Ccna PDF

CCNA
Ti liu dnh cho hc vin
Mc lc
Phn I : Cisco IOS ............................................................................................................... 1
BI 1:t Mt Khu Truy Nhp Cho Router ................................................................ 2
BI 2: Cisco Discovery Protocol (CDP) .......................................................................... 7
BI 3: TELNET ............................................................................................................. 15
BI 4: KHI PHC MT KHU CHO CISCO ROUTER ........................................ 20
BI 5: RECOVERY PASSWORD CHO SWITCH 2950 ............................................. 24
BI 6: NP IOS IMAGE T TFTP SERVER CHO CISCO ROUTER CHY T
FLASH ............................................................................................................................ 26
BI 7: NP IOS IMAGE CHO 2 ROUTER CHY T FLASH ................................ 36
BI 8:NP IOS CHO SWITCH .................................................................................... 41
Phn 2 :LAN ....................................................................................................................... 46
BI 9: CU HNH VLAN TRN SWITCH 2950 ........................................................ 46
BI 10: CU HNH VLAN TRUNK ............................................................................. 56
BI 11:CU HNH VTP PASSWORD ........................................................................ 64
Phn 3 :Routing .................................................................................................................. 70
BI 12: NH TUYN TNH (Static route) ................................................................. 70
BI 13: RIP( ROUTING INFORMATION PROTOCOL) .......................................... 79
Bi 14:Cu Hnh IGRP Timer ....................................................................................... 90
BI 15:CU HNH IGRP LOAD BALANCING ........................................................ 96
BI 16: DISCONTIGOUS NETWORKS ................................................................... 103
BI 17: REDISTRIBUTE GIA RIP v IGRP .......................................................... 108
BI 18 :CU HNH OSPF C BN .......................................................................... 119
BI 19: CU HNH EIGRP ....................................................................................... 126
BI 20: CU HNH OSPF GIA WINDOWS SERVER 2003 V ROUTER ....... 128
Phn 4 : ACCESS LIST v NAT....................................................................................... 136
BI 21: STANDAR ACCESS LIST............................................................................. 136
BI 22: EXTENDED ACCESS LIST .......................................................................... 143
BI 23: TN CNG ROUTER BNG FLOOD ........................................................ 151
BI 24: CU HNH NAT STATIC ............................................................................. 154
BI 25:CU HNH NAT OVERLOAD ...................................................................... 158
Phn 5 : WAN ................................................................................................................... 164
BI 26: CU HNH PPP PAP V CHAP................................................................... 164
BI 27:CU HNH ISDN BASIC............................................................................. 171
BI 28: CU HNH ISDN DDR .................................................................................. 179
BI 29: CU HNH FRAME RELAY CN BN...................................................... 191
BI 30:CU HNH FRAME RELAY SUBINTERFACE .......................................... 199
VSIC Education Corporation
Trang 1
CCNA
Phn I : Cisco IOS

BI 1: t Mt Khu Truy Nhp Cho Router
1. Gii thiu :
Bo mt l mt yu t rt quan trng trong network,v th n rt c quan tm v s
dng mt khu l mt trong nhng cch bo mt rt hiu qu.S dng mt khu trong
router c th gip ta trnh c nhng s tn cng router qua nhng phin Telnet hay
nhng s truy cp trc tip vo router thay i cu hnh m ta khng mong mun t
ngi l.
2. Mc ch :
Ci t c mt khu cho router, khi ng nhp vo, router phi kim tra cc loi mt
khu cn thit.
3. M t bi lab v hnh :
Trong hnh trn, PC c ni vi router bng cp console

4. Cc cp bo mt ca mt khu :
Cp bo mt ca mt khu da vo cp ch m ho ca mt khu .Cc cp m
ha ca mt khu:
Cp 5 : m ha theo thut ton MD5, y l loi m ha 1 chiu, khng th gii m
c(cp ny c dng m ho mc nh cho mt khu enable secret gn cho router)
Cp 7 : m ha theo thut ton MD7, y l loi m ha 2 chiu,c th gii m
c(cp ny c dng m ha cho cc loi password khc khi cn nh: enable
password,line vty,line console)
Cp 0 : y l cp khng m ha.
5. Qui tc t mt khu :
Mt khu truy nhp phn bit ch hoa,ch thng,khng qu 25 k t bao gm cc k
s,khong trng nhng khng c s dng khong trng cho k t u tin.
Router(config)#ena pass vsic-vsic-vsic-vsic-vsic-vsic
% Overly long Password truncated after 25 characters
mt khu c t vi 26 k
t khng c chp nhn
6. Cc loi mt khu cho Router :
Enable secret : nu t loai mt khu ny cho Router,bn s cn phi khai bo khi
ng nhp vo ch user mode ,y l loi mt khu c hiu lc cao nht trong Router,c
m ha mc nh cp 5.
Trang 2
CCNA
Enable password : y l loi mt khu c chc nng tng t nh enable secret

nhng c hiu lc yu hn, loi password ny khng c m ha mc nh, nu yu cu m
ha th s c m ha cp 7.
Line Vty : y l dng mt khu dng gn cho ng line Vty,mt khu ny s
c kim tra khi bn ng nhp vo Router qua ng Telnet.
Line console : y l loi mt khu c kim tra cho php bn s dng cng
Console cu hnh cho Router.
Line aux : y l loi mt khu c kim tra khi bn s dng cng aux.
7. Cc bc t mt khu cho Router :
Bc 1 : khi ng Router , nhn enter vo ch user mode.
T ch user mode dng lnh enable vo ch Privileged mode
Router con0 is now available
Press RETURN to get started.
Router>enable
Router#
Bc 2 : T du nhc ch Privileged mode vo mode cofigure cu hnh cho
Router bng lnh configure terminal
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#
Bc 3 : Cu hnh cho tng loi Password
Cu hnh cho mt khu enable secret
(Ch :mt khu c phn bit ch hoa v ch thng)
Router(config)#enable secret vsic Mt khu l vsic
Router(config)#exit
Cu hnh mt khu bng lnh enable password
Router(config)#ena pass cisco
Mt khu l cisco
Router(config)#exit
Lu : khi ta ci t cng lc 2 loi mt khu enable secret v enable password th
Router s kim tra mt khu c hiu lc mnh hn l enable secret. Khi mt khu secret
khng cn th lc mt khu enable password s c kim tra.
Cu hnh mt khu bng lnh Line
9 Mt khu cho ng Telnet (Line vty)
Router(config)#line vty 0 4
Router(config-line)#password class
password l class
m ch ci t password
Router(config-line)#login
Router(config-line)#exit
9 Mt khu cho cng console :
Router(config)#line console 0
m ng Line Console
cng Console th 0
password l cert
Router(config-line)#password cert
m ch ci t password
9 Mt khu cho cng aux:
Router(config)#line aux 0
S 0 ch s th t cng aux c dng
password l router
Router(config-line)#password router
Trang 3
CCNA
Sau khi t xong mt khu,ta thot ra ngoi ch Privileged mode, dng lnh Show
running-config xem li nhng password cu hnh :
Router#show running-config
Building configuration...
Current configuration : 550 bytes
version 12.1
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
password ci t ch khng m ha
hostname Router
enable secret 5 $1$6bgK$prmkIPVMht7okiCQ5EQ2o password secret c
m ha mc nh cp 5
enable password cisco
!
line con 0
password cert password cho cng Console l cert
login
line aux 0
password router password cho cng aux l router
login
line vty 0 4
password class
password cho ng vty l class
login
!
End
Dng lnh Show running-config ta s thy c cc password cu hnh, nu mun
m ha tt c cc password ta dng lnh Service password-encryption trong mode config.
Router(config)#service password-encryption
Router(config)#exit
Dng lnh show running-config kim tra li:
Router#show run
enable secret 5 $1$6bgK$prmkIPVMht7okiCQ5EQ2o/
enable password 7 094F471A1A0A
password c m ha cp 7
line con 0
password 7 15110E1E10
login
line aux 0
password 7 071D2E595A0C0B password c m ha cp 7
login
line vty 0 4
password 7 060503205F5D
login
Trang 4
CCNA
!
End
Ch : Ta khng th dng lnh no service password-encryption b ch m ha cho
mt khu,ta ch c th b ch m ha khi gn li mt khu khc
Sau khi t mt khu xong, khi ng nhp vo Router li, mt khu s c kim tra:
Router con0 is now available
User Access Verification
nhn enter
mt khu line console s c kim tra
Password:cert
khai bo mt khu console l : cert
enable d vo mode Privileged
Router>ena
Password:vsic
V mt khu secret c hiu lc cao hn nn c kim tra
Router#
Cc loi mt khu khc nh Line Vty ,Line aux s c kim tra khi s dng n chc nng
8. G b mt khu cho router :

Nu mun g b mt khu truy cp cho loi mt khu no ta dng lnh no trc cu
lnh gn cho loi mt khu .
V d : Mun g b mt khu secret l vsic cho router
Router(config)#no enable secret vsic
Router(config)#exit
Bng cch tng t,ta c th g b mt khu cho cc loi mt khu khc.
9. Cch thc hnh bng Dynagen( phn t thc hnh cho hc vin )
Chy file Dynamips Server, sau click vo file lab1pwd.net(t CD hc CCNA), v t
giao din dng lnh ny, ta nh lnh telnet VSIC1 vo router VSIC1. Vic cu
hnh trn router VSIC1 ny hon ton ging vi bi lab trn.
Trang 5
CCNA
Trang 6
CCNA
BI 2: Cisco Discovery Protocol (CDP)

1. Gii thiu :
CDP(Cisco Discovery Protocol) l 1 giao thc ca Cisco, giao thc ny hot ng lp
2(data link layer) trong m hnh OSI, n c kh nng thu thp v ch ra cc thng tin ca cc
thit ln cn c kt ni trc tip, nhng thng tin ny rt cn thit v hu ch cho bn trong
qu trnh x l s c mng.
2. Mc ch:
Bi thc hnh ny gip bn hiu r v giao thc CDP v cc thng s lin quan, nm
c chc nng ca cc lnh trong giao thc ny.
Ch : CDP ch cung cp thng tin ca thit b kt ni trc tip vi n, tri vi cc giao
thc nh tuyn. Giao thc nh tuyn c th cung cp thng tin ca cc mng xa, hay kt
ni gin tip qua nhiu router.
hnh bi lab nh hnh v, cc router c ni vi nhau bng cp serial.

