CCNA Cheat Sheets

CCNA Commands Cheat Sheets
http://boubakr92.wordpress.com/2013/09/19/ccna-cheat-sheet-part-1/
Cisco Commands Cheat Sheet # 1
----------------------------------------------------------------------------------------------------------------------Router
odes:
Router>: !ser mode " #$m$ted to bas$c mon$tor$n% commands
Router#: &r$'$(e%ed mode )e*ec-(e'e( mode+ " &ro'$des access to a(( other router commands
Router(config)#: %(oba( con,$%urat$on mode " Commands that a,,ect the ent$re s-stem
Router(config-if)#: $nter,ace mode " Commands that a,,ect $nter,aces
Router(config-subif)#: sub$nter,ace mode " Commands that a,,ect sub$nter,aces
Router(config-line)#: ($ne mode " Commands that a,,ect $n ($nes modes )conso(e. 't-. au*/+
Router(config-router)#: router con,$%urat$on mode
Chan%$n% sw$tch hostname:
1
Switch(config)# hostname SW1
Con,$%ur$n% passwords:
1
2
SW1(config)# enable secret cisco ! MD5 hash
SW1(config)# enable password notcisco ! Clear text
Secur$n% conso(e port:
1
2
3
SW1(config)# line con
SW1(config!line)# password cisco
SW1(config!line)# login
Secur$n% term$na( ($nes:
1
2
3
SW1(config)# line "t# $
SW1(config!line)# password cisco
SW1(config!line)# login
0ncr-pt$n% passwords:
1
SW1(config)# ser"ice password!encr#ption
Con,$%ur$n% banners:
1
2
3
4
5
SW1(config)# banner motd %
!&!&!&!&!&!&!&!&!&!&!&!&!&!&!&!&!
'()'*+,-./0D )CC0SS .S 1-,+.2.*0D
!&!&!&!&!&!&!&!&!&!&!&!&!&!&!&!&!
%
1$'$n% the sw$tch an 2& address:
1
2
3
SW1(config)# interface "lan 1
SW1(config!if)# ip address 13451651511 455545554555 ! or D+C1
SW1(config!if)# no sh7tdown
Sett$n% the de,au(t %atewa-:
1
SW1(config)# ip defa7lt!gatewa# 1345165151
Sa'$n% con,$%urat$on:
1
2
3
4
5
6
7
8
9
SW1# cop# r7nning!config start7p!config
Destination filename 8start7p!config9: ! 1ress enter to confirm
file name5
27ilding config7ration;
8,<9

! Short for write memor#5
SW1# wr
27ilding config7ration;
8,<9
3ork$n% en'$ronment:
name (ookup. h$stor-. e*ec-t$meout and (o%%$n% beha'$or/. a(so 'a($d ,or ($ne con 0.
1
2
3
4
5
SW1(config)# no ip domain!loo=7p
SW1(config!line)# histor# si>e 15
SW1(config!line)# exec!timeo7t 1 ?
SW1(config!line)# logging s#nchrono7s
Con,$%ur$n% sw$tch to use SS4:
Con,$%ure 5NS doma$n name:
1
SW1(config)# ip domain!name example5com
Con,$%ure a username and password:
1
SW1(config)# 7sername admin password cisco
1enerate encr-pt$on ke-s:
6he s$7e o, the ke- modu(us $n the ran%e o, 380 to 209:
1
2
SW1(config)# cr#pto =e# generate rsa
+ow man# bits in the mod7l7s 85149@ 14$
5e,$ne SS4 'ers$on to use:
1
SW1(config)# ip ssh "ersion 4
0nab(e 't- ($nes to use SS4:
1
2
3
4
SW1(config!line)# login local
! Ao7 can set "t# lines to 7se onl# telnet or onl# ssh or both as in
the example5
SW1(config!line)# transport inp7t telnet ssh
A($ases:
!sed to create shortcuts ,or (on% commands.
1
2
3
SW1(config)# alias exec c config7re terminal
SW1(config)# alias exec s show ip interface brief
SW1(config)# alias exec sr show r7nning!config
5escr$pt$on. speed and dup(e*:
1
2
3
4
5
6
SW1(config)# interface fast0thernet B1
SW1(config!if)# description C.(< *, .(*0-(0* -,'*0-
SW1(config!if)# speed 1 ! ,ptions@ 1D 1D a7to
! *he range =e#word 7sed to set a gro7p of interfaces at once5
SW1(config)# interface range fast0thernet B5 E 1
SW1(config!if!range)# d7plex f7ll (options@ halfD f7llD a7to)
;er$,- <as$c Con,$%urat$on:
Shows $n,ormat$on about the sw$tch and $ts $nter,aces. RA. N;RA. ,(ash. 2=S. etc.
