Cisco Router switch Configuration command detailed

Source: Internet
Author: User

1. Commands supported by the switch:

Switch Basic Status:

Switch:; Rom status, router is rommon>

hostname>; user mode

hostname#; privileged mode

Hostname (config) #; global configuration mode

Hostname (CONFIG-IF) #; interface State

Switch Password settings:

switch>enable; Enter privileged mode

Switch#config terminal; Go to global configuration mode

Switch (config) #hostname, set the hostname of the switch

Switch (config) #enable secret xxx; set privileged encryption password

Switch (config) #enable password xxa; set privileged non-secret password

Switch (config) #line console 0, enter the console port

Switch (config-line) #line vty 0 4; Enter virtual terminal

Switch (config-line) #login; Allow Login

Switch (config-line) #password xx; set Login password xx

switch#exit; return command

Switch VLAN settings:

Switch#vlan database; Enter VLAN settings

Switch (VLAN) #vlan 2; Building VLAN 2

Switch (VLAN) #no VLAN 2; Delete VLAN 2

Switch (config) #int f0/1; Enter Port 1

Switch (config-if) #switchport access VLAN 2; When the front port joins VLAN 2

Switch (config-if) #switchport mode trunk, set to trunk

Switch (config-if) #switchport trunk allowed VLAN, set allowed VLANs

Switch (config-if) #switchport trunk encap dot1q; set VLAN trunking

Switch (config) #vtp domain; Set the VTP domain name

Switch (config) #vtp password; set the VTP password

Switch (config) #vtp mode server, setting the VTP pattern

Switch (config) #vtp mode client, setting the VTP pattern

Switch set IP address:

Switch (config) #interface vlan 1; go to VLAN 1

Switch (config-if) #ip address; Set IP addresses

Switch (config) #ip default-gateway; Set default gateway

Switch#dir flash:; View Flash

The switch displays the command:

Switch#write; Saving configuration information

Switch#show VTP; View VTP configuration information

Switch#show run; View current configuration information

Switch#show VLAN; View VLAN configuration information

Switch#show interface; viewing port information

switch#show int f0/0; View specified port information

2. Commands supported by the router:

Router Display command:

Router#show run; Display configuration information

Router#show interface; Display interface information

Router#show IP route, displaying routing information

Router#show CDP nei; show neighbor information

Router#reload; Start again!

Router Password settings:

router>enable; Enter privileged mode

Router#config terminal; Go to global configuration mode

Router (config) #hostname; set the hostname of the switch

Router (config) #enable secret xxx; set privileged encryption password

Router (config) #enable password xxb; set privileged non-secret password

Router (config) #line console 0; Enter the console port

Router (config-line) #line vty 0 4; Enter virtual terminal

Router (config-line) #login; Require password verification

Router (config-line) #password xx; set Login password xx

Router (config) # (ctrl + Z); Return to privileged mode

router#exit; return command

Router configuration:

Router (config) #int s0/0; Enter Serail interface

Router (config-if) #no shutdown; activating the current interface

Router (config-if) #clock rate 64000; set Sync clock

Router (config-if) #ip address; Set IP addresses

Router (config-if) #ip address second; set a second IP

Router (config-if) #int f0/0.1; Enter sub-interface

Router (CONFIG-SUBIF.1) #ip address; Set sub-interface IP

Router (CONFIG-SUBIF.1) #encapsulation dot1q; bound VLAN trunking protocol

Router (config) #config-register 0x2142; skip config file

Router (config) #config-register 0x2102; normal usage profile

Router#reload; re-boot

Router file operations:

Router#copy running-config startup-config; Save configuration

Router#copy running-config tftp; save configuration to TFTP

Router#copy startup-config tftp, boot configuration to TFTP

Router#copy tftp flash: Upload files to Flash

router#copy tftp startup-config; Download config file

Rom Status:

Ctrl+break; Enter ROM monitor status

Rommon>confreg 0x2142; skip config file

Rommon>confreg 0x2102; Restoring a configuration file

Rommon>reset; re-boot

Rommon>copy Xmodem:flash:; Transferring files from the console

rommon>ip_address=10.65.1.2; set Router IP

rommon>ip_subnet_mask=255.255.0.0; Set the router mask

rommon>tftp_server=10.65.1.1; Specify the TFTP server IP

Rommon>tftp_file=c2600.bin; Specify the downloaded file

rommon>tftpdnld; Download from tftp

Rommon>dir flash:; View Flash content

rommon>boot; boot iOS

Static routes:

IP route; command format

Router (config) #ip route 2.0.0.0 255.0.0.0 1.1.1.2; Static Route example

Router (config) #ip Route 0.0.0.0 0.0.0.0 1.1.1.2, default route example

Dynamic routing:

Router (config) #ip routing; Initiate route forwarding

Router (config) #router rip; start RIP routing protocol.

Router (config-router) #network; set up publishing routes

Router (config-router) #negihbor; point-to-point frame relay.

