Categories Top Downloads
Login Register Upload

Ccna Ios Commands

March 31, 2018 | Author: Dumidu Darshika Senanayake | Category: Ip Address, Networks, Internet Protocols, Wide Area Network, Routing
Share Embed Donate
Report this link


Short Description

Cisco IOS commands needed for the CCNA exam...

Description

Cisco IOS Commands

Accessing the Router User EXEC mode :-

Router >

Privilege EXEC mode :-

Router > enable Router #

Disabling Privilege EXEC mode :-

Router # disable Router >

Global Configuration mode :-

Router # configure terminal Router (config) #

Exit from Global config mode :-

Router (config) # exit Router # Basic Configuration

Change Hostname :-

Router (config) # hostname [hostname] Router (config) # hostname R1 R1 (config) #

Disable Hostname :-

R1 (config) # no hostname Router (config) #

Insert a Banner :-

R1 (config) # banner motd #[banner]# R1 (config) # banner motd #Authorized Personal Only#

Removing a Banner :-

R1 (config) # no banner motd

R1 (config) # no ip domain-lookup R1 (config) # line console 0 / vty 0 4 R1 (config-line) # logging synchronous R1 (config-line) # exit History :-

R1 # terminal history R1 # terminal history size 50

R1 # terminal no history R1 # terminal no history size

R1 # show history Changing History Size :-

Configure Clock :-

S1 (config) # line console 0 / vty 0 4 S1 (config-line) # history size [no.] S1 (config-line) # history size 35 S1 (config-line) # exit

S1 # clock set hh:mm:ss day(1-31) month year S1 # clock set 12:12:12 1 jan 2010

CDP (Cisco Discovery Protocol) R1 # show cdp neighbors R1 # show cdp neighbors detail Dumidu Darshika Senanayake Page 1 of 17

Cisco IOS Commands

Disable: R1 (config) # no cdp run

Enable: R1 (config) # cdp run Router Security

Router access password :R1 (config) # line console 0 / vty 0 4 R1 (config-line) # password [password] R1 (config-line) # password cisco R1 (config-line) # login R1 (config-line) # exit Configure SSH :-

Remove password :-

R1 (config-line) # no password

S1 (config) # username [name] password [password] S1 (config) # username ccna password cisco S1 (config) # ip domain-name [domain name] S1 (config) # ip domain-name mydomain.com S1 (config) # crypto key generate rsa S1 (config) # line vty 0 4 S1 (config-line) # transport input [ssh, telnet, all] S1 (config-line) # transport input ssh S1 (config-line) # login local S1 (config-line) # exit S1 (config) # ip ssh version 2 (optional) S1 (config) # ip ssh time-out 60 S1 (config) # ip ssh authentication-retries 3

Encrypting Passwords :-

R1 (config) # service password-encryption

Privilege EXEC mode password :-

R1 (config) # enable password [password] (no encryption) R1 (config) # enable password cisco R1 (config) # enable secret [password] (heavy encryption) R1 (config) # enable secret cisco

Removing enable password :-

R1 (config) # no enable password R1 (config) # no enable secret

Pre configuration for Cisco SDM S1 (config-line) # privilege level 15 Configure HTTP Server :S1 (config) # ip http authentication enable S1 (config) # ip http server S1 (config) # ip http secure-server ACL (Access Control List) Wildcard mask: 0 bit - check 1 bit - ignore A single host: 192.168.10.5 0.0.0.0 / host 192.16.10.5 Standard ACL: [1-99] [1300-1999] implemented close to the destination of the traffic Dumidu Darshika Senanayake Page 2 of 17

Cisco IOS Commands

R1 (config) # access-list [ACL no.] [permit / deny] [source ip add.] [wildcard mask] R1 (config) # access-list 10 deny 192.168.10.0 0.0.0.255 Extended ACL: [100-199] [2000-2699] implemented close to source of the traffic R1 (config) # access-list [ACL no.] [permit / deny] [protocol] [source network add. wildcard mask] [destination network add. wildcard mask] eq [service] R1 (config) # access-list 110 deny tcp 192.168.10.0 0.0.0.255 any eq telnet Activating an ACL:

R1 (config-if) # ip access-group [no.] [in / out] R1 (config-if) # ip access-group 10 out R1 (config) # line vty 0 4 R1 (config-line) # ip access-group 10 in

Named ACL:

R1 (config) # ip access-list standard [name] R1 (config) # ip access-list standard NO_ACCESS R1 (config-std-nacl) # [permit / deny] [source ip add.] [wildcard mask] R1 (config-std-nacl) # deny 192.168.10.0 0.0.0.255 R1 (config-std-nacl) # exit

R1 (config) # ip access-list extended [name] R1 (config) # ip access-list extended SURFING R1 (config-exd-nacl) # [permit / deny] [protocol] [source network add. wildcard mask] [destination network add. wildcard mask] eq [service] R1 (config-exd-nacl) # permit tcp 192.168.10.0 0.0.0.255 any eq telnet R1 (config-exd-nacl) # exit Activating a named ACL:

R1 (config-if) # ip access-group [name] [in / out] R1 (config-if) # ip access-group NO_ACCESS in

R1 # show access-lists Configuring Interfaces Configure Ethernet Ports :R1 (config) # interface [interface] R1 (config) # interface f0/0 R1 (config-if) # ip address [ip add.] [subnet mask] R1 (config-if) # ip address 192.168.1.1 255.255.255.0 R1 (config-if) # description [description] R1 (config-if) # description –Link to PC1— R1 (config-if) # no shutdown R1 (config-if) # exit Configuring Sub Interface :- (inter VLAN routing) R1 (config) # interface f0/0.[vlan no.] R1 (config) # interface f0/0.99 R1 (config-subif) # encapsulation dot1Q [vlan no.] native R1 (config-subif) # encapsulation dot1Q 99 native Dumidu Darshika Senanayake Page 3 of 17

Cisco IOS Commands

R1 (config-subif) # ip address 172.17.99.1 255.255.255.0 R1 (config-subif) # exit R1 (config) # interface f0/0.10 R1 (config-subif) # encapsulation dot1Q 10 R1 (config-subif) # ip address 172.17.10.1 255.255.255.0 R1 (config-subif) # exit  Only type “no shutdown” on main interface Configure Serial Ports :R1 (config) # interface s0/0/0 R1 (config-if) # ip address 192.168.2.1 255.255.255.0 R1 (config-if) # clock rate [clock rate] (only for DCE) R1 (config-if) # clock rate 64000 R1 (config-if) # description –Link to R2— R1 (config-if) # no shutdown R1 (config-if) # exit Configuring a loopback interface :R1 (config) # interface loopback 0 R1 (config-if) # ip address 172.16.10.1 255.255.255.0 R1 (config-if) # description –Loopback interface 1— R1 (config-if) # no shutdown R1 (config-if) # exit Modify a link Bandwidth

R1 (config-if) # bandwidth [Kilobits] R1 (config-if) # bandwidth 1544

Mode

S1 (config-if) # duplex [auto / full / half]

Speed

S1 (config-if) # speed [no.] S1 (config-if) # speed 100

R1 (config-if) # no bandwidth

Removing ip address & disabling the port R1 (config) # interface f0/0 R1 (config-if) # no ip address R1 (config-if) # shutdown R1 # show ip interface brief R1 # show interface s0/0/0 R1 # show controllers Configure Routing Protocols Static Route :AD = 1 R1 (config) # ip route [network add.] [subnet mask] [next hop IP add. / exit interface] Dumidu Darshika Senanayake Page 4 of 17

Cisco IOS Commands

R1 (config) # ip route 192.168.3.0 255.255.255.0 192.168.2.2 (next hop IP add.) R1 (config) # ip route 192.168.3.0 255.255.255.0 s0/0/0 (exit interface) Removing a Static Route :-

R1 (config) # no ip route 192.168.3.0 255.255.255.0 s0/0/0

Dynamic Routing Protocols : Use the adjacent network’s network address  [1 / 0] = [Administrative distance / Metric] RIP v1 (Routing Information Protocol)

broadcast

AD = 120

R1 (config) # router rip R1 (config-router) # network [network add. of adjacent networks] R1 (config-router) # network 192.168.2.0 R1 (config-router) # network 192.168.1.0 R1 (config-router) # exit RIP v2