1
SW1# show "ersion
Shows the current con,$%urat$on ,$(e stored $n 5RA.
1
SW1# show r7nning!config
Shows the con,$%urat$on ,$(e stored $n N;RA wh$ch $s used at ,$rst boot process.
1
SW1# show start7p!config
#$sts the commands current(- he(d $n the h$stor- bu,,er.
1
SW1# show histor#
Shows an o'er'$ew o, a(( $nter,aces. the$r ph-s$ca( status. protoco( status and $p address $, ass$%ned.
1
SW1# show ip interface brief
Shows deta$(ed $n,ormat$on about the spec$,$ed $nter,ace. $ts status. protoco(. dup(e*. speed. encapsu(at$on. (ast > m$n
tra,,$c.
1
SW1# show interface "lan 1
Shows the descr$pt$on o, a(( $nter,aces
1
SW1# show interfaces description
Shows the status o, a(( $nter,aces ($ke connected or not. speed. dup(e*. trunk or access '(an.
1
SW1# show interfaces stat7s
Shows the pub($c encr-pt$on ke- used ,or SS4.
1
SW1# show cr#pto =e# m#p7b=e# rsa
Shows $n,ormat$on about the (eased 2& address )when an $nter,ace $s con,$%ured to %et 2& address '$a a dhcp ser'er+
1
SW1# show dhcp lease
---------------------------------------------------------------------------------------------------------------------------------------------------------
C$sco Commands Cheat Sheet ?2
Con,$%ur$n% port secur$t-:
ake the sw$tch $nter,ace as access port:
1
SW1(config!if)# switchport mode access
0nab(e port secur$t- on the $nter,ace:
1
SW1(config!if)# switchport port!sec7rit#
Spec$,- the ma*$mum number o, a((owed AC addresses:
1
SW1(config!if)# switchport port!sec7rit# maxim7m 1
5e,$ne the act$on to take when '$o(at$on occurs:
1
SW1(config!if)# switchport port!sec7rit# "iolation sh7tdown ! options@ sh7tdownD
protectD restrict
Spec$,- the a((owed AC addresses:
6he st$ck- ke-word $s used to (et the $nter,ace d-nam$ca((- (earns and con,$%ures the AC addresses o, the current(- connected
hosts.
1
SW1(config!if)# switchport port!sec7rit# mac!address 6Fb55GG65511G5 ! options@
+5+5+D stic=#
;er$,- and troub(eshoot port secur$t-:
Shows the entr$es o, the mac address tab(e:
1
SW1# show mac!address!table
='er'$ew o, port secur$t- o, a(( $nter,aces:
1
SW1# show port!sec7rit#
Shows deta$(ed $n,ormat$on about port secur$t- on the spec$,$ed $nter,ace:
1
SW1# show port!sec7rit# interface faB5
Con,$%ur$n% ;#ANs:
Create a new ;#AN and %$'e $t a name:
1
2
SW1(config)# "lan 1
SW1(config!"lan)# name S)C0S
Ass$%n an access $nter,ace to access a spec$,$c ;#AN:
1
2
3
SW1(config!if)# switchport access "lan 1
Con,$%ur$n% an au*$($ar- ;#AN ,or c$sco 2& phones:
1
2
3
4
! accessing "lan 1 (data) and 14 (Ho.1)
SW1(config!if) #switchport access "lan 1
SW1(config!if) #switchport "oice "lan 14
Con,$%ur$n% 6runks:
1
2
3
SW1(config!if)# switchport mode tr7n= ! options@ accessD tr7n=D d#namic a7toD
d#namic desirable
SW1(config!if)# switchport tr7n= allowed "lan add 1 ! options@ addD remo"eD allD
except
Secur$n% ;#ANs and 6runk$n%:
Adm$n$strat$'e(- d$sab(e unused $nter,aces:
1
SW1(config!if)# sh7tdown
&re'ent trunk$n% b- d$sab($n% auto ne%ot$at$on on the $nter,ace:
1
2
SW1(config!if)# nonegotiate ! or hardcode the port asan access
port
Ass$%n the port to an unused ;#AN:
1
SW1(config!if)# switchport access "lan 444
Con,$%ur$n% ;6&:
Con,$%ure ;6& mode:
6he transparent ;6& mode $s used when an en%$neer wants to deact$'ate ;6& on a part$cu(ar sw$tch
1
SW1(config)# "tp mode ser"er ! options@ ser"erD clientD
transparent
Con,$%ure ;6& doma$n name:
1
SW1(config)# "tp domain 0I)M1C0 ! case!sensiti"e
Con,$%ure ;6& password )opt$ona(+:
