Shenzhou Digital Switch Command Note summary

Switch requirements

1. Switch to restore factory settings and its basic configuration.

1)//Enter privileged mode

2) del Config.text

2. Telnet mode to manage the switch.

1)//Enter the global configuration mode

2) enable password 0 [password]

3) Line 0 4

4) Password 0 [password]

5) Login

3. switch file backup, upgrade, restore.

1) rgnos.bin System files

2) config.text configuration file

4. Enable Password Loss Solution

1) reboot

2) Ctrl + C

3) Select 4 (file)

4) 1 (remove)

5) Config.text

6) Laod (reboot)

5. Switch VLAN partition

1) Vlan 10

2 in VLAN 10

3 IP Add [IP] [subnet mask]

6. Switch port and Mac binding and filtering

1)//Enter the serial port

2 SW Mode Trunk

3 SW port-security mac-address [mac] ip-address [IP

7. Spanning Tree experiment

1) Spanning-tree

8. Switch Link Aggregation

1) Int Aggregateport 1

2 SW Mode Trunk

3)//Enter the serial port

4) Port-group 1

9. Switch Port Mirroring

1 Monitor Session 1 source interface fastethernet 0/2 both/mirrored

2 Monitor Session 1 Destination interface fastethernet 0/3//Mirrored port

10. Multi-layer switch static routing experiment

1 IP route [IP segment present] [subnet mask] [next hop IP]

One. RIP dynamic routing

1) Router RIP

2) Version 2

3) network [IP Segment]

4) No Auto-summary

12. Port Security

1)/Enter port

2) Switchport port-security//Open port security

3 Switchport port-security maximum 5//MAX connection 5.

4 SW port-security violation shutdown//beyond Shudown

OSPF Dynamic routing

1) Router OSPF

2) network [IP segment] [anti-code] area 0

14. Standard ACL Experiment

1 access-list 1 Deny 192.168.1.0 0.0.0.255//denied access IP segment

2 access-list 1 Permit 192.168.1.0 0.0.0.255//Allowed IP segment

3)/Enter port

4 IP Access-group 1 in//Put control List 1 into port, enter control

5 IP Access-group 1 out//Put control List 1 into port, output control

15. Extended ACL Experiment

1 access-list deny TCP a.b.c.d 255.255.255.0 a.b.c.d 255.255.255.0 eq ftp (www.)/disable access to the previous network segment FTP or www

16. Switch one-way access control

1)//using standard ACL

2) Access-list 1 deny 192.168.1.0 0.0.0.255

3)/Enter port

4) IP Access-group 1 in

17. Switch DHCP server configuration

1) Service DHCP

2 ip DHCP ping packets 1

3 IP dhcp excluded-address [ip1] [IP 2]//Set exclusive IP address starting from 1 to 2

4 IP DHCP pool [name]

5) lease infinite//Permanent lease

6) network [IP segment] [subnet mask]

7) default-router [Gateway IP]

8) Dns-server [NDS IP]

18. Switch DHCP relay function

1) Service DHCP

2)//Enter VLAN

3 IP helper-address [DHCP network management]

19. Switch VRRP Experiment

1)//Enter VLAN

2) VRRP IP [IP]//Set VRRP virtual gateway

3) VRRP priority 150//Set Priority to 150 (default 100)

20. Switch QoS Experiment Car

1//1. Extended control List, 2 policy, 3 Method 4 Adapter Port

2 access-list Permit IP host a.b.c.d any//definition of IP to speed limit

3) Class-map XIANSU1//Create Class-map name for XIANSU1

4 Match Access-group 101//Set control list into strategy xiansu1

5) Policy-map Pozz create Policy-map name for Pozz

6) Class Xiansu1

7) Police 8000 exceed-action drop//Speed limit is 8000 kbit, 512KB

8)/Enter port

9) Service-policy Input Pozz

Router requirements

1. Router Telnet

A)//Enter the global configuration mode

b

c) Enable password 0 [password]

d) Line vty 0 4

e) Password 0 [password]

2. Login Router Web

A)//create user password first

b Ip HTTP port 80//open web port to 80

3. Router WAN HDLC Package configuration

A) Encapsulation HDLC

4. Router WAN PPP package configuration

A) Encapsulation PPP

5. Router WAN PPP package PAP configuration

A) Encapsulation PPP

b) PPP authentication PAP

c) PPP pap sent-username [user] password 0 [password]//authentication Party

d) Username [username] password 0 [password]//authenticated party

6. Router WAN PPP Encapsulation CHAP configuration

A) Encapsulation PPP

B PPP Authentication CHAP

7. PPP CHAP hostname [other computer]

8. PPP Chap password 0 12345687

A) Ip Nat Inside set to intranet interface

b The IP Nat outside is set to the extranet interface

c) access-list Permit A.B.C.D 0.0.0.255//configure allowed access ACLs

d IP Nat inside source list interface serial 1/0 overload//allowed access to extranet ACLs

