LAN 201 & LAN 202 - Cisco CCNA

Guia de Comandos LAN 201 & 202

ndice
1. Navegar na CLI................................................................................................................................................................ 02
2. Comandos show.......................................................................................................................................................... 02
3. Hostname......................................................................................................................................................................... 03
4. Description de interfaces............................................................................................................................................... 03
5. Endereo IP..................................................................................................................................................................... 03
6. Definir rota esttica......................................................................................................................................................... 03
7. Banner.............................................................................................................................................................................. 03
8. Alterar o speed / duplex de uma interface.................................................................................................................... 04
9. Senhas............................................................................................................................................................................. 04
10. Acesso a CLI via SSH................................................................................................................................................... 04
11. VLAN / VTP (switches).................................................................................................................................................. 05
12. Definir conexo como modo trunk (routers).............................................................................................................. 05
13. Port Security (switches)............................................................................................................................................... 06
14. Default Route (rota padro).................................................................................................................................. 06
15. RIP.................................................................................................................................................................................. 06
16. IGRP............................................................................................................................................................................... 06
17. EIGRP............................................................................................................................................................................. 07
18. OSPF.............................................................................................................................................................................. 07
19. HDLC.............................................................................................................................................................................. 07
20. PPP................................................................................................................................................................................. 08
21. FRAME-RELAY.............................................................................................................................................................. 08
22. ACLs............................................................................................................................................................................... 08
23. Resolvendo hostnames................................................................................................................................................ 09
24. NAT................................................................................................................................................................................. 09
25. IPv6................................................................................................................................................................................. 11
26. Precisa de mais informao ?..................................................................................................................................... 12

1/12

Comandos para Referncia

1. Navegar na CLI
1.1. Acessar o prompt de comando:
Pressione <ENTER>
Router>
1.2. Entrar no modo privilegiado (modo enable)
Router> enable
Router#
1.3. Sair do modo privilegiado (modo enable)
Router# disable
Router>
1.4. Entrar no modo de configurao
=> Modo enable
Router# config t
Router(config)#
1.5. "Levantar" a interface
=> Modo interface
router(config-if)# no shutdown
1.6. Reiniciar o roteador / switch
=> Modo enable
Router# reload
1.7. "Desabilitar" a interface
=> Modo interface
router(config-if)# shutdown
1.8. Sair do modo interface
=> Modo interface
router(config-if)# exit
1.9. Salvar a configurao
=> Modo enable
router# write memory

2. Comandos show
2.1. Visualizar configurao corrente
=> Modo enable
Router# show running-config
2.2. Visualizar configurao de inicializao
=> Modo enable
Router# show startup-config
2.3. Visualizar resumo das interfaces IP
=> Modo enable
Router# show ip interface brief
2.4. Visualiza configurao de boot
=> Modo enable
Router# show startup-config

2/12

2.5. Exibir informaes gerais do roteador/switch

=> Modo enable
Router# show version
2.6. Exibir informaes do CDP (Mostra outros equipamentos Cisco conectados)
=> Modo enable
Router# show cdp neighbor
e/ou
Router# show cdp neighbor detail
2.7. Informaes sobre a tabela de roteamento (visualizar rotas)
=> Modo enable
Router# show ip route
2.8. Informaes sobre os protocolos de roteamento
=> Modo enable
Router# show ip protocols

3. Hostname
=> Modo enable
Router# config t
Router(config)# hostname Todd
Todd(config)# hostname Atlanta
Atlanta(config)#

4. Description de interfaces
=> Modo enable
Router# config t
Router(config)# int f0/1
Router(config-if)# description Link-To-WAN

5. Endereo IP
=> Modo enable
Router# config t
Router(config)# int f0/1
Router(config-if)# ip address 192.168.1.1 255.255.255.0
Router(config-if)# no shut