1
SW1(config)# "tp password cisco ! case!sensiti"e
Con,$%ure ;6& prun$n% )opt$ona(+:
1
SW1(config)# "tp pr7ning ! onl# wor=s on H*1 ser"ers
0nab(e ;6& 'ers$on 2 )opt$ona(+:
1
SW1(config)# "tp "ersion 4
;er$,- and troub(eshoot ;#ANs and ;6&:
#$sts $n,ormat$on about adm$n$strat$'e sett$n% and operat$on status o, $nter,ace:
1
SW1# show interfaces if switchport
#$sts a(( the trunk ports on a sw$tch $nc(ud$n% the trunk a((owed ;#ANs:
1
SW1# show interfaces tr7n=
#$sts $n,ormat$on about the ;#ANs:
1
SW1# show "lan Jbrief K id K name K s7mmar#L
#$sts ;6& con,$%urat$on )mode. doma$n-name. 'ers$on. etc+ and re'$s$on number:
1
SW1# show "tp stat7s
Shows the ;6& password:
1
SW1# show "tp password
S6& opt$m$7at$on:
4ard cod$n% the root br$d%e )chan%$n% br$d%e pr$or$t-+:
1
2
3
4
SW1(config)# spanning!tree "lan 1 root primar#
SW1(config)# spanning!tree "lan 1 root secondar#
! 1riorit# m7st be a m7ltipl# of $G6
SW1(config)# spanning!tree 8"lan 19priorit# F1G4
Chan%$n% the S6& mode:
1
SW1(config)# spanning!tree mode rapid!p"st ! options@ mstD p"stD
rapid!p"st
0nab($n% port,ast and <&5! %uard on an $nter,ace:
&ort,ast and <&5! %uard are enab(ed on(- on $nter,aces connected to end user hosts
1
2
SW1(config!if)# spanning!tree portfast
SW1(config!if)# spanning!tree bpd7g7ard enable
Chan%$n% port cost:
1
SW1(config!if)# spanning!tree 8"lan 19 cost 45
<und($n% $nter,aces $nto an etherchanne(:
1
SW1(config!if)# channel!gro7p 1 mode on ! options@ a7toD
desirableD on
S6& 'er$,$cat$on and troub(eshoot$n%:
Shows deta$(ed $n,o about S6& state:
1
SW1# show spanning!tree
Shows S6& $n,o on(- on a spec$,$c port:
1
SW1# show spanning!tree interface faB4
Shows S6& $n,o on(- ,or a spec$,$c ;#AN:
1
SW1# show spanning!tree "lan 1
Shows $n,o about the root sw$tch:
1
SW1# show spanning!tree 8"lan 19 root
Shows $n,o about the (oca( sw$tch:
1
SW1# show spanning!tree 8"lan 19 bridge
Show the state o, the etherchanne(s:
1
SW1# show etherchannel 1
&ro'$des $n,ormat$ona( messa%es about the chan%es $n the S6& topo(o%-:
1
SW1# deb7g spanning!tree e"ents
0nab($n% or d$sab($n% C5&:
0nab($n% C5& %(oba((- on a sw$tch:
1
SW1(config)# cdp r7n
5$sab($n% C5& on a %$'en $nter,ace:
1
SW1(config!if)# no cdp enable
!s$n% C5& ,or network 'er$,$cat$on and troub(eshoot$n%:
Shows %(oba( $n,ormat$on about C5& $tse(,:
1
SW1# show cdp
Shows $n,ormat$on about C5& on a spec$,$c $nter,ace:
1
SW1# show cdp interface faB4
Shows $n,ormat$on about the d$rect(- connected c$sco de'$ces $nc(ud$n% $nter,aces names capab$($t$es:
1
SW1# show cdp neighbors
Shows deta$(ed $n,ormat$on about the ne$%hbor$n% c$sco de'$ces $nc(ud$n% de'$ce address and 'ers$on o, 2=S the- run:
1
SW1# show cdp neighbors detail
2
3
! ,-
SW1# show cdp entr# M
Shows deta$(ed $n,ormat$on about the spec$,$ed entr- on(-:
1
SW1# show cdp entr# SW4
-----------------------------------------------------------------------------------------------------------------------------------------------
Router bas$c con,$%urat$on:
6h$s sect$on $nc(udes 2=S commands that are abso(ute(- $dent$ca( on both routers and sw$tches. e*cept the part o, line aux
0 wh$ch $s con,$%ured on(- on router because sw$tches do not ha'e an au*$($ar- port.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
-o7ter(config)# hostname -1
-1(config)# enable secret cisco
-1(config)# line con
-1(config!line)# password cisco
-1(config!line)# login
-1(config!line)# logging s#nchrono7s
-1(config!line)# exec!timeo7t ?
