[CCNA] Cisco Commands Cheat Sheet

htps://boubakr92.wordpress. htps://boubakr92. wordpress.com/2013/09/16/ccna-chea-shee com/2013/09/16/ccna-chea-shee-par-1/ -par-1/

[CCNA] [CC NA] Cis Cisco co Comm Command ands s Che Cheat at Shee Sheett #1 In this serie of 4-5 posts, we’ll try to create a simple Cisco Commands Cheat Sheet as a reference for CCNA students.

Router odes! 

Router>!! "ser mode # $imited to %asic monitorin& commands Router>



Router#!! 'ri(ile&ed mode )e*ec-le(el mode+ # 'ro(ides access to all other router commands Router#



Router(config)#!! &lo%al confi&uration mode # Commands that affect the entire system Router(config)#



Router(config-if)#!! interface mode # Commands that affect interfaces Router(config-if)#



Router(config-subif)#!! su%interface mode # Commands that affect su%interfaces Router(config-subif)#



Router(config-line)#!! line mode # Commands that affect in lines modes )console, (ty, au*+ Router(config-line)#



Router(config-router)#!! router confi&uration mode Router(config-router)#

Chan&in& switch hostname! 1

Switch(config)# hostname SW1

Confi&urin& passwords! 1

SW1(config)# enable secret cisco

2

SW1(config)# enable password notcisco

! MD5 hash ! Clear text

Securin& console port! 1

SW1(config)# line con 

2

SW1(configline)# password cisco

3

SW1(configline)# login

Securin& terminal lines! 1

SW1(config)# line "t  $

2

SW1(configline)# password cisco

3

SW1(configline)# login

1

ncryptin& passwords! 1

SW1(config)# ser"ice passwordencrption

Confi&urin& %anners! 1

SW1(config)# banner motd %

2

&&&&&&&&&&&&&&&&

3

''*+,-./0D CC0SS .S -,+.2.*0D

4

&&&&&&&&&&&&&&&&

5

%

i(in& the switch an I' address! a ddress! 1

SW1(config)# interface "lan 1

2

SW1(configif)# ip address 13416111 455455455

3

SW1(configif)# no sh7tdown

! or D+C

Settin& the default &ateway! 1

SW1(config)# ip defa7ltgatewa 1341611

Sa(in& confi&uration! 1

SW1# cop r7nningconfig start7pconfig

2

Destination filename 8start7pconfig9: name

3 4

! ress enter to confirm file

27ilding config7ration; 8,<9

5 6

! Short for write memor

7

SW1# wr

8

27ilding config7ration;

9

8,<9

2

/or0in& en(ironment! name loo0up, history, e*ec-timeout and lo&&in& %eha(ior, also (alid for line con 1.

1

SW1(config)# no ip domainloo=7p

2

SW1(config)# line "t  $

3

SW1(configline)# histor si>e 15

4

SW1(configline)# exectimeo7t 1 ?

5

SW1(configline)# logging snchrono7s

Confi&urin& switch to use SS2! Confi&ure 3NS domain name! SW1(config)# ip domainname examplecom



1

Confi&ure a username and password! SW1(config)# 7sername admin password cisco



1



enerate encryption 0eys!

he sie of the 0ey modulus in the ran&e of 671 to 81 49

1

SW1(config)# crpto =e generate rsa

2

+ow man bits in the mod7l7s 85149@ 14$

3efine SS2 (ersion to use! SW1(config)# ip ssh "ersion 4



1

na%le (ty lines to use SS2! SW1(config)# line "t  $



1 2

SW1(configline)# login local

3

! Ao7 can set "t lines to 7se onl telnet or onl ssh or both as in the example

4

SW1(configline)# transport inp7t telnet ssh

 Aliases! "sed to create shortcuts for lon& commands.

