Ccna Ios Commands

March 31, 2018 | Author: Dumidu Darshika Senanayake | Category: Ip Address, Networks, Internet Protocols, Wide Area Network, Routing
Share Embed Donate


Short Description

Cisco IOS commands needed for the CCNA exam...

Description

Cisco IOS Commands

Accessing the Router User EXEC mode :-

Router >

Privilege EXEC mode :-

Router > enable Router #

Disabling Privilege EXEC mode :-

Router # disable Router >

Global Configuration mode :-

Router # configure terminal Router (config) #

Exit from Global config mode :-

Router (config) # exit Router # Basic Configuration

Change Hostname :-

Router (config) # hostname [hostname] Router (config) # hostname R1 R1 (config) #

Disable Hostname :-

R1 (config) # no hostname Router (config) #

Insert a Banner :-

R1 (config) # banner motd #[banner]# R1 (config) # banner motd #Authorized Personal Only#

Removing a Banner :-

R1 (config) # no banner motd

R1 (config) # no ip domain-lookup R1 (config) # line console 0 / vty 0 4 R1 (config-line) # logging synchronous R1 (config-line) # exit History :-

R1 # terminal history R1 # terminal history size 50

R1 # terminal no history R1 # terminal no history size

R1 # show history Changing History Size :-

Configure Clock :-

S1 (config) # line console 0 / vty 0 4 S1 (config-line) # history size [no.] S1 (config-line) # history size 35 S1 (config-line) # exit

S1 # clock set hh:mm:ss day(1-31) month year S1 # clock set 12:12:12 1 jan 2010

CDP (Cisco Discovery Protocol) R1 # show cdp neighbors R1 # show cdp neighbors detail Dumidu Darshika Senanayake Page 1 of 17

Cisco IOS Commands

Disable: R1 (config) # no cdp run

Enable: R1 (config) # cdp run Router Security

Router access password :R1 (config) # line console 0 / vty 0 4 R1 (config-line) # password [password] R1 (config-line) # password cisco R1 (config-line) # login R1 (config-line) # exit Configure SSH :-

Remove password :-

R1 (config-line) # no password

S1 (config) # username [name] password [password] S1 (config) # username ccna password cisco S1 (config) # ip domain-name [domain name] S1 (config) # ip domain-name mydomain.com S1 (config) # crypto key generate rsa S1 (config) # line vty 0 4 S1 (config-line) # transport input [ssh, telnet, all] S1 (config-line) # transport input ssh S1 (config-line) # login local S1 (config-line) # exit S1 (config) # ip ssh version 2 (optional) S1 (config) # ip ssh time-out 60 S1 (config) # ip ssh authentication-retries 3

Encrypting Passwords :-

R1 (config) # service password-encryption

Privilege EXEC mode password :-

R1 (config) # enable password [password] (no encryption) R1 (config) # enable password cisco R1 (config) # enable secret [password] (heavy encryption) R1 (config) # enable secret cisco

Removing enable password :-

R1 (config) # no enable password R1 (config) # no enable secret

Pre configuration for Cisco SDM S1 (config-line) # privilege level 15 Configure HTTP Server :S1 (config) # ip http authentication enable S1 (config) # ip http server S1 (config) # ip http secure-server ACL (Access Control List) Wildcard mask: 0 bit - check 1 bit - ignore A single host: 192.168.10.5 0.0.0.0 / host 192.16.10.5 Standard ACL: [1-99] [1300-1999] implemented close to the destination of the traffic Dumidu Darshika Senanayake Page 2 of 17

Cisco IOS Commands

R1 (config) # access-list [ACL no.] [permit / deny] [source ip add.] [wildcard mask] R1 (config) # access-list 10 deny 192.168.10.0 0.0.0.255 Extended ACL: [100-199] [2000-2699] implemented close to source of the traffic R1 (config) # access-list [ACL no.] [permit / deny] [protocol] [source network add. wildcard mask] [destination network add. wildcard mask] eq [service] R1 (config) # access-list 110 deny tcp 192.168.10.0 0.0.0.255 any eq telnet Activating an ACL:

R1 (config-if) # ip access-group [no.] [in / out] R1 (config-if) # ip access-group 10 out R1 (config) # line vty 0 4 R1 (config-line) # ip access-group 10 in

Named ACL:

R1 (config) # ip access-list standard [name] R1 (config) # ip access-list standard NO_ACCESS R1 (config-std-nacl) # [permit / deny] [source ip add.] [wildcard mask] R1 (config-std-nacl) # deny 192.168.10.0 0.0.0.255 R1 (config-std-nacl) # exit

R1 (config) # ip access-list extended [name] R1 (config) # ip access-list extended SURFING R1 (config-exd-nacl) # [permit / deny] [protocol] [source network add. wildcard mask] [destination network add. wildcard mask] eq [service] R1 (config-exd-nacl) # permit tcp 192.168.10.0 0.0.0.255 any eq telnet R1 (config-exd-nacl) # exit Activating a named ACL:

R1 (config-if) # ip access-group [name] [in / out] R1 (config-if) # ip access-group NO_ACCESS in

R1 # show access-lists Configuring Interfaces Configure Ethernet Ports :R1 (config) # interface [interface] R1 (config) # interface f0/0 R1 (config-if) # ip address [ip add.] [subnet mask] R1 (config-if) # ip address 192.168.1.1 255.255.255.0 R1 (config-if) # description [description] R1 (config-if) # description –Link to PC1— R1 (config-if) # no shutdown R1 (config-if) # exit Configuring Sub Interface :- (inter VLAN routing) R1 (config) # interface f0/0.[vlan no.] R1 (config) # interface f0/0.99 R1 (config-subif) # encapsulation dot1Q [vlan no.] native R1 (config-subif) # encapsulation dot1Q 99 native Dumidu Darshika Senanayake Page 3 of 17

Cisco IOS Commands

R1 (config-subif) # ip address 172.17.99.1 255.255.255.0 R1 (config-subif) # exit R1 (config) # interface f0/0.10 R1 (config-subif) # encapsulation dot1Q 10 R1 (config-subif) # ip address 172.17.10.1 255.255.255.0 R1 (config-subif) # exit  Only type “no shutdown” on main interface Configure Serial Ports :R1 (config) # interface s0/0/0 R1 (config-if) # ip address 192.168.2.1 255.255.255.0 R1 (config-if) # clock rate [clock rate] (only for DCE) R1 (config-if) # clock rate 64000 R1 (config-if) # description –Link to R2— R1 (config-if) # no shutdown R1 (config-if) # exit Configuring a loopback interface :R1 (config) # interface loopback 0 R1 (config-if) # ip address 172.16.10.1 255.255.255.0 R1 (config-if) # description –Loopback interface 1— R1 (config-if) # no shutdown R1 (config-if) # exit Modify a link Bandwidth

R1 (config-if) # bandwidth [Kilobits] R1 (config-if) # bandwidth 1544

Mode

S1 (config-if) # duplex [auto / full / half]

Speed

S1 (config-if) # speed [no.] S1 (config-if) # speed 100

R1 (config-if) # no bandwidth

Removing ip address & disabling the port R1 (config) # interface f0/0 R1 (config-if) # no ip address R1 (config-if) # shutdown R1 # show ip interface brief R1 # show interface s0/0/0 R1 # show controllers Configure Routing Protocols Static Route :AD = 1 R1 (config) # ip route [network add.] [subnet mask] [next hop IP add. / exit interface] Dumidu Darshika Senanayake Page 4 of 17

Cisco IOS Commands

R1 (config) # ip route 192.168.3.0 255.255.255.0 192.168.2.2 (next hop IP add.) R1 (config) # ip route 192.168.3.0 255.255.255.0 s0/0/0 (exit interface) Removing a Static Route :-

R1 (config) # no ip route 192.168.3.0 255.255.255.0 s0/0/0

Dynamic Routing Protocols : Use the adjacent network’s network address  [1 / 0] = [Administrative distance / Metric] RIP v1 (Routing Information Protocol)

broadcast

AD = 120

R1 (config) # router rip R1 (config-router) # network [network add. of adjacent networks] R1 (config-router) # network 192.168.2.0 R1 (config-router) # network 192.168.1.0 R1 (config-router) # exit RIP v2