R1 (config) # router rip R1 (config-router) # version 2 R1 (config-router) # no auto-summary R1 (config-router) # network 192.168.2.0 R1 (config-router) # network 192.168.1.0 R1 (config-router) # exit R1 # debug ip rip

multicast: 224.0.0.9

undebug all

EIGRP (Enhanced Interior Gateway Routing Protocol)

AD = 90 multicast: 224.0.0.10 [Autonomous System no. 1 – 65535]

R1 (config) # router eigrp [as no.] R1 (config) # router eigrp 1 R1 (config-router) # network 192.168.2.0 R1 (config-router) # network [network add.] [wildcard mask] (specific range) R1 (config-router) # network 192.168.1.0 0.0.0.3 R1 (config-router) # exit

R1 (config-if) # ip summary-address eigrp [as no.] [network add.] [subnet mask] R1 (config-if) # ip summary-address eigrp 1 192.168.0.0 255.255.252.0 R1 (config-if) # ip bandwidth-percent eigrp [as no.] [percent] R1 (config-if) # ip bandwidth-percent eigrp 1 50 R1 (config-if) # ip hello-interval eigrp [as no.] [seconds] R1 (config-if) # ip hold-time eigrp [as no.] [seconds] R1 # show ip eigrp neighbors R1 # show ip eigrp topology OSPF (Open Shortest Path First)

multicast: 224.0.0.5

AD = 110

 Make sure to configure the loopback interfaces for network stability Dumidu Darshika Senanayake Page 5 of 17

Cisco IOS Commands

R1 (config) # router ospf [process ID] [Process ID 1 – 65535] R1 (config) # router ospf 1 R1 (config-router) # network [network add.] [wildcard mask]area [area ID] R1 (config-router) # network 192.168.1.0 0.0.0.3 area 0 R1 (config-router) # exit Modifying router ID :-

R1 (config-router) # router-id [ip add.] R1 (config-router) # router-id 192.168.1.1

Modifying OSPF cost of a link :-

R1 (config-if) # ip ospf cost [cost] R1 (config-if) # ip ospf cost 1562

Interface priority :-

R1 (config-if) # ip ospf priority [1-255] R1 (config-if) # ip ospf priority 1

Changing reference bandwidth value :R1 (config-router) # auto-cost reference-bandwidth 10000 Modifying OSPF timers :-

R1 (config-if) # ip ospf hello-interval [seconds] R1 (config-if) # ip ospf dead-interval [seconds] (hello x 4)

Simple Authentication :enables authentication for all the interfaces in area 0

R1 (config-router) # area 0 authentication R1 (config-if) # ip ospf authentication-key [password] R1 (config-if) # ip ospf authentication-key cisco123 enables authentication for specific interface

R1 (config-if) # ip ospf authentication R1 (config-if) # ip ospf authentication-key [password] R1 (config-if) # ip ospf authentication-key cisco123 md5 (message-digest) Authentication :enables md5 authentication for all the interfaces in area 0 R1 (config-router) # area 0 authentication message-digest R1 (config-if) # ip ospf message-digest-key 1 md5 [password] R1 (config-if) # ip ospf message-digest-key 1 md5 cisco123 enables md5 authentication for specific interface

R1 (config-if) # ip ospf authentication message-digest R1 (config-if) # ip ospf message-digest-key 1 md5 [password] R1 (config-if) # ip ospf message-digest-key 1 md5 cisco123 R1 # show ip ospf R1 # show ip ospf interface R1 # show ip ospf neighbor R1 # clear ip ospf process Configuring Passive interface :-

R1 (config-router) # passive-interface [interface] R1 (config-router) # passive-interface f0/0

Dumidu Darshika Senanayake Page 6 of 17

Cisco IOS Commands

Distributing (Default) Static route through RIP, EIGRP, OSPF 01).

