Scribd
Upload
412 views

COMANDOS Cisco

This document provides configuration commands for routers and switches, including commands for enabling services, configuring interfaces and routing protocols, network access control, DHCP, NAT, VLANs, trunking, VTP, and Spanning Tree Protocol. Some key points: - It outlines commands for configuring services like enable secret, banners, and logging on routers. - Shows interface configuration commands like ip address, bandwidth, encapsulation. - Lists routing protocol commands for RIP, EIGRP, OSPF, route redistribution, and default routes. - Covers access control using ACLs, usernames, privilege levels and login timeouts. - Details DHCP, NAT, VLAN, trunking, and VTP configuration

Uploaded by

nnnnnnnndc
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
412 views

COMANDOS Cisco

This document provides configuration commands for routers and switches, including commands for enabling services, configuring interfaces and routing protocols, network access control, DHCP, NAT, VLANs, trunking, VTP, and Spanning Tree Protocol. Some key points: - It outlines commands for configuring services like enable secret, banners, and logging on routers. - Shows interface configuration commands like ip address, bandwidth, encapsulation. - Lists routing protocol commands for RIP, EIGRP, OSPF, route redistribution, and default routes. - Covers access control using ACLs, usernames, privilege levels and login timeouts. - Details DHCP, NAT, VLAN, trunking, and VTP configuration

Uploaded by

nnnnnnnndc
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
You are on page 1/ 9

