(2) Cisco Devices

7/29/2019 (2) Cisco Devices

1/150

Cisco Devices

The Command-Line InterfaceShortcuts for Entering Commands

Using the [tab] Key to Complete Commands

Using the Question Mark for Help

enable Command

exit Command

disable Command


2/150

logout Command

Setup Mode

Keyboard Help

show Commands


3/150

Configuring a Router

Configuring a Single Cisco RouterRouter Modes

Entering Global Configuration Mode

Configuring a Router Name

Configuring Passwords

Password Encryption


4/150

Configuring a Serial Interface

Configuring a Fast Ethernet Interface

Creating a Message-of-the-Day Banner

Creating a Login Banner

Setting the Clock Time Zone


5/150

Assigning a Local Host Name to an IP Address

The no ip domain-lookup Command

The logging synchronous Command

The exec-timeout Command

Saving Configurations

Erasing Configurations

show Commands


6/150

EXEC Commands in Configuration Mode: The do Command


7/150

Configuration Example: Basic Router Configuration

Boston Router


8/150


9/150

Routing

Static RoutingConfiguring a Static Route on a Router

Static Routes and Administrative Distance (Optional)

Router(config)#ip route 172.16.20.0 255.255.255.0 172.16.10.2 permanentRouter(config)#ip route 172.16.20.0 255.255.255.0 172.16.10.2 200

Configuring a Default Route on a Router


10/150

Verifying Static Routes

Router#show ip route

Configuration Example: Static Routes


11/150

Boston Router

Buffalo Router

Bangor Router


12/150

RIPThe ip classless Command

RIP Routing: Mandatory Commands

RIP Routing: Optional Commands


13/150

Troubleshooting RIP Issues

Configuration Example: RIPv2 Routing

Cancun Router


14/150

Acapulco Router

Mazatlan Router

EIGRPConfiguring Enhanced Interior Gateway Routing Protocol (EIGRP)


15/150

EIGRP Auto-Summarization


16/150

Load Balancing: variance

Bandwidth Use

Authentication


17/150

Verifying EIGRP

Troubleshooting EIGRP


18/150

Configuration Example: EIGRP

Austin Router


19/150

Houston Router


20/150


21/150

Single Area OSPFConfiguring OSPF: Mandatory Commands

Using Wildcard Masks with OSPF Areas

Configuring OSPF: Optional Commands

Loopback Interfaces


22/150

Router ID

DR/BDR Elections

Modifying Cost Metrics


23/150

Authentication: Simple

Authentication: Using MD5 Encryption

Timers


24/150

Propagating a Default Route

Verifying OSPF Configuration

Troubleshooting OSPF


25/150

Configuration Example: Single Area OSPF

Austin Router


26/150

Houston Router

Galveston Router


27/150

SwitchingConfiguring a Switch

Help Commands

Command Modes

Verifying Commands


28/150

Resetting Switch Configuration

Setting Host Names


29/150

Setting Passwords

Setting IP Addresses and Default Gateways

Setting Interface Descriptions

Setting Duplex Operation


30/150

Setting Operation Speed

Managing the MAC Address Table

Configuring Static MAC Addresses

Switch Port Security


31/150

Verifying Switch Port Security


32/150

Sticky MAC Addresses

Configuration Example


33/150


34/150

VLANsCreating Static VLANs

Using VLAN Configuration Mode

Using VLAN Database Mode


35/150

Assigning Ports to VLANs

Using the range Command

Verifying VLAN Information

Saving VLAN Configurations

Erasing VLAN Configurations


36/150


37/150

Configuration Example: VLANs


38/150

VLAN Trunking Protocol and Inter-VLANRouting

Dynamic Trunking Protocol (DTP)

Setting the Encapsulation Type


39/150

VLAN Trunking Protocol (VTP)

Using VLAN Database Mode


40/150

Verifying VTP

Inter-VLAN Communication Using an External Router:

Router-on-a-Stick


41/150

Inter-VLAN Communication Tips

Rointerface fastethernet 0/0Roencapsulation dot1q 1 native

Router(config-if)#ip address 192.168.1.1 255.255.255.0Router(config-if)#interface fastethernet 0/0.10