-1(config!line)# exit
-1(config)# line "t# $
-1(config)# line a7x
-1(config)# banner motd %
!&!&!&!&!&!&!&!&!&!&!&!&!&!&!&!&!
'()'*+,-./0D )CC0SS .S 1-,+.2.*0D
!&!&!&!&!&!&!&!&!&!&!&!&!&!&!&!&!
%
-1(config)# alias exec c config7re terminal
-1(config)# alias exec s show ip interface brief
-1(config)# alias exec sr show r7nning!config
-1(config)# no ip domain!loo=7p
-1(config)# ser"ice password!encr#ption
-1(config)# ip domain!name example5com
-1(config)# 7sername admin password cisco
-1(config)# cr#pto =e# generate rsa
+ow man# bits in the mod7l7s 85149@ 14$
-1(config)# ip ssh "ersion 4
-1(config!line)# login local
-1(config!line)# transport inp7t telnet ssh
Con,$%ur$n% router $nter,aces:
C(ock rate $s set on(- on the 5C0 s$de. t-p$ca((- the 2S& s$de. =n -our router wh$ch $s 560 -ou don@t need to set c(ock$n%.
1
2
3
4
5
6
-1(config)# interface fast0thernet B
-1(config!if)# description C.(< *, C,C)C C)( *+-,'N+ SW1
-1(config!if)# ip address 1345165151 455545554555
-1(config!if)# no sh7tdown
-1(config!if)# exit
-1(config)# interface serial B1B
7
8
9
10
-1(config!if)# description W)( C,((0C*.,( *, -4
-1(config!if)# cloc= rate 14F
Con,$%ur$n% Router-=n-St$ck ,or '(an rout$n%:
1
2
3
4
5
6
7
8
-1(config)# interface fast0thernet B51
-1(config!s7bif)# encaps7lation dot1O 1
-1(config!s7bif)# ip address 1G4516F5151 455545554555
-1(config!s7bif)# interface fast0thernet B54
-1(config!s7bif)# encaps7lation dot1O 4
-1(config!s7bif)# ip address 1G4516F5451 455545554555
Stat$c route:
!s$n% ne*t hop:
1
-1(config)# ip ro7te 151545 455545554555 151514F51
!s$n% e*$t $nter,ace:
1
2
-1(config)# ip ro7te 151545 455545554555 Serial B
M(ote@ 0xit interface can be 7sed in point!to!point serial lin=s5
5e,au(t Route:
1
-1(config)# ip ro7te 555 555 1GG515151
R2&'2 Con,$%urat$on:
1
2
3
4
5
-1(config)# ro7ter rip
-1(config!ro7ter)# "ersion 4
-1(config!ro7ter)# networ= 1555 ! written as an original
class )
-1(config!ro7ter)# no a7to!s7mmar#
-1(config!ro7ter)# passi"e!interface serial B
R2&'2 ;er$,$cat$on:
Shows $n,ormat$on about the runn$n% rout$n% protoco( process:
1
-1# show ip protocols
Shows the ent$re rout$n% tab(e:
1
-1# show ip ro7te
Shows routes (earned '$a R2& on(-:
1
-1# show ip ro7te rip
Shows deta$(ed $n,ormat$on about the route to the spec$,$ed dest$nat$on network:
1
-1# show ip ro7te 1515151
=S&A Con,$%urat$on:
0nter =S&A router con,$%urat$on mode:
1
-1(config)# ro7ter ospf 1 ! 1 & process .D
Con,$%ure one or more network commands to $dent$,- wh$ch $nter,aces w$(( run =S&A:
1
2
3
-1(config!ro7ter)# networ= 1555 545554555455 area
