1. Commands supported by the switch:
Switch Basic Status:
Switch:; Rom status, router is rommon>
hostname>; user mode
hostname#; privileged mode
Hostname (config) #; global configuration mode
Hostname (CONFIG-IF) #; interface State
Switch Password settings:
switch>enable; Enter privileged mode
Switch#config terminal; Go to global configuration mode
Switch (config) #hostname, set the hostname of the switch
Switch (config) #enable secret xxx; set privileged encryption password
Switch (config) #enable password xxa; set privileged non-secret password
Switch (config) #line console 0, enter the console port
Switch (config-line) #line vty 0 4; Enter virtual terminal
Switch (config-line) #login; Allow Login
Switch (config-line) #password xx; set Login password xx
switch#exit; return command
Switch VLAN settings:
Switch#vlan database; Enter VLAN settings
Switch (VLAN) #vlan 2; Building VLAN 2
Switch (VLAN) #no VLAN 2; Delete VLAN 2
Switch (config) #int f0/1; Enter Port 1
Switch (config-if) #switchport access VLAN 2; When the front port joins VLAN 2
Switch (config-if) #switchport mode trunk, set to trunk
Switch (config-if) #switchport trunk allowed VLAN, set allowed VLANs
Switch (config-if) #switchport trunk encap dot1q; set VLAN trunking
Switch (config) #vtp domain; Set the VTP domain name
Switch (config) #vtp password; set the VTP password
Switch (config) #vtp mode server, setting the VTP pattern
Switch (config) #vtp mode client, setting the VTP pattern
Switch set IP address:
Switch (config) #interface vlan 1; go to VLAN 1
Switch (config-if) #ip address; Set IP addresses
Switch (config) #ip default-gateway; Set default gateway
Switch#dir flash:; View Flash
The switch displays the command:
Switch#write; Saving configuration information
Switch#show VTP; View VTP configuration information
Switch#show run; View current configuration information
Switch#show VLAN; View VLAN configuration information
Switch#show interface; viewing port information
switch#show int f0/0; View specified port information
2. Commands supported by the router:
Router Display command:
Router#show run; Display configuration information
Router#show interface; Display interface information
Router#show IP route, displaying routing information
Router#show CDP nei; show neighbor information
Router#reload; Start again!
Router Password settings:
router>enable; Enter privileged mode
Router#config terminal; Go to global configuration mode
Router (config) #hostname; set the hostname of the switch
Router (config) #enable secret xxx; set privileged encryption password
Router (config) #enable password xxb; set privileged non-secret password
Router (config) #line console 0; Enter the console port
Router (config-line) #line vty 0 4; Enter virtual terminal
Router (config-line) #login; Require password verification
Router (config-line) #password xx; set Login password xx
Router (config) # (ctrl + Z); Return to privileged mode
router#exit; return command
Router configuration:
Router (config) #int s0/0; Enter Serail interface
Router (config-if) #no shutdown; activating the current interface
Router (config-if) #clock rate 64000; set Sync clock
Router (config-if) #ip address; Set IP addresses
Router (config-if) #ip address second; set a second IP
Router (config-if) #int f0/0.1; Enter sub-interface
Router (CONFIG-SUBIF.1) #ip address; Set sub-interface IP
Router (CONFIG-SUBIF.1) #encapsulation dot1q; bound VLAN trunking protocol
Router (config) #config-register 0x2142; skip config file
Router (config) #config-register 0x2102; normal usage profile
Router#reload; re-boot
Router file operations:
Router#copy running-config startup-config; Save configuration
Router#copy running-config tftp; save configuration to TFTP
Router#copy startup-config tftp, boot configuration to TFTP
Router#copy tftp flash: Upload files to Flash
router#copy tftp startup-config; Download config file
Rom Status:
Ctrl+break; Enter ROM monitor status
Rommon>confreg 0x2142; skip config file
Rommon>confreg 0x2102; Restoring a configuration file
Rommon>reset; re-boot
Rommon>copy Xmodem:flash:; Transferring files from the console
rommon>ip_address=10.65.1.2; set Router IP
rommon>ip_subnet_mask=255.255.0.0; Set the router mask
rommon>tftp_server=10.65.1.1; Specify the TFTP server IP
Rommon>tftp_file=c2600.bin; Specify the downloaded file
rommon>tftpdnld; Download from tftp
Rommon>dir flash:; View Flash content
rommon>boot; boot iOS
Static routes:
IP route; command format
Router (config) #ip route 2.0.0.0 255.0.0.0 1.1.1.2; Static Route example
Router (config) #ip Route 0.0.0.0 0.0.0.0 1.1.1.2, default route example
Dynamic routing:
Router (config) #ip routing; Initiate route forwarding
Router (config) #router rip; start RIP routing protocol.
Router (config-router) #network; set up publishing routes
Router (config-router) #negihbor; point-to-point frame relay.
