Escolar Documentos
Profissional Documentos
Cultura Documentos
F0/0
F0/1
F0/0
R1
R2
Lo
Lo
R1
R2
R3
Lan
F0/1
F 0/0
192.168.1.250/24
255.255.255.0
10.1.1.2/30
255.255.255.252
10.1.1.6/30
255.255.255.252
192.168.1.100
F0/1
10.1.1.1/30
255.255.255.252
10.1.1.5/30
255.255.255.252
F0/0
R3
Lo
0
Lo
10.2.1.1/30
255.255.255.252
10.2.1.5/30
255.255.255.252
10.2.1.9/30
255.255.255.252
1. .
R3>enable
Password: cisco
R3#
R3#configure terminal
2.
R3(config)#hostname Router3
3. user privilege mode
Router3(config)#enable secret class
DNS
Router3(config)# no ip domain-lookup
4. -
.
Router3(config)#line console 0
Router3(config-line)#login
Router3(config-line)#loggin synchronous
Router3(config-line)#password class
do
do write
do show
5. telnet
Router3(config-line)#line vty 0 4
Router3(config-line)#login
Router3(config-line)# password class
Router3(config-line)# exit
R#configure terminal
R(config)#enable password cisco
R(config)#enable secret class -
R(config)#service password-encryption console vty
6. :
R3(config)#interface F0/0
R3(config-if)#IP address 10.1.1.6 255.255.255.252
R3(config-if)#speed auto
R3(config-if)# duplex full
R3(config-if)#description Towa e edinswenniq interface
R3(config-if)#no shutdown
- F0/1 .
7 loopback
R3(config-if)#interface loopback 0
R3(config-if)#ip address 10.2.1.9 255.255.255.0
8. R3(config-if)#ip routing-
9. IP .
R3(config)#ip host R1 10.2.1.1 10.1.1.1 192.168.1.250
R3(config)#ip host R2 10.1.1.2 10.1.1.5 10.2.1.5
10. DNS .
Router3(config)#ip name-server 192.168.1.100
11. rip
, .
R3(config)#router rip
R3(config-router)#version 2
R3(config-router)#no auto-summary
R3(config-router)#timers basic 50 60 80 90
R3(config-router)#network 10.0.0.0
R3(config-router)#network 192.168.1.0
R3(config)#ip acces-list stndar RIP_offset
R3(config-std-nacl)#permit any
R3(config)#router rip
R3(config-router)#offset-list RIP_offset in 2 Serial.
R3(config-router)#offset-list RIP_offset out 2 Serial.
R1(config-router)#default-information originate
Router(config-if)#ip ospf priority
{0 - 255}
Router(config-if)#ip ospf hello-interval seconds
Router(config-if)#ip ospf dead-interval seconds
show ip ospf neighbor
show ip protocols
show ip ospf interface serial 0/0/0
14. (100 - 199) 3
tcp .
R3(config)#access-list 111 deny tcp 10.1.1.1 0.0.0.255 10.1.1.5 0.0.0.255 eq
telnet
111 , deny tcp tcp ,
, 10.1.1.5 0.0.0.255
e , eq telnet telnet.
tcp udp .
ip eq telnet .
R3(config)#access-list 111 permit ip any any
Any - ip ( 0.0.0.0
255.255.255.255).
.
R3(config)#interface F0/0
( F0/0
R3).
R3(config-if)#ip access-group 111 out
111 (OUT) 2.
15. ( 1-99 ) 3
1.
R3(config)#access-list 5 deny 10.1.1.1 0.0.0.0
0.0.0.0 host
:
R3(config)#access-list 5 deny host 10.1.1.1
R3(config)#access-list 5 permit any
any 0.0.0.0 255.255.255.255 ip
.
3
R3(config)#interface F0/0
R3(config-if)#ip access-group 5 in .
R3#show access-list 111- .
.
R3(config)#no access-list 111
ACL 10.1.1.0
R3(config)#access-list 11 permit 10.1.1.0 0.0.0.255
R3(config)#access-list 11 deny any
Router3(config-line)#line vty 0 4
Router3(config-line)# password class
Router3(config-line)# login
Router3(config-line)# access-class 11 in
16. R3(config)#exit
R3#copy running-config startup-config
NVRAM
Destination filename [startup-config]?
Building configuration...
[OK]
17.
.
Show arp
Clear arp
Show cdp neighbours
Show hosts
NO
privileged mode .
1. .
2. 60 sek . Ctrl+Break
.