R1 (config) # router rip R1 (config-router) # version 2 R1 (config-router) # no auto-summary R1 (config-router) # network 192.168.2.0 R1 (config-router) # network 192.168.1.0 R1 (config-router) # exit R1 # debug ip rip

multicast: 224.0.0.9

undebug all

EIGRP (Enhanced Interior Gateway Routing Protocol)

AD = 90 multicast: 224.0.0.10 [Autonomous System no. 1 – 65535]

R1 (config) # router eigrp [as no.] R1 (config) # router eigrp 1 R1 (config-router) # network 192.168.2.0 R1 (config-router) # network [network add.] [wildcard mask] (specific range) R1 (config-router) # network 192.168.1.0 0.0.0.3 R1 (config-router) # exit

R1 (config-if) # ip summary-address eigrp [as no.] [network add.] [subnet mask] R1 (config-if) # ip summary-address eigrp 1 192.168.0.0 255.255.252.0 R1 (config-if) # ip bandwidth-percent eigrp [as no.] [percent] R1 (config-if) # ip bandwidth-percent eigrp 1 50 R1 (config-if) # ip hello-interval eigrp [as no.] [seconds] R1 (config-if) # ip hold-time eigrp [as no.] [seconds] R1 # show ip eigrp neighbors R1 # show ip eigrp topology OSPF (Open Shortest Path First)

multicast: 224.0.0.5

AD = 110

 Make sure to configure the loopback interfaces for network stability Dumidu Darshika Senanayake Page 5 of 17

Cisco IOS Commands

R1 (config) # router ospf [process ID] [Process ID 1 – 65535] R1 (config) # router ospf 1 R1 (config-router) # network [network add.] [wildcard mask]area [area ID] R1 (config-router) # network 192.168.1.0 0.0.0.3 area 0 R1 (config-router) # exit Modifying router ID :-

R1 (config-router) # router-id [ip add.] R1 (config-router) # router-id 192.168.1.1

Modifying OSPF cost of a link :-

R1 (config-if) # ip ospf cost [cost] R1 (config-if) # ip ospf cost 1562

Interface priority :-

R1 (config-if) # ip ospf priority [1-255] R1 (config-if) # ip ospf priority 1

Changing reference bandwidth value :R1 (config-router) # auto-cost reference-bandwidth 10000 Modifying OSPF timers :-

R1 (config-if) # ip ospf hello-interval [seconds] R1 (config-if) # ip ospf dead-interval [seconds] (hello x 4)

Simple Authentication :enables authentication for all the interfaces in area 0

R1 (config-router) # area 0 authentication R1 (config-if) # ip ospf authentication-key [password] R1 (config-if) # ip ospf authentication-key cisco123 enables authentication for specific interface

R1 (config-if) # ip ospf authentication R1 (config-if) # ip ospf authentication-key [password] R1 (config-if) # ip ospf authentication-key cisco123 md5 (message-digest) Authentication :enables md5 authentication for all the interfaces in area 0 R1 (config-router) # area 0 authentication message-digest R1 (config-if) # ip ospf message-digest-key 1 md5 [password] R1 (config-if) # ip ospf message-digest-key 1 md5 cisco123 enables md5 authentication for specific interface

R1 (config-if) # ip ospf authentication message-digest R1 (config-if) # ip ospf message-digest-key 1 md5 [password] R1 (config-if) # ip ospf message-digest-key 1 md5 cisco123 R1 # show ip ospf R1 # show ip ospf interface R1 # show ip ospf neighbor R1 # clear ip ospf process Configuring Passive interface :-

R1 (config-router) # passive-interface [interface] R1 (config-router) # passive-interface f0/0

Dumidu Darshika Senanayake Page 6 of 17

Cisco IOS Commands

Distributing (Default) Static route through RIP, EIGRP, OSPF 01).