3

1

SW1(config)# alias exec c config7re terminal

2

SW1(config)# alias exec s show ip interface brief

3

SW1(config)# alias exec sr show r7nningconfig

3escription, speed and duple*! 1

SW1(config)# interface fast0thernet B1

2

SW1(configif)# description .< *, .*0-0* -,'*0-

3

SW1(configif)# speed 1

4

! *he range =eword 7sed to set a gro7p of interfaces at once

5

SW1(config)# interface range fast0thernet B5 E 1

6

! ,ptions@ 1 1 a7to

SW1(configifrange)# d7plex f7ll (options@ half f7ll a7to)

 :erify ;asic Confi&uration! Shows information a%out the switch and its interfaces, RA, N:RA, flash, I


1

Shows the current confi&uration file stored in 3RA. SW1# show r7nningconfig



1

Shows the confi&uration file stored in N:RA which is used at first %oot process. SW1# show start7pconfig



1

$ists the commands currently held in the history %uffer. SW1# show histor



1

Shows an o(er(iew of all interfaces, their physical status, protocol status and ip address if assi&ned. SW1# show ip interface brief



1



1

Shows detailed information a%out the specified interface, its status, protocol, duple*, speed, encapsulation, last 5

min traffic. SW1# show interface "lan 1 Shows the description of all interfaces SW1# show interfaces description



1

Shows the status of all interfaces li0e connected or not, speed, duple*, trun0 or access (lan. SW1# show interfaces stat7s



1

4

Shows the pu%lic encryption 0ey used for SS2. SW1# show crpto =e mp7b=e rsa



1



1

Shows information a%out the leased I' address )when an interface is confi&ured to &et I' address (ia a dhcp

ser(er+ SW1# show dhcp lease

[CCNA] Cisco Commands Cheat Sheet # Confi&urin& port security! a0e the switch interface as access port! SW1(configif)# switchport mode access



1

na%le port security on the interface! SW1(configif)# switchport portsec7rit



1

Specify the ma*imum num%er of allowed AC addresses! SW1(configif)# switchport portsec7rit maxim7m 1



1

3efine the action to ta0e when (iolation occurs! SW1(configif)# switchport portsec7rit "iolation sh7tdown protect restrict



1



! options@ sh7tdown

Specify the allowed AC addresses!

he stic0y 0eyword is used to let the interface dynamically learns and confi&ures the AC addresses of the currently connected hosts.

1

SW1(configif)# switchport portsec7rit macaddress 6Fb5GG6511G5 +++ stic=

! options@

 :erify and trou%leshoot port security! Shows the entries of the mac address ta%le! SW1# show macaddresstable



1

<(er(iew of port security of all interfaces! SW1# show portsec7rit



1



Shows detailed information a%out port security on the specified interface!

5

1

SW1# show portsec7rit interface faB5

Confi&urin& :$ANs! 

Create a new :$AN and &i(e it a name!

1

SW1(config)# "lan 1

2

SW1(config"lan)# name S0S



 Assi&n an access interface to access a specific :$AN!

1

SW1(config)# interface fast0thernet B5

2

SW1(configif)# switchport mode access

3

SW1(configif)# switchport access "lan 1

Confi&urin& an au*iliary :$AN for cisco I' phones! 1

SW1(config)# interface fast0thernet B5

2

! accessing "lan 1 (data) and 14 (Ho.)

3

SW1(configif) #switchport access "lan 1

4

SW1(configif) #switchport "oice "lan 14

Confi&urin& run0s! SW1(config)# interface fast0thernet B1

1 2 3

SW1(configif)# switchport mode tr7n= desirable

! options@ access tr7n= dnamic a7to dnamic

SW1(configif)# switchport tr7n= allowed "lan add 1 except

! options@ add remo"e all

Securin& :$ANs and run0in&!  Administrati(ely disa%le unused interfaces! SW1(configif)# sh7tdown



1



're(ent trun0in& %y disa%lin& auto ne&otiation on the interface!

1

SW1(configif)# nonegotiate

2

SW1(configif)# switchport mode access

! or hardcode the port asan access port

6

 Assi&n the port to an unused :$AN! SW1(configif)# switchport access "lan 444



1

Confi&urin& :'! 