COMANDOS ADMINISTRATIVOS

>enable
# configure terminal
(config)# hostname Sagaz
(config)# banner motd %Solo Personal Autorizado%
(config)# no ip domain-lookup
(config)# enable secret class
(config)# line console 0
(config-line)# logging synchonous
(config-line)# password cisco
(config-line)# login
(config-line)# exit
(config)# line vty 0 4
(config-line)# password cisco
(config-line)# login
(config-line)# exit
(config)# service password-encryption
COMANDOS VARIOS
(config)# clock set 08:47:00 23 july 2010
Crlc + C = sale de todo
Crlc + Z = sale a Router#
VERIFICAR PUERTOS (ON/OFF)
#show ip interface brief
BORRAR IP
#(config-if)# no ip address
CONFIGURACION GLOBAL
#show running config
CONFIGURAR IP’S
(config)# interface fastethernet 0/0
(config-if)# ip address 201.0.11.1 255.0.0.0
(config-if)# no shutdown
ROUTER
SERIAL DCE
R(config)# clock rate 64000
RUTA POR DEFECTO
R(config)# ip route 0.0.0.0 0.0.0.0 serial1
R(config)# ip route 172.16.0.0 255.255.0.0 192.168.1.2
DISTRIBUIR LAS RUTAS
R(config)# redistribute static
ESTADO DE LA RUTA
R# debug ip routing
SUBINTERFACE ROUTER
R(config)# interface fastethernet 0/0
R(config)# no shutdown
R(config)# interface fastethernet 0/0.13
R(config-sub-if)# encapsulation dot 1q 13
R(config-sub-if)# ip address x.x.x.x y.y.y.y
ROUTER INALAMBRICO
DESHABILITAR
Filtro anonimus internet request disable
Firewall
Nat
RIP
R1(config)# router rip
R1(config-router)# network 172.16.0.0
R1(config-router)# passive interface e0
R1# debug ip rip -> undebug all
R1(config)# ip route 172.16.1.0 255.255.255.0 serial0
R1(config-router)# Default-information originate
R1(config-router)# Redistribute static
RIP V2
R1(config)# router rip
R1(config-router)# version 2
R1(config-router)# no auto-summary
R1(config-router)# network 10.0.0.0
EIGRP
R1(config)# router eigrp 13
R1(config-router)# network 172.16.0.0 0.0.0.255
R1(config-router)# no auto-summary
R1# show ip eigrp neigbors
R1# show ip protocols
R1# show ip route
R1# show interfaces
R1(config)# interface serial 0/0/1
R1(config-if)# bandwidth [bw en kbps]
PARA BORRAR LAS TABLAS Y REHACERLAS
R# clear ip route *
R# Show ip eigrp topology
OSPF
R(config)# router ospf 13 (ID de proceso)
R(config-router)# network 10.0.0.1 0.0.0.3 area 0
R(config-router)# router-ID 10.4.4.4
R(config-router)# default information originate
R# ip ospf priority 0
R# show ip ospf neighbors
R# show ip protocols
R# show ip ospf interfaces
R# clear ospf process
CAMBIAR COSTO
R(config-if)# ip ospf cost 781
R(config-router)# auto-cost reference-bandwith 10000 (bits)
VARIAR INTERVALOS de HELLO DEAD
R(config-if)# ip ospf hello-interval 5 [seg]
R(config-if)# ip ospf dead-interval 20 [seg]
RUTA POR DEFECTO
Ip route 0.0.0.0 0.0.0.0 serial0
PPP
R(config-if)# encapsulation PPP
R1# debug ppp negotiation
PAP
SERVIDOR
R(config)# username laboratorio password CCNA4
R(config-if)# ppp authentification pap
CLIENTE
R(config-if)# ppp pap sent-username laboratorio password CCNA4
CHAP BIDIRECCIONAL
R(config)# hostname Oruro
Oruro(config)# username La_Paz password CCNA4
Oruro(config-if)# ppp authentication chap
-------------------------------------------------------------------
R(config)# hostname La_Paz
La_Paz(config)# username Oruro password CCNA4
La_Paz(config-if)# ppp authentication chap
CHAP UNIDIRECCIONAL
SERVIDOR
R(config)# Username Selene password Clavijo
R(config-if)# ppp authentication chap
CLIENTE
R(config)# ppp chap hostname Selene
R(config-if)# ppp chap password Clavijo
FRAME RELAY
R# show frame-relay route
R# show frame-relay Lmi
R# show frame-relay pvc 102 [numero]
R# show frame-relay map
R# debug frame-relay lmi
R# debug ip icmp
R# undebug all
R# clear ip route*
Ra
Ra(config-if)# frame-relay lmi-type [cisco/ansi/9933a]
R1(config-if)# encapsulation frame-relay
R1(config-if)# no frame-relay inverse –arp
R1(config-if)# frame-relay map ip 10.1.1.2 102 broadcast [ip del frente / dlci local]
R1(config-if)# no shutdown
R1 SW-FR
FR-SW(config)# frame-relay switching
FR-SW(config)# interface serial 0
FR-SW(config-if)# clock rate 64000
FR-SW(config-if)# encapsulation frame-relay
FR-SW(config-if)# frame-relay interface-type dce
FR-SW(config-if)#frame- relay route 102 interface serial 0/0/1 201
FR-SW(config-if)#no shutdown
Rb
Rb(config)# interface serial 1
Rb(config-if)# clock rate 64000
Rb(config-if)# encapsulation frame-relay
Rb(config-if)# no frame-relay inverse-arp
Rb(config-if)# frame-relay map ip 10.1.1.1 201 broadcast
Rb(config-if)# frame-relay intf-type dce
Rb(config-if)# frame-relay route 201 interface s0 102
Rb(config-if)# no shutdown
POINT TO POINT
R(config)# interface serial 1.112 point to point