R1 (config) # ip route 0.0.0.0 0.0.0.0 209.165.200.225 (next hop ip) R1 (config-router) # default-information originate

02).

R1 (config) # ip route 192.168.0.0 255.255.0.0 s0/0/1 R1 (config-router) # redistribute static R1 # show ip route R1 # show ip protocol R1 # debug ip routing

WAN Configuration  WAN configuration only performed on serial interfaces. HDLC (High-level Data Link Control) R1 (config-if) # encapsulation hdlc PPP (Point to Point Protocol) R1 (config-if) # encapsulation ppp Compression: Link quality: Load balancing:

R1 (config-if) # compress [predictor / stac] R1 (config-if) # ppp quality [percentage] R1 (config-if) # ppp multilink

Authentication:R1 (config) # username [remote-host] password [remote-password] R1 (config) # username R2 password cisco123 Configuring PAP (PPP Authentication Protocol) R1 (config-if) # ppp authentication pap R1 (config-if) # ppp pap sent-username [local-host] password [local-host-password] R1 (config-if) # ppp pap sent-username R1 password cisco123 Configuring CHAP (Challenge Handshake Authentication Protocol) R1 (config-if) # ppp authentication chap Troubleshooting PPP

Debug ppp authentication Debug ppp chap Debug ppp error Debug ppp negotiation Debug ppp packet

Frame Relay

Dumidu Darshika Senanayake Page 7 of 17

Cisco IOS Commands

Basic Frame Relay configuration R1 (config-if) # encapsulation frame-relay [cisco / ietf]

ietf for non-Cisco products

Static Frame Relay Mapping R1 (config-if) # frame-relay map [protocol] [ip add. of neighbor] [dlci] broadcast R1 (config-if) # frame-relay map ip 192.168.10.20 120 broadcast R1 (config-if) # frame-relay map ip 192.168.10.30 130 broadcast LMI (Local Management Interface) is default autosense R1 (config-if) # frame-relay lmi-type [cisco / ansi / q933a] Configuring Frame-Relay sub-interfaces R1 (config) # interface s0/0/0 R1 (config-if) # encapsulation frame-relay R1 (config-if) # no shutdown R1 (config-if) # exit R1 (config) # interface [serial int.].[dlci] [point-to-point / multipoint] R1 (config) # interface s0/0/0.120 point-to-point R1 (config-subif) # ip address 192.168.10.1 255.255.255.0 R1 (config-subif) # frame-relay interface-dlci [dlci] R1 (config-subif) # frame-relay interface-dlci 120 R1 (config-subif) # exit R1 (config) # interface s0/0/0.130 point-to-point R1 (config-subif) # ip address 192.168.20.1 255.255.255.0 R1 (config-subif) # frame-relay interface-dlci 130 R1 (config-subif) # exit  Configure on main router. Only type “no shutdown” on main interface. Branch routers encapsulation frame-relay frame-relay lmi-type [cisco / ansi / q933a] Configuring Frame-Relay switch FR-Switch (config) # frame-relay switching FR-Switch (config-if) # encapsulation frame-relay Dumidu Darshika Senanayake Page 8 of 17

Cisco IOS Commands

FR-Switch (config-if) # frame-relay intf-type dce FR-Switch (config-if) # frame-relay route 102 interface serial 0/0/1 201 no frame-relay inverse-arp no ip split-horizon R1 # show frame-relay map R1 # show frame-relay pvc / show frame-relay pvc [dlci] R1 # show frame-relay lmi R1 #debug frame-relay lmi DHCP (Dynamic Host Configuration Protocol) Step1: Exclude an address range R1 (config) # ip dhcp excluded-address [low add.] [high add.] R1 (config) # ip dhcp excluded-address 192.168.1.1 192.168.1.9 Step2: Create DHCP pool R1 (config) # ip dhcp pool [pool name] R1 (config) # ip dhcp pool SALES R1 (config-dhcp) # Step3: define the pool address R1 (config-dhcp) # network [network add. mask / prefix] R1 (config-dhcp) # network 192.168.1.0 255.255.255.0 R1 (config-dhcp) # default-router [ip add.] R1 (config-dhcp) # default-router 192.168.1.1 R1 (config-dhcp) # dns-server [ip add.] R1 (config-dhcp) # dns-server 192.168.20.254 R1 (config-dhcp) # netbios-name-server [ip add.] R1 (config-dhcp) # netbios-name-server 192.168.20.254 R1 (config-dhcp) # domain-name [name] R1 (config-dhcp) # domain-name mydomain.com R1 (config-dhcp) # lease {days hours minutes / infinite} R1 (config-dhcp) # lease 7 DHCP Relay

