Tuesday, January 24, 2023

CCNA COMMAND BASIC

 

                            CCNA COMMAND BASIC




Show/Verification Commands:

Router#show version                                                    

[Displays information about running IOS version, hardware model etc]

Router#show flash:                                                                   

[Displays information about Flash memory]

Router#show ip interface brief                                              

[Displays interface status and IP addresses for all interfaces]

Router#show ip protocols                                                        

[Displays configured routing protocols such as RIP,EIGRP, OSPF etc]

Router#show ip route                                                                

[Displays the routing table]

Router#show cdp neighbors                                                    

[Displays information about directly connected devices]

Router#show cdp neighbors detail                                        

[Displays Detailed information about neighboring connected devices]

Router#show running-config                                                  

[Displays currently running configuration]

Router#show startup-config                                                    

[Displays configuration in NVRAM which will be loaded after reboot]

Router#show history                                                                  

[Displays all commands in the history buffer]

 Router#show tech-support                                                            

[Send the output of this command to Cisco tech support when you open a support ticket in TAC]

Saving and Deleting Configurations

Router#copy running-config startup-config                      

[Save the running config to NVRAM to be used at next reboot ]

Router#copy running-config tftp:                                        

[Copy the running config to a TFTPserver for backup]

Router#copy tftp: running-config                                          

[Load the saved configuration from TFTP server to DRAM]

Router#erase startup-config                                                

[Delete the startup config from NVRAM

Device Name:

Router(config)#hostname MyRouter                                      

[Set hostname for the router]

Device Security Commands:

MyRouter(config)#enable secret test1

 

 

MyRouter(config)# line con 0
MyRouter(config)# password strongconsolepass
MyRouter(config)# login

 [Secure the console with a password]

 MyRouter(config)# line vty 0 4
MyRouter(config)# password strongtelnetpass
MyRouter(config)# login

 [Secure the telnet terminal lines with a password]

MyRouter(config)# service password-encryption

[Encrypt all passwords on the device]

Configuring Router Interfaces

Serial interfaces

MyRouter(config)#interface s0/0/0                                            

 [Entering into serial interface s0/0/0 configuration mode]

 MyRouter(config-if)#ip address 10.10.10.1 255.255.255.0  

 [Set ip address and subnet mask on the interface]

 MyRouter(config-if)#clock rate 64000                                      

 [Assign a clock rate]

 MyRouter(config-if)#no shut                                                      

 [Turns the interface on]

Ethernet Ports

 MyRouter(config)#int f0/1                                                              

 [Entering into ethernet interface fastethernet0/1 configuration mode]

MyRouter(config-if)#ip address 192.168.1.1 255.255.255.0    

 [Set ip address and subnet mask on the interface]]

 MyRouter(config-if)#no shut                                                          

 [Turns the interface on]

Configure Routing

 Static Routing

 1st method:

MyRouter(config)#ip route 20.20.20.0 255.255.255.0 10.10.10.2

 [20.20.20.0=Destination Network , 255.255.255.0 = subnet mask of destination network , 10.10.10.2 = next-hop address]

 2nd method:

MyRouter(config)#ip route 20.20.20.0 255.255.255.0 serial 0/0/0

 [Same as above but instead of gateway you specify the exit interface]

 MyRouter(config)#ip route 20.20.20.0 255.255.255.0 10.10.10.2 150

 [Set administrative distance of 150 if needed. For static route, default is 1]

Default routing

MyRouter(config)#ip route 0.0.0.0 0.0.0.0 10.10.10.2                    

 [Send all packets destined for a network not in the routing table to 10.10.10.2(next hop)]

OR

MyRouter(config)#ip route 0.0.0.0 0.0.0.0 serial 0/0/0                            

 [Send all packets destined for network not in the routing table out serial 0/0/0 interface]

Dynamic Routing

RIP version 1:

MyRouter(config)#router rip                                                                  

 [Enable RIP as routing Protocol]

 MyRouter(config-router)#network 10.10.10.0                                    

 [10.10.10.0 is the directly connected network we want to advertise]

RIP version 2:

MyRouter(config)#router rip                                                                  

 [Enable RIP as routing Protocol]

 MyRouter(config-router)#version 2                                                      

 [Enable RIP version 2. Version 1 is default]

 MyRouter(config-router)#network 10.10.10.0                                    

 [10.10.10.0 is the directly connected network we want to advertise]

 MyRouter(config-router)#no auto-summary                                      

 [Turns off auto-summarization- optional]

 MyRouter(config-router)#auto-summary                                                  

 [Turns on auto summarization – optional]

RIP Verification Commands

 MyRouter#sh ip route

MyRouter#sh ip rip database

MyRouter#sh ip route rip

EIGRP

 MyRouter(config)#router eigrp 10            

 [Enable EIGRP process. 10 is autonomous system (AS) number, AS can be any number b/w 1 and 65535. All routers should be in the same AS to build a neighbor relationship.]