3. :
Consolen cabel
R
E 192.168.1.1
cross
H
O
S
T
192.168.1.9
1. TFTP . P host .
2. IOS copy flash tftp.
3.
- IOS
-
rommon1> tftpdnld
rommon2> IP_ADDRESS=192.168.1.1
rommon3>IP_SUBNET_MASK=255.255.255.0
rommon4>DEFAULT_GATEWAY=192.168.1.9
rommon5>TFTP_SERVER=192.168.1.9 DEFAULT_GATEWAY
rommon6>TFTP_FILE= IOS
rommon>tftpdnld
5-6 .
reset
ce 0x2102
PPP
192.168.1.0/24
10.10.10.0/30
10.10.11.0.30
192.1682.0/24
Frame-relay
192.168.1.0/24
R1
s0/0/1
10.1.1.1/30
DLCI 102
s0/0/0
DCE
s0/0/1
209.165.200.0/24
R2
s0/0/1
10.1.1.2/30
DCE
DLCI 201
FR sw
FR-Switch(config)#frame-relay switching
FR-Switch(config)#interface serial 0/0/0
FR-Switch(config)#clock rate 64000
FR-Switch(config-if)#encapsulation frame-relay
FR-Switch(config-if)#frame-relay intf-type dce
FR-Switch(config-if)#frame-relay route 102 interface serial 0/0/1 201
FR-Switch(config-if)#no shutdown
FR-Switch(config-if)#interface serial 0/0/1
FR-Switch(config)#clock rate 64000
FR-Switch(config-if)#encapsulation frame-relay
FR-Switch(config-if)#frame-relay intf-type dce
FR-Switch(config-if)#frame-relay route 201 interface serial 0/0/0 102
FR-Switch(config-if)#no shutdown
FR-Switch#show frame-relay pvc
FR-Switch#show frame-relay route
R1(config)#interface serial 0/0/1
R1(config-if) ip address 10.1.1.1 255.255.255.252
R1(config-if)#encapsulation frame-relay
R1(config-if)#no frame-relay inverse-arp
R1(config-if)#frame-relay map ip 10.1.1.2 102 broadcast
R2(config)#interface serial 0/0/1
R2(config-if)#ip address 10.1.1.2 255.255.255.252
R2(config-if)#encapsulation frame-relay
R2(config-if)#no frame-relay inverse-arp
IP v6
R2(config)#ipv6 unicast-routing
R2(config)#ipv6 router rip cisco
R2(config)#interf fast 0/0
R2(config)#ipv6 address
R2(config-if)#ipv6 rip cisco enable
IPv6
RIPng cisco
f0/0 cisco
DHCP
R(config)#ip dhcp excluded-address 192.168.10.1 192.168.10.9
R(config)#ip dhcp excluded-address 192.168.10.254
R(config)#ip dhcp pool LAN-POOL-1
R(dhcp-config)#network 192.168.10.0 255.255.255.0
R(dhcp-config)#default-router 192.168.10.1
R(dhcp-config)#dns-server 88.88.88.88
R(dhcp-config)# domain-name ventsi.com
R(dhcp-config)# lease {days [hours] [minutes] | infinite}
R(dhcp-config)# netbios-name-server address [address2...address8]
DHCP Relay
R3(config)#interface F0/0
R3(config-if)#ip helper-address 192.168.2.3
show ip dhcp conflict
show ip dhcp binding
show ip dhcp server statistics
show ip dhcp pool
10.1.1.2
Static NAT
F0/0
F0/1
20.20.20.23
F0/0
192.168.30.0
inside
F0/1
outside
F0/0
F0/1
Inside
outside
F0/0
Inside
F0/1
outside
/ switch /
switch#terminal history size 50
switch#terminal no history
50 . 10 .
S1#configure terminal
S1(config)#interface vlan 99
S1(config-if)#ip address 172.17.99.11 255.255.255.0
S1(config-if)#no shutdown
S1(config-if)#end
S1#configure terminal
S1(config)#interface fastethernet 0/18
S1(config-if)#switchport mode access
S1(config-if)#switchport acces vlan 99
S1(config-if)# mdix auto automatic medium-dependent interface crossover
auto-MDIX Cisco IOS Release 12.2(25)FX.
S1(config-if)#duplex auto
S1(config-if)#speed auto
S1(config-if)#end
S1#copy running-config startup-config
S1(config)#ip default-gateway 172.17.99.1
S1(config)#ip http authentication enable
S1(config)#ip http server
S1(config)# mac-address-table static <MAC address> vlan <1-4096, ALL> interface
interface-id
S1(config)#mac-address-table static 1111.2222.3333. vlan 5 interface fastehrnet 0/22
8192 .
