tag:blogger.com,1999:blog-58058273353631908942023-11-15T23:23:01.942+08:00Quick Guide to CISCO Network Device ConfigurationThe info presented here is only for the purpose of quick reference to CISCO Commands. You should refer to CISCO website for further info.A Blessed Singaporeanhttp://www.blogger.com/profile/15103822837352960193noreply@blogger.comBlogger7125tag:blogger.com,1999:blog-5805827335363190894.post-39396891172502939142019-11-26T13:55:00.001+08:002019-11-26T16:22:00.965+08:00PPP Encapsulation, CHAP and PAP<span style="color: red;">Note: HDLC is the default serial encapsulation. Both ends of serial link must be configured the same.</span><br />
<br />
<br />
<u><b>Configure PPP Encapsulation for Serial 0 at both R1 and R2</b></u><br />
<br />
R1 (config) # int s0/0/0<br />
R1 (config-if) # encapsulation ppp / encap ppp<br />
<br />
Note: If OSPF was already configured, the link will go down, until the other end has also been configured as PPP and the link should go up.<br />
<br />
R2 (config) # int s0/0/0<br />
R2 (config-if) # encapsulation ppp / encap ppp<br />
<br />
R1 (config) # do show int s0/0/0<br />
<br />
<br />
<u><b>Configure PPP (<span style="color: blue;">with</span> <span style="color: blue;">CHAP </span><span style="color: magenta;">or PAP</span> Authentication) at Serial 0 for both R1 and R2</b></u><br />
Hostname = username<br />
password = cisco<br />
<br />
<span style="color: blue;">R1 (config) # username R2 password cisco </span><span style="background-color: #cc0000; color: lime;">(or secret class)</span><br />
R1 (config) # int s0/0/0<br />
R1 (config-if) # encapsulation ppp / encap ppp<br />
<span style="color: blue;">R1 (config-if) # ppp authentication chap / ppp auth chap </span><span style="color: magenta;">(or pap)</span><br />
<br />
<span style="background-color: #cc0000; color: lime;">If secret class is used,</span><br />
R1 (config-if) # ppp <span style="color: blue;">chap </span><span style="color: magenta;">(or pap)</span> sent-username R1 password cisco<br />
<br />
Note: If OSPF was already configured, the link will go down, until the other end has also been configured as PPP and the link should go up.<br />
<br />
<span style="color: blue;">R2 (config) # username R1 password cisco </span><span style="background-color: #cc0000; color: lime;">(or secret class)</span><br />
R2 (config) # int s0/0/0<br />
R2 (config-if) # encapsulation ppp / encap ppp<br />
<span style="color: blue;">R2 (config-if) # ppp authentication chap / ppp auth chap </span><span style="color: magenta;">(or pap)</span><br />
<br />
<span style="background-color: #cc0000; color: lime;">If secret class is used,</span><br />
R1 (config-if) # ppp <span style="color: blue;">chap </span><span style="color: magenta;">(or pap)</span> sent-username R1 password cisco<br />
<br />
R1 (config) # do show int s0/0/0A Blessed Singaporeanhttp://www.blogger.com/profile/15103822837352960193noreply@blogger.com0tag:blogger.com,1999:blog-5805827335363190894.post-40705201419920137522019-11-26T13:31:00.003+08:002019-11-26T16:29:56.075+08:00Link Aggregation by EtherChannel using PAgP or LACP<span style="color: red;">Note: Both ends of the channel must be configured to use the same interface range and protocol.</span><br />
<span style="color: red;">Mismatch will cause the entire LAN to go down.</span><br />
<br />
<br />
Do below for S1. Do the same for S2.<br />
<br />
S1 (config) # int <span style="color: blue;">range</span> f0/3-4<br />
<br />
<u><b>For PAgP</b></u><br />