R1 (config) # interface f0/0 R1 (config-if) # ip helper-address [dhcp server ip add.] R1 (config-if) # ip helper-address 192.168.10.5 Dumidu Darshika Senanayake Page 9 of 17

Cisco IOS Commands

R1 (config) # ip forward-protocol udp [port no.] R1 (config) # ip forward-protocol udp 161 R1 # show ip dhcp binding R1 # show ip dhcp server statistics R1 # show ip dhcp pool R1 # show ip address conflicts R1 # debug ip dhcp events R1 # debug ip dhcp server R1 # debug ip dhcp packet detail NAT (Network Address Translation)

ISP static route

ISP (config) # ip route 209.165.200.0 255.255.255.0 209.165.100.225

Static NAT (Public address given by ISP 209.165.200.254) Step1: specify static translation between an inside local and inside global address R1 (config) # ip nat inside source static [local ip] [global ip] R1 (config) # ip nat inside source static 192.168.20.10 209.165.200.254 Step2: mark the router interface as an inside or outside interface R1 (config-if) # ip nat [inside / outside] R1 (config) # interface f0/0 R1 (config-if) # ip nat inside

R1 (config) # interface s0/0/0 R1 (config-if) # ip nat outside

Dynamic NAT (Public address range from ISP 209.165.200.11 – 209.165.200.20 /24) Step1: define a named address pool of outside addresses R1 (config) # ip nat pool [name] [ip range] netmask [mask] R1 (config) # ip nat pool NAT1 209.165.200.11 209.165.200.20 netmask 255.255.255.0 Step2: define an access list to specify those inside address R1 (config) # access-list 1 permit 192.168.10.0 0.0.0.255 Dumidu Darshika Senanayake Page 10 of 17

Cisco IOS Commands

Step3 *: Specify dynamic translation R1 (config) # ip nat inside source list [ACL no.] pool [name] R1 (config) # ip nat inside source list 1 pool NAT1 Step4: R1 (config-if) # ip nat [inside / outside] PAT (Port Address Translation) Single public address Step1: R1 (config) # access-list 1 permit 192.168.10.0 0.0.0.255 Step2 *: R1 (config) # ip nat inside source list 1 interface s0/0/0 overload Step3: R1 (config-if) # ip nat [inside / outside] Multiple public address Step1: R1 (config) # access-list 1 permit 192.168.10.0 0.0.0.255 Step2: R1 (config) # ip nat pool NAT1 209.165.200.11 209.165.200.20 Step3 *: R1 (config) # ip nat inside source list 1 pool NAT1 overload Step4: R1 (config-if) # ip nat [inside / outside] R1 # show ip nat translation R1 # show ip nat translation verbose R1 # show ip nat statistics R1 # debug ip nat R1 # clear ip nat translation IPv6 2002:c0a8:0101:0000:0000:0000:0000:0042  2002:c0a8:101::42 Classful / Classless Routing Behavior R1 (config) # ip classless Saving Configuration :-

R1 (config) # no ip classless

R1 # copy running-config startup-config

Backup Startup-config to flash :-

R1 # copy startup-config flash:config.bak1

R1 # copy system:running-config tftp://172.16.2.155/tokyo-config R1 # copy startup-config tftp [tftp server ip add.] Restore Configuration :-

R1 # copy flash:config.bak1 startup-config R1 # reload

Reset Router Configuration :-

R1 # erase startup-config [confirm] R1 # reload

Boot from another image :Step1: configure a tftp server Dumidu Darshika Senanayake Page 11 of 17