S1#show interfaces [interface-id]
S1#show interfaces trunk
S1# show startup-config
S1# show flash:
S1# show ip {interface | http | arp}
S1# show mac-address-table
Back up
S1#copy system:running-config flash:startup-config
S1#copy running-config startup-config
S1#copy startup-config flash:config.bak1
Flash
S1#copy flash:config.bak1 startup-config
S1#reload
NVRAM
S1#erase nvram:
S1# erase startup-config
S1#delete flash:filename
S1#configure terminal
S1(config)#line con 0
S1(config-line)#password cisco
S1(config-line)#login
S1#configure terminal
S1(config)#line vty 0 4
S1(config-line)#password cisco
S1(config-line)#login
S1#configure terminal
S1(config)#enable password password
S1(config)#enable secret password
S1(config)#service password-encryption
S:flash_init
S: load_helper
S:dir flash
Rename S:rename flash:config.text flash:config.text.old
S: boot
You are prompted to start the setup program. Enter N at the prompt, and then when the system
prompts whether to continue with the configuration dialog, enter N.
S>enable
S# rename flash:config.text.old flash:config.text
S# copy flash:config.text system:running-config
Change the password using the enable secret password command.
Write the running configuration to the startup configuration file using the copy runningconfig startup-config
Reload the switch using the reload command.
Configure a Login Banner
S1(config)#banner login "Authorized Personnel Only!"
S1(config)#no banner login.
Configure a MOTD Banner
S1(config)#banner motd "Device maintenance will be occurring on Friday!"
S1(config)#no banner motd.
For example, lets say you have a 100-Mb Ethernet port on a Catalyst switch. Youre
selling the bandwidth on the port, and a customer has bought 10 Mb of bandwidth. Obviously,
you want to limit the outbound bandwidth on the port to 10 Mb instead of the full 100 Mb.
Switch(config)# interface FastEthernet 0/1
Switch(config-if)# srr-queue bandwidth limit 90
The 90 sets the outbound bandwidth limit on the port to 90 percent of the port speed. Since
this is a 100-Mb port, this should limit the outbound traffic from the port to 10 Mb.
For example, on a Cisco router when in Interface Mode, you could limit outbound
bandwidth to 1 Mb using the following command:
Router(config-if)# rate-limit output 10000000 2000 2000 conform-action continue exceedaction drop
TDR can troubleshoot:
Open wires
Cut wires
Broken wires
Shorted wires
Sw# test cable-diagnostics tdr interface GigabitEthernet 0/1
Sw# show cable-diagnostics tdr interface GigabitEthernet 0/1
Debug is a troubleshooting command that is available from the privileged exec mode (of Cisco IOS). This command can be
used to display information about various router operations and the related traffic generated or received by the router, as well
as any error messages. This tool is very useful and informative, but you must be aware of the following facts regarding its
use: Debug is treated as a very high priority task. It can consume a significant amount of resources, and the router is forced to
process-switch the packets being debugged. Debug must not be used as a monitoring toolit is meant to be used for a short
period of time and as a troubleshooting tool. By using it you discover significant facts about the working and faulty software
and/or hardware components. The following is a list of recommendations on proper usage of the debug command:
If you are interested to see a timestamp with each line of the debug output, you must load the timestamp service
using this command:
If you plan to see the debug output from within a Telnet session, you need to enter the terminal monitor
command.
Usually, the debug command is used to diagnose a specific facility, task, or protocol. Sometimes a protocol suite
has a specific member (e.g., TCP from among the TCP/IP protocol suite members) that you may want to focus on.
When you choose the protocol you want to debug, then you usually have a choice to use the events option or the
packets option of the debug command for that specific protocol. Event debugging is less resource intensive than
packet debugging, but packet debugging produces more information.
Turning debugging on for everything (using the debug all command) is seriously discouraged in production
networks. You get a tremendous amount of information, very fast, but it can severely diminish the router's
performance or even render it unusable. The debug all command is also quite useless since it presents overlapping
information that is difficult if not impossible to interpret.
Before using the debug command, see the CPU utilization of your router (using the show processes cpu
command). If your router's CPU utilization is consistently at 50% or more, you are advised to debug events instead
of packets.
If possible, use the debug command during periods when network traffic is not at its peak and fewer critical
business applications are active. Cisco routers give the debug command higher priority (with respect to CPU
cycles) than network traffic.
Always remember to undo debug as soon as possible. You can use the no debug {argument} to turn off a specific
debugging type. The no debug all or undebug all commands can be used to turn off all types of debugging that
may be on.