Confi&ure :' mode!

he transparent :' mode is used when an en&ineer wants to deacti(ate :' on a particular switch

1

SW1(config)# "tp mode ser"er

! options@ ser"er client transparent

Confi&ure :' domain name! SW1(config)# "tp domain 0IM0

! casesensiti"e

Confi&ure :' password )optional+! SW1(config)# "tp password cisco

! casesensiti"e



1



1

Confi&ure :' prunin& )optional+! SW1(config)# "tp pr7ning ! onl wor=s on H* ser"ers



1

na%le :' (ersion 8 )optional+! SW1(config)# "tp "ersion 4



1

 :erify and trou%leshoot :$ANs and :'! $ists information a%out administrati(e settin& and operation status of interface! SW1# show interfaces if switchport



1

$ists all the trun0 ports on a switch includin& the trun0 allowed :$ANs! SW1# show interfaces tr7n=



1

$ists information a%out the :$ANs! SW1# show "lan Jbrief K id K name K s7mmarL



1

$ists :' confi&uration )mode, domain-name, (ersion, etc+ and re(ision num%er! SW1# show "tp stat7s



1

Shows the :' password! SW1# show "tp password



1

S' optimiation! 7



2ard codin& the root %rid&e )chan&in& %rid&e priority+!

1

SW1(config)# spanningtree "lan 1 root primar

2

SW1(config)# spanningtree "lan 1 root secondar

3

! riorit m7st be a m7ltipl of $G6

4

SW1(config)# spanningtree 8"lan 19priorit F1G4

Chan&in& the S' mode! SW1(config)# spanningtree mode rapidp"st rapidp"st



1



! options@ mst p"st

na%lin& portfast and ;'3" &uard on an interface!

'ortfast and ;'3" &uard are ena%led only on interfaces connected to end user hosts

1

SW1(configif)# spanningtree portfast

2

SW1(configif)# spanningtree bpd7g7ard enable

Chan&in& port cost! SW1(configif)# spanningtree 8"lan 19 cost 45



1

;undlin& interfaces into an etherchannel! SW1(configif)# channelgro7p 1 mode on on



1

! options@ a7to desirable

S' (erification and trou%leshootin&! Shows detailed info a%out S' state! SW1# show spanningtree



1

Shows S' info only on a specific port! SW1# show spanningtree interface faB4



1

Shows S' info only for a specific :$AN! SW1# show spanningtree "lan 1



1

Shows info a%out the root switch! SW1# show spanningtree 8"lan 19 root



1

Shows info a%out the local switch! SW1# show spanningtree 8"lan 19 bridge



1



Show the state of the etherchannels!

8

1

SW1# show etherchannel 1

'ro(ides informational messa&es a%out the chan&es in the S' topolo&y! SW1# deb7g spanningtree e"ents



1

na%lin& or disa%lin& C3'! na%lin& C3' &lo%ally on a switch! SW1(config)# cdp r7n



1

3isa%lin& C3' on a &i(en interface! SW1(configif)# no cdp enable



1

"sin& C3' for networ0 (erification and trou%leshootin&! Shows &lo%al information a%out C3' itself! SW1# show cdp



1

Shows information a%out C3' on a specific interface! SW1# show cdp interface faB4



1

Shows information a%out the directly connected cisco de(ices includin& interfaces names capa%ilities! SW1# show cdp neighbors



1



Shows detailed information a%out the nei&h%orin& cisco de(ices includin& de(ice address and (ersion of I
1

SW1# show cdp neighbors detail

2

! ,-

3

SW1# show cdp entr 

Shows detailed information a%out the specified entry only! SW1# show cdp entr SW4



1

[CCNA] Cisco Commands Cheat Sheet #! Router %asic confi&uration! his section includes I
9

1

-o7ter(config)# hostname -1

2

-1(config)# enable secret cisco

3 4

-1(config)# line con  -1(configline)# password cisco -1(configline)# login

5 -1(configline)# logging snchrono7s

6 7

-1(configline)# exectimeo7t ?  -1(configline)# exit

8

-1(config)# line "t  $

9

-1(configline)# password cisco

10

-1(configline)# login

11

-1(configline)# logging snchrono7s

12

-1(configline)# exectimeo7t ? 

