R2,confg!i1-#ip access!group FCREALL in

R5,confg-#ip access!list extended extend!5R5,confg!ext!nacl-#den ip 5@=.5.53.3 3.3.3.=?? host =3@.5?.=33.==?R5,confg!ext!nacl-#per$it ip an anR5,confg-#inter1ace serial 3(3(3R5,confg!i1-#ip access!group extend!5 out

Control B?X lines with an 'CGR=,confg-#ip access!list standard 6as0!R=,confg!std!nacl-#per$it 53.=.=.3 3.3.3.2R=,confg!std!nacl-#per$it 5@=.5.23.3 3.3.3.=??R=,confg-#line t 3

7/25/2019 Cisco Commands - 2016-05-19

26/26

R=,confg!line-#access!class 6as0! in

Beri# 'CGsR5#sho+ access!listsExtended C* access list 553den tcp 5@=.5.53.3 3.3.3.=?? an e telnetden udp 5@=.5.53.3 3.3.3.=?? host 5@=.5.=3.=? e t1tpper$it ip an anExtended C* access list 555per$it tcp 5@=.5.55.3 3.3.3.=?? host 5@=.5.=3.=? e +++per$it udp 5@=.5.55.3 3.3.3.=?? host 5@=.5.=3.=? e t1tpden ip 5@=.5.55.3 3.3.3.=?? 5@=.5.=3.3 3.3.3.=??per$it ip an an