For troubleshooting, also consider using protocol analyzers to capture and display network traffic. These have little
or no impact on your network performance, yet they provide valuable information. I also recommend capturing
debug info to a file for offline perusal and training.
Using an access list with your debug command helps you focus the debug output on the task you are
troubleshooting. See the next section for more information on this technique.
access-enable Enables the router to create a temporary access list entry in a dynamic access list.
access-template Manually places a temporary access list entry on a router to which you are connected.
appn Sends a command to the APPN subsystem.
atmsig Executes ATM signaling commands.
b Boots the operating system manually.
bandwidth Sets a bandwidth value for an interface.
banner motd
ip name-server Specifies the addresses for up to six name servers to use for name and address resolution.
ip route Establishes static routes.
lat Opens a LAT connection.
line Identifies a specific line for configuration and starts the line configuration command collection mode.
lock Locks the terminal.
login Logs in as a particular user. Enables password checking at login.
logout Exits from EXEC mode.
mbranch Traces down a branch of a multicast tree for a specific group.
media-type Specifies the physical connection.
mrbranch Traces up a branch of a multicast tree for a specific group.
mrinfo Requests neighbor and version information from a multicast router.
mstat Shows statistics after multiple multicast traceroutes.
mtrace Traces the path from a source to a destination branch for a multicast distribution tree.
name-connection Names an existing network connection.
ncia Starts/stops the NCIA server.
network Assigns a Network Information Center-based address to which the router is directly connected.
no shutdown Restarts a disabled interface.
pad Opens an X.29 PAD connection.
ppp Starts the IETF Point-to-Point Protocol.
pwd Displays current device.
reload Halts and performs a cold return; reloads the operating system.
rlogin Opens an rlogin connection.
router Starts a routing process by first defining an IP routing protocol. For example, router rip selects RIP as
the routing protocol.
rsh Executes a remote command.
sdlc Sends SDLC test frames.
send Sends a message over tty lines.
service password-encryption Enables the password encryption function.
setup Enters the setup command facility.
show buffers Provides statistics for the buffer pools on the network server.
show cdp entry Displays information about a neighbor device listed in the CDP table.
show cdp interface Displays information about the interfaces on which CDP is enabled.
show cdp neighbors Displays the results of the CDP discovery process.
show flash Displays the layout and content of Flash memory.
show hosts Displays a cached list of host names and addresses.
show interfaces Displays statistics for all interfaces configured on the router.
show ip interface Displays the status and global parameters associated with an interface.
show ip protocols Displays the parameters and current state of the active routing protocol process.
show ip route Displays the contents of the IP routing table.
show memory Shows statistics about the router's memory, including memory-free pool statistics.
show processes Displays information about the active processes.
show protocols Displays the configured protocols. This command shows the status of any configured Layer 3
protocol.
show running-config Displays the current configuration in RAM.
show stacks Monitors the stack use of processes and interrupt routines and displays the reason for the last
system reboot.
show startup-config Displays the saved configuration, which is the contents of NVRAM.
show version Displays the configuration of the system hardware, the software version, the names and sources
of configuration files, and the boot images.
shutdown Disables an interface.
telnet Logs into a host that supports telnet.
term ip Specifies the format of network masks for the current session.
trace Determines a path that packets will take when traveling to their destination.
verify Verifies the checksum of a Flash file.
where Lists active connections.
which-route Does OSI route table lookup and displays results.
write Writes the running configuration to memory, a network, or a terminal.
write erase The erase startup-config command replaces this command.
write memory The copy running-config startup-config command replaces this command.
x3 Sets X.3 parameters on PAD.
xremote Enters XRemote mode.
ipx network Enables Internetwork Packet Exchange (IPX) routing on a particular interface and optionally
selects the type of encapsulation (framing).
ipx router Specifies the routing protocol to use.
ipx routing Enables IPX routing.
ipx sap-interval Configures less frequent SAP updates over slow links.
ipx type-20-input-checks Restricts the acceptance of IPX type 20 propagation packet broadcasts.
Network Assigns a NIC-based address to which the router is directly connected. Associates networks with
an IGRP routing process. Enables Enhanced IGRP on a network in IPX router configuration mode.
Ping Sends ICMP echo request packets to another node on the network. Checks host reachability and
network connectivity. Diagnoses basic network
connectivity.
show ipx interface Displays the status of the IPX interfaces configured in the Cisco IOS software and the
parameters configured on each interface.
show ipx route Displays the content of the IPX routing table.
show ipx servers Displays the IPX server list.
show ipx traffic Displays the number and type of packets.
show protocols Displays the configured protocols.
