Ch2

To reload a router
Router# Erase Startup-config
Router# reload

Switch# erase startup-config
Switch# delete vlan.dat
Switch# reload

Router(config)# security passwords min-length X

 

Posted in CCNA-Security | Leave a comment

Ch 7 – NAT & DHCP

To set a router up as a DHCP Server

  • R1(config)#ip dhcp excluded-address <excluded ip’s>
  • R1(config)#ip dhcp pool <name>
  • R1(dhcp-config)#network <network range> <subnet mask>
    *will specify scope of dhcp server
  • R1(dhcp-config)#default-router <gateway ip>
    *will specify gateway ip
  • R1(dhcp-config)#dns-server <dns server ip>

To set a router as DHCP Relay Agent

  • R2(config)#interface fa0/0
  • R2(config-if)#ip helper-address 10.0.0.5

NAT Routing

  1. Identify internal and external interfaces
  2. Create Standard Access-List to permit all internal networks
  3. Apply Access-List for NAT Routing

1:
For Internal Network Interfaces

  • R2(config)#interface
  • R2(config-if)#ip nat inside

For External Facing Network Interface
*there can be only 1 outside interface per router

  • R2(config-subif)#interface fa0/1
  • R2(config-if)#ip nat outside

2:

  • R2(config)#access-list 1 permit 172.16.0.32 0.0.0.31
  • R2(config)#access-list 1 permit 172.16.0.64 0.0.0.63

3:

  • R2(config)#ip nat inside source list interface overload
  • R2(config)#ip nat inside source list 1 interface fa0/1 overload

Adding a Pool of External IP’s for NAT
ISP(config)#ip route <leased ip’s> <subnet mask> <next hop ip>
R2(config)#ip nat pool <pool name> <first usable ip> <last usable ip> netmask <subnet mask>
ex.
R2(config)#ip nat pool NewBlock 204.25.100.1 204.25.100.14 netmask 255.255.255.240

R2(config)#ip nat inside source static <internal ip> <external ip>
*this will route the external ip to the specified interenal ip

Setting up Port Forwarding with NAT
R2(config)#ip nat inside source static <protocol> <global ip> <external port> <local ip> <local port>

Posted in CCNA4 | Leave a comment

CH 4 – Configure SSH & Disable Telnet

Router(config)#hostname

R1(config)#ip domain-name

R1(config)#crypto key generate rsa

How many bits in the modulus [512]: <360-2048>

R1(config)#enable secret class
R1(config)#username password
R1(config)#line vty 0 15
R1(config-line)#no transport input
R1(config-line)#transport input ssh
R1(config-line)#login local

Posted in CCNA4, Uncategorized | Leave a comment

Ch 5 – Access Control Lists

  • To create a standard List:
    • Router(config)# access-list <1-99> <deny, permit, remark> <network id, any, host> <wildcard mask>
      • Router(config)# access-list 5 deny 192.168.100.0 0.0.0.255
      • Router(config)# access-list 5 permit any
        • *Note: all access lists have implicit deny any at end of ACL
  • To apply access-list to interface:
    • Router(config-if)# ip access-group <1-199, WORD> <in, out>
      • Router(config)# int fa0/1
      • Router(config-if)# ip access-group 5 out
  • R1(config)#access-list <100-199> <deny, permit, remark> <ip, tcp, udp, icmp, ospf, eigrp> <source address, host, any> <destination address, host, any> <eq, gt, lt, range> <specific protocol>
    • R1(config)#access-list 105 deny tcp 192.168.1.0 0.0.0.255 192.168.2.101 0.0.0.0 eq www
    • R1(config)#access-list 105 permit ip any any
Posted in CCNA4 | Leave a comment

Ch2 – PPP

Router(config)#interface s0/0
Router(config-if)#encapsulation ppp
Router(config-if)#ppp authentication chap
Router(config)#username <neighbor router> password <shared password>

Router(config)#interface s0/0
Router(config-if)#encapsulation ppp
Router(config-if)#ppp authentication pap
Router(config-if)#ppp pap sent-username <router name> password <password>

Posted in CCNA4 | Leave a comment

Ch3 – Frame Relay

(config-if)#encapsulation frame-relay
Enables Frame Relay with default encapsulation of cisco

(config-if)#encapsulation frame-relay ietf
Enables Frame Relay with encapsulation type of ietf. Used when connecting to non-Cisco equipment.