R1 (config) # ip route 0.0.0.0 0.0.0.0 209.165.200.225 (next hop ip) R1 (config-router) # default-information originate

02).

R1 (config) # ip route 192.168.0.0 255.255.0.0 s0/0/1 R1 (config-router) # redistribute static R1 # show ip route R1 # show ip protocol R1 # debug ip routing

WAN Configuration  WAN configuration only performed on serial interfaces. HDLC (High-level Data Link Control) R1 (config-if) # encapsulation hdlc PPP (Point to Point Protocol) R1 (config-if) # encapsulation ppp Compression: Link quality: Load balancing:

R1 (config-if) # compress [predictor / stac] R1 (config-if) # ppp quality [percentage] R1 (config-if) # ppp multilink

Authentication:R1 (config) # username [remote-host] password [remote-password] R1 (config) # username R2 password cisco123 Configuring PAP (PPP Authentication Protocol) R1 (config-if) # ppp authentication pap R1 (config-if) # ppp pap sent-username [local-host] password [local-host-password] R1 (config-if) # ppp pap sent-username R1 password cisco123 Configuring CHAP (Challenge Handshake Authentication Protocol) R1 (config-if) # ppp authentication chap Troubleshooting PPP

Debug ppp authentication Debug ppp chap Debug ppp error Debug ppp negotiation Debug ppp packet

Frame Relay

Dumidu Darshika Senanayake Page 7 of 17

Cisco IOS Commands

Basic Frame Relay configuration R1 (config-if) # encapsulation frame-relay [cisco / ietf]

ietf for non-Cisco products

Static Frame Relay Mapping R1 (config-if) # frame-relay map [protocol] [ip add. of neighbor] [dlci] broadcast R1 (config-if) # frame-relay map ip 192.168.10.20 120 broadcast R1 (config-if) # frame-relay map ip 192.168.10.30 130 broadcast LMI (Local Management Interface) is default autosense R1 (config-if) # frame-relay lmi-type [cisco / ansi / q933a] Configuring Frame-Relay sub-interfaces R1 (config) # interface s0/0/0 R1 (config-if) # encapsulation frame-relay R1 (config-if) # no shutdown R1 (config-if) # exit R1 (config) # interface [serial int.].[dlci] [point-to-point / multipoint] R1 (config) # interface s0/0/0.120 point-to-point R1 (config-subif) # ip address 192.168.10.1 255.255.255.0 R1 (config-subif) # frame-relay interface-dlci [dlci] R1 (config-subif) # frame-relay interface-dlci 120 R1 (config-subif) # exit R1 (config) # interface s0/0/0.130 point-to-point R1 (config-subif) # ip address 192.168.20.1 255.255.255.0 R1 (config-subif) # frame-relay interface-dlci 130 R1 (config-subif) # exit  Configure on main router. Only type “no shutdown” on main interface. Branch routers encapsulation frame-relay frame-relay lmi-type [cisco / ansi / q933a] Configuring Frame-Relay switch FR-Switch (config) # frame-relay switching FR-Switch (config-if) # encapsulation frame-relay Dumidu Darshika Senanayake Page 8 of 17

Cisco IOS Commands

FR-Switch (config-if) # frame-relay intf-type dce FR-Switch (config-if) # frame-relay route 102 interface serial 0/0/1 201 no frame-relay inverse-arp no ip split-horizon R1 # show frame-relay map R1 # show frame-relay pvc / show frame-relay pvc [dlci] R1 # show frame-relay lmi R1 #debug frame-relay lmi DHCP (Dynamic Host Configuration Protocol) Step1: Exclude an address range R1 (config) # ip dhcp excluded-address [low add.] [high add.] R1 (config) # ip dhcp excluded-address 192.168.1.1 192.168.1.9 Step2: Create DHCP pool R1 (config) # ip dhcp pool [pool name] R1 (config) # ip dhcp pool SALES R1 (config-dhcp) # Step3: define the pool address R1 (config-dhcp) # network [network add. mask / prefix] R1 (config-dhcp) # network 192.168.1.0 255.255.255.0 R1 (config-dhcp) # default-router [ip add.] R1 (config-dhcp) # default-router 192.168.1.1 R1 (config-dhcp) # dns-server [ip add.] R1 (config-dhcp) # dns-server 192.168.20.254 R1 (config-dhcp) # netbios-name-server [ip add.] R1 (config-dhcp) # netbios-name-server 192.168.20.254 R1 (config-dhcp) # domain-name [name] R1 (config-dhcp) # domain-name mydomain.com R1 (config-dhcp) # lease {days hours minutes / infinite} R1 (config-dhcp) # lease 7 DHCP Relay

