Shulou(Shulou.com)06/02 Report--

Basic configuration command for network equipment-CISCO

1 View the configuration information of the IP address

Ipconfig or Ipconfig / all to view the MAC address

2 ping command to test network connectivity

Ping 127.0.0.1

Perform a loop test

Verify that the TCP/IP configuration is correct

3 the working mode of the switch:

Switch > user mode

Switch > enable

Switch# privileged mode

Switch#configure terminal

Switch (config) # Global configuration mode

Switch (config) # interface fastEthernet 0amp 1

Switch (config-if) # interface mode

Exit returns to the previous mode

End retreated directly to privileged mode

Common commands:

Interface mode: shutdown disables this interface

Switch (config) # hostname S1 modify hostname to S1

Switch#show running-config to view configuration information

Switch#show version to view IOS version information

Configure enable plaintext password: global configuration mode: enable password 123

Configure enable password: global configuration mode: enable secret 456

Configure Console password: global mode: line console 0 password 789 Login

Save the configuration of the switch

Privileges: copy running-config startup-config or write

Restore the device factory default

Privileges: erase startup-config or reload

4 preparation for equipment configuration

The problem of returning to the original interface after being idle for a period of time

Switch (config) # line con 0

Switch (config-line) # exec-timeout 0 0

Console message interrupts the processing of input

Switch (config) # line con 0

Switch (config-line) # logging synchronous

Disable DNS query

Switch (config) # no ip domain-lookup

5 basic configuration of the switch

1. Common commands

1) View the MAC address table

Privilege: show mac-address-table

2) use CDP protocol

Used to view information about neighboring Cisco devices

Privilege: show cdp neighbors

3) working mode configuration of the interface

Specifies the duplex mode of the interface

API mode: duplex {full | half | auto}

Full (full duplex), Half (half duplex), Auto (autonegotiation)

Specify the communication rate of the interface

API mode: speed {10 | 1000 | auto}

View the duplex mode and communication rate of the Ethernet interface

Privilege: show interface fastethernet 0amp 24

4) IP address for configuration management

Console is not the only means of management, and sometimes it is necessary to manage devices remotely through the network.

IP address for configuration management: global configuration mode: interface vlan 1

Ip address 192.168.1.100 255.255.255.0 no shutdown

5) configure the switch default gateway

Global configuration mode:

Ip default-gateway 192.168.1.254

6 Network layer protocol

ARP protocol

Resolve a known IP address to an MAC address

ARP-an in Windows system: view the ARP cache table

Common parameters of the Ping command:

Ping-t has been ping

Ping-a can return the host name of the other party

Ping-l modifies ping packet size. Default is 32 bytes.

7 static route configuration

Global mode: ip route destination network ID subnet mask next hop IP

8 telnet remote management operation

Operate (start)-(run)-cmd on the host

IP (port number) of the telnet remote host

Remotely manage a switch or router

Configure switch Management IP: global: line vty 0 4

Password 123

Login

Global mode configures either plaintext or ciphertext passwords

Configure the client IP and telnet the switch management IP

The configuration of the remote management router is different in that the interface of the router is configured with the same IP.

9 there are two ways to create a VLAN

Global configuration mode to create vlan

Global: vlan2 creates a vlan2 Name name (name vlan2)

VLAN database configuration mode

Privilege: vlan database Vlan 2 name caiwu (create vlan2 and name it caiwu)

Delete vlan

Enter vlan database or global mode: no vlan 2

Join vlan via API

1) enter the interface where you will join the vlan and enter

2) add multiple interfaces to vlan at the same time

Global: interface range f0amp 1-10

Switchport access vlan2 will add 1-10 ports to vlan2 at the same time.

View vlan information

Privilege: show vlan brief

Configuration of 10 trunk

Interface mode: switchport mode trunk (directly configured as trunk)

Dynamic desirable (configured as dynamic expectation)

Dynamic auto (dynamic automatic)

Access (configured as an access link)

Remove a vlan on a trunk link

Enter the trunk interface: the switchport trunk allowed vlan remove 3 trunk link does not allow the transfer of vlan 3 data

Add a vlan to the trunk link

Enter the trunk interface: switchport trunk allowed vlan add 3

View interface mode

Privilege: show interface f0amp 5 switchport

11 configuration of Ethernet channels:

Global: interface range f0amp 6-8

Switchport mode trunk

Channel-group 1 mode on

View the configuration of the Ethernet channel:

Privilege: show etherchannel summary

12 configure DHCP service on the router

Global ip dhcp pool name (define address pool)

Network 192.168.1.0 255.255.255.0 (dynamic allocation of IP address fields)

Default-router 192.168.1.254 (dynamically assigned gateway address)

Dns-server 202.106.0.20 (dynamically assigned DNS server address) this command can be followed by multiple alternate DNS addresses.