Cisco IOS Commands

Step2: R1 # copy tftp flash [ip add. of tftp server] 192.168.20.254 [new IOS image name] c1841-ipbasek9-mz.124-12.bin Step3: R1 (config) # boot system flash: c1841-ipbasek9-mz.124-12.bin Step4: save configuration R1 # copy run start Step5: restart the router c2960-lanbase-mz.122-25.SEE1.bin c1841-ipbase-mz.123-14.T7.bin c1841-ipbasek9-mz.124-12.bin Platform: Cisco 2960 Cisco 1841 Cisco 1841 Feature set: lan base ip base ip base k9 File format: m (runs in RAM) z (compressed) Version: 12.2 (25) SEE1 12.3 (14) T7 12.4 (12) File extinction: binary executable Recovering a lost password :Step1: power cycle the router, and press [Ctrl]+[Break] key while booting. This will bring the router to ROMmon mode. Step2: rommon 1 > confreg 0x2142 rommon 2 > reset Step3: after rebooting copy startup to running. Change the password Step4: change the configuration registry back to default. R1 (config) # config-register 0x2102 Step5: save the configuration, and power cycle the router. 0x2102 – default registry value 0x2142 – bypass startup configuration Commands helpful in Troubleshooting R1 # show running-config R1 # show startup-config R1 # show version R1 # show flash

R1 (config) # do show run

Dumidu Darshika Senanayake Page 12 of 17

Cisco IOS Commands

Configuring Interfaces Creating VLAN :-

Remove a VLAN :-

S1 (config) # vlan [vlan no.] S1 (config) # vlan 99 S1 (config) # name [vlan name] S1 (config-vlan) # name Admin S1 (config-vlan) # exit Removing vlan database :-

S1 (config) # no vlan 99

S1 # delete flash:vlan.dat

S1 # show vlan S1 # show vlan brief Configure (management) VLAN :S1 (config) # interface vlan [management vlan no.] S1 (config) # interface vlan 99 S1 (config-if) # ip address [ip add.] [subnet mask] S1 (config-if) # ip address 172.17.99.11 255.255.255.0 S1 (config-if) # no shutdown S1 (config-if) # exit Switch default gateway :-

S1 (config) # ip default-gateway [default gateway ip add.] S1 (config) # ip default-gateway 172.17.99.1

S1 # show interface vlan [management vlan no.] S1 # show interface vlan 99 Assign an interface to VLAN :S1 (config) # interface [interface] S1 (config) # interface range f0/18-24

f0/6, f0/11, f0/18

Configure Access Port :-

S1 (config) # interface f0/18 S1 (config-if) # switchport mode access S1 (config-if) # switchport access vlan 10 S1 (config-if) # exit

Configure Trunk port :-

S1 (config) # interface f0/24 S1 (config-if) # switchport mode trunk S1 (config-if) # switchport trunk native vlan 99 S1 (config-if) # exit S1 (config-if) # switchport trunk allowed vlan 10, 20, 99 S1 (config-if) # switchport trunk allowed vlan all

S1 (config-if) # switchport mode dynamic auto S1 (config-if) # switchport mode dynamic desirable Dumidu Darshika Senanayake Page 13 of 17

Cisco IOS Commands

Voice VLAN :-

S1 (config-if) # mls qos trust cos S1 (config-if) # switchport voice vlan 150

Dynamic Trunking Protocol :trunk Dynamic auto/desirable

trunk access

Dynamic auto/desirable

access access

Dynamic auto

dynamic auto trunk

Dynamic desirable

dynamic desirable trunk

Dynamic desirable Remove a VLAN & port type:-

dynamic auto S1 (config-if) # no switchport mode access S1 (config-if) # no switchport access vlan S1 (config-if) # no switchport mode trunk S1 (config-if) # no switchport trunk vlan

S1 # show interface f0/14 switchport S1 # show interface trunk Configure VTP (VLAN Trunking Protocol) S1 (config) # vtp mode [server / client / transparent] S1 (config) # vtp domain [domain name] S1 (config) # vtp domain CCNA S1 (config) # vtp password [password] S1 (config) # vtp password cisco S1 (config) # vtp version [version 1 / 2] S1 (config) # vtp version 2 S1 (config) # vtp pruning S1 # show vtp status S1 # show vtp password S1 # show vtp counters