S1 (config-if-range) # channel-group 1 mode <span style="color: blue;">desirable</span><br />
<br />
<b><u>For LACP</u></b><br />
S1 (config-if-range) # channel-group 1 mode <span style="color: blue;">active</span><br />
<br />
S1 (config-if-range) # no shut<br />
<br />
S1 (config-if-range) # do show etherchannel summary / do sh e s<br />
<br />
<br />
S1 (config) # <span style="color: blue;">int port-channel 1</span><br />
S1 (config-if) # switchport mode trunk<br />
S1 (config-if) # switchport trunk native vlan 99<br />
<br />A Blessed Singaporeanhttp://www.blogger.com/profile/15103822837352960193noreply@blogger.com0tag:blogger.com,1999:blog-5805827335363190894.post-2719591321236916112019-11-26T13:07:00.002+08:002019-11-26T16:13:38.950+08:00Host Standby Routing Protocol (HSRP) for First Hop Redundancy Protocol (FHRP)<b><u>Configure R1 as Active Router at the Gateway Interface G0/1 to PC-A</u></b><br />
Default priority = 100.<br />
Use <span style="color: red;">Virtual IP Address = 192.168.1.254</span> and Group = 1.<br />
<br />
R1 (config) # int g0/1<br />
R1 (config-if) # standby version 2<br />
R1 (config-if) # standby 1 ip 192.168.1.254<br />
R1 (config-if) # standby 1 priority 150<br />
R1 (config-if) # standby 1 prempt<br />
<br />
<br />
<b><u>Configure R2 as Standby Router at the Gateway Interface G0/1 to PC-B</u></b><br />
Default priority = 100.<br />
Use Virtual IP Address = 192.168.1.254 and Group = 1.<br />
<br />
R2 (config) # int g0/1<br />
R2 (config-if) # standby version 2<br />
R2 (config-if) # standby 1 ip 192.168.1.254<br />
<br />
<br />
R2 (config-if) # do show standby brief<br />
<br />
<span style="color: red;">Note: Remember to use virtual IP address as default gateway address for PC-A and PC-B.</span><br />
<span style="color: red;">Likewise do the same for switches, if used in the same LAN.</span>A Blessed Singaporeanhttp://www.blogger.com/profile/15103822837352960193noreply@blogger.com0tag:blogger.com,1999:blog-5805827335363190894.post-89632557363629717132019-11-26T12:36:00.003+08:002019-11-26T12:54:13.053+08:00RIP<u><b>RIP version 2</b></u><br />
<br />
R1 (config) # router rip<br />
R1 (config-router) # version 2<br />
R1 (config-router) # network 10.0.0.0 (for Class A network /8)<br />
R1 (config-router) # network 192.168.1.0 (for Class C network /24)<br />
<br />
<br />
<u><b>Default static route</b></u><br />
Using Loopback 1 as exit interface, This is useful for simulating an Internet connection to ISP.<br />
Usually passive-interface lo1 is recommended.<br />
<u><br /></u>R1 (config) # ip route 0.0.0.0 0.0.0.0 lo1<br />
<br />
<br />
<u><b>Propagate and redistribute</b></u><br />
<br />
R1 (config-router) # default-information originate / def orig<br />
<br />A Blessed Singaporeanhttp://www.blogger.com/profile/15103822837352960193noreply@blogger.com0tag:blogger.com,1999:blog-5805827335363190894.post-34067103033146274262019-11-26T11:55:00.002+08:002019-11-26T16:30:25.518+08:00VLAN, Spanning Tree, Rapid PVST, PortFast and BPDU Guard<b><u>Create and Name VLAN</u></b><br />
<br />
S1 (config) # vlan 10<br />
S1 (config-vlan) # name User<br />
<br />
S1 (config) # vlan 99<br />
S1 (config-vlan) # name Management<br />
<br />
<br />
<b><u>Management VLAN</u></b><br />
<br />
S1 (config) # int vlan 99<br />
S1 (config-if) # ip add 192.168.99.1 255.255.255.0<br />
S1 (config-if) # no shut<br />
<br />
<br />
<u><b>Interface Trunk Native VLAN</b></u><br />
<br />
S1 (config) # <span style="color: blue;">int f0/10</span><br />
S1 (config-if) # no shut<br />