R1 (config) # interface f0/0 R1 (config-if) # ip helper-address [dhcp server ip add.] R1 (config-if) # ip helper-address 192.168.10.5 Dumidu Darshika Senanayake Page 9 of 17

Cisco IOS Commands

R1 (config) # ip forward-protocol udp [port no.] R1 (config) # ip forward-protocol udp 161 R1 # show ip dhcp binding R1 # show ip dhcp server statistics R1 # show ip dhcp pool R1 # show ip address conflicts R1 # debug ip dhcp events R1 # debug ip dhcp server R1 # debug ip dhcp packet detail NAT (Network Address Translation)

ISP static route

ISP (config) # ip route 209.165.200.0 255.255.255.0 209.165.100.225

Static NAT (Public address given by ISP 209.165.200.254) Step1: specify static translation between an inside local and inside global address R1 (config) # ip nat inside source static [local ip] [global ip] R1 (config) # ip nat inside source static 192.168.20.10 209.165.200.254 Step2: mark the router interface as an inside or outside interface R1 (config-if) # ip nat [inside / outside] R1 (config) # interface f0/0 R1 (config-if) # ip nat inside

R1 (config) # interface s0/0/0 R1 (config-if) # ip nat outside

Dynamic NAT (Public address range from ISP 209.165.200.11 – 209.165.200.20 /24) Step1: define a named address pool of outside addresses R1 (config) # ip nat pool [name] [ip range] netmask [mask] R1 (config) # ip nat pool NAT1 209.165.200.11 209.165.200.20 netmask 255.255.255.0 Step2: define an access list to specify those inside address R1 (config) # access-list 1 permit 192.168.10.0 0.0.0.255 Dumidu Darshika Senanayake Page 10 of 17

Cisco IOS Commands

Step3 *: Specify dynamic translation R1 (config) # ip nat inside source list [ACL no.] pool [name] R1 (config) # ip nat inside source list 1 pool NAT1 Step4: R1 (config-if) # ip nat [inside / outside] PAT (Port Address Translation) Single public address Step1: R1 (config) # access-list 1 permit 192.168.10.0 0.0.0.255 Step2 *: R1 (config) # ip nat inside source list 1 interface s0/0/0 overload Step3: R1 (config-if) # ip nat [inside / outside] Multiple public address Step1: R1 (config) # access-list 1 permit 192.168.10.0 0.0.0.255 Step2: R1 (config) # ip nat pool NAT1 209.165.200.11 209.165.200.20 Step3 *: R1 (config) # ip nat inside source list 1 pool NAT1 overload Step4: R1 (config-if) # ip nat [inside / outside] R1 # show ip nat translation R1 # show ip nat translation verbose R1 # show ip nat statistics R1 # debug ip nat R1 # clear ip nat translation IPv6 2002:c0a8:0101:0000:0000:0000:0000:0042  2002:c0a8:101::42 Classful / Classless Routing Behavior R1 (config) # ip classless Saving Configuration :-

R1 (config) # no ip classless

R1 # copy running-config startup-config

Backup Startup-config to flash :-

R1 # copy startup-config flash:config.bak1

R1 # copy system:running-config tftp://172.16.2.155/tokyo-config R1 # copy startup-config tftp [tftp server ip add.] Restore Configuration :-

R1 # copy flash:config.bak1 startup-config R1 # reload

Reset Router Configuration :-

R1 # erase startup-config [confirm] R1 # reload

Boot from another image :Step1: configure a tftp server Dumidu Darshika Senanayake Page 11 of 17