Global: ip dhcp excluded-address 192.168.1.1 (reserved statically assigned IP addresses)

13 configuration of layer 3 switch

Enable routing on layer 3 switches Global: ip routing

Configure the IP address of the virtual interface global: interface vlan 2

Ip address 192.168.2.254 2 55.255.255.0

No shutdown

Configure Trunk on a layer 3 switch and specify that the interface is encapsulated as 802.1q

Interface mode: switchport trunk encapsulation dot1q

Switchport mode trunk

Configure the routing interface to enter the interface: no switchport

Configuration of 14 RIP v2

Global: router rip version 2 no auto-summary (turn off route summarization)

Network main network ID

Configuration of 15 HSRP

Configured as a member of HSRP

Enter the gateway interface of the router: standby 2 ip virtual gateway IP

Configure the priority of HSRP

Standby 2 priority priority (priority range 0-255,100 by default)

View HSRP summary information privileges: show standby brief

HSRP port tracking: standby 2 track f0lap 1

HSRP preemption: standby 2 preempt

Configuration commands for 16 PVST+

Enable spanning tree command

Global: spanning-tree vlan 2

Specify the root bridge

Change priority: global: spanning-tree vlan 1 priority priority value

Note: the value of priority is a multiple of 4096

View the configuration privileges of spanning tree: show spanning-tree vlan 1

Specify global directly: spanning-tree vlan 2 root primary/secondary

Configure Fast Port: interface Mode: spanning-tree portfast

View spanning tree details for a VLAN

Privilege: show spanning-tree vlan 2 detail

17 Standard access control list

(1) creation of standard access control list

Global: access-list 1 deny 192.168.1.1 0.0.0.0

Global: access-list 1 permit 192.168.1.0 0.0.0.255

Implied reject statement:

Access-list 1 deny 0.0.0.0 255.255.255.255

Apply ACL to interface: interface mode: ip access-group list number in or out

Note: access-list 1 deny 192.168.1.1 0.0.0.0 or write as

Access-list 1 deny host 192.168.1.1

Access-list 1 deny 0.0.0.0 255.255.255.255

Or written as access-list 1 deny any

Delete established access control list: global: no access-list list number

Cancel ACL on interface: interface mode: no ip access-group list number in or out

View access control list: privilege: show access-lists

Eq equal to, lt less than, gt greater, neq not equal

(2) extended access control list case:

Example 1: global: access-list 101permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255 (allow 192.168.1.0 network access to all services of 192.168.2.0 network)

Global: access-list 101deny ip any any (reject all)

Example 2: global: access-list 101deny tcp 192.168.1.0 0.0.255 host 192.168.2.2 eq 21 (deny 192.168.1.0 network segment access to port 21 of 192.168.2.2 TCP)

Global: access-list 101permit ip any any (allows access to all)

Example 3 Global: access-list 101 deny icmp 192.168.1.0 0.0.255 host 192.168.2.2 echo (reject 192.168.1.0 ping 192.168.2.2)

Delete extended ACL Global: no access-list list number

(3) configuration of standard named ACL: global: ip access-list standard name

Permit host 192.168.1.1

Deny any

Named ACL applied to interface: interface mode: ip access-group name in or out

(4) configuration of extended named ACL: global: ip access-list extended name

Deny tcp 192.168.1.0 0.0.255 host 192.168.2.2 eq 80 denies the network segment 1.0 access to the web service of 2.2.

Permit ip any any

18 static NAT configuration:

Configure interface IP and routing: global: Ip nat inside source static 192.168.1.1 61.159.62.131

Enable NAT on internal and external interfaces: enter egress configuration: ip nat outside

Enter the portal configuration: ip nat inside

Port mapping: ip nat inside source static tcp 192.168.1.61.159.62.133 80

Dynamic NAT configuration: global: access-list 1 permit 192.168.1.0 0.0.0.255

Global: ip nat pool nsd 61.159.62.131 61.159.62.132 netmask 255.255.255.248 (define address pool name nsd, address pool IP range 61.159.62.131 to 61.159.62.132)

Global: ip nat inside source list 1 pool nsd

Show ip nat translations

Port Multiplexing (PAT)

Configuration of PAT: global: ip nat inside source list 1 interface f0 overload 1 overload

View NAT translation entries: privileges: show ip nat translations displays the current translation clears NAT translation entries: privileges: clear ip nat translation * clears all entries in the NAT translation entry

Show packets for each translation: privilege: debug ip nat

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.