S1 (config-if) # switchport mode trunk<br />
S1 (config-if) # switchport trunk native vlan 99<br />
or<br />
S1 (config) # <span style="color: blue;">int port-channel 1</span><br />
S1 (config-if) # switchport mode trunk<br />
S1 (config-if) # switchport trunk native vlan 99<br />
<br />
<b><u>Interface Access VLAN, PortFast and BPDU Guard</u></b><br />
<br />
S1 (config) # int f0/1<br />
S1 (config-if) # no shut<br />
S1 (config-if) # switchport mode access<br />
S1 (config-if) # switchport access vlan 10<br />
<br />
S1 (config-if) # spanning-tree portfast / span port<br />
S1 (config-if) # spanning-tree bpduguard enable / span bpdu<br />
<br />
<br />
<u><b>Primary and Secondary Root Bridge, </b></u><b><u>Rapid PVST</u></b><br />
<br />
S1 (config) # spanning-tree vlan 1,10,99 root primary / span vlan 1,10,99 root pri<br />
S1 (config) # spanning-tree mode rapid-pvst / span mode rapid<br />
<br />
S2 (config) # spanning-tree vlan 1,10,99 root secondary / span vlan 1,10,99 root sec<br />
S2 (config) # spanning-tree mode rapid-pvst / span mode rapid<br />
<br />
<br />
S2 (config) # show spanning-tree<br />
S2 (config) # show run | inc span modeA Blessed Singaporeanhttp://www.blogger.com/profile/15103822837352960193noreply@blogger.com0tag:blogger.com,1999:blog-5805827335363190894.post-46481903652646426692019-11-26T11:30:00.002+08:002019-11-26T12:53:17.470+08:00OSPFv2 for IPV4 LAN<u><b>Router Configuration</b></u><br />
<br />
R1> enable / en<br />
<br />
<div>
R1 # config terminal / conf t<br />
<br />
<br />
<b><u>Clock Rate to DCE Interface</u></b><br />
Unit is in bps.<br />
<br />
R1 (config) # int s0/0/0<br />
R1 (config-if) # clock rate 128000<br />
<br />
<br />
<b><u>Bandwidth to Specific Interface</u></b><br />
Unit is in <span style="color: red;">k</span>bps. Default for Serial is 1544 kbps that produces the Link Cost of 64.<br />
<br />
R1 (config) # int s0/0/1<br />
R1 (config-if) # bandwidth 128 or band 128<br />
<br />
<br />
<u><b>Default static route</b></u><br />
Using Loopback 1 as exit interface, This is useful for simulating an Internet connection to ISP.<br />
Usually passive-interface lo1 is recommended.<br />
<u><br /></u>
R1 (config) # ip route 0.0.0.0 0.0.0.0 lo1<br />
<br />
<br />
<u><b>Go to Router Configuration</b></u><br />
Process ID = 1 (Note: Process ID is locally significant<br />
<u><br /></u>
R1 (config) # router ospf 1 / router os 1<br />
<br />
<br />
<u><b>Router ID </b></u><br />
(Note: Router ID is network significant that can affect Router Election)<br />
<br />
R1 (config-router) # router-id 1.1.1.1<br />
<br />
<br />
<u><b>Network to be advertised OSPF</b></u><br />
Advertising Link-State Updates (LSUs) within Backbone Area (Area 0)<br />
<br />
R1 (config-router) # network 192.168.1.0 0.0.0.255 area 0 (for single-area in backbone area)<br />
<br />
R1 (config-router) # network 192.168.2.0 0.0.0.255 area 1 (for multi-area)<br />
<br />
<br />
<u><b>Passive Interface</b> (to prevent sending or receiving LSUs)</u><br />
<br />
R1 (config-router) # passive-interface lo1 / pass lo1<br />
<br />
or<br />
<br />
R1 (config-router) # passive-interface default / pass def<br />
<br />
<br />
<u><b>Propagate and redistribute</b></u><br />
<br />
R1 (config-router) # default-information originate / def orig<br />
<br />
<br />
<b><u>Auto-Cost Reference-Bandwidth</u></b><br />
Unit is in Mbps. Default is 100 Mbps. Using 1 Gbps = 1000 Mbps as example.<br />
<br />
R1 (config-router) # auto-cost reference-bandwidth 1000 / auto ref 1000<br />