*** Para switches definir IP na vlan 1 ***

6. Definir rota esttica

=> Modo enable
Router# config t
Router (config)# ip route 192.168.1.0 255.255.255.0 172.16.1.2
Router (config)# exit
Rede de Mscara da rede Gateway para a
Router #
destino

de destino

rede de destino

7. Banner
=> Modo enable
Router# config t
Router(config)# banner motd #
Enter the text followed by the '#' to finish
Esse e o meu primeiro banner.
#

3/12

8. Alterar o speed / duplex de uma interface

=> Modo enable
switch# config t
switch(config)# int f0/1
switch(config-if)# speed 100
switch(config-if)# duplex full
ou
switch(config-if)# speed auto
switch(config-if)# duplex auto

9. SENHAS
9.1. DEFINIR SENHAS
9.1.1. Modo USER (telnet e console)
- console
Router# config t
Router(config)# line console 0
Router(config-line)# password Entrar
Router(config-line)# login
- telnet
Router# config t
Router(config)# line vty 0 4
Router(config-line)# password Entrar
Router(config-line)# login
9.1.2. Modo ENABLE
Router(config)# enable secret Cisco

9.2. Criptografar senha enable no running/startup config

=> Modo enable
Router# config t
Router(config)# service password-encryption

10. Acesso a CLI via SSH

=> Modo enable
switch#
switch# configure terminal
switch(config)# line vty 0 4
switch(config-line)# login local
switch(config-line)# transport input telnet ssh
switch(config-line)# exit
switch(config)# username wendell password hope
switch(config)# ip domain-name lanuniversity.com.br
switch(config)# crypto key generate rsa

4/12

11. VLAN (switches)

11.1. Criando VLAN
=> Modo enable
switch# vlan database
switch(vlan)# vlan 2 name Adm
switch(vlan)# vlan 3 name Com
switch(vlan)# exit

ou

switch(config)# vlan 2
switch(config-vlan)# name Adm
switch(config)# vlan 3
switch(config-vlan)# name Com

ou

switch(config)# vtp domain LAB

switch(config)# vtp mode server

11.1.1. Visualizar vlans

=> Modo enable
switch# show vlan brief

11.2. VTP
=> Modo enable
switch(vlan)# vtp domain LAB
switch(vlan)# vtp server

11.3. Definir conexo como modo TRUNK

=> Modo Interace
switch# config t
switch(config)# int f0/1
switch(config-if)# switchport mode trunk
switch(config-if)# switchport trunk encapsulation dot1q

11.4. Definir modo ACCESS PORT (associar uma vlan a uma porta)
=> Modo Interace
switch# config t
switch(config)# int f0/1
switch(config-if)# description PC-1
switch(config-if)# switchport mode access
switch(config-if)# switchport access vlan 3

12. Definir conexo como modo TRUNK (routers)

=> Modo Interace
Router# config t
Router(config)# int f0/0
Router(config-if)# no ip address
Router(config-if)# no shut
Router(config-if)# int f0/0.1
Router(config-subif)# encapsulation dot1q 1
Router(config-subif)# ip address 10.1.1.1 255.255.255.0
Router(config-subif)# no shut
Router(config-subif)#int f0/0.2
Router(config-subif)#encapsulation dot1q 2
Router(config-subif)#ip address 172.16.1.1 255.255.255.0
Router(config-subif)#no shut
Router(config-subif)#int f0/0.3
Router(config-subif)#encapsulation dot1q 3
Router(config-subif)#ip address 192.168.1.1 255.255.255.0
Router(config-subif)#no shut
Router(config-subif)# exit

5/12

13. Port Security (switches)

13.1. Sticky Learning
switch# config t
switch(config)# int f0/1
switch(config-if)# switchport mode access
switch(config-if)# switchport port-security
switch(config-if)# switchport port-security mac-address 0200.1111.1111
13.2. Esttico
switch(config)# int f0/2
switch(config-if)# switchport mode access
switch(config-if)# switchport port-security
switch(config-if)# switchport port-security mac-address sticky