Frame Relay Command:
Router (config) #frame-relay switching; enable Frame Relay switching
Router (config-s0) #encapsulation frame-relay; enable Frame Relay
Router (config-s0) #fram-relay lmi-type Cisco; setting Management type
Router (config-s0) #frame-relay intf-type DCE, set to DCE
Router (config-s0) #frame-relay DLCI 16;
Router (config-s0) #frame-relay LOCAL-DLCI 20; Set Virtual circuit number
Router (config-s0) #frame-relay Interface-dlci 16;
Router (config) #log-adjacency-changes; log adjacency changes
Router (config) #int s0/0.1 Point-to-Point; Set sub-interface point-to-point
Router#show frame PVC; Show permanent virtual circuit
Router#show frame map; Display map
Basic Access Control List:
Router (config) #access-list permit|deny
Router (config) #interface;d efault:deny any
Router (config-if) #ip access-group in|out;d efaultut
Example 1:
Router (config) #access-list 4 Permit 10.8.1.1
Router (config) #access-list 4 deny 10.8.1.0 0.0.0.255
Router (config) #access-list 4 Permit 10.8.0.0 0.0.255.255
Router (config) #access-list 4 deny 10.0.0.0 0.255.255.255
Router (config) #access-list 4 Permit any
Router (config) #int f0/0
Router (config-if) #ip Access-group 4 in
To extend the Access control list:
Access-list permit|deny ICMP [type]
Access-list permit|deny TCP [port]
Example 3:
Router (config) #access-list 101 deny ICMP any 10.64.0.2 0.0.0.0 Echo
Router (config) #access-list 101 Permit IP any
Router (config) #int s0/0
Router (config-if) #ip Access-group 101 in
Example 3:
Router (config) #access-list 102 deny TCP any 10.65.0.2 0.0.0.0 EQ 80
Router (config) #access-list 102 permit IP any
Router (config) #interface S0/1
Router (config-if) #ip Access-group 102 out
To delete an Access control example table:
Router (config) #no access-list 102
Router (config-if) #no IP access-group 101 in
NAT configuration for Routers
Router (config-if) #ip nat inside; The current interface is specified as an internal interface
Router (config-if) #ip Nat outside; The current interface is specified as an external interface
Router (config) #ip nat inside source static [P] [port]
Router (config) #ip nat inside source static 10.65.1.2 60.1.1.1
Router (config) #ip nat inside source static TCP 10.65.1.3 80 60.1.1.1 80
Router (config) #ip nat pool P1 60.1.1.1 60.1.1.20 255.255.255.0
Router (config) #ip nat inside source list 1 pool P1
Router (config) #ip nat inside Destination List 2 pool P2
Router (config) #ip nat inside source List 2 interface s0/0 overload
Router (config) #ip nat pool P2 10.65.1.2 10.65.1.4 255.255.255.0 type rotary
Router#show IP NAT Translation
The rotary parameter is meant to be rotated, and IP in the address pool is rotated to match the address assigned by NAT.
The overload parameter is used by Pat to map the internal IP to a different port on a public IP.
External Gateway Protocol Configuration
RouterA (config) #router BGP 100
RouterA (config-router) #network 19.0.0.0
RouterA (config-router) #neighbor 8.1.1.2 Remote-as 200
To configure PPP authentication:
RouterA (config) #username password
RouterA (config) #int S0
RouterA (config-if) #ppp authentication {CHAP|PAP}
3.PIX Firewall command
Pix525 (config) #nameif ethernet0 outside security0; naming interfaces and levels
Pix525 (config) #interface ethernet0 auto, set interface mode
Pix525 (config) #interface ethernet1 100full; set interface mode
Pix525 (config) #interface ethernet1 100full shutdown
Pix525 (config) #ip address inside 192.168.0.1 255.255.255.0
Pix525 (config) #ip address outside 133.0.0.1 255.255.255.252
Pix525 (config) #global (if_name) Natid ip-ip; define public IP range
Pix525 (config) #global (outside) 1 7.0.0.1-7.0.0.15;
Pix525 (config) #global (outside) 1 133.0.0.1;
Pix525 (config) #no Global (outside) 1 133.0.0.1 remove settings
Pix525 (config) #nat (if_name) nat_id local_ip [Netmark]
Pix525 (config) #nat (inside) 1 0 0
All hosts on the intranet (0 for 0.0.0.0) have access to the global 1 designated extranet.
Pix525 (config) #nat (inside) 1 172.16.5.0 255.255.0.0
The host of the Intranet 172.16.5.0/16 network segment can access the global 1 designated external network.
Pix525 (config) #route if_name 0 0 gateway_ip [metric]; command format
Pix525 (config) #route outside 0 0 133.0.0.1 1;
Pix525 (config) #route inside 10.1.0.0 255.255.0.0 10.8.0.1 1;
Pix525 (config) #static (inside, outside) 133.0.0.1 192.168.0.8
Represents the internal IP address 192.168.0.8, which is translated into the 133.0.0.1 Global address when accessed externally.
Pix525 (config) #static (DMZ, outside) 133.0.0.1 172.16.0.8
The middle zone IP address 172.16.0.8, accessed externally, is translated into 133.0.0.1 global address.
Original from the "Bit network", reproduced please keep the original link: http://network.chinabyte.com/82/11201082.shtml
Cisco Router switch Configuration command detailed