Step by step IPSec VPN install and configuration for the pfSense VPN Router and GreenBow VPN Client software. pfSense is a free, open source customized distribution of FreeBSD tailored for u…Descrição completa
Descripción completa
Descripción completa
CCNA 1 Router Configuration 1) Delete an existing router configuration: Router1# erase startup-config Erasing the nvram filesystem will remove all configuration files! Continue? [confirm] {Depress Enter key to confirm} [OK] Erase of nvram: complete Router1# reload System configuration has been modified. Save? [yes/no]: no Proceed with reload? [confirm] {Hit enter to confirm} 2) Name the router: Router> { User Exec Mode ; Privilege Level 1 } Router> enable { Access to Privilege EXEC Mode ; may require a password, if set ; default is none } Router# { Privilege Exec Mode ; Privilege Level 15 } Router# configure terminal { Used to access Global Configuration Mode } Router(config)# hostname RTA { Changes the default name of the Router to a word = RTA } RTA(config)#no ip domain lookup {Stops DNS look up interruptions while configuring the router} 3) Configure user EXEC mode line passwords RTA(config)# line console 0 RTA(config-line)# password cisco RTA(config-line)# login
(passwords are created in clear text) : { Initial router configuration; out of band management } { Sets the case sensitive password to cisco } { Enables the line password checking }
RTA(config-line)# logging synchronous { Prevents console message interruptions } RTA(config)# line vty 0 4 RTA(config-line)# password class RTA(config-line)# login
{ Remote access for router configuration; in band management } { Sets the case sensitive password to class } { Enables the line password checking }
RTA(config)# line aux 0 { Remote access for router configuration ; via a modem } RTA(config-line)# password CISCO { Sets the case sensitive password to CISCO } RTA(config-line)# login { Enables the line password checking } RTA(config-line)# exit { Goes back to Global Configuration Mode; Goes back one mode } RTA (config)#service password-encryption {Encrypts system passwords} 4) Set the Privilege EXEC mode passwords: RTA (config)#enable password cisco {Password remains in clear text} RTA (config)#enable secret class {Password will be encrypted, Overrides enable password} 5) Configure your desired interfaces: RTA (config)#interface Fastethernet 0/0 { Physical Interfaces are hardware or platform specific} RTA (config-if)#description LAN Connected to WEB Servers { adds a description to interface} RTA (config-if)#ip address 192.1.2.33 255.255.255.224 { CIDR = /27} RTA (config-if)#no shutdown {Enables the interface} RTA (config)# interface serial 0/0 { Physical Interfaces are hardware or platform specific} RTA (config-if)#ip address 192.4.5.129 255.255.255.224 { 27 bit mask } RTA (config-if)#clock rate 56000 {Use on the DCE; sets the layer 1 bit rate in bps; not required on DTE side} RTA (config-if)#no shutdown { Enables the interface } RTA (config-if)#exit { Takes you back one level } 6) Configure Static Routing: Static route using next hop (Router) address or outgoing interface on local router RTA (config)#ip route 192.1.2.32 255.255.255.224 192.4.5.6 Next hop on Remote Router RTA (config)#ip route 192.7.8.64 255.255.255.192 Serial 0 Exit Serial interface on RTA 1) Configure a default Static Route: A default static route using LAN interface requires next hop address RTA (config)#ip route 0.0.0.0 0.0.0.0 Serial 0 default static route using the WAN exit interface RTA (config)#ip route 0.0.0.0 0.0.0.0 Fastethernet 0/0 1.1.1.1 default static using LAN interface RTA (config)# end
{ goes back to the privilege EXEC mode; same as Ctrl-z or Ctrl-c }
CCNA Switch Commands 1) Delete an existing Switch configuration: Switch# erase startup-config Erasing the nvram filesystem will remove all configuration files! Continue? [confirm] {Depress Enter key to confirm} [OK] Erase of nvram: complete Switch# delete vlan.dat delete filename [vlan.dat] {Hit Enter to confirm} delete flash:/ vlan.dat [confirm] {Hit Enter to confirm} Switch#reload System configuration has been modified. Save? [yes/no]:no Proceed with reload? [confirm] {Hit Enter to confirm} 2) Name the Switch: Switch> {User EXEC Mode} Switch>enable {Responds with the password to enter the Privilege Mode, if one has been set} Switch# {Privilege EXEC Mode} Switch#configure terminal {Used to access global configuration mode} Switch(config)#hostname SwA SwA(config)#no ip domain lookup
{Stops DNS look up interruptions while configuring the router}
3) Configure your user EXEC mode line passwords (Important: all line passwords are created in clear text) : SwA(config)# line console 0 {Inbound Console access} SwA(config-line)#password cisco {Sets the case sensitive password to cisco} SwA(config-line)#login SwA(config-line)#logging synchronous{Stops Console messages while configuring the router } 4) Configure your user EXEC mode line passwords (Important: all line passwords are created in clear text) : SwA(config)# line vty 0 15 {Telnet access} SwA(config-line)#password class {Sets the case sensitive password to class} SwA(config-line)#login SwA(config-line)#service password-encryption {Sets Cisco type 7 encryption on all type 0 passwords} 5) Set the Privilege EXEC mode passwords: SwA (config)#enable password cisco {Password remains in clear text or type 0 encryption SwA (config)#enable secret class {Type 5 encryption; overrides the enable password command} 6) Configure the Management VLAN interface for remote management: SwA (config)# interface vlan 1 SwA (config-if)# ip address 192.168.1.2 255.255.255.248 Subnet Mask using 29 bit Mask SwA (config-if)# no shutdown { enables the Switched Virtual Interface (SVI) } 7) Set a remote management Gateway: SwA (config)#ip default-gateway 192.168.1.1 { Acts similar to a PC gateway for remote Mgmt }
CCNA Router and/or Switch Verification Commands 1) To verify the configuration in RAM on the router or switch issue the IOS command: RTA – SwA# show running-config { Router or Switch configuration in RAM; unsaved } 2) To verify the configuration in NVRAM on the router or switch issue the IOS command: RTA – SwA # show startup-config { Router or Switch configuration in Nonvolatile RAM; Saved in NVRAM } 3) To save the current configuration on the router or switch from RAM to NVRAM: RTA – SwA #copy running-config startup-config {Depress the Enter key to confirm} 4) To verify the Router IP interfaces are functional: RTA # show ip interface brief {Displays OSI layers 1, 2 and 3 information] 5) To display the contents of the routing table on the Router: RTA # show ip route {Displays connected interfaces, static as well as learned routes } 6) To display the detailed router interface information: RTA # show interfaces {Displays detailed interface information}
