Cisco Networking
1. Switch Configuration
hostname name
|
enable secret
|
history size
|
logging synchronous
|
[no] logging console
|
exec-timeout
|
line console 0
|
line vty
|
password
|
login local
|
username secret password
|
crypto key generate rsa [modulus 360-2048]
|
ip domain-name domain
|
transport input [telnet, ssh, all, none]
|
interface vlan number
|
ip address ip-address subnet-mask
|
ip address dhcp
|
ip default-gateway ip-address
|
ip name-server dns1-ip dns2-ip
|
interface type port-number
|
interface range type port-start-port-end
|
[no] shutdown
|
speed [10, 100, 1000, auto]
|
duplex [half, full, auto]
|
description text
|
no duplex
|
no speed
|
no description
|
no debug all
|
undebug all
|
reload
|
copy running-config startup-config
|
write erase
|
erase startup-config
|
erase nvram:
|
quit
|
enable
|
disable
|
configure terminal
|
switchport mode [access, trunk]
|
switchport port-security mac-address mac-address
|
switchport port-security mac-address sticky
|
switchport port-security maximum value
|
switchport port-security violation [protect, restrict, shutdown]
|
vlan vlan-id
|
name vlan-name
|
[no] shutdown vlan vlan-id
|
vtp mode [transparent, client, server]
|
switchport mode [access, dynamic auto, dynamic desirable, trunk]
|
switchport trunk encapsulation [dot1q, isl, negotiate]
|
switchport trunk native vlan vlan-id
|
switchport nonegotiate
|
switchport voice vlan vlan-id
|
switchport trunk allowed vlan [add, all, except, remove] vlan-list
|
2. Switch Troubleshooting
show running-config
|
show running-config | interface type number
|
show running-config | begin line
|
show mac address-table dynamic [interface type number]
|
show mac address-table secure [interface type number]
|
show mac address-table static [interface type number]
|
show mac address-table dynamic address MAC-address
|
show mac address-table dynamic interface interface-id
|
show mac address-table count
|
show mac address-table aging-time
|
clear mac address-table dynamic
|
show mac address-table
|
show interfaces [interface type number] status
|
show interfaces [interface type number]
|
show port-security interface type number
|
show port-security
|
show interfaces interface-id switchport
|
show interfaces interface-id trunk
|
show vlan [brief, id, name, summary]
|
show vlan
|
show vtp status
|
show interfaces description
|
show dhcp lease
|
show crypto key mypubkey rsa
|
show ip ssh
|
show ssh
|
show interfaces vlan number
|
show ip default-gateway
|
terminal history-size
|
show history
|
1. Router Configuration
interface type number
|
ip address address mask
|
[no] shutdown
|
duplex [full, half, auto]
|
speed [10, 100, 1000]
|
clock rate rate-in-bps
|
description text
|
bandwitch rate-in-bps
|
encapsulation dot1q vlan-id
|
sdm prefer lanbase-routing
|
[no] ip routing
|
interface vlan vlan-id
|
ip route prefix mask [ip-address, itnerface-type/number, distance, permanent]
|
show ip interfaces brief
|
show protocols [interface type/number]
|
show controllers [interface type/number]
|
show interface [interface type/number]
|
2. DHCP
ip dhcp excluded-address first last
|
ip dhcp pool pool-name
|
network subnet-id [ddn-mask, prefix-length]
|
default router address1 address2
|
dns-server address1 address2
|
lease [days, hours, minutes, infinite]
|
ip helper-address ip-address
|
show arp
|
show ip arp
|
show ip dhcp binding
|
show ip dhcp pool name
|
show ip dhcp server statistics
|
show ip dhcp conflict
|
clear ip dhcp confilct
|
ipconfig, ifconfig
|
netstat -rn / arp -a
|
3. RIP
router rip
|
network network-number
|
version 2
|
[no] passive-interface [interface-type/number]
|
passive interface default
|
[no] auto-summary
|
maximum-paths number
|
default-information originate
|
ip address dhcp
|
show ip interface brief
|
show ip route [rip]
|
show ip route ip-address
|
show ip protocols
|
show ip rip database
|
4. NAT
ip nat [inside, outside]
|
ip nat inside source list [list [access-list-number, access-list-name] interface type/number pool pool-nameoverload
|
ip nat pool name start-ip end-ip [netmask netmask, prefix-length prefix-length]
|
ip nat inside source inside-local inside-global
|
sho ip nat statistics
|
show ip nat translations [verbose]
|
clear ip nat translation
|
debug ip nat
|
5. ACL Standart 1-99 and 1300-1999
access-list access-list-number [deny, permit] source source-wildcard [log]
|
access-list access-list-number remark text
|
ip access-group number [in, out]
|
6. ACL Extended 100-199 and 2000-2699
access-list access-list-number [deny, permi] protocol-source source source-wildcard destination destination-wildcard [log]
|
access-list access-list-number [deny, permi] tcp source source-wildcard [operator-port] destination destination-wildcard [destination-port] [log]
|
access-list access-list-number remark text
|
ip access-group [number, name, in, out]
|
access-class [number, name, in, out]
|
ip access-list [standard, extended] name
|
[deny, permit] source source-wildcard [log]
|
[deny, permit] protocol source source-wildcard destination destination-wildcard [log]
|
[deny, permit] tcp source source-wildcard [operator-port] destination destination-wildcard [destination-protocol][log]
|
remark text
|
show ip interface type/number
|
show access-lists [access-list-number, access-list-name]
|
show ip access-lists [access-list-number, access-list,name]
|
Reacties
Een reactie posten