13 14

-1(configline)# exit -1(config)# line a7x  -1(configline)# password cisco

15 -1(configline)# login

16 17

-1(configline)# logging snchrono7s -1(configline)# exectimeo7t ? 

18

-1(configline)# exit

19

-1(config)# banner motd %

20

&&&&&&&&&&&&&&&&

21

''*+,-./0D CC0SS .S -,+.2.*0D

22 23

&&&&&&&&&&&&&&&& % -1(config)# alias exec c config7re terminal

24 -1(config)# alias exec s show ip interface brief

25 -1(config)# alias exec sr show r7nningconfig

26 27

-1(config)# no ip domainloo=7p -1(config)# ser"ice passwordencrption

10

28 29 30 31 32

-1(config)# ip domainname examplecom -1(config)# 7sername admin password cisco -1(config)# crpto =e generate rsa +ow man bits in the mod7l7s 85149@ 14$

33 -1(config)# ip ssh "ersion 4

34 35 36

-1(config)# line "t  $ -1(configline)# login local -1(configline)# transport inp7t telnet ssh

37 38

Confi&urin& router interfaces! Cloc0 rate is set only on the 3C side, typically the IS' side.
1 -1(config)# interface fast0thernet B

2 3

-1(configif)# description .< *, ,C  *+-,'N+ SW1 -1(configif)# ip address 1341611 455455455

4

-1(configif)# no sh7tdown

5

-1(configif)# exit

6

-1(config)# interface serial B1B

7

-1(configif)# description W C,0C*., *, -4

8 9

-1(configif)# ip address 1111 455455455454 -1(configif)# cloc= rate 14F -1(configif)# no sh7tdown

10

Confi&urin& Router-
-1(config)# interface fast0thernet B

11

2

-1(configif)# no sh7tdown

3

-1(config)# interface fast0thernet B1

4

-1(configs7bif)# encaps7lation dot1O 1

5

-1(configs7bif)# ip address 1G416F11 455455455

6

-1(configs7bif)# interface fast0thernet B4

7 8

-1(configs7bif)# encaps7lation dot1O 4 -1(configs7bif)# ip address 1G416F41 455455455

Static route! "sin& ne*t hop! -1(config)# ip ro7te 114 455455455 1114F1



1



"sin& e*it interface!

1

-1(config)# ip ro7te 114 455455455 Serial B

2

ote@ 0xit interface can be 7sed in pointtopoint serial lin=s

3efault Route! 1

-1(config)# ip ro7te   1GG111

RI'(8 Confi&uration! 1

-1(config)# ro7ter rip

2

-1(configro7ter)# "ersion 4

3

-1(configro7ter)# networ= 1

4

-1(configro7ter)# no a7tos7mmar

5

! written as an original class 

-1(configro7ter)# passi"einterface serial B

RI'(8 :erification! Shows information a%out the runnin& routin& protocol process! -1# show ip protocols



1



Shows the entire routin& ta%le!

12

1

-1# show ip ro7te

Shows routes learned (ia RI' only! -1# show ip ro7te rip



1

Shows detailed information a%out the route to the specified destination networ0! -1# show ip ro7te 1111



1




1



Confi&ure one or more networ0 commands to identify which interfaces will run
1

-1(configro7ter)# networ= 1 455455455 area 

2

-1(configro7ter)# networ= 13416F 3455 area 

3

-1(configro7ter)# networ= 1G416F145$  area 1



Confi&ure router I3 either )
"sing router-id osf subcommand$

1

-1(configro7ter)# ro7terid 1111

Configuring an %& address on a loobac' interface$

1

-1(config)# interface loopbac= 

2

-1(configif)# ip address 1111 455455455455



Chan&e 2ello and 3ead inter(als per interface )
1

-1(configif)# ip ospf hellointer"al 4

2

-1(configif)# ip ospf deadinter"al 6



Impact routin& choices %y tunin& interface cost usin& one of the followin& ways )
Changing interface cost$