-1(config!ro7ter)# networ= 1345165F5 5535455 area
-1(config!ro7ter)# networ= 1G4516F51545$ 555 area 1
Con,$%ure router 25 e$ther )=pt$ona(+:
Using router-id ospf subcommand:
1
-1(config!ro7ter)# ro7ter!id 1515151
Configuring an IP address on a loopback interface:
1
2
-1(config)# interface loopbac=
Chan%e 4e((o and 5ead $nter'a(s per $nter,ace )=pt$ona(+:
1
2
-1(config!if)# ip ospf hello!inter"al 4
-1(config!if)# ip ospf dead!inter"al 6
2mpact rout$n% cho$ces b- tun$n% $nter,ace cost us$n% one o, the ,o((ow$n% wa-s )=pt$ona(+:
Changing interface cost:
1
-1(config!if)# ip ospf cost 55
Changing interface bandidth:
1
-1(config!if)# bandwidth 14F ! in <bps
Changing the reference bandidth that used b! "#P$ to calculate the cost:
1
-1(config!ro7ter)# a7to!cost reference!bandwidth 1 ! in Mbps
5$sab($n% =S&A on a certa$n $nter,ace )=pt$ona(+:
1
Con,$%ur$n% =S&A authent$cat$on )=pt$ona(+:
%!pe & authentication (none):
1
-1(config!if)# ip ospf a7thentication n7ll
%!pe ' authentication (clear te(t):
1
2
-1(config!if)# ip ospf a7thentication
-1(config!if)# ip ospf a7thentication!=e# cisco
%!pe ) authentication (md*):
1
2
-1(config!if)# ip ospf a7thentication message!digest
-1(config!if)# ip ospf message!digest!=e# 1 md5 cisco
Con,$%ure ma*$mum eBua(-cost paths )=pt$ona(+:
1
-1(config!ro7ter)# maxim7m paths 6
=S&A 'er$,$cat$on:
Shows $n,ormat$on about the runn$n% rout$n% protoco( process:
1
-1# show ip protocols
Shows the ent$re rout$n% tab(e:
1
-1# show ip ro7te
Shows routes (earned '$a =S&A on(-:
1
-1# show ip ro7te ospf
Shows a(( ne$%hbor$n% routers a(on% w$th the$r respect$'e adCacenc- state:
1
-1# show ip ospf neighbors
Shows a(( the $n,ormat$on conta$ned $n the #S5<:
1
-1# show ip ospf database
Shows deta$(ed $n,ormat$on about =S&A runn$n% on a spec$,$c $nter,ace:
1
-1# show ip ospf interfaces serial B
021R& Con,$%urat$on:
0nter 021R& con,$%urat$on mode and de,$ne AS number:
1
-1(config)# ro7ter eigrp 141 ! 141 & )S n7mber
Con,$%ure one or more network commands to enab(e 021R& on the spec$,$ed $nter,aces:
1
2
3
4
-1(config!ro7ter)# networ= 1555
-1(config!ro7ter)# networ= 13451655 55?5455
-1(config!ro7ter)# networ= 1G4516F5151 555
-1(config!ro7ter)# networ= 555 455545554555455
5$sab(e auto summar$7at$on )=pt$ona(+:
1
-1(config!ro7ter)# no a7to!s7mmar#
5$sab(e 021R& on a spec$,$c $nter,ace )=pt$ona(+:
1
Con,$%ure (oad ba(anc$n% parameters )=pt$ona(+:
1
2
-1(config!ro7ter)# maxim7m!paths 6
-1(config!ro7ter)# "ariance $
Chan%e $nter,ace 4e((o and 4o(d t$mers )=pt$ona(+:
1
2
-1(config!if)# ip hello!inter"al eigrp 141 ?