(config-if)#frame-relay lmi type {ansi | cisco | q933a}
(Optional) Sets the LMI type. LMI is auto-sensed.

(config-if)#frame-relay interface-dlci 110
Sets the DLCI number. This number is locally significant, only.

(config-if)#frame-relay map ip 192.168.100.1 110
Maps the remote IP address (192.168.100.1) to the local DLCI number.

(config-if)#no frame-relay inverse arp
Disable Inverse ARP.

#show frame-relay PVC
will show 4 statistics:
    inbound fecn
    inbound becn
    outbound fecn
    outbound becn

#show frame-relay LMI

#show frame-relay map
shows paths between frame relay routers

Frame Relay with SubInterfaces
R1(config)#interface s0/0/0
R1(config-if)#encapsulation frame-relay
R1(config-if)#frame-relay lmi-type <ansi, cisco, q933a>

R1(config)#interface s0/0/0.100 <point-to-point, multipoint>
R1(config-subif)#frame-relay interface-dlci <DLCI>
R1(config-subif)#ip address <ip address> <subnet mask>

Posted in CCNA4 | Leave a comment

Ch 6 – InterVLAN Routing

Router(config)#interface fa0/0
Router(config-if)#no shutdown
Router(config)#interface fa0/0.<subinterface id>
Router(config-subif)#encapsulation dot1Q <vlan id> <native>
*native is optional
Router(config-subif)#ip address <ip address> <subnet mask>

Posted in CCNA3 | Leave a comment

Ch 4 VLAN Trunking Protocol (VTP)

S1(config)#vtp mode server
Set S1 to server mode. (It is important that you explicitly configure this command to insure the switch is in server mode)

S1(config)#vtp domain CCNA
Configure S1 with CCNA as the VTP domain name. Remember that VTP domain names are case sensitive.

S1(config)#vtp password cisco
Configure S1 with cisco as the VTP domain password. Remember that VTP domain passwords are case sensitive.

To clear config properly for a switch
S1#delete vlan.dat
erase start

Posted in CCNA3 | Leave a comment

Basic Routing Protocol Configs

OSPF Routing
Router(config)#router ospf <pid>
Router(config-router)#network <Network Address> <Inverse Subnet Mask> area 0

RIP v2 & EIGRP must use default classful network address
e.g. 172.16.0.0 vs. 172.16.4.0

RIP v2 Routing
Router(config)#router rip
Router(config-router)#version 2
Router(config-router)#network <Network Address>
Router(config-router)#no auto-summary
*used by non-default masks

EIGRP Routing
Router(config)#router eigrp 1
Router(config-router)#network <Network Address>
Router(config-router)#no auto-summary

Posted in Uncategorized | 1 Comment

Ch3 – VLAN Configs

S2(config)#interface range fa0/1 – 4
                      used to configure multiple interfaces at the same time
S2(config-if-range)#switchport mode trunk
                      sets the interface(s) to work as a trunk between switches
S2(config-if-range)#switchport mode access
                      sets the interface(s) to connect computers to a VLAN
S2(config-if-range)#switchport native vlan 99
                      sets vlan 99 as the native VLAN (where all non-tagged packets will go)
S1(config-if-range)#switchport access vlan 200
                      sets the interface(s) to VLAN 200
S1(config)#vlan 99
                      configuration of VLAN 99
S1(config-vlan)#name Management&IT
                      sets the name of the VLAN

 

Posted in CCNA3 | Leave a comment