SEM4
debug ppp Displays information on traffic and exchanges in an internetwork implementing Point-to-Point
Protocol (PPP).
encapsulation ppp Sets PPP as the encapsulation method used by a serial or ISDN interface.
show interfaces Displays statistics for all interfaces configured on the router
encapsulation ppp Sets PPP as the encapsulation method used by a serial or ISDN interface.
ppp authentication Enables Challenge Handshake Authentication Protocol (CHAP) or Password
Authentication Protocol (PAP) or both, and specifies the order in which CHAP and PAP authentication are
selected on the interface.
ppp chap hostname Creates a pool of dialup routers that all appear to be the same host when authenticating
with CHAP.
ppp chap password Configures a password that will be sent to hosts that want to authenticate the router. This
command limits the number of username/password entries in the router
ppp pap sent-username Enables remote PAP support for an interface and uses sent-username and password
in the PAP authentication request packet to the peer
show interfaces Displays statistics for all interfaces configured on the router or access server. username
password Specifies the password to be used in CHAP caller identification and PAP.
clear interface Resets the hardware logic on an interface.
debug dialer Shows such information as what number the interface is dialing.
debug isdn q921 Displays data link-layer (Layer 2) access procedures that are taking place at the router on
the D channel (LAPD) of its Integrated Services Digital Network (ISDN) interface.
dialer idle-timeout Specifies the idle time before the line is disconnected.
dialer map Configures a serial interface to call one or multiple sites.
dialer wait-for-carrier-time Specifies how long to wait for a carrier.
dialer-group Controls access by configuring an interface to belong to a specific dialing group
dialer-list protocol Defines a DDR dialer list to control dialing by protocol or by a combination of protocol
and ACL.
encapsulation ppp Sets PPP as the encapsulation method used by a serial or ISDN interface.
isdn spid1 Defines at the router the service profile identifier (SPID) number that has been assigned by the
ISDN service provider for the B1 channel.
isdn spid2 Defines at the router the SPID number that has been assigned by the ISDN service provider for the
B2 channel.
isdn switch-type Specifies the central office switch type on the ISDN interface.
ppp authentication Enables Challenge Handshake Authentication Protocol (CHAP) or Password
Authentication Protocol (PAP) or both, and specifies the order in which CHAP and PAP authentication are
selected on the interface.
show dialer Displays general diagnostics for serial interfaces configured for DDR.
show interfaces Displays statistics for all interfaces configured on the router or access server.
show ip route Displays the current state of the routing table.
show isdn active Displays current call information, including called number, the time until the call is
disconnected, AOC charging units used during the call, and whether the AOC information is provided during
calls or at the end of calls.
show isdn status Displays the status of all ISDN interfaces or, optionally, a specific digital signal link (DSL)
or a specific ISDN interface.
show status Displays the current status of the ISDN line and both B channels.
enable password Specifies a password to prevent unauthorized access to the router.
encapsulation frame-relay Enables Frame Relay encapsulation.
end Exits configuration mode.
exec-timeout Sets the interval that the EXEC command interpreter waits until user input is detected.
exit Exits any configuration mode or closes an active terminal session and terminates the EXEC.
frame-relay local-dlci Enables the Local Management Interface (LMI) mechanism for serial lines using
Frame Relay encapsulation.
hostname Configures the router with a host name, which is used in prompts and default configuration
filenames.
interface serial Selects the interface and enters interface configuration mode.
ip address Sets the logical network address of the interface.
ip unnumbered Enables Internet Protocol (IP) processing on a serial interface without assigning an explicit
IP address to the interface.
ipx network Enables Internetwork Packet Exchange (IPX) routing on a particular interface and optionally
selects the type of encapsulation (framing).
Keepalive Enables the LMI mechanism for serial lines using Frame Relay encapsulation.
line console Configures a console port line.
line vty Specifies a virtual terminal for remote console access.
login Enables password checking at terminal session login.
show frame-relay lmi Displays statistics about the LMI.
show frame-relay map Displays the current map entries and information about the connections.
show frame-relay pvc Displays statistics about PVCs for Frame Relay interfaces.
show interfaces serial Displays information about a serial interface.
? -
Ctrl A
Ctrl B
Ctrl E
Ctrl F
Ctrl P
Ctrl N
Ctrl Z privilege mode
Ctrl C 60 IOS
Ctrl Break
Ctrl SHIFT ^ X ping
Tab
Esc B
Esc F