14. DEFAULT ROUTE (rota padro)

=> Modo enable
Router# config t
Router(config)# ip route 0.0.0.0 0.0.0.0 192.168.1.1

15. RIP
O comando router rip habilita o RIP como o protocolo de roteamento. Comando semelhante usado para habilitar outros
protocolos de roteamento.
O comando network x.x.x.x usado em seguida para divulgar as rotas relativas aquela rede
15.1. Habilitar o RIP
=> Modo Global
Router# config t
Router(config)# router rip
Router(config-router)# network 172.16.0.0
15.2. Desabilitar o RIP
=> Modo Global
Router# config t
Router(config)# no router rip

16. IGRP
16.1. Habilitar o IGRP
=> Modo Global
Router# config t
Router(config)# router igrp <n>
Router(config-router)# network 192.168.1.0
16.2. Desabilitar o IGRP
=> Modo Global
Router# config t
Router(config)# no router igrp <n>

6/12

17. EIGRP
17.1. Habilitar o EIGRP
=> Modo Global
Router# config t
Router(config)# router eigrp <n>
Router(config-router)# network 192.168.10.0
Router(config-router)# network 192.168.20.0
Router(config-router)# exit
17.2. Desabilitar o EIGRP
=> Modo Global
Router# config t
Router(config)# no router eigrp <n>

17.3. Verificar o EIGRP

=> Modo Global
Comando

Descrio

Router# show ip route

Router# show ip route eigrp
Router# show ip eigrp neighbors
Router# show ip eigrp topology

Mostra a tabela de roteamento completa

Mostra apenas as entradas EIGRP na tabela de roteamento
Mostra todos os vizinhos com EIGRP
Mostra a tabela de topologia EIGRP

18. OSPF
18.1. Habilitar o OSPF
=> Modo Global
Router# config t
Router(config)# router ospf <n>
Router(config-router)# network 172.16.2.1 0.0.0.0 area 0
Router(config-router)# network 192.168.1.0 0.0.0.255 area 1
Router(config-router)# exit

18.2. Desabilitar o OSPF

=> Modo Global
Router# config t
Router(config)# no router ospf <n>

18.3. Verificar o OSPF

=> Modo Global
Comando

Descrio

Router# show ip route

Router# show ip ospf neighbor
Router# show ip ospf database

Mostra a tabela de roteamento completa

Mostra a tabela de vizinhos OSPF
Mostra o banco de dados OSPF (LSDB)

19. HDLC
=> Modo global
RouterA# config t
RouterA(config)# int s0
RouterA(config-if)# encapsulation hdlc
RouterA(config-if)# exit

7/12

20. PPP
20.1 Configurao
=> Modo global
Router(config)# int s0/0
Router(config-if)# ip address 10.1.1.1 255.255.255.252
Router(config-if)# encapsulation ppp
Router(config-if)# clock rate 64000 <---- valor em bps (DCE)
Router(config-if)# bandwidth 64
<---- valor em kbps (metrica de roteamento)
20.2 Autenticao
=> Modo global
R-01(config)#username R-02 password dois
R-01(config)#int s0/0
R-01(config-if)#ppp authentication chap

21. FRAME-RELAY
21.1. Single Interface
=> Modo global
R-01(config)# interface Serial1/0
R-01(config-if)# ip address 10.1.1.2 255.255.255.0
R-01(config-if)# encapsulation frame-relay
R-01(config-if)# frame-relay interface-dlci 201
21.2. Sub-interface (Multipoint)
=> Modo global
R-01(config)# interface Serial1/0
R-01(config-if)# no ip address
R-01(config-if)# encapsulation frame-relay
R-01(config)# interface Serial1/0.1 point-to-point
R-01(config-if)# ip address 10.1.1.1 255.255.255.0
R-01(config-if)# frame-relay interface-dlci 102
R-01(config)# interface Serial1/0.2 point-to-point
R-01(config-if)# ip address 10.2.2.1 255.255.255.0
R-01(config-if)# frame-relay interface-dlci 103