R(config-if)# ip address 10.1.1.5 255.255.255.252
R(config-if)# frame-relay interface-dlci 212
R# show frame-relay map
SSH ROUTER
R(config)# hostname R2
R2(config)# ip domain-name cisco.com
R2(config)# crypto key generate isa
R2(config)# username student secret cisco
R2(config)# line vty 0 4
R2(config-line)# transport input ssh
R2(config-line)# login local
R2(config)# ip ssh authentication –retries 2
PRIVILEGIOS
R(config)# username Juan privilege 15 password perez
R(config)# privilege exec level 7
R(config)# line console 0
R(config)# login local
R(config)# line vty 0 4
R(config)# login local
TIEMPO
R(config)# line console 0
R(config-line)# exec-time out 5 0
R(config)# line vty 0 4
R(config-line)# exec-timeout 5 0
PASIVOS
R(config)# router rip
R(config-router)# passive-interface default
R(config-router)# no passive-interface s1
CONTRASENAS PARA IMPEDIR ACTUALIZACIONES
R(config)# key chain RIP_key
R(config)# key 1 [no importa el numero]
R(config)# key-string CISCO [si tiene q ser igual]
R(config-if)# ip rip authentication mode md5
R(config)# ip rip authentication key-chain RIP_key
ACL
R# show access-list [# lista]
R# show ip interface e0
R(config)# access-list 99 [permit/deny] origen+wildcard
R(config)# interface e0
R(config-if)# ip access-group 99 [in/out]
R(config)# access-list [100 -> 199][permit/deny] protocol origen+wildcard destino+wildcard puerto
R(config-if)# ip access-group 180 [in/out]
R(config)# ip access-list [standard / extended] nombre-lista
R(config-if)# ip access-group nombre-lista [in/out]
R(config)# access-list 1 permit 192.168.20.10 0.0.0.0 [ip origen]
R(config)# vty 0 4
R(config-if)# access-class 1 [in/out]
Tcp = gt 1023 eq 80
Udp = lt 1028 eq 53
ftp = eq 20, eq 21
telnet = 23
icmp = echo, echo-reply
0.0.0.0 255.255.255.255 = any
172.16.0.6 0.0.0.0 = host 172.16.0.6
Stablised = respuesta de servicio
DHCP
R(config)# Ip dhcp excluded-address [low-address] [high-address]
R(config)# ip dhcp pool nombre-pool
R(config-dhcp)# network [network-number] [mask-prefix]
R(config)# ip default-router [direccion gateway]
R(config)# int e0
R(config-if)# ip helper-address 199.6.13.1
R# show ip dhcp binding
NAT
NAT ESTATICA
R(config)# ip nat inside source static [grupo ip inside] [grupo ip outside]
R(config)# interface e0
R(config-if)# ip nat inside
R(config)# interface s0/0
R(config-if)# ip nat outside
NAT DINAMICA
R# show ip nat translation *
R(config)# Ip nat pool nombre-pool [ ip outside menor] [ip outside mayor] netmask 255.255.255.248
R(config)# access-list 10 permit 172.16.0.12 0.0.0.3
R(config)# ip nat inside source list 10 pool nombre-pool
R(config)# interface e0
R(config-if)# ip nat inside
R(config)# interface s0/0
R(config-if)# ip nat outside
PAT
R(config)# Ip nat inside source list 15 interface serial 0 overload
R(config)# ip nat pool nombre-pat 201.100.11.5 201.100.11.9 netmask 255.255.255.248
R(config)# ip nat inside source list 15 pool pat overload
R# clear ip nat*
R# debug ip nat
SWITCH
GATEWAY DEFAULT
S(config)# ip default-gateway 172.0.0.1
FORMATO DE MAC
0019.d1b4.2045
ASOCIAR MAC ESTATICA
S(config-if)# mac –address –table 0019.d1b4.2045
RANGO DE PUERTOS
S(config)# interface range fastethernet 0/1 - 24
CONF MAC ESTATICA A PUERTO
2900
S(config)# mac –a –t static “mac” fa0/x vlan x
2950
S(config)# mac –a –t static “mac” vlan x interface fa0/x
MAC DEL SWITCH
S(config)# show mac –address –table
S(config)# clear mac –a –t
SEGURIDAD DEL PUERTO
2900
S(config-if)# Port Security maximun 1
2950
S(config-if)# switchport port-security maximun 1
CONFIGURACION VLAN
S# show vlan
S (config-if)# description ……..
2900
S# vlan database
S(config)# vlan 99
S(config)# vlan 99 name Datos
2950
S# vlan 99
S(config)#name Datos
CONFIGURAR IPS
S# interface vlan 99
S(config-if)# ip address 172.16.99.11 255.255.255.0
S(config-if)# no shutdown
CONFIG DE LA VELOCIDAD DEL PUERTO
S(config-if)# duplex auto
S(config-if)# duplex full
S(config-if)# duplex half
S(config-if)# speed 10
S(config-if)# speed 100
S(config-if)# speed auto
CONFIGURACION TRONCAL
2900
S(config-if)# switchport mode trunk
S(config-if)# switchport trunk encapsulation dot1q
2950
S(config-if)# switchport mode trunk
ANADIR PUERTOS A UNA VLAN
S(config)# Interface fastethernet 0/10
S(config-if)# switchport mode access
S(config-if)# switchport access vlan 99
VTP SERVER /CLIENT
S# Show VTP status
2900
S# Vlan database
S(Vlan)# vtp client
S(Vlan)# vtp domain CISCO
S(Vlan)# vtp password CCNA
2950
S(config)# vtp mode client
S(config)# vtp domain CISCO
S(config)# vtp password CCNA
SPANNING TREE
2900
S# Show spanning-tree brief
2950
S# Show spanning-tree
S(config)# spanning-tree vlan 10 priority 4096

You might also like