<br />
<br />
<b><u>OSPF Cost to Specific Interface</u></b><br />
Using serial 0/0/1 and 16000 as example.<br />
<br />
R1 (config) # interface s0/0/1<br />
R1 (config-if) # ip ospf cost 16000<br />
<br />
<br />
<u><b>OSPF Priority for DR, BDR and DROther to Specific Interface</b></u><br />
(Default = 1 and Maximum = 255)<br />
<br />
R1 (config) # interface g0/1<br />
R1 (config-if) # ip ospf priority 100<br />
R1 (config-if) # end<br />
<br />
Note: Remember to adjust the priority for all other routers at specific interfaces.<br />
Save all configurations. Then reload to ensure status change in DR, BDR and DROther for all routers.<br />
<br />
<br />
<u><b>Clear OSPF Process ID</b></u><br />
R1 (config-router) # end<br />
R1 # wr (Note: Always remember to save all your running config to startup config)<br />
R1 # ip clear ospf 1 process<br />
<br />
Then reload the startup config.<br />
<br />
R1# reload</div>
A Blessed Singaporeanhttp://www.blogger.com/profile/15103822837352960193noreply@blogger.com0tag:blogger.com,1999:blog-5805827335363190894.post-81866217926986728282019-11-26T09:36:00.000+08:002019-11-26T12:52:09.027+08:00Basic Device Configuration<div>
<b><u>Hostname</u></b></div>
<div>
<b><u><br /></u></b></div>
<div>
Router (config) # hostname R1 / host R1</div>
<b><u>
</u></b>
<br />
<div>
<b><u><b><u><br /></u></b></u></b></div>
<b><u>
Disable DNS Lookup</u></b><br />
<div>
<br /></div>
<div>
Router (config) # no ip domain-lookup / no ip domain-look</div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<b><u>Encrypt Plaintext Passwords</u></b></div>
<div>
<br /></div>
<div>
Router (config) # service pass-encryption / service pass</div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<b><u>Privileged Exec Password</u></b><br />
<br />
Router (config) # enable secret class / enable sec class<br />
<br />
<br />
<b><u>Console</u></b><br />
<br />
Router (config) # line console 0 / line con 0<br />
Router (config-line) # password cisco / pass cisco<br />
Router (config-line) # login<br />
Router (config-line) # logging synchronous / logging syn<br />
Router (config-line) # no exec (optional to disable console timeout to avoid hassle of re-entering passwords)<br />
Router (config-line) # exit<br />
<br />
<br />
<b><u>VTY</u></b><br />
<br />
Router (config) # line vty 0 15<br />
Router (config-line) # password cisco / pass cisco<br />
Router (config-line) # login<br />
Router (config-line) # logging synchronous / logging syn<br />
Router (config-line) # exit<br />
<br />
<br />
<b><u>Banner</u></b><br />
<br />
Router (config) # banner motd #For Authorised Access Only#<br />
<br />
<br />
<b><u>Saving Running Configuration to Startup-Configuration</u></b><br />
<br />
Router # copy running-config startup-config / copy run start / write mem / write / wr<br />
(Note: wr is the fastest as it saves you the hassle to choose Y/N after executing a copy run start command)<br />
<br />
<br />
<b><u>Do Command</u></b><br />
<br />
This command allows you to execute from a higher configuration level.<br />
<br />
For example:<br />
<br />
Router (config) # end<br />
Router # write<br />
<br />
You can simply do this to save you the hassle to exit or end from higher level:<br />
Router (config) # do wr<br />
<br />
<br />
<u><b>Show Running Configuration</b></u><br />
<br />
R1 # show running-config<br />
<br />
or from other level<br />
R1 (config-router) # do sh ru</div>
A Blessed Singaporeanhttp://www.blogger.com/profile/15103822837352960193noreply@blogger.com0