Dumidu Darshika Senanayake Page 14 of 17

Cisco IOS Commands

STP (Spanning Tree Protocol) activated by default

S1 # show spanning-tree S1 # show spanning-tree active S1 # show spanning-tree vlan 10 S1 # debug spanning-tree events S1 (config) # spanning-tree vlan [vlan no.] priority [priority] S1 (config) # spanning-tree vlan 10 priority 4096

(multiples of 4096) (default priority is 32769)

S1 (config) # spanning-tree vlan 10 root primary S1 (config) # spanning-tree vlan 20 root secondary S1 (config) # spanning-tree vlan [vlan no.] root primary diameter [value] S1 (config) # spanning-tree vlan 10 root primary diameter 5 S1 (config-if) # spanning-tree cost [cost] S1 (config-if) # spanning-tree cost 25

S1 (config-if) # no spanning-tree cost

S1 (config-if) # spanning-tree port-priority [priority] S1 (config-if) # spanning-tree port-priority 112 (0 – 240, increments of 16) S1 (config-if) # spanning-tree portfast (only for ports connected to a single host – edge ports) S1 (config-if) # no spanning-tree portfast Configure Rapid-PVST+ :-

S1 (config) # spanning-tree mode rapid-pvst S1 (config-if) # spanning-tree link-type point-to-point S1 # clear spanning-tree detected-protocols

Configure static MAC address :S1 (config) # mac-address-table static [MAC add.] vlan [no.] interface [interface] S1 (config) # mac-address-table static 0060.3edd.19a3 vlan 99 interface f0/24 S1 (config) # no mac-address-table static [MAC add.] vlan [no.] interface [interface] S1 # clear mac-address-table dynamic Dumidu Darshika Senanayake Page 15 of 17

Cisco IOS Commands

S1 # show mac-address-table Configure Static Port Security :S1 (config-if) # switchport port-security mac-address [MAC add.] interface [interface] S1 (config-if) # switchport port-security mac-address 000c.7259.0a63 interface f0/4 Configure Dymanic Port Security :S1 (config-if) # switchport port-security S1 (config-if) # switchport port-security maximum 1 S1 (config-if) # switchport port-security mac-address sticky S1 (config-if) # switchport port-security violation [protect / restrict / shutdown] S1 # show port-security S1 # show port-security interface f0/18 S1 # show port-security address DHCP Snooping :-

Password Recovery :-

S1 (config) # ip dhcp snooping S1 (config) # ip dhcp snooping vlan [no.] S1 (config) # ip dhcp snooping trust S1 (config) # ip dhcp snooping limit rate [no.]

flash_init load_helper dir flash: rename flash: config.text flash: config.old boot rename flash: config.old flash: config.text copy flash: config.text system: running-config

This example shows how to configure an EtherChannel on a single switch in the stack. It assigns two ports as static-access ports in VLAN 10 to channel 5 with the PAgP mode desirable : Switch# configure terminal Switch(config)# interface range gigabitethernet2/0/1 -2 Switch(config-if-range)# switchport mode access Switch(config-if-range)# switchport access vlan 10 Switch(config-if-range)# channel-group 5 mode desirable non-silent Switch(config-if-range)# end This example shows how to configure an EtherChannel on a single switch in the stack. It assigns two ports as static-access ports in VLAN 10 to channel 5 with the LACP mode active : Switch# configure terminal Switch(config)# interface range gigabitethernet2/0/1 -2 Switch(config-if-range)# switchport mode access Switch(config-if-range)# switchport access vlan 10 Dumidu Darshika Senanayake Page 16 of 17

Cisco IOS Commands

Switch(config-if-range)# channel-group 5 mode active Switch(config-if-range)# end

Dumidu Darshika Senanayake Page 17 of 17

View more...

Comments

Copyright ©2017 KUPDF Inc.
SUPPORT KUPDF