-1(config!if)# ip hold!time eigrp 141 1
2mpact$n% metr$c ca(cu(at$ons b- tun$n% <3 and de(a- o, the $nter,ace )=pt$ona(+:
1
2
-1(config!if)# bandwidth 465 ! in <bps)
-1(config!if)# dela# 14 ! tens of microseconds
021R& Authent$cat$on:
6he key-string 'a(ue and the mode must be the same on both routers. #$,et$me opt$ons o, the ke-s reBu$res the c(ock o, the
routers to be set correct(-. better use N6&. or $t can cause prob(ems
Create an authent$cat$on ke- cha$n as ,o((ows:
Create a ke! chain and gi+e it a name:
1
-1(config)# =e# chain MAP<0AS
Create one or more ke!s gi+ing them numbers:
1
-1(config!=e#chain)# =e# 1
,efine the ke! +alue:
1
-1(config!=e#chain!=e#)# =e#!string1st<0A
,efine the life time of the ke!s (optional):
1
2
-1(config!=e#chain!=e#)# send!lifetime 8start time9 8end time9
-1(config!=e#chain!=e#)# accept!lifetime 8start time9 8end time9
0nab(e md> authent$cat$on mode ,or 021R& on the $nter,ace:
1
-1(config!if)# ip a7thentication mode eigrp141 md5
Re,er to the correct ke- cha$n to be used on the $nter,ace:
1
-1(config!if)# ip a7thentication =e#!chain eigrp141 MAP<0AS
021R& ;er$,$cat$on:
Shows routes (earned '$a 021R& on(-:
1
-1# show ip ro7te eigrp
Shows 021R& ne$%hbors and status:
1
-1# show ip eigrp neighbors
Shows 021R& topo(o%- tab(e. $nc(ud$n% successor and ,eas$b(e successor:
1
-1# show ip eigrp topolog#
Shows $nter,aces that run 021R&:
1
-1# show ip eigrp interfaces
#$sts stat$st$cs on numbers o, 021R& messa%es sent and rece$'ed b- the router:
1
-1# show ip eigrp traffic
-------------------------------------------------------------------------------------------------------------------------------------------------------------
Access Contro( #$sts:
Standard AC#: 1 D 99 and 1300 D 1999
!se a remark to descr$be the AC# )=pt$ona(+:
1 -1(config)# access!list 1 remar= )CC *, D0(A )CC0SS Q-,M S)C0S HC)(
Create the AC#. keep$n% the ,o((ow$n% $n m$nd:
o AC# uses ,$rst-match (o%$c.
o 6here $s an $mp($c$t den- an-at the end o, the AC#.
1
2
3
4
5
-1(config)# access!list 4 den# 1G4516F51533
-1(config)# access!list 4 den# 1G4516F5156$ 555?1
-1(config)# access!list 4 permit 15155 554555455
-1(config)# access!list 4 den# 1555 545554555455
-1(config)# access!list 4 permit an#
0nab(e the AC# on the chosen router $nter,ace $n the correct d$rect$on )$n or out+:
1 -1(config!if)# ip access!gro7p 4 o7t
!s$n% standard AC# to ($m$t te(net and SS4 access to a router:
Create the -C. that defines the permitted telnet clients:
1
2
-1(config)# access!list GG remar= )CC,W0D *0C(0* CC.0(*S
-1(config)# access!list GG permit 1G4516F51514F 55515
-ppl! the -C. inbound the +t! lines
1
2
-1(config!line)# access!class GG in
0*tended AC#: 100 D 199 and 2000 D 2899
0*tended AC# shou(d be p(aced as c(ose as poss$b(e to the source o, the packet.
0*tended AC# matches packets based on source E des.2& addresses. protoco(. source E des. &ort numbers andother
cr$ter$a as we((
1
2
3
4
5
6
7
8
9
-1(config)# access!list 11 remar= MAP)CC0SSPC.S*
-1(config)# access!list 11 den# iphost 1515151 host 1545454
-1(config)# access!list 11 den# tcp 151515 555455 an# eO 4?
-1(config)# access!list 11 den# icmp 1515151 555 an#
-1(config)# access!list 11 den# tcphost 151515 host 15551 eO
F
-1(config)# access!list 11 den# 7dphost 1515153 eO 5? an#
-1(config)# access!list 11 permit ip an# an#
-1(config!if)# ip access!gro7p 11 in
Named AC#:
Named AC#s use names to $dent$,- AC#s rather than numbers. and commands that perm$t or den- tra,,$c are wr$tten $n
a sub mode ca((ed named AC# mode )nac(+.
Named AC# enab(es the ed$t$n% o, the AC# )de(et$n% or $nsert$n% statements+ b- seBuenc$n% statements o, the AC#.