4. Cc bc thc hin :
Trc tin cu hnh cho cc Router nh sau(xem bng lnh Show run)
Router Vsic1 :
!
version 12.2
!
hostname VSIC1
!
Trang 7
CCNA
logging rate-limit console 10 except errors

!
ip subnet-zero
no ip finger
!
no ip dhcp-client network-discovery
!
interface Ethernet0
no ip address
shutdown
!
interface Serial0
ip address 192.168.1.2 255.255.255.0
no fair-queue
!
interface Serial1
ip address 192.168.2.1 255.255.255.0
!
ip kerberos source-interface any
ip classless
ip http server
!
line con 0
transport input none
line aux 0
line vty 0 4
!
End
Router Vsic2 :
!
version 12.1
!
hostname VSIC2
!
ip subnet-zero
!
interface Ethernet0
no ip address
shutdown
!
Trang 8
CCNA
interface Serial0
ip address 192.168.1.1 255.255.255.0
clockrate 56000
!
interface Serial1
no ip address
shutdown
!
ip classless
no ip http server
!
line con 0
line aux 0
line vty 0 4
login
!
End
Router Vsic3 :
!
version 12.1
!
hostname Vsic3
!
ip subnet-zero
!
interface Serial0
no ip address
shutdown
no fair-queue
!
interface Serial1
ip address 192.168.2.2 255.255.255.0
clockrate 56000
!
ip classless
ip http server
!
line con 0
line aux 0
line vty 0 4
!
End
Trang 9
CCNA
Lu : V CDP l 1 giao thc ring ca Cisco nn n c mc nh khi ng, v vy khi ta

dng lnh Show run,nhng thng tin v giao thc ny s khng c hin th.Giao thc ny
c th hot ng trn c Router v Switch
5. Cc lnh trong giao thc CDP :

Lnh Show CDP neighbors : dng xem thng tin ca cc thit b xung quanh c
lin kt trc tip(lnh ny s dng trong mode Privileged)
VSIC1#show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater
Device ID
Local Intrfce Holdtme Capability Platform Port ID
Vsic3
Ser 1
149
R
2523 Ser 1
VSIC2
Ser 0
134
R
2500 Ser 0
Lnh Show CDP neighbors detail : dng xem chi tit thng tin ca cc thit b
lin kt trc tip.
VSIC1#show cdp neighbors detail
------------------------Device ID: Vsic3
thit b lin kt trc tip l Vsic3
Entry address(es):
IP address: 192.168.2.2
a ch cng lin kt trc tip
Platform: cisco 2523, Capabilities: Router loi thit b lin kt: Cisco Router 2523
Interface: Serial1, Port ID (outgoing port): Serial1
lin kt trc tip qua
cng Serial1
Holdtime : 124 sec
Version :
Cisco Internetwork Operating System Software
IOS (tm) 2500 Software (C2500-I-L), Version 12.1(26), RELEASE SOFTWARE
(fc1)
Copyright (c) 1986-2004 by cisco Systems, Inc.
Compiled Sat 16-Oct-04 02:44 by cmong
Thng tin v h iu hnh ca
thit b lin kt
advertisement version: 2
------------------------Device ID: VSIC2
Entry address(es):
IP address: 192.168.1.1
Platform: cisco 2500, Capabilities: Router
thit b lin kt trc tip l Vsic2
a ch cng lin kt
loi thit b lin kt l Cisco
Router 2500
Interface: Serial0, Port ID (outgoing port): Serial0 lin kt qua cng Serial 0
Holdtime : 168 sec
thi gian gi gi tin l 168 sec
Version :
Trang 10
CCNA

(fc1)
Compiled Sat 16-Oct-04 02:44 by cmong Thng tin chi tit v phin bn v
h iu hnh ca thit b
Lnh Show CDP : hin th thng tin CDP v timer v hold-time.
VSIC1#show cdp
Global CDP information:
Sending CDP packets every 60 seconds gi cdp c gi mi 60 second
Sending a holdtime value of 180 seconds thi gian gi gi tin l 180 second
Sending CDPv2 advertisements is enabled
Lnh Show CDP interface : hin th thng tin CDP v tng cng,cch ng gi v c
timer,hold-time.
VSIC1#show cdp int
Ethernet0 is administratively down, line protocol is down cng Ethernet0 down
do khng c thit b lin kt trc tip
Encapsulation ARPA
cch ng gi packet
Sending CDP packets every 60 seconds
Holdtime is 180 seconds
Serial0 is up, line protocol is up cng Serial0 up do co thit b lin kt trc tip
Encapsulation HDLC
cch ng gi packet
Serial1 is up, line protocol is up cng Serial1 up do c thit b lin kt trc tip
Encapsulation HDLC
cch ng gi packet
Lu : ta c th dng lnh no cdp enable tt ch CDP trn cc interface,v lc ny
lnh show CDP interface s khng hin th thng tin CDP trn interface .Nu mun bt li
ch CDP trn interface no ta dng lnh CDP enable trn interface .
VSIC1(config)#int s0
VSIC1(config-if)#no cdp enable
tt ch CDP trn interface Serial0
VSIC1(config-if)#^Z
VSIC1#show cdp inter
01:32:44: %SYS-5-CONFIG_I: Configured from console by console
Ethernet0 is administratively down, line protocol is down
Encapsulation ARPA
Serial1 is up, line protocol is up
Encapsulation HDLC
thng tin v cng Seria0 khng hin th sau khi
Trang 11
CCNA
tt ch cdp trn n
Nu mun bt li ch CDP trn interface no ta dng lnh CDP enable trn
interface .
VSIC1(config)#int s0
VSIC1(config-if)#cdp ena
VSIC1(config-if)#exit
Lnh Show CDP traffic : hin th b m CDP bao gm s lng gi packet gi,
nhn v b li.
VSIC1#show cdp traffic
CDP counters :
Total packets output: 128, Input: 115
Hdr syntax: 0, Chksum error: 0, Encaps failed: 9
No memory: 0, Invalid packet: 0, Fragmented: 0
CDP version 1 advertisements output: 0, Input: 0
CDP version 2 advertisements output: 128, Input: 115
Lnh Clear CDP couter : dng reset lai b m CDP.
Lnh No CDP run : tt hon ton ch CDP trn Router
VSIC1(config)#no cdp run
VSIC1(config)#^Z
VSIC1#show cdp
lnh show cdp khng hp l khi tt ch cdp
% CDP is not enabled
Lnh CDP run : dng m li ch CDP trn Router
VSIC1(config)#cdp run
VSIC1(config)#exit
VSIC1#show cdp
Global CDP information:
Sending a holdtime value of 180 seconds
Sending CDPv2 advertisements is enabled
Lu : Giao thc CDP ch cho ta bit c thng tin ca nhng thit b c lin kt trc
tip.
Vsic3#show cdp neighbors detail
------------------------Device ID: VSIC1
Entry address(es):
IP address: 192.168.2.1
Holdtime : 138 sec
Version :
IOS (tm) 2500 Software (C2500-JK8OS-L), Version 12.2(1d), RELEASE
SOFTWARE (fc1)
Compiled Sun 03-Feb-02 22:01 by srani
Trang 12
CCNA
T Router Vsic3 ch xem c thng tin ca thit b ni trc tip l Router

Athen1
Gi s ta thay i a ch IP ca cng Serial1 router Vsic3
Vsic3(config)#int s0
Vsic3(config-if)#ip add 192.168.3.2 255.255.255.0
Vsic3(config-if)#no shut
Vsic3(config-if)#clock rate 56000
Vsic3(config-if)#^Z
Dng lnh Ping t Router Vsic3 ping a ch cng Serial 1 ca Router
Vsic1:
Vsic3#ping 192.168.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
S dng giao thc CDP t Router Vsic3 xem thng tin v cc thit b lin kt
trc tip:
Vsic3#show cdp neighbors detail
------------------------Device ID: VSIC1
Entry address(es):
IP address: 192.168.2.1
Holdtime : 144 sec
Version :
SOFTWARE (fc1)
Bn thy r t Router Vsic3 ta ping khng thy c Router Vsic1 nhng dng giao
thc CDP bn vn nhn c thng tin ca thit b lin kt. y l u im ca giao thc
CDP. u im ny s rt hu ch cho bn khi x l s c mng.
6. Cu hnh s dng Dynagen(dnh cho Hc vin t thc hnh)