22. ACLs
22.1. Standard Access List
=> Modo global
Router# config t
Router(config)# access-list 1 deny host 172.16.48.15
Router(config)# access-list 1 permit any
Router(config)# interface f0/0
Router(config-if)# ip access-group 1 out
22.2. Extended Access List
=> Modo global
Router# config t
Router(config)# access-list 110 deny tcp any 172.16.48.0 0.0.15.255 eq 23
Router(config)# access-list 110 deny tcp any 172.16.192.0 0.0.63.255 eq 23
Router(config)# access-list 110 permit ip any any
Router(config)# interface f0/0
Router(config-if)# ip access-group 110 out
Router(config-if)# interface f0/1
Router(config-if)# ip access-group 110 out

8/12

22.3. Named Access Lists

=> Modo global
Router# config t
Router(config)# ip access-list standard BlockSales
Router(config-std-nacl)#
Router(config-std-nacl)# deny 172.16.40.0 0.0.0.255
Router(config-std-nacl)# permit any
Router(config-std-nacl)# exit
Router(config)# ^Z
Router# config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# int f0/1
Router(config-if)# ip access-group BlockSales out
Router(config-if)# ^Z
Router# show access-list

23. RESOLVE Hostnames

=> Modo global
Router# config t
Router#(config)# ip host lan-swt-1 172.16.10.2
Router#(config)# ip host lan-swt-2 192.168.0.148
Router#(config)# exit
Router# ping lan-swt-1

24. NAT
24.1. NAT Esttico
Passo 1: Configurar as interfaces que estaro na parte interna do design do NAT usando o subcomando de
interface ip nat inside.
router# config t
router(config)# interface ethernet0/0
router(config-if)# ip address 10.1.1.3 255.255.255.0
router(config-if)# ip nat inside

Passo 2: Configurar as interfaces que estaro na parte externa do design do NAT usando o subcomando de
interface ip nat outside.
router# config t
router(config)# interface Serial0/0
router(config-if)# ip address 200.1.1.251 255.255.255.0
router(config-if)# ip nat outside

Passo 3: Configurar os mapeamentos estticos usando o comando global de configurao ip nat inside source
static inside-local inside-global.
router# config t
router(config)# ip nat inside source static 10.1.1.2 200.1.1.2
router(config)# ip nat inside source static 10.1.1.1 200.1.1.1

9/12

24.2. NAT Dinmico

Passo 1: Configurar as interfaces que estaro na parte interna do design do NAT usando o subcomando de
interface ip nat inside.
router(config)# interface ethernet0/0
router(config-if)# ip address 10.1.1.3 255.255.255.0
router(config-if)# ip nat inside
Passo 2: Configurar as interfaces que estaro na parte externa do design do NAT usando o subcomando de
interface ip nat outside.
router(config)# interface Serial0/0
router(config-if)# ip address 200.1.1.251 255.255.255.0
router(config-if)# ip nat outside
Passo 3: Configurar uma ACL que identifique os pacotes chegando nas interfaces internas, para os quais o NAT
deve ser executada.
router(config)# access-list 1 permit 10.1.1.2
router(config)# access-list 1 permit 10.1.1.1
Passo 4: Configurar o pool de endereos IP registrados publicamente atravs do comando de configurao global
ip nat pool name first-address last-address netmask subnet-mask.
router(config)# ip nat pool Net200 200.1.1.1 200.1.1.2 netmask 255.255.255.252
Passo 5: Habilitar o NAT dinmico fazendo referncia ACL (Passo 3) e ao pool (Passo 4) atravs do comando
de configurao global ip nat soure list acl-number pool pool-name.
router# config t
router(config)# ip nat inside source list 1 pool Net200