1

-1(configif)# ip ospf cost 55

Changing interface bandidth$

13

1

-1(configif)# bandwidth 14F

! in
Changing the reference bandidth that used b *S&+ to calculate the cost$

1

-1(configro7ter)# a7tocost referencebandwidth 1

! in Mbps

3isa%lin&


1



Confi&urin&
,e  authentication (none)$

1

-1(configif)# ip ospf a7thentication n7ll

,e 1 authentication (clear te.t)$

1

-1(configif)# ip ospf a7thentication

2

-1(configif)# ip ospf a7thentication=e cisco

,e  authentication (md/)$

1

-1(configif)# ip ospf a7thentication messagedigest

2

-1(configif)# ip ospf messagedigest=e 1 md5 cisco

Confi&ure ma*imum e>ual-cost paths )


1




1

Shows the entire routin& ta%le! -1# show ip ro7te



1

Shows routes learned (ia


1

Shows all nei&h%orin& routers alon& with their respecti(e ad?acency state! -1# show ip ospf neighbors



1

14

Shows all the information contained in the $S3;! -1# show ip ospf database



1

Shows detailed information a%out


1

IR' Confi&uration! nter IR' confi&uration mode and define AS num%er! -1(config)# ro7ter eigrp 141 ! 141 & S n7mber



1



Confi&ure one or more networ0 commands to ena%le IR' on the specified interfaces!

1

-1(configro7ter)# networ= 1

2

-1(configro7ter)# networ= 13416 ?455

3

-1(configro7ter)# networ= 1G416F11 

4

-1(configro7ter)# networ=  455455455455

3isa%le auto summariation )


1

3isa%le IR' on a specific interface )


1



Confi&ure load %alancin& parameters )
1

-1(configro7ter)# maxim7mpaths 6

2

-1(configro7ter)# "ariance $



Chan&e interface 2ello and 2old timers )
1

-1(configif)# ip hellointer"al eigrp 141 ?

2

-1(configif)# ip holdtime eigrp 141 1



Impactin& metric calculations %y tunin& ;/ and delay of the interface )
1

-1(configif)# bandwidth 465

2

-1(configif)# dela 14

! in
! tens of microseconds

IR' Authentication! he 0ey-strin&  (alue and the mode must %e the same on %oth routers. $ifetime options of the 0eys re>uires the cloc0 of the routers to %e set correctly, %etter use N', or it can cause pro%lems

15



Create an authentication 0ey chain as follows!

Create a 'e chain and gi0e it a name$

1

-1(config)# =e chain MAP<0AS

Create one or more 'es gi0ing them numbers$

1

-1(config=echain)# =e 1

efine the 'e 0alue$

1

-1(config=echain=e)# =estring1st<0A

efine the life time of the 'es (otional)$

1

-1(config=echain=e)# sendlifetime 8start time9 8end time9

2

-1(config=echain=e)# acceptlifetime 8start time9 8end time9

na%le md5 authentication mode for IR' on the interface! -1(configif)# ip a7thentication mode eigrp141 md5



1

Refer to the correct 0ey chain to %e used on the interface! -1(configif)# ip a7thentication =echain eigrp141 MAP<0AS



1

IR' :erification! Shows routes learned (ia IR' only! -1# show ip ro7te eigrp



1

Shows IR' nei&h%ors and status! -1# show ip eigrp neighbors



1

Shows IR' topolo&y ta%le, includin& successor and feasi%le successor! -1# show ip eigrp topolog



1

Shows interfaces that run IR'! -1# show ip eigrp interfaces



1

$ists statistics on num%ers of IR' messa&es sent and recei(ed %y the router! -1# show ip eigrp traffic



1

16

[CCNA] Cisco Commands Cheat Sheet #2  Access Control $ists! Standard AC$! @  BB and @611  @BBB  "se a remar0 to descri%e the AC$ )


1



Create the AC$, 0eepin& the followin& in mind! o  AC$ uses first-match lo&ic. o

here is an implicit deny anyat the end of the AC$.