Chy file Dynamips Server, sau click vo file lab2cdp.net(t CD hc CCNA), v t
giao din dng lnh ny, ta nh lnh telnet VSIC1 vo router VSIC1. Tng t vi
cc router VSIC2,v VSIC3. S trong file cu hnh nh sau :
Trang 13
CCNA
Trang 14
CCNA
BI 3: TELNET
1. Gii thiu :
Telnet l mt giao thc u cui o( Vitural terminal),l mt phn ca chng giao thc
TCP/IP.Giao thc ny cho php to kt ni vi mt thit b t xa v thng qua kt ni ny,
ngi s dng c th cu hnh thit b m mnh kt ni vo.
2. Mc ch :
Bi thc hnh ny gip bn hiu v thc hin c nhng cu hnh cn thit c th
thc hin cc phin Telnet t host vo Router hay t Router vo Router.
hnh bi lab nh hnh trn, cc router c ni vi nhau bng cp serial. Host1 ni vi

router Vsic1 bng cp cho.
4. Cc bc thc hin :
Cu hnh cho cc router Vsic1, Vsic2 v Host 1 nh sau :
Host 1 :
IP:10.0.0.2
Subnetmask:255.255.255.0
Gateway:10.0.0.1
Router vsic1
version 12.1
!
hostname vsic1
!
ip subnet-zero
!
interface Ethernet0
ip address 10.0.0.1 255.255.255.0
!
interface Serial0
ip address 192.168.1.1 255.255.255.0
clockrate 56000
Trang 15
CCNA
!
end
Router vsic2
!
version 12.2
!
hostname vsic2
!
interface Serial0
ip address 192.168.1.2 255.255.255.0
no fair-queue
!
end
Phi chn chn rng cc kt ni vt l thnh cng (kim tra bng lnh Ping)
Kim tra kt ni Telnet :
T Host ta th telnet vo Router Vsic1 :
C:\Documentsand settings\Administrator>Telnet 10.0.0.1
Password required, but none set i hi mt khu nhng khng c ci dt
Connection to host lost
Kt ni tht bi
T Router vsic1 ta kt ni Telnet vo Router Vsic2
vsic1#telnet 192.168.1.2
Trying 192.168.1.2 ... Open
Password required, but none set
[Connection to 192.168.1.2 closed by foreign host]
Thc hin Telnet khng thnh cng v chc nng Telnet i hi bn phi m ng
line Vty v ci t mt khu cho n.
t mt khu Vty cho Router Vsic1 :
vsic1#conf t
vsic1(config)#line Vty 0 4
vsic1(config-line)#pass vsic1
vsic1(config-line)#login
vsic1(config-line)#exit
t mt khu Vty cho Router Vsic2 :
vsic2#conf t
vsic2(config)#line vty 0 4
vsic2(config-line)#pass vsic2
vsic2(config-line)#login
vsic2(config-line)#exit
Lc ny thc hin Telnet : T Host bn thc hin Telnet vo Router Vsic1
Trang 16
CCNA

Password:
Vsic1>ena
% No password set
Vsic1>
Tng t bn thc hin hin Telnet t Router Vsic1 n Router Vsic2:
vsic1#192.168.1.2
Trying 192.168.1.2 ... Open
Password:
vsic2>ena
% No password set
vsic2>
Lu : i vi thit b ca Cisco, bn ch cn nh a ch ca ni cn Telnet n,
thit b s t hiu v thc hin kt ni Telnet.
Khi Telnet vo, bn ang Mode User v giao thc ny i hi bn phi c ci t
mt khu vo Privileged Mode.Thc hin vic ci t mt khu:
Router Vsic1
vsic1(config)#ena pass cisco
vsic1(config)#exit
Router Vsic2
vsic2(config)#ena pass class
vsic2(config)#exit
Bn thc hin li vic kt ni Telnet, t Host vo Router Vsic1:
Password: vsic1
Vsic1>ena
Password: cisco
Vsic1#
T Router Vsic1 vo Router Vsic2:
vsic1#192.168.1.2
Trying 192.168.1.2 ... Open
Password: vsic2
vsic2>ena
Password: class
vsic2#
T y bn c th thc hin vic thay i cu hnh cho cc thit b m khng cn phi
thng qua cng Console.
Kim tra vic Telnet bng lnh Show line
vsic2#show line
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
* 0 CTY
5
0
0/0
-
Trang 17
CCNA
*
*
*
1 AUX 9600/9600
2 VTY
3 VTY
4 VTY
5 VTY
6 VTY
-
0
1
7
4
1
0
0
0
0
0
0
0
0/0
0/0
0/0
0/0
0/0
0/0
Du * biu th nhng line bn ang s dng Telnet,theo nh bng trn,bng ang s dng
3 dng line Telnet qua li gia 2 Router Vsic1 v Vsic2 qua cc port 2,3,4.
Ct Uses ch s ln bn s dng ng line .
Lu : Bn ch thc hin c vic Telnet qua li gia cc Router khng qu 10 ln
cng lc (v bn ch c 5 line Vty t 0 n 4)
vsic1#192.168.1.2
Trying 192.168.1.2 ...
% Connection refused by remote host
Router bo li khi bn thc hin phin Telnet th 11.
Bn cng c th thc hin Telnet cng lc gia cc thit b bng cch t mn hnh telnet,
bn nhn t hp phm: Ctrl-Shift-6 sau nhn phm X(s dng trn terminal nhn t hp
phm CTRL-SHIFT-6 sau nhn 2 ln X), lc ny bn s tr li mn hnh gc ban u v
bn c th tip tc thc hin cc phin Telnet vo cc thit b khc. tr v mn hnh Telnet
ban u bn n phm enter 2 ln
Thot khi cc phin Telnet : chng ta s dng lnh Exit hay lnh Disconnect
Ngt mt kt ni Telnet : chng ta s dng lnh clear line
5. Cu hnh s dng Dynagen(dnh cho Hc vin t thc hnh):
Chy file Dynamips Server, sau open file lab3telnet.net bng wordpad xem m
hnh kt ni gia cc router trong bi thc hnh.
# Simple lab
[localhost]
[[3640]]
image = \Program Files\Dynamips\images\C3640_IS_MZ122_3.BIN
# On Linux / Unix use forward slashes:
# image = /opt/7200-images/c7200-jk9o3s-mz.124-7a.image
ram=96
[[ROUTER VSIC1]]
model=3640
s1/0 = VSIC2 s1/0 (s dng s1/0 ca VSIC1 kt ni vi s1/0 VSIC2)
F0/0 = NIO_gen_eth:\Device\NPF_{3E56FAD7-7D96-4763-AD9E-6232CA66410B}
[[router VSIC2]]
model=3640
# No need to specify an adapter here, it is taken care of
Trang 18
CCNA
# by the interface specification under Router VSIC1

Ta ch dng F0/0 = NIO_gen_eth:\Device\NPF_{3E56FAD7-7D96-4763-AD9E6232CA66410B} trong file lab3telnet.net. router c th kt ni vo c vi PC hin
hnh, chng ta cn thay i thng s y. Chy file network device list trn Desktop xc
nh card mng ca PC ni vo.
Thay a ch ca card mng hin hnh ti my PC vo file cu hnh. Nh vy ta

thitlp c m hnh kt ni sau:
Save file cu hnh v chy, chng ta bt u vo bi thc hnh
Trang 19
CCNA
BI 4: KHI PHC MT KHU CHO CISCO ROUTER

(Recovery Password)
1. Gii thiu :
Mt khu truy cp l rt hu ch trong lnh vc bo mt, tuy nhin i khi n cng em li
phin toi nu chng may bn qun mt mt khu truy nhp.Bi thc hnh khi phc mt
khu cho Cisco Router ny gip bn khi phc li mt khu ng nhp vo Router .
Lu : t mt khu cho Router c ngha rt ln trong kha cnh security,n ngn cn c
cc phin Telnet t xa vo Router thay i cu hnh hay thc hin nhng mc ch
khc.Bn nn trnh nhm ln gia hai khi nim bo mt v khi phc mt khu,bn c
th khi phc hay thay i c mt khu ca Router khng c ngha l mc bo mt ca
Router khng cao v khi phc mt khu cho Router, iu kin tin quyt l bn phi
thao tc trc tip trn Router, iu ny c ngha l bn phi c s chp nhn ca Admin
hay k thut vin qun l Router.
Trong hnh trn PC ni vi router bng cp console

3. Qu trnh khi ng ca Router :
Khi va bt ngun, Router s kim tra phn cng, sau khi phn cng c kim tra
hon tt, h iu hnh s c np t Flash, tip Router s np cu hnh trong
NVRAM bao gm tt c nhng ni dung cu hnh trc cho Router nh cc thng tin
v giao thc, a ch cc cng v c mt khu truy nhp.V vy Router khng kim tra
mt khu khi ng nhp, bn phi ngn khng cho Router np d liu t NVRAM.
Mi dng Router c mt k thut khi phc mt khu khc nhau, tuy vy khi phc mt
khu cho Router bn phi qua cc bc sau:
9 Bc 1 : Khi ng Router,ngn khng cho Router np cu hnh trong NVRAM.
(bng cch thay i thanh ghi t 0x2102 sang thanh ghi 0x2142).
9 Bc 2 : Reset li Router (lc ny Router s dng thanh 0x2142 khi ng).
9 Bc 3 : ng nhp vo Router(lc ny Router khng kim tra mt khu), dng cc
lnh ca Router xem hay ci t li mt khu (bn ch xem c mt khu khi mt khu
c ci t ch khng m ha)
Trang 20
CCNA
9 Bc 4 : Thay i thanh ghi (t 0x2142 sang 0x2102).

