Você está na página 1de 4

-----------------------Romper claves router------------------------Ctrl+pausa

Rommon 1 >
rommon 1 > CONFREG 0X2142
rommon 2 > RESET
Router>enable
---------------Encaso de querer mantener configuracion------------Router#copy startup-config running-config
Router(config)#enable password xxx
Router(config)#enable secret xxx
Router(config)#config-register 0x2102
Router(config)#do wr
---------------Encaso de no querer mantener configuracion------------Router#copy running-config startup-config
Router(config)#config-register 0x2102
Router(config)#do wr
-----------------------Romper claves switch------------------------Presionar boton mode mientras arranca
switch:flash_init
switch:load_helper
switch:dir flash:
Switch:rename flash:config.text flash:config.text.back
Swirch:boot
---------------Encaso de querer mantener configuracion------------Switch> enable
Switch# rename flash:config.text.old flash:config.text
Switch# copy flash:config.text system:running-config
Switch# configure terminal
Switch (config)# enable secret password
Switch (config)# exit
Switch#
Switch# copy running-config startup-config
---------------Encaso de no querer mantener configuracion------------switch# delete flash:config.text.back
Switch# copy running-config startup-config
-----------------------configurcion basica-------------------------hostname R1
enable password cisco
enable sercret class
service password-encryption
banner motd *
Acceso denegado*
line con 0
password cisco
login
exit
line vty 0 4
password cisco
login
exit
-------------------------Configurar ospf---------------------------router ospf 1
router-id 10.0.0.1

network 192.168.0.1 0.0.0.255 area 0


passive-interface Loopback 0
exit
default-information originate --- para redistribuir rutas estaicas en ospf
-------------------------Configurar Eigrp---------------------------router eigrp 100
router-id 10.0.0.1
network 192.168.0.1 0.0.0.255
passive-interface Loopback 0
exit
----------------------------PPP pap---------------------------------Los usuarios que se envian deben estar creados en el router que recibe
Router(config)#Username R1 password cisco
interface serial 0/0/0
encapsulation ppp
ppp authentication pap
ppp pap sent-username R2 password cisco
no shutdown
exit
---------------------------PPP chap--------------------------------Username R1 password cisco
interface serial 0/0/0
encapsulation ppp
ppp authentication chap
no shutdown
exit
--------------------------Frame-relay-------------------------------frame-relay switching
interface serial 0/0/0
clock rate 64000
encapsulation frame-relay
encapsulation frame-relay ietf
frame-relay lmi-type ansi
frame-relay intf-type dce
no shutdown
exit
--------------------Desactivar arp inverso--------------------------interface serial 0/0/0
encapsulation frame-relay
no frame-relay inverse-arp
no shutdown
exit
-----------------------Frame- relay map------------------------------frame-relay map ip (ip del otro router) DLCI broadcast o
frame-relay map ip (ip del otro router) DCLI
no shutdown
--------------------Frame- relay SUbinterface-------------------------interface serial 0/0/0
encapsulation frame-relay ietf

bandwidth 64
frame-relay lmi-type ansi
no shutdown
exit
interface Serial0/0.50 point-to-point
ip address 192.168.50.1 255.255.255.0
frame-relay interface-dlci 50
exit
---------------------------Seguridad----------------------------------Logintud de las claves
security passwords min-length 6
------------------------Autenticacion AAA-----------------------------username admin1 password 0 cisco
aaa new-model
aaa authentication login default local
aaa authemtication login AUTHLIST group radius none
Radius-server host 172.16.1.1 key ciscokey
line vty 0 4
login authentication AUTHLIST
trasnport input all
exit
ip http authentication AUTHLIST
----------------------------------------------------------------------*Tiempo de Inactividad desconecta despues de 5 minutos para el modo privilegiado
line con 0
exec-timeout 5 0
exit
*dificutar los intentos de conexion por fuerza bruta 5 veces en 2 minutos
login block-for 60 attempt 5 within 30
*registrar eventos cada ves que falla la autenticacion
security authentication failure rate 3 log
--------------------------------SSH------------------------------------ip domain-name ADC.com.ve
crypto key generate rsa 1024
ip ssh time-out 30
ip ssh authentication-retries 2
ip ssh version 2
username xxxx privilege 15 password xxxx
line vty 0 4
transport input ssh
login local
exit
-------------------------------DHCP-------------------------------------ip dhcp pool nombre
network (id de la red y mascara)
default-router 192.168.1.1
exit

ip dhcp excluded-address 192.168.1.1 192.168.1.5