1

-1(config)# accesslist 4 den 1G416F133

2

-1(config)# accesslist 4 den 1G416F16$ ?1

3

-1(config)# accesslist 4 permit 11 455455

4

-1(config)# accesslist 4 den 1 455455455

5

-1(config)# accesslist 4 permit an

na%le the AC$ on the chosen router interface in the correct direction )in or out+! -1(configif)# ip accessgro7p 4 o7t



1



"sin& standard AC$ to limit telnet and SS2 access to a router!

Create the AC3 that defines the ermitted telnet clients$

1

-1(config)# accesslist GG remar= ,W0D *00* C.0*S

2

-1(config)# accesslist GG permit 1G416F114F 15

 Al the AC3 inbound the 0t lines

1

-1(config)# line "t  $

2

-1(configline)# accessclass GG in

*tended AC$! @11  @BB and 8111  87BB 

1



*tended AC$ should %e placed as close as possi%le to the source of the pac0et.



*tended AC$ matches pac0ets %ased on source  des.I' addresses, protocol, source  des. 'ort num%ers

andother criteria as well -1(config)# accesslist 11 remar= MAPCC0SSP.S*

17

2 3

-1(config)# accesslist 11 den iphost 1111 host 1444 -1(config)# accesslist 11 den tcp 111 455 an eO 4?

4

-1(config)# accesslist 11 den icmp 1111  an

5

-1(config)# accesslist 11 den tcphost 111 host 11 eO F

6

-1(config)# accesslist 11 den 7dphost 1113 eO 5? an

7

-1(config)# accesslist 11 permit ip an an

8 9

-1(config)# interface fast0thernet B -1(configif)# ip accessgro7p 11 in

Named AC$!  

Named AC$s use names to identify AC$s rather than num%ers, and commands that permit or deny traffic are written in a su% mode called named AC$ mode )nacl+.



Named AC$ ena%les the editin& of the AC$ )deletin& or insertin& statements+ %y se>uencin& statements of the  AC$.



1

Named standard AC$!

-1(config)# ip accesslist standard MAPS*D-DPC

2

-1(configstdnacl)# permit 111 455

3

-1(configstdnacl)# den 1444

4

-1(configstdnacl)# permit an

5

-1(config)# interface fast0thernet B1

6

-1(configif)# ip accessgro7p MAPS*D-DPC o7t



1

Named e*tended AC$!

-1(config)# ip accesslist extended MAP0I*0D0DPC

2

-1(configextnacl)# den icmp 1111  an

3

-1(configextnacl)# den tcphost 111 host 11 eO F

4

-1(configextnacl)# permit ip an an

5

-1(config)# interface fast0thernet B1

6

-1(configif)# ip accessgro7p MAP0I*0D0DPC in

ditin& AC$ usin& se>uence num%ers! -1(config)# ip accesslist extended MAP0I*0D0DPC



1

18

2

-1(configextnacl)# no 4 n7mber 4

! Deletes the statement of seO7ence

3 -1(config)# ip accesslist standard GG

4 -1(configstdnacl)# 5 den 1111 seO7ence 5

! inserts a statement with

 :erifyin& AC$s! 

Shows all AC$s confi&ured on a router with counters at the end of each statement!

1

-1# show accesslists

2

! ,-

3

-1# show ip accesslist

Shows only the specified AC$! -1# show ip accesslist 11



1

Includes a reference to the AC$s ena%led on that interface either in or out! -1# show ip interface fB



1

32C' Ser(er 3efine a 32C' pool and &i(e it a name! -1(config)# ip dhcp pool MAP,,



1



3efine networ0 and mas0 to use in this pool and the default &ateway!