9 Bc 5 : Lu li cu hnh va ci t (lc ny mt khu bit).
4. Khi phc mt khu cho Cisco Router 2500.
Gi s khi bn ng nhp vo Router nhng bn qun mt mt khu.
vsic con0 is now available
vsic>enable
Password:
Password:
Password:
% Bad secrets
Bn phi thc hin vic khi phc mt khu. Cc bc thc hin nh sau:
Bc 1 : bn khi ng li Router
System Bootstrap, Version 5.2(8a), RELEASE SOFTWARE
Copyright (c) 1986-1995 by cisco Systems
2500 processor with 8192 Kbytes of main memory n Ctrl Break khng cho
Router np d liu t NVRAM
Abort at 0x103AA7E (PC)
>o/r 0x2142 ( hoc s dng lnh confreg 0x2142) S dng lnh ny thay i
thanh ghi sang 0x2142
Bc 2 : khi ng li Router, lc ny Router s np cu hnh t thanh ghi 0x2142
(cu hnh trng)
vsic>ena
password s khng yu cu kim tra khi ng nhp
vsic#show start
dng lnh Show start xem cu hnh trong NVRAM
Using 456 out of 32762 bytes
!
version 12.1
!
hostname Router
!
enable secret 5 $1$AqeQ$yB00zFjHxIiVoHLnbLEhh1
password secret
c m ho
mt khu enable password l cisco
!
end
Bc 3 : Cu hnh li mt khu cho Router:
vsic#config t
vsic(config)#ena secret Vsic
mt khu secret c cu hnh li l Vsic
vsic(config)#exit
vsic#conf t
Trang 21
CCNA
vsic(config)#ena pass class

mt khu enable password l class
vsic(config)#exit
Bc 4 : Thay i thanh ghi hin hnh t 0x2142 tr v 0x2102
Dng lnh Show version xem thanh ghi hin hnh
vsic#show ver
(fc1)
Image text-base: 0x03042000, data-base: 0x00001000
.
2 Serial network interface(s)
32K bytes of non-volatile configuration memory.
16384K bytes of processor board System flash (Read ONLY)
Configuration register is 0x2142
Thanh ghi 0x2142 ang c s dng
9 Thay i thanh ghi:
vsic(config)#config-register 0x2102
dng lnh config-register
vsic(config)#exit
9 Xem li thanh ghi hin hnh:
vsic#show ver
(fc1)
.
Configuration register is 0x2142 (will be 0x2102 at next reload)
thanh ghi hin
hnh l 0x2102
Bc 5 : lu cu hnh thay i vo thanh ghi 0x2102
vsic#wr me
[OK]
Dng lnh show start xem cu hnh khi ng trong NVRAM
vsic#show start
!
version 12.1
!
hostname vsic
!
Trang 22
CCNA
enable secret 5 $1$49cD$jrvYyRSQhpTAHuDA1/R1v.

enable password class
!
!
!
End
Sau khi reload li, ng nhp vo Router,mt khu secret l Vsic s c kim tra
vsic con0 is now available
vsic>ena
Password:
mt khu l Vsic s c kim tra v chp nhn
vsic#
Trang 23
CCNA
BI 5: RECOVERY PASSWORD CHO SWITCH 2950

1. Gii thiu :
Trong bi lab ny chng ta se thc hin recovery password ca mt switch
Ni cp console gia PC vi switch. Chng ta s tin hnh recovery password trn switch
2950 trong bi lab ny.
3. Thc hin :
kho st vic recovery password r rng hn ,chng ta s cu hnh tn v password
cho switch trc khi tin hnh recovery password cho switch
Chng ta cu hnh tn v password cho switch nh sau :
Switch#conf t
Switch(config)#host Vsic
Vsic(config)#enable password cisco
t password cho switch
Vsic(config)#enable secret Vsic
t secret password cho switch
Sau khi cu hnh xong chng ta lu vo NVRAM v xem li cu hnh trong NVRAM
trc khi tin hnh recovery password cho switch.
Vsic#copy run start
Destination filename [startup-config]?
Vsic#show start
Vsic#sh start
version 12.1
hostname Vsic
enable secret 5 $1$s22D$vCe6IFIeKLhUPZqgm6QZ6/
Chng ta tin hnh recovery password theo cch bc sau :
Bc 1 : tt ngun switch, sau gia nt MODE trn switch 2950 trong lc bt
ngun li. Khi mn hnh hin nhng thng bo sau, ta nh nt MODE ra.
IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA2, RELEASE
SOFTWARE (fc1)
Compiled Sun 07-Nov-04 23:14 by antonino
(mt s thng bo c lc b)
flash_init
load_helper
Trang 24
CCNA
boot
Bc 2: Chng ta nhp flash_init bt u cu hnh cho cc file ca flash. Nhp cu
lnh dir flash: xem cc file c cha trong flash. Sau chng ta i tn file config.text
thnh config.bak (v cu hnh ca chng ta lu phn trc c switch cha trong file ny)
bng cu lnh sau : rename flash:config.text flash:config.bak Sau chng ta reload li
switch bng cu lnh boot
Bc 3 : Trong qu trnh khi ng switch s hi :
Continue with the configuration dialog? [yes/no] :
Chng ta nhp vo NO, b qua cu hnh ny. Sau khi khi ng xong chng ta vo
mode privileged.
Switch>en
Switch#
Sau chng ta chuyn tn file config.bak trong flash thnh config.text bng cch :
Switch#rename flash:config.bak flash:config.text
Ri cu hnh NVRam vo RAM bng cu lnh sau :
Switch#copy flash:config.text system:running-config
Bc 4 : g b tt c cc loi password
Vsic#conf t
Vsic(config)#no enable password
Vsic(config)#no enable secret
Bc 5 : copy cu hnh t RAM vo NVRam, ri reload switch li.
Vsic#copy run start
Destination filename [startup-config]?
[OK]
Vsic#reload
Trang 25
CCNA
BI 6: NP IOS IMAGE T TFTP SERVER CHO CISCO ROUTER

CHY T FLASH
1. Gii thiu :
Flash l 1 b nh c th xa, c dng lu tr h iu hnh v mt s m lnh.B
nh Flash cho php cp nht phn mm m khng cn thay th chip x l.Ni dung Flash vn
c gi khi tt ngun.
Bi lab ny gip bn thc hin vic np IOS (Internetwork Operating System) Image t
Flash trong Router Cisco vo TFTP server to bn IOS Image d phng v np li IOS
Image t t TFTP sever vo Cisco Router chy t Flash(khi phc phin bn c hay update
phin bn mi) thng qua giao thc truyn TFTP (Trivial file transfer protocol)
hnh bi lab nh hnh v, PC ni vi router bng cp cho v mt cp console ( iu

khin router).
PC hot ng nh 1 TFTP Server v c ni vi Router thng qua mi trng
Ethernet,lc ny Router hot ng nh l TFTP Client. IOS s c copy t Router ln
Server( trong tnh hung backup IOS) hay t Server vo Router( trong tnh hung update hay
ci t IOS mi). i vi trng hp np IOS cho Router khi Flash Router b xo ta c th
vo mode ROMMON cu hnh ly IOS t Server.
3. Cc bc thc hin:
Chng ta s cu hnh cho router Vsic v PC (ng vai tr nh mt TFTP server) nh sau :
PC :
IP Address : 192.168.14.2
Subnetmask : 255.255.255.0
Gateway : 192.168.14.1
Router Vsic :
hostname vsic
Trang 26
CCNA
!
ip subnet-zero
no ip finger
!
interface Ethernet0
ip address 192.168.14.1 255.255.255.0
!
interface Serial0
no ip address
shutdown
no fair-queue
!
interface Serial1
no ip address
shutdown
!
ip kerberos source-interface any
ip classless
ip http server
!
line con 0
transport input none
line aux 0
line vty 0 4
!
end
Bn thc hin lnh Ping m bo vic kt ni gia Router v TFTP server
vsic#ping 192.168.14.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.14.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
Dng lnh Show version xem phin bn IOS hin hnh:
vsic#show ver
SOFTWARE (fc1)
Router ang s d ng IOS version 12.2(1d)
Image text-base: 0x0307EEE0, data-base: 0x00001000
ROM: System Bootstrap, Version 11.0(10c), SOFTWARE
BOOTFLASH: 3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c),
RELEASE SOFT
WARE (fc1)
Trang 27
CCNA
vsic uptime is 15 minutes

System returned to ROM by bus error at PC 0x100D042, address 0xFFFFFFFC
System image file is "flash:/c2500-jk8os-l.122-1d.bin" Tn tp tin IOS image
c np t flash- loI Cisco 2500 s
dng h iu hnh phin bn12.2(1d)
cisco 2500 (68030) processor (revision N) with 14336K/2048K bytes of memory.
Router c 16MB RAM,14 MB dng cho
b nh x l, 2 MB dng cho b nh I/O
Processor board ID 08030632, with hardware revision 00000000
Bridging software.
X.25 software, Version 3.0.0.
SuperLAT software (copyright 1990 by Meridian Technology Corp).
TN3270 Emulation software.
1 Ethernet/IEEE 802.3 interface(s)
16384K bytes of processor board System flash (Read ONLY) Router c 16 MB flash
Configuration register is 0x2102
Thanh ghi hin hnh
Dng lnh Show Flash xem b nh Flash

vsic#show flash
System flash directory:
File Length Name/status
1 16505800 /c2500-jk8os-l.122-1d.bin
[16505864 bytes used, 271352 available, 16777216 total]
ngha tn File IOS Image:
c2500:loi thit b Cisco 2500
jk8os:cc tnh nng
j :enterprise subnet
k8 : reserved for huture encrytion capapilities
o : fire wall
s : suorce router switch
1.122 : lai phin bn IOS
Bn thc hin vic np IOS image t Flash vo TFTP server:
vsic#copy flash tftp
Source filename []? /c2500-jk8os-l.122-1d.bin
Address or name of remote host []? 192.168.14.2
a ch TFTP server
Destination filename [c2500-jk8os-l.122-1d.bin]?
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Trang 28
CCNA
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
16505800 bytes copied in 232.724 secs (71145 bytes/sec)
Qu trnh np thnh cng, file IOS image c lu vo chng trnh cha TFTP server
Bn thc hin xong vic np IOS t Flash vo TFTP server, sau y bn thc hin
li vic np mt IOS c sn t TFTP server vo li flash ca mt Router.
Cc bc thc hin: Bn cu hnh Router v Host nh trn.chy chng trnh
TFTP t PC.
Gi s bn c 2 file IOS c sn trong TFTP server
Trang 29
CCNA
File IOS Image c2500-i-l.121-26.bin c dung lng 7,85 MB.