Frame Relay Command:

Router (config) #frame-relay switching; enable Frame Relay switching

Router (config-s0) #encapsulation frame-relay; enable Frame Relay

Router (config-s0) #fram-relay lmi-type Cisco; setting Management type

Router (config-s0) #frame-relay intf-type DCE, set to DCE

Router (config-s0) #frame-relay DLCI 16;

Router (config-s0) #frame-relay LOCAL-DLCI 20; Set Virtual circuit number

Router (config-s0) #frame-relay Interface-dlci 16;

Router (config) #log-adjacency-changes; log adjacency changes

Router (config) #int s0/0.1 Point-to-Point; Set sub-interface point-to-point

Router#show frame PVC; Show permanent virtual circuit

Router#show frame map; Display map

Basic Access Control List:

Router (config) #access-list permit|deny

Router (config) #interface;d efault:deny any

Router (config-if) #ip access-group in|out;d efaultut

Example 1:

Router (config) #access-list 4 Permit 10.8.1.1

Router (config) #access-list 4 deny 10.8.1.0 0.0.0.255

Router (config) #access-list 4 Permit 10.8.0.0 0.0.255.255

Router (config) #access-list 4 deny 10.0.0.0 0.255.255.255

Router (config) #access-list 4 Permit any

Router (config) #int f0/0

Router (config-if) #ip Access-group 4 in

To extend the Access control list:

Access-list permit|deny ICMP [type]

Access-list permit|deny TCP [port]

Example 3:

Router (config) #access-list 101 deny ICMP any 10.64.0.2 0.0.0.0 Echo

Router (config) #access-list 101 Permit IP any

Router (config) #int s0/0

Router (config-if) #ip Access-group 101 in

Example 3:

Router (config) #access-list 102 deny TCP any 10.65.0.2 0.0.0.0 EQ 80

Router (config) #access-list 102 permit IP any

Router (config) #interface S0/1

Router (config-if) #ip Access-group 102 out

To delete an Access control example table:

Router (config) #no access-list 102

Router (config-if) #no IP access-group 101 in

NAT configuration for Routers

Router (config-if) #ip nat inside; The current interface is specified as an internal interface

Router (config-if) #ip Nat outside; The current interface is specified as an external interface

Router (config) #ip nat inside source static [P] [port]

Router (config) #ip nat inside source static 10.65.1.2 60.1.1.1

Router (config) #ip nat inside source static TCP 10.65.1.3 80 60.1.1.1 80

Router (config) #ip nat pool P1 60.1.1.1 60.1.1.20 255.255.255.0

Router (config) #ip nat inside source list 1 pool P1

Router (config) #ip nat inside Destination List 2 pool P2

Router (config) #ip nat inside source List 2 interface s0/0 overload

Router (config) #ip nat pool P2 10.65.1.2 10.65.1.4 255.255.255.0 type rotary

Router#show IP NAT Translation

The rotary parameter is meant to be rotated, and IP in the address pool is rotated to match the address assigned by NAT.

The overload parameter is used by Pat to map the internal IP to a different port on a public IP.

External Gateway Protocol Configuration

RouterA (config) #router BGP 100

RouterA (config-router) #network 19.0.0.0

RouterA (config-router) #neighbor 8.1.1.2 Remote-as 200

To configure PPP authentication:

RouterA (config) #username password

RouterA (config) #int S0

RouterA (config-if) #ppp authentication {CHAP|PAP}

3.PIX Firewall command

Pix525 (config) #nameif ethernet0 outside security0; naming interfaces and levels

Pix525 (config) #interface ethernet0 auto, set interface mode

Pix525 (config) #interface ethernet1 100full; set interface mode

Pix525 (config) #interface ethernet1 100full shutdown

Pix525 (config) #ip address inside 192.168.0.1 255.255.255.0

Pix525 (config) #ip address outside 133.0.0.1 255.255.255.252

Pix525 (config) #global (if_name) Natid ip-ip; define public IP range

Pix525 (config) #global (outside) 1 7.0.0.1-7.0.0.15;

Pix525 (config) #global (outside) 1 133.0.0.1;

Pix525 (config) #no Global (outside) 1 133.0.0.1 remove settings

Pix525 (config) #nat (if_name) nat_id local_ip [Netmark]

Pix525 (config) #nat (inside) 1 0 0

All hosts on the intranet (0 for 0.0.0.0) have access to the global 1 designated extranet.

Pix525 (config) #nat (inside) 1 172.16.5.0 255.255.0.0

The host of the Intranet 172.16.5.0/16 network segment can access the global 1 designated external network.

Pix525 (config) #route if_name 0 0 gateway_ip [metric]; command format

Pix525 (config) #route outside 0 0 133.0.0.1 1;

Pix525 (config) #route inside 10.1.0.0 255.255.0.0 10.8.0.1 1;

Pix525 (config) #static (inside, outside) 133.0.0.1 192.168.0.8

Represents the internal IP address 192.168.0.8, which is translated into the 133.0.0.1 Global address when accessed externally.

Pix525 (config) #static (DMZ, outside) 133.0.0.1 172.16.0.8

The middle zone IP address 172.16.0.8, accessed externally, is translated into 133.0.0.1 global address.

Original from the "Bit network", reproduced please keep the original link: http://network.chinabyte.com/82/11201082.shtml

Cisco Router switch Configuration command detailed

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.