Roencapsulation dot1q 10Router(config-subif)#ip address 192.168.10.1 255.255.255.0

Configuration Example: Inter-VLAN Communication


42/150

ISP Router


43/150

CORP Router


44/150

L2Switch1 (Catalyst 2960)


45/150


46/150

STP and EtherChannelSpanning Tree Protocol

Enabling Spanning Tree Protocol

Configuring the Root Switch


47/150

Configuring a Secondary Root Switch

Configuring Port Priority


48/150

Configuring the Path Cost

Configuring the Switch Priority of a VLAN

Configuring STP Timers

Verifying STP


49/150

Optional STP Configurations

PortFast

BPDU Guard

Changing the Spanning-Tree Mode

Different types of spanning tree can be configured on a Cisco switch. The options vary


50/150

according to the platform: Per-VLAN Spanning Tree (PVST)There is one instance of spanning tree for each

VLAN. This is a Cisco proprietary protocol. Per-VLAN Spanning Tree Plus (PVST+)Also Cisco proprietary. Has added

extensions to the PVST protocol. Rapid PVST+This mode is the same as PVST+ except that it uses a rapid

convergence based on the 802.1w standard. Multiple Spanning Tree Protocol (MSTP)IEEE 802.1s. Extends the 802.1wRapid Spanning Tree (RST) algorithm to multiple spanning trees. Multiple VLANscan map to a single instance of RST. You cannot run MSTP and PVST at the same

time.

Extended System ID

Enabling Rapid Spanning Tree

Troubleshooting Spanning Tree


51/150

Configuration Example: STP

Core Switch (2960)


52/150

Distribution 1 Switch (2960)

Distribution 2 Switch (2960)


53/150

EtherChannel

EtherChannel provides fault-tolerant, high-speed links between switches, routers, andservers. An EtherChannel consists of individual Fast Ethernet or Gigabit Ethernet links

bundled into a single logical link. If a link within an EtherChannel fails, traffic previouslycarried over that failed link changes to the remaining links within the EtherChannel.

Interface Modes in EtherChannel

Guidelines for Configuring EtherChannel

Configuring Layer 2 EtherChannel

Verifying EtherChannel


54/150

Configuration Example: EtherChannel

Core (2960)


55/150

ALSwitch1 (2960)


56/150

ALSwitch2 (2960)


57/150


58/150

Extending the LAN

Implementing a Wireless LAN

Wireless Access Point Configuration: Linksys 300N Access Point

GUI Setup Wizard

License Agreement


59/150

Unplugging Power to the Modem

Disconnecting the Modem from the Computer

Connect the Modem to the Router


60/150

Connect the Power to the Modem

Connect the Router to a Computer


61/150

Connect the Router to a Computer

Power on the Router


62/150

Check the Routers Status

Checking Your Computers Settings


63/150

Configure Cable or DHCP Settings

Set the Routers Administrative Password


64/150

Wireless Settings

Configure Wireless Security Settings (Optional)


65/150

Confirm New Settings

Option to Install Norton Internet Security


66/150

End of Wizard

Username/Password Challenge


67/150

Main Screen of Web-Based Management Utility

Web-Based Management Utility Menu Bar


68/150

Wireless Client Configuration: Linksys Wireless-N Notebook Adapter

GUI Setup Wizard

License Agreement

Software Installation


69/150

Connecting the Adapter

Found New Hardware Wizard


70/150

Found New Hardware Wizard Second Screen

Completing the Found New Hardware Wizard


71/150

Creating a Profile: Available Wireless Networks

Security Warning


72/150

Security Connection

Congratulations: End of Wizard


73/150

Link Information

Connect Screen


74/150

Profiles Screen

Wireless Network Connection Status


75/150


76/150

Network Administration and Troubleshooting

Backing Up and Restoring Cisco IOSSoftware and Configurations

Boot System Commands

The Cisco IOS File System

Backing Up Configurations to a TFTP Server

Restoring Configurations from a TFTP Server


77/150

Backing Up the Cisco IOS Software to a TFTP Server

Restoring/Upgrading the Cisco IOS Software from a TFTP Server


78/150

Restoring the Cisco IOS Software from ROM Monitor Mode Using Xmodem


79/150

Finding the Cisco IOS Software Image File


80/150

Sending the Cisco IOS Software Image File to the Router

Restoring the Cisco IOS Software Using the ROM Monitor Environmental Variables and tftpdnldCommand

Password-Recovery Procedures and theConfiguration Register

The Configuration Register

A Visual RepresentationThe configuration register is a 16-bit field stored in NVRAM. The bits are numberedfrom 15 to 0 looking at the bit stream from left to right. Bits are split up into groups

of 4, and each group is represented by a hexadecimal digit.