File IOS Image c2500-jk80os-l.122-1d.bin c dung lng 16MB
9 Bn thc hin kim tra Flash:
vsic#show flash
1 8039140 /c2500-i-l.121-26.bin
Nhn xt : B nh Flash ca bn c dung lng l 8 MB, bn c th lu file IOS image
c2500-i-l.121-26.bin vo Flash
9 Thc hin qu trnh copy flash
vsic#copy tftp flash
**** NOTICE ****
Flash load helper v1.0
This process will accept the copy options and then terminate
the current system image to use the ROM based image for the copy.
Routing functionality will not be available during that time.
If you are logged in via telnet, this connection will terminate.
Users with console access can see the results of the copy operation.
---- ******** ---Proceed? [confirm]
xc nhn vic copy
tn hay a ch ni lu
Flash (TFTP Server)
Source filename []? c2500-i-l.121-26.bin
Tn file ngun
Trang 30
CCNA
Destination filename [c2500-i-l.121-26.bin]?

%Warning:There is a file already existing with this name
Do you want to over write? [confirm]
Accessing tftp://192.168.14.2/c2500-i-l.121-26.bin...
Erase flash: before copying? [confirm]
Tn file ch
00:09:43: %SYS-5-RELOAD: Reload requested

%SYS-4-CONFIG_NEWER: Configurations from version 12.1 may not be correctly
under
stood.
%FLH: c2500-i-l.121-26.bin from 192.168.14.2 to flash ...
1 8039140 /c2500-i-l.121-26.bin
Accessing file 'c2500-i-l.121-26.bin' on 192.168.14.2...
Loading c2500-i-l.121-26.bin from 192.168.14.2 (via Ethernet0): ! [OK]
Erasing device... eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee ...erased qu trnh xa flash
Loading c2500-i-l.121-26.bin from 192.168.14.2 (via Ethernet0): !!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
qu trnh np Flash
[OK - 8039140/8388608 bytes]
Verifying checksum... OK (0x9693)
Flash copy took 0:03:57 [hh:mm:ss]
%FLH: Re-booting system after download
F3: 7915484+123624+619980 at 0x3000060
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
(fc1)
Trang 31
CCNA

Bridging software.
Press RETURN to get started!
Sau khi np Flash hon thnh, Router s reset li thay i Flash mi, lc ny IOS
trong Flash s l file IOS bn va copy vo.
9 Qu trnh np Flash trong TFTP server
Lu : l trong c qu trnh copy flash t TFTP server vo Router hay t Router vo TFTP
server bn u phi chy chng trnh TFTP server trn PC.
4. Cu hnh s dng Dynagen( dnh cho SV t thc hnh)
Chy file Dynamips Server, sau open file lab6tftp1.net bng wordpad xem m
hnh kt ni gia cc router trong bi thc hnh.
Trang 32
CCNA
# Simple lab
[localhost]
[[3640]]
image = \Program Files\Dynamips\images\C3640_IS_MZ122_3.BIN
# On Linux / Unix use forward slashes:
# image = /opt/7200-images/c7200-jk9o3s-mz.124-7a.image
ram=96
[[ROUTER VSIC1]]
model=3640
F0/0 = NIO_gen_eth:\Device\NPF_{3E56FAD7-7D96-4763-AD9E-6232CA66410B}
# No need to specify an adapter here, it is taken care of
# by the interface specification under Router VSIC1
Ta ch dng F0/0 = NIO_gen_eth:\Device\NPF_{3E56FAD7-7D96-4763-AD9E6232CA66410B} trong file lab6tftp1.net. router c th kt ni vo c vi PC hin
hnh, chng ta cn thay i thng s y. Chy file network device list trn Desktop xc
nh card mng ca PC ni vo.
By gi chng ta bt u thc hnh. Ta khng th copy OS t router 3600 Series c

do router 3600 series chy t RAM v flash mc nh l trng( IOS khng cha trong flash
ca Router). thc hnh lm vic vi TFTP ta chp 1 file t Server vo trong flash vo
chp ngc li t flash router vo TFTP Server.
Trc tin ta test kt ni gia PC v Router
Trang 33
CCNA
Bt TFTP Server ti PC
Copy file cbin vo flash Router.
Trang 34
CCNA
Copy file cbin t router ngc li PC.( ta i tn file thnh hao.bin khi b trng
file ti TFTP)
Vy ta thc hnh copy file gia TFTP Server v Router.
Trang 35
CCNA
BI 7: NP IOS IMAGE CHO 2 ROUTER CHY T FLASH

Bi thc hnh ny gup bn thc hin vic np IOS image t Flash ca Router ny sang
Router kia.
Hai router c ni vi nhau bng cp serial. a ch cc interface c ghi trn hnh.

2. Cc bc thc hin :
Bn cu hnh cho 2 Router nh sau:
Vsic1#sh run
!
version 12.1
!
hostname Vsic1
!
ip subnet-zero
!
interface Ethernet0
no ip address
shutdown
!
interface Serial0
ip address 10.0.0.1 255.0.0.0
clockrate 64000
!
interface Serial1
no ip address
shutdown
!
ip classless
ip http server
!
line con 0
Trang 36
CCNA
line aux 0
line vty 0 4
!
end
Vsic2#sh run
!
version 12.1
!
hostname Vsic2
!
ip subnet-zero
!
interface Ethernet0
no ip address
shutdown
!
interface Serial0
ip address 10.0.0.2 255.0.0.0
no fair-queue
!
interface Serial1
no ip address
shutdown
!
ip classless
ip http server
!
line con 0
line aux 0
line vty 0 4
!
end
Chng ta kim tra flash ca hai router :
Vsic1#sh flash
1 8038440 /c2500-i-l.121-25.bin //T n File IOS Image//
8192K bytes of processor board System flash (Read ONLY) //8MB flash//
Trang 37
CCNA
Vsic2#sh flash
1 8039140 c2500-i-l.121-26.bin
thc hin vic copy IOS image t Router Vsic1 sang Router Vsic2, bn phi m
ch TFTP server cho Router Vsic1.
Vsic1(config)#tftp-server flash:
Vsic1(config)#tftp-server flash:c2500-i-l.121-26.bin
Vsic1(config)#^Z
Bn thc hin vic Copy IOS t Router Vsic2
Vsic2#copy tftp flash:
**** NOTICE ****
Flash load helper v1.0
This process will accept the copy options and then terminate
the current system image to use the ROM based image for the copy.
Routing functionality will not be available during that time.
If you are logged in via telnet, this connection will terminate.
Users with console access can see the results of the copy operation.
---- ******** ---Proceed? [confirm]
a ch Router Vsic1(Serial0)
Source filename []? c2500-i-l.121-26.bin
Tn file IOS image
Destination filename [c2500-i-l.121-26.bin]? Tn File ch trong Router Vsic2
Accessing tftp://10.0.0.1/c2500-i-l.121-26.bin...
Erase flash: before copying? [confirm]
Xc nhn vic copy
%SYS-4-CONFIG_NEWER: Configurations from version 12.1 may not be correctly
understood.
%FLH: c2500-i-l.121-26.bin from 10.0.0.1 to flash ...
1 8038440 /c2500-i-l.121-25.bin
Accessing file 'c2500-i-l.121-26.bin' on 10.0.0.1...
Loading c2500-i-l.121-26.bin from 10.0.0.1 (via Serial0): ! [OK]
Erasing device... eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee ...erased Qu trnh xo Flash
Loading c2500-i-l.121-26.bin from 10.0.0.1 (via Serial0):
Qu trnh np IOS
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Trang 38
CCNA
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 8039140/8388608 bytes]
Verifying checksum... OK (0x9693)
Flash copy took 0:22:28 [hh:mm:ss]
%FLH: Re-booting system after download
F3: 7915484+123624+619980 at 0x3000060
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
(fc1)
Bridging software.
Press RETURN to get started!
Router s reset li sau khi np IOS mi
00:00:05: %LINK-3-UPDOWN: Interface Ethernet0, changed state to up

00:00:05: %LINK-3-UPDOWN: Interface Serial0, changed state to up
00:00:06: %LINK-3-UPDOWN: Interface Serial1, changed state to down
00:00:07: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed
state to up
00:00:14: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0,
changed state to down
Trang 39
CCNA
00:00:16: %LINK-5-CHANGED: Interface Ethernet0, changed state to

administratively down
00:00:16: %SYS-5-CONFIG_I: Configured from memory by console
00:00:20: %LINK-5-CHANGED: Interface Serial1, changed state to administratively
down
state to up
state to down
00:01:00: %SYS-5-RESTART: System restarted -Cisco Internetwork Operating System Software
(fc1)
Vsic2>
Bn c th kim tra Flash li bng lnh show flash
Vsic2>sh flash
1 8039140 /c2500-i-l.121-26.bin
Lu : V y bn s dng 2 Router c b nh Flash bng nhau nn bt but bn phi thc
hin vic xa Flash c trong qu trnh thc hin copy Flash mi, nhng trong trng hp bn
s dng cc loi Router c b nh Flash ln, cn b nh lu thm IOS image (bn
dng lnh Show Flash hay Show version kim tra) th bn khng cn phi xa Flash, iu
ny c ngha l bn c th lu 2, 3 hay nhiu IOS trn Flash ty thuc vo kh nng lu tr
ca Flash.Lc ny bn phi khai bo cho Router bit phi dng IOS Image no khi ng,
bn dng lnh Boot System flash trong mode config thc hin qu trnh khai bo ny .
Trang 40
CCNA
BI 8:NP IOS CHO SWITCH