Cisco IOS Commands

Step2: R1 # copy tftp flash [ip add. of tftp server] 192.168.20.254 [new IOS image name] c1841-ipbasek9-mz.124-12.bin Step3: R1 (config) # boot system flash: c1841-ipbasek9-mz.124-12.bin Step4: save configuration R1 # copy run start Step5: restart the router c2960-lanbase-mz.122-25.SEE1.bin c1841-ipbase-mz.123-14.T7.bin c1841-ipbasek9-mz.124-12.bin Platform: Cisco 2960 Cisco 1841 Cisco 1841 Feature set: lan base ip base ip base k9 File format: m (runs in RAM) z (compressed) Version: 12.2 (25) SEE1 12.3 (14) T7 12.4 (12) File extinction: binary executable Recovering a lost password :Step1: power cycle the router, and press [Ctrl]+[Break] key while booting. This will bring the router to ROMmon mode. Step2: rommon 1 > confreg 0x2142 rommon 2 > reset Step3: after rebooting copy startup to running. Change the password Step4: change the configuration registry back to default. R1 (config) # config-register 0x2102 Step5: save the configuration, and power cycle the router. 0x2102 – default registry value 0x2142 – bypass startup configuration Commands helpful in Troubleshooting R1 # show running-config R1 # show startup-config R1 # show version R1 # show flash

R1 (config) # do show run

Dumidu Darshika Senanayake Page 12 of 17

Cisco IOS Commands

Configuring Interfaces Creating VLAN :-

Remove a VLAN :-

S1 (config) # vlan [vlan no.] S1 (config) # vlan 99 S1 (config) # name [vlan name] S1 (config-vlan) # name Admin S1 (config-vlan) # exit Removing vlan database :-

S1 (config) # no vlan 99

S1 # delete flash:vlan.dat

S1 # show vlan S1 # show vlan brief Configure (management) VLAN :S1 (config) # interface vlan [management vlan no.] S1 (config) # interface vlan 99 S1 (config-if) # ip address [ip add.] [subnet mask] S1 (config-if) # ip address 172.17.99.11 255.255.255.0 S1 (config-if) # no shutdown S1 (config-if) # exit Switch default gateway :-

S1 (config) # ip default-gateway [default gateway ip add.] S1 (config) # ip default-gateway 172.17.99.1

S1 # show interface vlan [management vlan no.] S1 # show interface vlan 99 Assign an interface to VLAN :S1 (config) # interface [interface] S1 (config) # interface range f0/18-24

f0/6, f0/11, f0/18

Configure Access Port :-

S1 (config) # interface f0/18 S1 (config-if) # switchport mode access S1 (config-if) # switchport access vlan 10 S1 (config-if) # exit

Configure Trunk port :-

S1 (config) # interface f0/24 S1 (config-if) # switchport mode trunk S1 (config-if) # switchport trunk native vlan 99 S1 (config-if) # exit S1 (config-if) # switchport trunk allowed vlan 10, 20, 99 S1 (config-if) # switchport trunk allowed vlan all

S1 (config-if) # switchport mode dynamic auto S1 (config-if) # switchport mode dynamic desirable Dumidu Darshika Senanayake Page 13 of 17

Cisco IOS Commands

Voice VLAN :-

S1 (config-if) # mls qos trust cos S1 (config-if) # switchport voice vlan 150

Dynamic Trunking Protocol :trunk Dynamic auto/desirable

trunk access

Dynamic auto/desirable

access access

Dynamic auto

dynamic auto trunk

Dynamic desirable

dynamic desirable trunk

Dynamic desirable Remove a VLAN & port type:-

dynamic auto S1 (config-if) # no switchport mode access S1 (config-if) # no switchport access vlan S1 (config-if) # no switchport mode trunk S1 (config-if) # no switchport trunk vlan

S1 # show interface f0/14 switchport S1 # show interface trunk Configure VTP (VLAN Trunking Protocol) S1 (config) # vtp mode [server / client / transparent] S1 (config) # vtp domain [domain name] S1 (config) # vtp domain CCNA S1 (config) # vtp password [password] S1 (config) # vtp password cisco S1 (config) # vtp version [version 1 / 2] S1 (config) # vtp version 2 S1 (config) # vtp pruning S1 # show vtp status S1 # show vtp password S1 # show vtp counters