What the Bits Mean


81/150

The Boot Field

Console Terminal Baud Rate Settings

Changing the Console Line Speed: CLI

Changing the Console Line Speed: ROM Monitor Mode


82/150

Password-Recovery Procedures for Cisco Routers


83/150

Password Recovery for 2960 Series Switches


84/150


85/150

Cisco Discovery Protocol (CDP)

Cisco Discovery Protocol

Telnet and SSH

Using Telnet to Remotely Connect to Other Devices


86/150

Any of the preceding commands lead to the following configuration sequence:

Configuring the Secure Shell Protocol (SSH)


87/150

The ping and traceroute Commands

ICMP Redirect Messages

The ping Command

The following table describes the possible ping output characters.

Examples of Using the ping and the Extended ping Commands


88/150

The traceroute Command

SNMP and SyslogConfiguring SNMP


89/150

Configuring Syslog

There are eight levels of severity in logging messages, as follows:

Basic Troubleshooting

Viewing the Routing Table

Determining the Gateway of Last Resort

Determining the Last Routing Update


90/150

OSI Layer 3 Testing

OSI Layer 7 Testing

Interpreting the show interface Command

Clearing Interface Counters

Using CDP to Troubleshoot

The traceroute Command

The show controllers Command

debug Commands


91/150

Using Time Stamps

Operating System IP Verification Commands ipconfig (Windows 2000/XP):

Click Start > Run > Command > ipconfig oripconfig/all.

winipcfg (Windows 95/98/Me):

Click Start > Run > winipcfg. ifconfig (Mac/Linux):

#ifconfig

The ip http server Command

The netstat Command

Managing IP Services

Network Address Translation

Private IP Addresses: RFC 1918


92/150

Configuring Dynamic NAT: One Private to One Public Address Translation

Configuring PAT: Many Private to One Public Address Translation


93/150


94/150

Configuring Static NAT: One Private to One Permanent Public Address Translation

Verifying NAT and PAT Configurations

Troubleshooting NAT and PAT Configurations

Configuration Example: PAT

Port Address Translation Configuration


95/150

ISP Router

Company Router


96/150

DHCP

Configuring DHCP


97/150

Verifying and Troubleshooting DHCP Configuration

Configuring a DHCP Helper Address


98/150

DHCP Client on a Cisco IOS Software Ethernet Interface

Configuration Example: DHCP

Network Topology for DHCP Configuration

Edmonton Router


99/150

Gibbons Router


100/150

IPv6Assigning IPv6 Addresses to Interfaces

IPv6 and RIPng


101/150

Configuration Example: IPv6 RIP

Network Topology for IPv6/RIPng Configuration Example

Austin Router


102/150

Houston Router


103/150

IPv6 Tunnels: Manual Overlay Tunnel

illustrates the network topology for the configuration that follows, which shows how IPv6 tunnels are created.

Juneau Router


104/150

Fairbanks Router

Static Routes in IPv6

Network Topology for IPv6 Static Route Configuration


105/150

Floating Static Routes in IPv6Austin(config)# ipv6 route 2001:db8:c18:3::/64 fastethernet 0/0 200

Verifying and Troubleshooting IPv6


106/150

IPv6 PingRouter#ping ipv6 2001:db8::3/64

WANs


107/150

HDLC and PPP

Configuring HDLC Encapsulation on a Serial Line

Configuring PPP on a Serial Line (Mandatory Commands)