1. Gii thiu chung v switch 2950 :
Hnh nh mt trc ca switch 2950
Nhn vo hnh bn c th thy switch c 12 port FastEtheret.

H thng lu tr tp tin ca switch 2950:
NVRAM lu startup-config.
Flash lu cc tp tin : IOS image(thng c phn m rng l .bin), vlan.dat(cha cc
cu hnh ca cc VLAN), config.text,private-config.text.
RAM cha running-config.
Qu trnh khi ng s load tp tin config.text vo startup-config cha trong
NVRAM. Nu xo tp tin config.text, sau khi khi ng li s mt ht tt c cc cu hnh.
2. Mc ch bi lab:
IOS image ging nh l h iu hnh i vi mt my tnh bnh thng. Theo thi gian,
th IOS image s c nhng phin bn mi hn so vi phin bn ang c trong switch. Cc
phin bn mi hn c a ra nhm: sa nhng li c th mc phi trong phin bn trc,
cung cp nhng tnh nng mi cho cc protocol c , hoc l cp nht nhng protocol mi.
V vy, bn cn cp nht phin bn mi cho cc switch ca bn n hot ng tt v c th
tng thch vi nhng switch mi s c thm vo mng sau ny.
PC ni vi Switch 2950 bng mt ng cp thng v mt cp console. PC v siwtch c c

a ch IP nh trn hnh.
4. Cc bc thc hin :
BC 1 :
Trang 41
CCNA
Dng cp console kt ni my tnh vi cng console ca switch. Cm ngun cho

switch, dng chng trnh Hyperterminal ca h iu hnh windows cung cp kt ni n
switch, kt ni ny s gip chng ta thc hin cc cu hnh c bn cho switch. Bn phi thit
lp cu hnh cho kt ni l default. Dng cp thng, ni card mng ca my tnh vi 1 cng
FastEthernet mt trc ca switch phc v cho bi lab cp nht IOS cho switch.
Xo cu hnh hin ti trn my
Switch>enable
Switch#erase startup-config
Erasing the nvram filesystem will remove all configuration files! Continue? [con
firm]y
Erase of nvram: complete
Switch#
00:04:57: %SYS-7-NV_BLOCK_INIT: Initalized the geometry of nvram
Switch#
Xa cu hnh vlan c:
Switch#delete vlan.dat
Switch#reload
Proceed with reload? [confirm]y
--output omitted
Would you like to enter the initial configuration dialog? [yes/no]:n
--output omitted
BC 2 : Xem cu hnh mc nh ca switch
Switch>
Switch>en
Switch#show running-config
--output omitted
!
interface Vlan1
no ip address
no ip route-cache
shutdown
!
ip http server
!
line con 0
line vty 5 15
!
--output omitted
BC 3 : Bc ny thc hin cc cu hnh ban u v kim tra li cc cu hnh ny
ng cha.
Trc tin bn phi cu hnh switch name, enable password, privileged password,
console password, v virtual terminal password. Cng gn ging cc lnh trong
router.
Switch#configure terminal
Switch(config)#hostname vsic
Vsic(config)#enable password cisco
Trang 42
CCNA
Vsic(config)#enable secret class

Vsic(config)#line con 0
Vsic(config-line)#password vsic
Vsic(config-line)#login
Vsic(config-line)#line vty 0 15
Vsic(config-line)#password cert
Vsic(config-line)#login
Vsic(config-line)#^Z
Vsic#
00:08:11: %SYS-5-CONFIG_I: Configured from console by console
Vsic#
thc hin c bi lab ny bn phi cp pht a ch IP cho VLAN 1 c
th kt ni thnh cng vi server, v cng phi cu hnh default-gateway (bn nn tp
thi quen cu hnh default-gateway mi khi cu hnh).
Vsic#configure terminal
Vsic(config)#interface vlan 1
Vsic(config-if)#ip address 10.1.1.251 255.255.255.0
Vsic(config-if)#no shutdown
Vsic(config-if)#
00:17:48: %LINK-3-UPDOWN: Interface Vlan1, changed state to up
Vsic(config-if)#
Cn m bo a ch IP cp pht cho VLAN l a ch hp l (ngha l n thuc v
subnet cp pht cho VLAN )
Theo mc nh, tt c cc port u thuc v VLAN 1. Do , tt c cc thit b bt
c port no cng u phi thuc v cng 1 subnet cp pht cho VLAN 1 trn. Bn cu
hnh cho my tnh ca bn a ch IP v subnet mask nh sau: 10.1.1.10 255.255.255.0
Kim tra li kt ni c thnh cng hay khng bng cch g lnh sau trn PC:
C:\>ping 10.1.1.251
Lu : Nu ping khng thnh cng, c th phi ch vi pht switch cp nht li
cu hnh, ri ping li. Nu vn khng thnh cng phi kim tra li xem thc hin ng cc
bc cu hnh nh trn cha.
By gi bn c th ng my tnh truy cp trn switch thng qua telnet hoc l web
browser. Thc hin telnet t my tnh n switch dng a ch IP ca VLAN1 10.1.1.251,
nhp vo mt m l : cert khi c hi. Hoc m ra mt web browser , nhp vo a ch IP
10.1.1.251, nhp vo tn user l vsic, phi nhp mt m l class.
BC 4 :Xem s qua cc tp tin h thng trn switch bng lnh sau:
vsic#show file systems
File Systems:
Size(b) Free(b) Type Flags Prefixes
* 7741440 3171840 flash rw flash:
- opaque ro bs:
32768
31806 nvram rw nvram:
- opaque rw null:
- opaque rw system:
Trang 43
CCNA
- network
- opaque
- opaque
- network
- network
- opaque
rw
ro
ro
rw
rw
ro
tftp:
xmodem:
ymodem:
rcp:
ftp:
cns:
vsic#
Trong s cc tp tin trn switch c lu li cn ch : System Image (tp tin IOS
nm trn vng nh flash), tp tin cu hnh lc startup nm trn NVRAM ca vng nh flash.
H iu hnh ca switch c load trn DRAM
Xem thng tin v cc tp tin h thng ca switch. bit c version hin ti ca
IOS g lnh sau:
vsic#show version
OS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA2, RELEASE
SOFTWARE
(fc1)
--output omitted-vsic#dir
Directory of flash:/
2 -rwx
109 Mar 01 1993 00:20:34 +00:00 info
4 drwx
3968 Mar 01 1993 00:23:20 +00:00 html
5 -rwx 3086328 Mar 01 1993 00:22:37 +00:00 c2950-i6q4l2-mz.121-22.EA2
.bin
338 -rwx
109 Mar 01 1993 00:23:56 +00:00 info.ver
340 -rwx
283 Jan 01 1970 00:00:48 +00:00 env_vars
7741440 bytes total (3173376 bytes free)
vsic#
BC 5 : Thc hin sao chp IOS image gia tftp server v switch.
a. Chp file IOS image t switch ln tftp server (upload)
b. Chp file IOS image t tftp server v li switch (download)
C php cn bn ca lnh chp tp tin ca switch: copy from source to dest.
bit thm chi tit ca lnh copy c th s dng help ca CLI nh cch sau:
vsic#copy ?
/erase
Erase destination file system.
/noverify
Disable automatic image verification after copy
bs:
Copy from bs: file system
cns:
Copy from cns: file system
flash:
Copy from flash: file system
ftp:
Copy from ftp: file system
null:
Copy from null: file system
nvram:
Copy from nvram: file system
rcp:
Copy from rcp: file system
Trang 44
CCNA
running-config Copy from current system configuration

startup-config Copy from startup configuration
system:
Copy from system: file system
tftp:
Copy from tftp: file system
xmodem:
Copy from xmodem: file system
ymodem:
Copy from ymodem: file system
vsic#copy
Upload tp tin IOS ln tftp server
vsic#copy flash:c2950-i6q4l2-mz.121-22.EA2.bin tftp
Destination filename [c2950-i6q4l2-mz.121-22.EA2.bin]? c2950-i6q4l2-mz.12122.EA2.bin
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!--output omitted-3086328 bytes copied in 21.672 secs (142411 bytes/sec)
vsic#
Download IOS image t TFTP server vo Flash ca switch, v bn s down load v
tp tin va mi upload ln , dn n b trng tn cho nn bn s c hi l c ghi ln hay
khng, bn phi tr li l yes:
vsic#copy tftp flash:
Source filename []? c2950-i6q4l2-mz.121-22.EA2.bin
Destination filename [c2950-i6q4l2-mz.121-22.EA2.bin]?
%Warning:There is a file already existing with this name
Do you want to over write? [confirm]y
Accessing tftp://10.1.1.10/c2950-i6q4l2-mz.121-22.EA2.bin...
Loading c2950-i6q4l2-mz.121-22.EA2.bin from 10.1.1.10 (via Vlan1): !!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
--output omitted-[OK - 3086328 bytes]
3086328 bytes copied in 87.712 secs (35187 bytes/sec)
BC 6 : Lu li cc cu hnh :
vsic#copy running-config startup-config
M RNG :
Bn nn th thit lp kt ni 2 switch vi nhau, cu hnh 1 switch lm tftp server , cn
switch kia phi cp nht li IOS image ca mnh t switch.
Trang 45
CCNA
Phn 2 :LAN
BI 9: CU HNH VLAN TRN SWITCH 2950
1. Gii thiu chung v VLAN:
Trc y, cc switch ch c chc nng ngn cch cc broadcast domain, cho nn c th
xem cc thit b c cm trn cng mt switch l mt LAN network. iu dn n hn
ch khng gian vt l ca 1 LAN ch c th trong 1 cn phng hoc cng lm l to nh.
Vi chc nng phn chia VLAN bn c th cp mt s port ca switch cho VLAN A, v cc
port khc cho VLAN B Mi VLAN l mt broadcast domain v 2 thit b trn 2 VLAN
khc nhau khng th lin lc c nu khng c thit b lp 3 kt ni 2 VLAN li vi nhau.
VLAN em li s thu li trong vic chia nhm lm vic v 1 VLAN c th nm nhiu
switch khc nhau, min l cc switch c kt ni vi nhau.
Cc thit b cn c: 1 switch 2950, 2 PC, 2 cp thng , 1 cp console