24.3. NAT Overload com PAT

Passo 1: Configurar as interfaces internas usando o subcomando de interface ip nat inside.
router(config)# interface ethernet0/0
router(config-if)# ip address 10.1.1.3 255.255.255.0
router(config-if)# ip nat inside
Passo 2: Configurar as interfaces esternas usando o subcomando de interface ip nat outside.
router(config)# interface Serial0/0
router(config-if)# ip address 200.1.1.251 255.255.255.0
router(config-if)# ip nat outside
Passo 3: Configure uma ACL que case os pacotes vindos das interfaces internas.
router(config)# access-list 1 permit 10.1.1.2
router(config)# access-list 1 permit 10.1.1.1
Passo 4: Configurar o comando de configurao global ip nat source list acl-number interface interface
name/number, referenciando a ACL criada no Passo 3 e a interface cujo endereo IP ser usado nas tradues.
Adicione o termo overload ao final do comando.
router# config t
router(config)# ip nat inside source list 1 interface Serial0/0 overload

24.4. Verificar tabela de tradues NAT

=> Modo global
Router# show ip nat translations

10/12

25. IPv6
25.1. Configurao esttica do endereo IPv6 em uma interface
=> Modo global
router# config t
router(config)# int f0/0
router(config-if)# ipv6 address 2001:3::1/64
router(config-if)# no shut
25.2. Configurao esttica no formato EUI-64 do endereo IPv6 em uma interface
=> Modo global
router# config t
router(config)# int f0/0
router(config-if)# ipv6 address 2001:3::/64 eui-64
router(config-if)# no shut
25.3. Configurao do RIPng
=> Modo global
router# config t
router(config)# ipv6 unicast-routing
router(config)# ipv6 router rip LanUniversity
router(config-rtr)# exit
router(config)# int f0/0
router(config-if)# ipv6 rip LanUniversity enable
router(config-if)# ^Z
25.4. Configurao do IPv6 NAT-PT
25.4.1. IPv4 => IPv6
Pool - nome: faixa-v6
Pool - endereos: de 2010::10/96 at 2010::20/96
ACL - nome: 1
ACL - regra: permitir rede 10.0.0.0/24
router# config t
router(config)# access-list 1 permit 10.0.0.0 0.0.0.255
router(config)# ipv6 nat v4v6 pool faixa-v6 2010::10 2010::20 prefix-length 96
router(config)# ipv6 nat v4v6 source list 1 pool faixa-v6

25.4.2. IPv6 => IPv4

Pool - nome: faixa-v4
Pool - endereos: de 192.168.1.10/24 at 192.168.1.20/24
ACL - nome: lista-v6
ACL - regra: permitir prefixos 2001:1::/64, 2001:2::/64 e 2001:3::/64
router(config)# ipv6 access-list lista-v6
router(config-ipv6-acl)# permit ipv6 2001:1::/64 any
router(config-ipv6-acl)# permit ipv6 2001:2::/64 any
router(config-ipv6-acl)# permit ipv6 2001:3::/64 any
router(config-ipv6-acl)# exit
router(config)# ipv6 nat v6v4 pool faixa-v4 192.168.1.10 192.168.1.20 prefix-length 24
router(config)# ipv6 nat v6v4 source list lista-v6 pool faixa-v4
router(config)# exit

11/12

26. Precisa de mais informao ? Consulte a sua documentao

26.1. CCNA Portable Command Guide
O CCNA Command Guide inclui um conjunto bastante abrangente de conceitos, comandos e configuraes
necessrios para passar no exame da Cisco.

26.2. Cisco Cookbook

O Cookbook Cisco rene centenas de exemplos de configuraes em um s lugar. Como o nome sugere, a
Cisco Cookbook organizado como uma srie de receitas. Cada receita comea com uma declarao do
problema que descreve uma situao comum que voc pode enfrentar. Aps cada declarao do problema vem
uma soluo breve, que mostra um exemplo de configurao que voc pode usar para resolver este problema
em particular. Os captulos so organizados pelo recurso ou protocolo discutido.

26.3. Ciscopedia
Ciscopedia uma dicionrio de comandos Cisco. Inclui informaes sobre onde, quando porque e como usar os
comando Cisco, alm de exemplos de configuraes.

12/12