Configuring PPP on a Serial Line (Optional Commands): Compression

Configuring PPP on a Serial Line (Optional Commands): Link Quality

Configuring PPP on a Serial Line (Optional Commands): Multilink

Configuring PPP on a Serial Line (Optional Commands): Authentication


108/150

Verifying or Troubleshooting a Serial Link/PPP Encapsulation

Configuration Example: PPP

Network Topology for PPP Configuration

Boston Router


109/150

Buffalo Router

Frame Relay

Configuring Frame Relay

Setting the Frame Relay Encapsulation Type


110/150

Setting the Frame Relay Encapsulation LMI Type

Setting the Frame Relay DLCI Number

Configuring a Frame Relay map Statement

Configuring a Description of the Interface (Optional)

Configuring Frame Relay Using Subinterfaces


111/150

Verifying Frame Relay

Troubleshooting Frame Relay

Configuration Examples: Frame Relay

Frame Relay Network


112/150

Edmonton Router


113/150

Winnipeg Router


114/150

Calgary Router


115/150


116/150

Network Security

IP Access Control List Security

Access List Numbers

ACL Keywords

Creating Standard ACLs


117/150

Applying Standard ACLs to an Interface


118/150

Verifying ACLs

Removing ACLs

Creating Extended ACLs


119/150

Applying Extended ACLs to an Interface

The established Keyword (Optional)

Creating Named ACLs


120/150

Using Sequence Numbers in Named ACLs

Removing Specific Lines in Named ACLs Using Sequence Numbers

Including Comments About Entries in ACLs


121/150

Restricting Virtual Terminal Access

Configuration Examples: ACLs

Network Topology for ACL Configuration


122/150

Example 1: Write an ACL that prevents the 10.0 network from accessing the 40.0 network but allowseveryone else to.

Example 2: Write an ACL that states that 10.5 cannot access 50.7. Everyone else can.

Example 3: Write an ACL that states that 10.5 can Telnet to the Red Deer router. No one else can.


123/150

Example 4: Write a named ACL that states that 20.163 can Telnet to 70.2. No one else from 20.0 canTelnet to 70.2. Any other host from any other subnet can connect to 70.2 using anything that is

available.

Example 5: Write an ACL that states that hosts 50.150.63 are not allowed web access to 80.16. Hosts50.6450.254 are. Everyone can do everything else.

Security Device Manager

Security Device Manager: Connecting with CLI


124/150

Security Device Manager: Connecting with GUIOpen your PCs Internet browser and enter the following command in the browsers address bar:

http://10.10.10.1

Connect to Router Challenge Window


125/150

HTTP or HTTPS

SDM Express Wizard with No CLI Preconfiguration

Welcome to the Cisco SDM Express Wizard


126/150

Basic Configuration

Router Provisioning


127/150

LAN Interface Configuration

DHCP Server Configuration


128/150

WAN Configuration

Add Serial Connection


129/150

Add Gigabit Ethernet Connection


130/150

Internet (WAN)Advanced Options


131/150

Internet (WAN)Private IP Addresses

Add Address Translation Rule


132/150

Security Configuration

Cisco SDM Express Configuration


133/150

Reconnection Instructions

Loading Cisco SDM


134/150

Cisco SDM Home Page

Resetting the Router to Factory Defaults Using SDM

Resetting the Router


135/150

Relaunch SDM to Continue

SDM User Interfaces

Interfaces and Connections


136/150

LAN Wizard

LAN Wizard


137/150

LAN Wizard

LAN Wizard: IP Address and Subnet Mask


138/150

LAN Wizard: DHCP Server

LAN Wizard: Summary


139/150

Configuring Routing Using SDM

Routing

Add IP Static Route


140/150

Edit IP Dynamic Routing


141/150

SDM Monitor Mode

SDM Monitor Mode

Using SDM to Configure a Router to Act as a DHCP Server

Additional Tasks: DHCP


142/150

Add DHCP Pool

Command Delivery Status


143/150

DHCP Pool Status

Using SDM to Configure an Interface as a DHCP Client

Interfaces and Connections


144/150

Welcome to the Ethernet WAN Configuration Wizard

Encapsulation


145/150

IP Address

Authentication


146/150

Summary

Connectivity Testing and Troubleshooting


147/150


148/150

NAT

NAT Wizard

Sharing the Internet Connection


149/150

Summary of the Configuration

What to Do If You Lose SDM Connectivity Because of an erase startup-config Command


150/150

(2) Cisco Devices

Documents

Transcript of (2) Cisco Devices