3. Cc bc thc hin :
BC 1
Thit lp cc kt ni ging nh trong hnh.
Xo cu hnh hin ti trn switch 2950 : xo startup-config, v vlan.dat
Switch>enable
Switch#erase startup-config
Erasing the nvram filesystem will remove all configuration files! Continue? [confirm]y
Erase of nvram: complete
Switch#
00:04:57: %SYS-7-NV_BLOCK_INIT: Initalized the geometry of nvram
Switch#
Xa cu hnh vlan c:
Switch#delete vlan.dat
Switch#reload
Proceed with reload? [confirm]y
Trang 46
CCNA

--output omitted
Would you like to enter the initial configuration dialog? [yes/no]:n
--output omitted
BC 2 : Xem qua cu hnh mc nh ca switch:
Switch>
Switch>enable
Switch#show running-config
--output omitted
!
interface Vlan1
no ip address
no ip route-cache
shutdown
!
ip http server
!
line con 0
line vty 5 15
!
--output omitted
Thc hin cc bc cu hnh c bn:
Switch#configure terminal
Switch(config)#hostname vsic
vsic(config)#enable password cisco
vsic(config)#enable secret class
vsic(config)#line con 0
vsic(config-line)#password vsic
vsic(config-line)#login
vsic(config-line)#line vty 0 15
vsic(config-line)#password cert
vsic(config-line)#login
vsic(config-line)#^Z
vsic#
Xem trng thi cc vlan mc nh c trong switch
vsic#show vlan
VLAN
Name
---- -------------------------------1 default
Status Ports
-------- ------------------------------active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Trang 47
CCNA
1002
fddi-default
Fa0/9, Fa0/10, Fa0/11, Fa0/12

act/unsup
--output omitted
BC 3 :
Cc VLAN c th c to ra bng 1 trong 2 cch. Cch 1 l cp pht 1 port vo mt
vlan cha tn ti. Switch s t ng to vlan cho port c cp. Cch khc l to cc vlan
trc, sau mi cp pht port cho n sau.
2950 switch c lnh range cho php vic cu hnh nhiu port (lin tc, hoc khng lin
tc) cho 1 s chc nng no . Gi s nh bn phi cu hnh nhiu lnh ging nhau cho
nhiu port th c th dng t kha range cu hnh 1 ln cho nhiu port.
Theo mc nh, VLAN 1 c sn v c gi l management vlan, tt c cc port
nm sn trong VLAN 1. Do khng cn thit phi cp pht port cho vlan 1. Bn s dng
lnh range cp pht port 5 n 8 cho vlan 10 theo cch to vlan th nht. Sau , to
VLAN 20 theo cch th 2, cp pht 1 port s 9 cho vlan 20, ri cp pht port 10, 12 cho vlan
20 bn thy c lnh range c th s dng cho cc port khng lin tc.
vsic#configure terminal
vsic(config)#interface range fast 0/5 -8
vsic(config-if-range)#switchport access vlan 10
% Access VLAN does not exist. Creating vlan 10
vsic(config-if-range)#no shut
vsic(config-if-range)#^Z
G lnh show vlan xem vlan 10 va mi to ra c hin th c th trong output.
vsic#show vlan
VLAN Name
Status Ports
----------------------------------- -------- ------------------------------1
default
active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/9, Fa0/10, Fa0/11, Fa0/12
10
VLAN0010
1002 fddi-default
act/unsup
--output omitted-To VLAN 20 theo cch 2, v cp pht port dng lnh range theo kiu khng lin tc.
vsic#vlan database
vsic(vlan)#vlan 20
VLAN 20 added:
Name: VLAN0020
vsic(vlan)#exit
APPLY completed.
Exiting....
vsic#configure terminal
vsic(config)#interface fast 0/9
vsic(config-if)#switchport access vlan 20
vsic(config-if)#exit
vsic(config)#interface range fast 0/9 - 12
vsic(config-if-range)#switchport access vlan 20
Trang 48
CCNA
vsic(config-if-range)#exit
vsic(config)#
Xem li cc cu hnh mi nhp vo bng lnh : show vlan
vsic#show vlan
VLAN Name
----------------------------1
default
10
VLAN0010
20
VLAN0020
1002 fddi-default
Status Ports
------- ------------------------------active Fa0/1, Fa0/2, Fa0/3, Fa0/4
active Fa0/9, Fa0/10,Fa0/11,Fa0/12
act/unsup
--output omitted
vsic#vlan database
vsic(vlan)#vlan 20 name accounting
VLAN 20 modified:
Name: accounting
vsic(vlan)#exit
APPLY completed.
Exiting....
Xem tn ca vlan 20 by gi c i thnh accouting ch khng cn l tn mc
nh: VLAN0020 nh trc y.
vsic#show vlan
VLAN Name
Status
-------------------- -------1
default
active
10
VLAN0010
20
accounting
1002 fddi-default
active
active
act/unsup
Ports
-------------------------------------Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/11
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11Fa0/12
--output omitted-By gi bn i tn VLAN 10 thnh engineering nhng sau nhp vo lnh abort,
tn ca VLAN 10 vn khng thay i, v n khng c lu li. Lnh abort s hu tt c cu
hnh trong phin lm ng nhp vo vlan database hin hnh.
vsic#vlan database
vsic(vlan)#vlan 10 name engineering
VLAN 10 modified:
Name: enginerring
vsic(vlan)#abort
Aborting....
vsic#
vsic#show vlan
Trang 49
CCNA
VLAN Name
----------------------------------1
default
Status
--------active
10
VLAN0010
20
accounting
1002 fddi-default
active
active
act/unsup
Ports
------------------------------Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/11
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/12
--output omitted
BC 4 : Nhp vo a ch IP cho cc VLAN interface
vsic(config)#interface vlan 1
vsic(config-if)#ip address 192.168.1.1 255.255.255.0
vsic(config-if)#no shut
vsic(config-if)#interface vlan 10
vsic(config-if)#interface vlan 20
Kim tra li cc a ch IP nhp vo bng lnh sau:
vsic#show run
!
interface Vlan1
ip address 192.168.1.1 255.255.255.0
no ip route-cache
shutdown
!
interface Vlan10
ip address 192.168.10.1 255.255.255.0
no ip route-cache
shutdown
!
interface Vlan20
ip address 192.168.20.1 255.255.255.0
no ip route-cache
!
Lu : ch c mt vlan interface c php up vo bt c lc no. Chng hn interface vlan
20 ang up, nu bn g lnh no shut cho interface vlan 10 th interface vlan 20 t ng down.
BC 5 : kim tra hot ng ca cc VLAN , bn c th lm nh sau:
a) Cu hnh cho PC 1 a ch IP : 192.168.1.2 255.255.255.0. Dng cp thng ni card
mng ca PC1 vi port 1 ca switch. ng t PC 1 bn g lnh: ping 192.168.1.1. Lnh ping
phi thnh cng. Nu khng, bn phi kim tra li ton b cu hnh.
b) PC2 c cm vo port 5 ca SW, ta cu hnh a ch IP ca PC2 192.168.10.2. Ta s
dng lnh ping 192.168.10.1 xc nhn PC2 nm trong VLAN 10. Ta th s dng
Trang 50
CCNA
PC1 ping PC2, ta thy s khng thnh cng, do 2 PC by gi khc vng broadcast v cc
vng ny khng c ni vi nhau. Tip theo ta cm PC1 vo port 6 ca Switch, ta s dng
lnh ping 192.168.10.2 nhng vn khng thy c PC2 do PC1 v PC2 khng thuc
chung 1 mng( 192.168.1.0 v 192.168.10.0). Ta sa a ch ca PC thnh 192.168.10.3(
chung mng vi PC2), lc ny ping s thnh cng.
4. T thc hnh bng Boson Netsim( dnh cho SV thc hnh thm nh)
Chy phn mm Boson Netsim v chn FileLoad NetmapChn file lab9vlan.top.
Sau khi open file ny chng ta ang thc hnh vi hnh nh sau:
Click vo eSwitch hin th trn phn mm v bt u cu hnh SW ging nh bi thc

hnh trn. Trong hnh trn ta thy PC1 thuc VLAN1 v PC2,PC3 thuc Vlan10. PC1 ping
thy int vlan1 nhng khng ping thy PC2,PC3. Trong khi PC2,PC3 c th ping thy nhau.
Trang 51
CCNA
Mun cu hnh IP cho PC1,2,3 ta click v eStation v chn PC mnh mun cu hnh.
G lnh winipcfg cu hnh IP.
Trang 52
CCNA
Ta th ping vo int vlan1
Trang 53
CCNA
Ta thy PC2(192.168.10.2) v PC3 (192.168.10.3)u thuc Vlan 10 nn s ping thy

nhau.
Trang 54
CCNA
PC1( 192.168.1.2) v PC2( 192.168.10.2) s khng ping thy nhau v khc Vlan.
Trang 55
CCNA
BI 10: CU HNH VLAN TRUNK

1. Gii thiu :
Trunk l mt ng vt l ng thi ca l mt ng logic cho php vlan trn hai
switch khc nhau trao i thng tin c vi nhau. Thay v vlan trn hai switch mun trao i
thng tin vi nhau chng ta phi ni mt port thuc vlan trn switch ny vi mt port cng
thuc vlan trn switch cn li
th trunk cho php thc hin iu ch bng mt ng vt l. Trunk to ra nhiu ng kt

ni vlan o trn mt ng vt l. T vlan trn cc switch khc c th lin lc c vi
nhau.
Trunk c hai loi ng gi l : dot1q v isl. Dot1q s dng cc frame tagging truyn d
liu ca vlan gia hai switch khc nhau. Cn ISL s ng gi ethernet frame bng cc gn vo
u fram gi tr VLAN ID.
Hai switch c ni vi nhau bng cp cho v c cu hnh cng VTP domain.