Named standard AC#:
1
2
3
4
5
6
-1(config)# ip access!list standard MAPS*)(D)-DP)CC
-1(config!std!nacl)# permit 151515 555455
-1(config!std!nacl)# den# 1545454
-1(config!std!nacl)# permit an#
-1(config!if)# ip access!gro7p MAPS*)(D)-DP)CC o7t
Named e*tended AC#:
1
2
3
4
5
6
-1(config)# ip access!list extended MAP0I*0(D0DP)CC
-1(config!ext!nacl)# den# icmp 1515151 555 an#
-1(config!ext!nacl)# den# tcphost 151515 host 15551 eO F
-1(config!ext!nacl)# permit ip an# an#
-1(config!if)# ip access!gro7p MAP0I*0(D0DP)CC in
0d$t$n% AC# us$n% seBuence numbers:
1
2
3
4
-1(config)# ip access!list extended MAP0I*0(D0DP)CC
-1(config!ext!nacl)# no 4 ! Deletes the statement of seO7ence
n7mber 4
-1(config)# ip access!list standard GG
-1(config!std!nacl)# 5 den# 1515151 ! inserts a statement with
seO7ence 5
;er$,-$n% AC#s:
Shows a(( AC#s con,$%ured on a router w$th counters at the end o, each statement:
1
2
3
-1# show access!lists
! ,-
-1# show ip access!list
Shows on(- the spec$,$ed AC#:
1 -1# show ip access!list 11
2nc(udes a re,erence to the AC#s enab(ed on that $nter,ace e$ther $n or out:
1 -1# show ip interface fB
54C& Ser'er
5e,$ne a 54C& poo( and %$'e $t a name:
1 -1(config)# ip dhcp pool MAP1,,C
5e,$ne network and mask to use $n th$s poo( and the de,au(t %atewa-:
1
2
-1(dhcp!config)# networ= 1G4516F515 455545554555
-1(dhcp!config)# defa7lt!ro7ter 1G4516F5151
5e,$ne one or more 5NS ser'er )=&62=NA#+:
1 -1(dhcp!config)# dns!ser"er 41?51?156554 F5F5F5F
Con,$ne the (ease t$me )=&62=NA#+:
1 -1(dhcp!config)lease 4 ! Da#s
5e,$ne one or more scopes o, e*c(uded )reser'ed+ addresses )=&62=NA#+:
1
2
-1(config)# ip dhcp excl7ded!address 1G4516F5151 1G4516F5151
-1(config)# ip dhcp excl7ded!address 1G4516F5154 1G4516F51545$
54C& ;er$,$cat$on and 6roub(eshoot$n%:
Shows the status o, the spec$,$ed poo( and the (eased addresses ,rom that poo(:
1 -1# show ip dhcp pool 1,,CP1
Shows a(( the (eased $p addresses ,rom a(( con,$%ured 54C& poo(s:
1 -1# show ip dhcp binding
Shows an- con,($cts that occurred:
1 -1# show ip dhcp conflict
--------------------------------------------------------------------------------------------------------------------------------------------------------------------
C$sco Commands Cheat Sheet ? >
&&& Con,$%urat$on:
1
2
-1(config)# interface serial B
-1(config!if)# encaps7lation ppp
&&& Authent$cat$on:
C4A&:
Con,$%ure the hostname:
1 -1(config)# hostname )C1+)
Con,$%ure the name o, the other end router and the shared password:
1
2
! *he password 7sed is shared passwordD that means it m7st be the same on
both ro7ters
)C1+)(config)# 7sername 20*) password IA/
0nab(e C4A& authent$cat$on on the $nter,ace:
1
2
)C1+)(config)# interface serial B
)C1+)(config!if)# ppp a7thentication chap
&A&:
Con,$%ure the hostname:
1 -1(config)# hostname )C1+)
Con,$%ure the name o, the other end router and the shared password:
1 )C1+)(config)# 7sername 20*) password IA/
0nab(e &A& authent$cat$on on the $nter,ace and de,$ne the username and password to be sent b- &A&:
1
2
3
)C1+)(config)# interface serial B
)C1+)(config!if)# ppp a7thentication pap
)C1+)(config!if)# ppp pap sent!7sername )C1+) password IA/
&&& ;er$,$cat$on and troub(eshoot:
Shows the encapsu(at$on t-pe and the contro( protoco(s o, &&&:
1 -1# show interface sB
!se,u( ,or '$ew$n% the con,$%urat$on o, usernames and passwords used to authent$cate &&&:
1 -1# show r7nning!config
5$sp(a-s the authent$cat$on process o, &&& $n rea( t$me:
1 -1# deb7g ppp a7thentication
Arame Re(a-:
u(t$po$nt )one subnet+
1$'e the $nter,ace an $p address and enab(e Arame Re(a- encapsu(at$on:
1
2
3
-1(config!if)# encaps7lation frame!rela# (ietf)
Con,$%ure #2 s$%na($n% t-pe: )=pt$ona( as d$scussed w$th 2S&+:
1
-1(config!if)# frame!rela# lmi!t#pe ansi ! options@ ansiD ciscoD
OG??a
Con,$%ure Arame Re(a- mapp$n%:
1
2
3
4
5
6
7
8
9
10
11
12
-1(config!if)# frame!rela# map ip 1515154 14 broadcast (ietf)
-1(config!if)# frame!rela# map ip 151515? 1? broadcast
-4(config!if)# encaps7lation frame!rela#
-4(config!if)# frame!rela# map ip 1515151 41 broadcast
-4(config!if)# frame!rela# map ip 151515? 41 broadcast
-?(config)# interface serial B
-?(config!if)# ip address 151515? 455545554555
-?(config!if)# encaps7lation frame!rela#
-?(config!if)# frame!rela# map ip 1515151 ?1 broadcast
-?(config!if)# frame!rela# map ip 1515154 ?1 broadcast
&o$nt-to-po$nt )d$,,erent subnetsF one subnet per sub$nter,ace+
0nab(e Arame Re(a- encapsu(at$on:
1
2
1$'e an $p address to a sub$nter,ace and con,$%ure $ts 5#C2:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
-1(config)# interface serial B514 point!to!point
-1(config!s7bif)# ip address 1515151 455545554555
-1(config!s7bif)# frame!rela# interface!dlci 14
-1(config)# interface serial B51? point!to!point
-1(config!s7bif)# frame!rela# interface!dlci 1?