1

-1(dhcpconfig)# networ= 1G416F1 455455455

2

-1(dhcpconfig)# defa7ltro7ter 1G416F11

3efine one or more 3NS ser(er )<'I


1

Confine the lease time )<'I


1



3efine one or more scopes of e*cluded )reser(ed+ addresses )<'I
1

-1(config)# ip dhcp excl7dedaddress 1G416F11 1G416F11

2

-1(config)# ip dhcp excl7dedaddress 1G416F14 1G416F145$

19

32C' :erification and rou%leshootin&! Shows the status of the specified pool and the leased addresses from that pool! -1# show ip dhcp pool ,,P1



1

Shows all the leased ip addresses from all confi&ured 32C' pools! -1# show ip dhcp binding



1

Shows any conflicts that occurred! -1# show ip dhcp conflict



1

[CCNA] Cisco Commands Cheat Sheet #/ ''' Confi&uration! 1

-1(config)# interface serial B

2

-1(configif)# encaps7lation ppp

''' Authentication! C2A'!  Confi&ure the hostname! -1(config)# hostname +



1

Confi&ure the name of the other end router and the shared password! ! *he password 7sed is shared password that means it m7st be the same on both ro7ters



1 2

+(config)# 7sername 20* password IA/ 

na%le C2A' authentication on the interface!

1

+(config)# interface serial B

2

+(configif)# ppp a7thentication chap

'A'!  Confi&ure the hostname! -1(config)# hostname +



1

Confi&ure the name of the other end router and the shared password! +(config)# 7sername 20* password IA/



1

20



na%le 'A' authentication on the interface and define the username and password to %e sent %y 'A'!

1

+(config)# interface serial B

2

+(configif)# ppp a7thentication pap

3

+(configif)# ppp pap sent7sername + password IA/

''' :erification and trou%leshoot! Shows the encapsulation type and the control protocols of '''! -1# show interface sB



1

"seful for (iewin& the confi&uration of usernames and passwords used to authenticate '''! -1# show r7nningconfig



1

3isplays the authentication process of ''' in real time! -1# deb7g ppp a7thentication



1

=rame Relay!

ultipoint )one su%net+  

i(e the interface an ip address and ena%le =rame Relay encapsulation!

1

-1(config)# interface serial B

2

-1(configif)# ip address 1111 455455455

3

-1(configif)# encaps7lation framerela (ietf)

Confi&ure $I si&nalin& type! )


1



Confi&ure =rame Relay mappin&!

21

1 -1(configif)# framerela map ip 1114 14 broadcast (ietf)

2 -1(configif)# framerela map ip 111? 1? broadcast

3

-4(config)# interface serial B

4

-4(configif)# ip address 1114 455455455

5

-4(configif)# encaps7lation framerela

6

-4(configif)# framerela map ip 1111 41 broadcast

7

-4(configif)# framerela map ip 111? 41 broadcast

8

-?(config)# interface serial B -?(configif)# ip address 111? 455455455

9

-?(configif)# encaps7lation framerela

10

-?(configif)# framerela map ip 1111 ?1 broadcast

11 -?(configif)# framerela map ip 1114 ?1 broadcast

12

'oint-to-point )different su%netsD one su%net per su%interface+  

na%le =rame Relay encapsulation!

1

-1(config)# interface serial B

2

-1(configif)# encaps7lation framerela

1

i(e an ip address to a su%interface and confi&ure its 3$CI! -1(config)# interface serial B14 pointtopoint

2

-1(configs7bif)# ip address 1111 455455455



3 4

-1(configs7bif)# framerela interfacedlci 14 -1(config)# interface serial B1? pointtopoint -1(configs7bif)# ip address 4441 455455455

5 -1(configs7bif)# framerela interfacedlci 1?