 MyRouter(config-router)#network 172.16.10.0 0.0.0.255  

 [172.16.10.0/24 is the network to advertise]

 MyRouter(config-router)#no auto-summary

 [Turns off the auto-summarization – Optional]

EIGRP verification commands

MyRouter#show ip eigrp neighbors                

 [Displays neighbor table]

 MyRouter#show ip eigrp interfaces                

 [Displays information for each interface running EIGRP]

 MyRouter#show ip eigrp topology                  

 [Displays the topology table. Shows feasible successors]

OSPF

 MyRouter(config)#router ospf 10        

[Enables OSPF process number 10. Process ID is any number b/w 1-65535. It doesn’t need to be matched with neighbor routers]

 MyRouter(config-router)#network 10.10.10.0 0.0.0.255 area 0

 [Any interface with an address of 10.10.10.x is to be put into AREA 0 and will advertise and receive OSPF routes]

OSPF Authentication

 Simple

MyRouter(config)#router ospf 10
MyRouter(config-router)#area 0 authentication              

 [Enables simple authentication. Password will be sent in clear text]

MyRouter(config-router)#exit
MyRouter(config)#int s0/0/0
MyRouter(config-if)#ip ospf authentication-key 1234

 [Sets password to 1234 for AREA 0 authentication]

MD5 Encryption

MyRouter(config)#router ospf 10
MyRouter(config-router)#area 0 authentication message-digest

 [Enables MD5 password encryption]

 MyRouter(config-router)#exit
MyRouter(config)#int s0/0/0
MyRouter(config-if)#ip ospf message-digest-key 10 md5 1234  

 [10 is the key id. This value must be the same on neighboring routers. Md5 indicates that MD5 algorithm is  used and 1234 is the password and must be same on the neighboring routers]

OSPF Verification Commands

 MyRouter#show ip ospf                                                          

 [Displays basic configured ospf information]

 MyRouter#show ip ospf interfaces                                        

 [Displays OSPF interfaces information]

 MyRouter#show ip ospf neighbor

 [Displays all ospf neighbors and their states]

MyRouter#show ip route ospf

 [Show routes learned by ospf]

 Configure Access Control Lists

MyRouter(config)# access-list 101 deny tcp 10.1.1.0 0.0.0.255 any eq 80
MyRouter(config)# access-list 101 permit ip any any

[Configure an extended ACL to deny access to port 80 for network 10.1.1.0/24 and allow everything else]

MyRouter(config)# interface fastEthernet 1/0
MyRouter(config-if)# ip access-group 101 in

[Apply ACL 101 in the inbound direction on interface fe1/0]

Configure Network Address Translation (NAT)

Dynamic NAT overload (PAT)

MyRouter(config)# interface fastEthernet 1/0
MyRouter(config-if)# ip nat inside

 [Specify which interface will be the inside for NAT, i.e the source IPs of packets coming to this interface will be translated]

MyRouter(config)# interface fastEthernet 1/1
MyRouter(config-if)# ip nat outside

 [Specify which interface will be the outside for NAT, i.e packets going out from this interface will be translated]

MyRouter(config)# access-list 1 permit 192.168.1.0 0.0.0.255
MyRouter(config)# ip nat inside source list 1 interface fastEthernet 1/1 overload

 [Access list 1 specifies that inside source network 192.168.1.0/24 will be translated to the IP address of fastEthernet1/1. Very useful for providing internet access to internal private addresses]

Static NAT

MyRouter(config)# interface fastEthernet 1/0
MyRouter(config-if)# ip nat inside

MyRouter(config)# interface fastEthernet 1/1
MyRouter(config-if)# ip nat outside

[Define again the inside and outside NAT interfaces]

MyRouter(config)# ip nat inside source static 192.168.1.1 50.1.1.1

[Private IP 192.168.1.1 will be translated statically to Public IP 50.1.1.1 (one-to-one mapping)]





i am lahiru chathuranga.


on

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)