-4(config)# interface serial B541 point!to!point
-4(config!s7bif)# frame!rela# interface!dlci 41
-?(config)# interface serial B
-?(config!if)# encaps7lation frame!rela#
-?(config)# interface serial B5?1 point!to!point
-?(config!s7bif)# ip address 4545454 455545554555
-?(config!s7bif)# frame!rela# interface!dlci ?1
Arame Re(a- ;er$,$cat$on and troub(eshoot:
Shows the encapsu(at$on t-pe:
1 -1# show interfaces serial B
#$sts &;C status $n,ormat$on:
1 -1# show frame!rela# p"c
#$sts 5#C2 to 2& mapp$n%:
1 -1# show frame!rela# map
#$sts #2 status $n,ormat$on:
1 -1# show frame!rela# lmi
5$sp(a-s the content o, #2 messa%es:
1 -1# deb7g frame!rela# lmi
#$sts messa%es about certa$n Arame Re(a- e'ents. $nc(ud$n% 2n'erse AR& messae%es:
1 -1# deb7g frame!rela# e"ents
Network Address 6rans(at$on )NA6+:
Stat$c NA6:
5e,$ne the outs$de and $ns$de $nter,aces:
1
2
3
4
-1(config!if)# ip nat o7tside
-1(config)# interface Qast0thernet 1B1
-1(config!if)# ip nat inside
Con,$%ure stat$c NA6 statement:
1 -1(config)# ip nat inside so7rce static 1G4516F5151 4515151
5-nam$c NA6:
5e,$ne the outs$de and $ns$de $nter,aces
Create an AC# that determ$nes the 2& addresses thatare a((owed to be trans(ated:
1 -1(config)# access!list ? permit 1G4516F515 555455
Create a poo( o, pub($c 2& addresses:
1
-1(config)# ip nat pool 1'2 4515151 4515156 netmas=
4555455545554$F
Con,$%ure NA6 statement:
1
2
3
4
5
6
7
8
-1(config)# ip nat inside so7rce list ? pool 1'2RBpreS
Rh$S()* ,"erload (1)*)@RBh$S
R7lS
RliS*he same as d#namic ()* with the 7se of the o"erload =e#word at the end of ()*
statement@RBliS
RB7lS
RpreS
1
-1(config)# ip nat inside so7rce list ? pool 1'2 o"erload
NA6 'er$,$cat$on and troub(eshoot:
!se,u( $n '$ew$n% the con,$%urat$on o, NA6 poo( and the $ns$de and outs$de $nter,aces:
1 -1# show r7nning!config
5$sp(a-s access ($sts. $nc(ud$n% the one used ,or NA6:
1 -1# show access!lists
Shows counters ,or packets and NA6 tab(e entr$es. as we(( as bas$c con,$%urat$on $n,ormat$on:
1 -1# show ip nat stasitics
5$sp(a-s the NA6 tab(e:
1 -1# show ip nat translations
C(ears a(( the d-nam$c entr$es $n the NA6 tab(e:
1 -1# clear ip nat translations M
2ssues a (o% messa%e descr$b$n% each packet whose $p address $s trans(ated w$th NA6:
1 -1# deb7g ip nat

CCNA Cheat Sheets

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CCNA Cheat Sheets

Uploaded by

Copyright:

Available Formats

CCNA Commands Cheat Sheets

You might also like