Dumidu Darshika Senanayake Page 14 of 17

Cisco IOS Commands

STP (Spanning Tree Protocol) activated by default

S1 # show spanning-tree S1 # show spanning-tree active S1 # show spanning-tree vlan 10 S1 # debug spanning-tree events S1 (config) # spanning-tree vlan [vlan no.] priority [priority] S1 (config) # spanning-tree vlan 10 priority 4096

(multiples of 4096) (default priority is 32769)

S1 (config) # spanning-tree vlan 10 root primary S1 (config) # spanning-tree vlan 20 root secondary S1 (config) # spanning-tree vlan [vlan no.] root primary diameter [value] S1 (config) # spanning-tree vlan 10 root primary diameter 5 S1 (config-if) # spanning-tree cost [cost] S1 (config-if) # spanning-tree cost 25

S1 (config-if) # no spanning-tree cost

S1 (config-if) # spanning-tree port-priority [priority] S1 (config-if) # spanning-tree port-priority 112 (0 – 240, increments of 16) S1 (config-if) # spanning-tree portfast (only for ports connected to a single host – edge ports) S1 (config-if) # no spanning-tree portfast Configure Rapid-PVST+ :-

S1 (config) # spanning-tree mode rapid-pvst S1 (config-if) # spanning-tree link-type point-to-point S1 # clear spanning-tree detected-protocols

Configure static MAC address :S1 (config) # mac-address-table static [MAC add.] vlan [no.] interface [interface] S1 (config) # mac-address-table static 0060.3edd.19a3 vlan 99 interface f0/24 S1 (config) # no mac-address-table static [MAC add.] vlan [no.] interface [interface] S1 # clear mac-address-table dynamic Dumidu Darshika Senanayake Page 15 of 17

Cisco IOS Commands

S1 # show mac-address-table Configure Static Port Security :S1 (config-if) # switchport port-security mac-address [MAC add.] interface [interface] S1 (config-if) # switchport port-security mac-address 000c.7259.0a63 interface f0/4 Configure Dymanic Port Security :S1 (config-if) # switchport port-security S1 (config-if) # switchport port-security maximum 1 S1 (config-if) # switchport port-security mac-address sticky S1 (config-if) # switchport port-security violation [protect / restrict / shutdown] S1 # show port-security S1 # show port-security interface f0/18 S1 # show port-security address DHCP Snooping :-

Password Recovery :-

S1 (config) # ip dhcp snooping S1 (config) # ip dhcp snooping vlan [no.] S1 (config) # ip dhcp snooping trust S1 (config) # ip dhcp snooping limit rate [no.]

flash_init load_helper dir flash: rename flash: config.text flash: config.old boot rename flash: config.old flash: config.text copy flash: config.text system: running-config

This example shows how to configure an EtherChannel on a single switch in the stack. It assigns two ports as static-access ports in VLAN 10 to channel 5 with the PAgP mode desirable : Switch# configure terminal Switch(config)# interface range gigabitethernet2/0/1 -2 Switch(config-if-range)# switchport mode access Switch(config-if-range)# switchport access vlan 10 Switch(config-if-range)# channel-group 5 mode desirable non-silent Switch(config-if-range)# end This example shows how to configure an EtherChannel on a single switch in the stack. It assigns two ports as static-access ports in VLAN 10 to channel 5 with the LACP mode active : Switch# configure terminal Switch(config)# interface range gigabitethernet2/0/1 -2 Switch(config-if-range)# switchport mode access Switch(config-if-range)# switchport access vlan 10 Dumidu Darshika Senanayake Page 16 of 17

Cisco IOS Commands

Switch(config-if-range)# channel-group 5 mode active Switch(config-if-range)# end

Dumidu Darshika Senanayake Page 17 of 17

View more...

Comments

Copyright ©2017 KUPDF Inc.
SUPPORT KUPDF