6 7

-4(config)# interface serial B -4(configif)# encaps7lation framerela

8

-4(config)# interface serial B41 pointtopoint

9

-4(configs7bif)# ip address 1114 455455455

10

-4(configs7bif)# framerela interfacedlci 41

22

11 -?(config)# interface serial B

12

-?(configif)# encaps7lation framerela

13 -?(config)# interface serial B?1 pointtopoint

14 -?(configs7bif)# ip address 4444 455455455

15

-?(configs7bif)# framerela interfacedlci ?1

16

=rame Relay :erification and trou%leshoot! Shows the encapsulation type! -1# show interfaces serial B



1

$ists ':C status information! -1# show framerela p"c



1

$ists 3$CI to I' mappin&! -1# show framerela map



1

$ists $I status information! -1# show framerela lmi



1

3isplays the content of $I messa&es! -1# deb7g framerela lmi



1

$ists messa&es a%out certain =rame Relay e(ents, includin& In(erse AR' messae&es! -1# deb7g framerela e"ents



1

Networ0 Address ranslation )NA+! Static NA4!  

3efine the outside and inside interfaces!

1

-1(config)# interface serial B

2

-1(configif)# ip nat o7tside

3

-1(config)# interface Qast0thernet 1B1

4

-1(configif)# ip nat inside

Confi&ure static NA statement! -1(config)# ip nat inside so7rce static 1G416F11 4111



1

23

3ynamic NA4!  

3efine the outside and inside interfaces

Create an AC$ that determines the I' addresses thatare allowed to %e translated! -1(config)# accesslist ? permit 1G416F1 455



1

Create a pool of pu%lic I' addresses! -1(config)# ip nat pool '2 4111 4116 netmas= 4554554554$F



1

1

Confi&ure NA statement! -1(config)# ip nat inside so7rce list ? pool '2RBpre

2

Rh$* ,"erload (*)@RBh$

3

R7l

4

Rli*he same as dnamic * with the 7se of the o"erload =eword at the end of * statement@RBli

5

RB7l

6

Rpre



7 8

-1(config)# ip nat inside so7rce list ? pool '2 o"erload

NA (erification and trou%leshoot! "seful in (iewin& the confi&uration of NA pool and the inside and outside interfaces! -1# show r7nningconfig



1

3isplays access lists, includin& the one used for NA! -1# show accesslists



1

Shows counters for pac0ets and NA ta%le entries, as well as %asic confi&uration information! -1# show ip nat stasitics



1

3isplays the NA ta%le! -1# show ip nat translations



1

Clears all the dynamic entries in the NA ta%le! -1# clear ip nat translations 



1



Issues a lo& messa&e descri%in& each pac0et whose ip address is translated with NA!

24

1

-1# deb7g ip nat

n?oy E

Wildcard masks vs subnet masks ? The intention of subnet mask and wil d card masks is same. They are used to tell the router which bits needed a match and which doesn't. The only difference is the way of reperesentation. In general: In subnet mask: 1-> Represents that there should be a match. ->!ays no need to bother about the match "ild#ard $ask: It is %ust the re&erse of the subnet mask: ->Represents that there should be a match. 1->!ays no need to bother about the match. g: (et's take the network: 1)*.1+,.1.*. $asks In binary: !ubnet: 11111111 . 11111111 . 11111111 .  "ild:

 .  .  . 11111111

/ow if you wanna tell the router that a route e0ists for the network 1)*.1+,.1.* you will use subnet mask. g: ip route 1)*.1+,.1. *.*.*. 2ne0t hope0it int> /ow if you wanna tell the route to block this rangenetwork using acl3 you would use wildcard mask. g: access-list 1 deny 1)*.1+,.1. ...* To get the wildcard mask from a subnet mask3 you %ust need to subtract each octet of the subnet mask with *. g4 !ubnet mask: * "ildcard

.

*

.

1*,

. 

: *-* . *-* . *-1*, . *- 5 ...*

Regards3 #handu

25