9. Nat Intranet Mapping

A) IP Nat inside source static TCP 192.168.1.1 interface s4/0//IP 80 port to the s4/0 port

10. Policy Routing (PBR) configuration

Access-list Permit IP host a.b.c.d any//definition ACL

Route-map Test Permit 10. \ Define Policy

Match IP add0020

101.//Matching ACL

Set int NULL 0////If match is discarded

Set IP next-hop a.b.c.d//If match is placed to the next one

Route-map Test Permit 20///If the default route is not matched

Int F 0/1/Enter port

IP Policy ROUTE-MAP test//Association policy

11. Routing in Publishing

A When multiple dynamic routing occurs, a network segment is declared only once, as in the next protocol

b) Re

Redistribute RIP subnets Redistribution RIP routing

Redistribute static subnets redistribution statically routed

5650s-1 (config) #router rip

5650s-1 (config-router) #version 2

5650s-1 (config-router) #redistribute OSPF

5650s-1 (config-router) #redistribute Stati

12. Configure QoS

A)//1. Extended control List, 2 policy, 3 Method 4 Adapter Port

b access-list permit IP host a.b.c.d any//definition of IP to speed limit

c) Class-map XIANSU1//create Class-map name XIANSU1

D match access-group 101//Control List entry Strategy XIANSU1

e) Policy-map Pozz create Policy-map name for Pozz

f) Class Xiansu1

g) Police 8000 exceed-action drop//Speed limit value is 8000 kbit, 512KB

h)/Enter port

i) service-policy input Pozz

Vpn,pptp

A The IP local pool text 192.168.2.2 192.168.2.20//Defines the address pool that gets the VPN,

b) Interface Virtual-template 1//Enter Virtual Interface 1

c) PPP authentication PAP//config authentication method

d) IP unnumbered fastethernet 1/0//Inheritance interface IP

e) Peer default IP address pool PPTP//Association

f)//Enter the global mode

g) VPDN enable//Open VPN

h) vpdn-group PPTP//Definition group name

i) Accept-dialin//Allow dial-in access

j) Protocol PPTP//Allow dial-in Access Protocol

k) Virtual-template 1//Associated virtual interface, dial-in time assigned to the user virtual interface.

Add

Switch Basic status:
hostname> user mode
hostname#; privileged mode
hostname (config) #; global configuration Mode
hostname (CONFIG-IF) #; interface Status Switch Password settings:
switch>enable; Enter privileged mode
Switch#config terminal; Enter the global configuration mode
Switch (config) #hostname; set the host name of the switch switch (config) #enable secret xxx; set privileged encryption password
Switch (config) #enable password xxa; set privileged non-secret password
Switch (config) #line c Onsole 0; Enter the console port
switch (config-line) #line vty 0 4; Enter virtual Terminal
Switch (config-line) #login; Allow logon
switch (Config-lin e #password xx; set login password xx
switch#exit; return to command
Switch VLAN settings:
Switch#vlan database; Enter VLAN settings
switch (VLAN) #vlan 2. Build VLAN 2
switch (VLAN) #no VLAN 2; Delete VLAN 2
Switch (config) #int f0/1; Enter port 1
switch (config-if) #switchport acc ESS VLAN 2; When the front port joins VLAN 2
switch (config-if) #switchport mode trunk; set to trunk

Switch (config-if) #switchport trunk allowed VLAN 1,2; set allowed VLANs
switch (config-if) #switchport trunk encap dot1q; set VLAN relay
Switch (config) #vtp domain; Set the VTP domain name
Switch (config) #vtp password; Set the send VTP password
Switch (config) #vtp mode s Erver set VTP mode
Switch (config) #vtp mode client; set send VTP mode
switch set IP address:
Switch (config) #interface vlan 1; Enter VLAN 1
Switch (config-if) #ip address; Set IP addresses
Switch (config) #ip default-gateway; Set the default gateway
Switch#dir Flash:; View Flash br> Switch Display command:
Switch#write; Save configuration information
Switch#show VTP; View VTP configuration information
Switch#show run; View current configuration information
Switch#show VLA n; View VLAN configuration information
Switch#show interface; View port information
Switch#show int f0/0; View the specified port information
finished the most needed step. To remember to save set Russia,
Save command: Switch (config) #copy running-config startup-config