3. Cu hnh cho cc switch :
Trc tin khi b nh hng gia cc Switch vi nhau( t ng trunking), ta cha
cm cp ng Trunk( fa0/1 ca cc Switch) hay shut down port trunk
VSIC1#conf t
Trang 56
CCNA
VSIC1(config)# int fa0/1

VSIC1(config-if)#shut
Chng ta to vlan2, vlan4, vlan6 cho VSIC1; vlan3, vlan5, vlan7 cho VSIC2 v cu
hnh cho hai switch trong cng mt VTP domain.
VSIC1#vlan database
VSIC1(vlan)#vlan 2 name vlan2
To vlan2 cho switch VSIC1
VSIC1(vlan)#vtp domain name VSIC
Cu hnh cho VSIC1 thuc
VTP domain VSIC
VSIC1(vlan)#apply
VSIC2#vlan database
VSIC2(vlan)#apply
Sau khi cu hnh Vlan xong chng ta kim tra li cc vlan ca VSIC1 v VSIC2 bng cu
lnh show vlan.
VSIC1#sh vlan
VLAN Name
Status Ports
---- -------------------------------- --------- ------------------------------1 default
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
2 vlan2
active
4 vlan4
active
6 vlan6
active
VSIC2#sh vlan
VLAN Name
Status Ports
---- -------------------------------- --------- ------------------------------1 default
active Fa0/2, Fa0/3, Fa0/4, Fa0/5,
Fa0/6, Fa0/7, Fa0/8, Fa0/9,
Fa0/10, Fa0/11, Fa0/12, Fa0/13,
Fa0/14, Fa0/15, Fa0/16, Fa0/17,
Fa0/18, Fa0/19, Fa0/20, Fa0/21,
Fa0/22, Fa0/23, Fa0/24
3 vlan3
active
5 vlan5
active
7 vlan7
active
Switch VSIC1 c to vlan2, vlan4, vlan6; switch VSIC2 c vlan3, vlan5, vlan6.
i vi SW 2950 chng ta khng cn phi ch ra cch ng gi v ch h tr cch ng gi
dot1q.By gi chng ta s cu hnh ng trunk cho hai switch bng cch :
(Chng ta cha ni hai port fa0/1 ca hai switch li vi nhau)
Trang 57
CCNA
i vi VSIC1 l Switch 2950

VSIC1#conf t
VSIC1(config)#in fa0/1
VSIC1(config-if)#switchport mode trunk
Cu hnh cho port Fa0/1 l trunk
i vi VSIC2 l SW 2900XL( hay 3550)

VSIC2#conf t
VSIC2(config)#in fa0/1
VSIC2(config-if)#switchport mode trunk
VSIC2(config-if)#switchport trunk encapsulation dot1q
s dng giao thc
ng gi dot1q cho ng trunk
Lu : do switch 2950 ch h tr dot1q nn chng ta phi cu hnh cho switch VSIC2 (2900)
s dng cng giao thc ng gi l dot1q. Khng cu hnh ISL cho switch VSIC2.
By gi chng ta s dng cu lnh show vtp status kim tra VTP :
VSIC1# sh vtp status
VTP Version
:2
Configuration Revision
:3
Maximum VLANs supported locally : 64
Number of existing VLANs
:8
VTP Operating Mode
: Server
VTP Domain Name
: VSIC
VTP Pruning Mode
: Disabled
VTP V2 Mode
: Disabled
VTP Traps Generation
: Disabled
MD5 digest
: 0xEA 0xB0 0xB8 0x44 0xFF 0x84 0x8D 0xFD
Configuration last modified by 0.0.0.0 at 3-1-93 00:22:49
VSIC2#sh vtp status
VTP Version
:2
:2
: 11
VTP Operating Mode
: Server
VTP Domain Name
: VSIC
VTP Pruning Mode
: Disabled
VTP V2 Mode
: Disabled
VTP Traps Generation
: Disabled
MD5 digest
: 0xA6 0x13 0x28 0xD8 0x04 0xB8 0xAD 0x14
Configuration last modified by 0.0.0.0 at 3-1-93 00:17:09
Chng ta lu l s configuration revision ca VTP switch VSIC1 ln hn ca VSIC2. Hai
switch c cng VTP domain name l VSIC v c hai l VTP server.
By gi chng ta ni hai port fa0/1 ca hai switch li vi nhau v kim tra li cc vlan.
VSIC1#sh vlan
VLAN Name
Status Ports
---- -------------------------------- --------- ------------------------------1 default
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Trang 58
CCNA
2
4
6
vlan2
vlan4
vlan6
active
active
active
VSIC2#sh vlan
VLAN Name
Status Ports
---- -------------------------------- --------- ------------------------------1 default
Fa0/6, Fa0/7, Fa0/8, Fa0/9,
Fa0/10, Fa0/11, Fa0/12, Fa0/13,
Fa0/14, Fa0/15, Fa0/16, Fa0/17,
Fa0/18, Fa0/19, Fa0/20, Fa0/21,
Fa0/22, Fa0/23, Fa0/24
2 vlan2
active
4 vlan4
active
6 vlan6
active
Nhn xt : cc vlan trn switch VSIC2 b mt thay vo l cc vlan ca VSIC1. Do
VSIC1 c s configuration revision ln hn nn p chng tt c vlan ca mnh ln switch
VSIC2.
Chng ta c th tng s configuration cho switch bng cch ra vo vlan datatbase v apply
nhiu ln. C mi ln chng ta vo vlan database apply mt ln th s configuration s tng
ln mt ln.
By gi chng ta s kho st nu hai switch khc VTP domain th s hot ng nh th no.
Chng ta cu hnh cho switch VSIC1 c VTP domain l VSIC, cn switch VSIC2 l VSIC1.
Do phn trn chng ta cu hnh cho switch VSIC1 thuc VTP domain VSIC v cc vlan
ca VSIC2 b mt nn by gi chng ta cu hnh VSIC2 thuc VTP domain VSIC1 v to
li cc vlan3, vlan5, vlan7 cho VSIC2. (lu chng ta nn tho cp ni hai port fa0/1 ca hai
switch trc khi thc hin)
VSIC2#vlan database
VSIC2(vlan)#no vlan 2
VSIC2(vlan)#apply
By gi chng ta kim tra li s configuration revision ca hai switch v cc vlan ca chng.
VSIC1#sh vtp status
VTP Version
:2
:3
:8
VTP Operating Mode
: Server
VTP Domain Name
: VSIC
VSIC2#sh vtp status
VTP Version
:2
Trang 59
CCNA
:0
: 11
VTP Operating Mode
: Server
VTP Domain Name
: VSIC1
VSIC1#sh vlan
VLAN Name
Status Ports
---- -------------------------------- --------- ------------------------------1 default
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
2 vlan2
active
4 vlan4
active
6 vlan6
active
VSIC2#sh vlan
VLAN Name
Status Ports
---- -------------------------------- --------- ------------------------------1 default
Fa0/6, Fa0/7, Fa0/8, Fa0/9,
Fa0/10, Fa0/11, Fa0/12, Fa0/13,
Fa0/14, Fa0/15, Fa0/16, Fa0/17,
Fa0/18, Fa0/19, Fa0/20, Fa0/21,
Fa0/22, Fa0/23, Fa0/24
3 vlan3
active
5 vlan5
active
7 vlan7
active
By gi chng ta ni cp hai port fa0/1 li. Kim tra li cc vlan chng ta s thy c l hai
switch khng trao thi thng tin vlan vi nhau (switch VSIC1 s khng p vlan ln switch
VSIC2).
VSIC1#sh vlan
VLAN Name
Status Ports
---- -------------------------------- --------- ------------------------------1 default
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
2 vlan2
active
4 vlan4
active
6 vlan6
active
VSIC2#sh vlan
VLAN Name
Status Ports
---- -------------------------------- --------- ------------------------------1 default
Fa0/6, Fa0/7, Fa0/8, Fa0/9,
Fa0/10, Fa0/11, Fa0/12, Fa0/13,
Fa0/14, Fa0/15, Fa0/16, Fa0/17,
Trang 60
CCNA
Fa0/18, Fa0/19, Fa0/20, Fa0/21,

Fa0/22, Fa0/23, Fa0/24
3 vlan3
active
5 vlan5
active
7 vlan7
active
Vy nu hai switch khng cng mt VTP domain th s khng trao i thng tin vlan cho
nhau.
4. Cch t thc hnh bng Boson Netsim
S dng tnh nng Lab Navigator ca Boson Netsim. Trong phn ny c rt nhiu
bi v vlan
Trunk.
Trang 61
CCNA
Click vo Load lab vo lab thc hnh. V view lab xem cu hnh chi tit
Trang 62
CCNA
Trang 63

Ccna PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Ccna PDF

Uploaded by

Copyright:

Available Formats

CCNA

Ti liu dnh cho hc vin

VSIC Education Corporation

Ti liu dnh cho hc vin

Phn I : Cisco IOS

Trong hnh trn, PC c ni vi router bng cp console

VSIC Education Corporation

Ti liu dnh cho hc vin

Enable password : y l loi mt khu c chc nng tng t nh enable secret

Ti liu dnh cho hc vin

Ti liu dnh cho hc vin

mt khu line console s c kim tra

8. G b mt khu cho router :

VSIC Education Corporation

VSIC Education Corporation

Ti liu dnh cho hc vin

Ti liu dnh cho hc vin

BI 2: Cisco Discovery Protocol (CDP)

hnh bi lab nh hnh v, cc router c ni vi nhau bng cp serial.

VSIC Education Corporation

Ti liu dnh cho hc vin

logging rate-limit console 10 except errors

VSIC Education Corporation

Ti liu dnh cho hc vin

VSIC Education Corporation

Ti liu dnh cho hc vin

Lu : V CDP l 1 giao thc ring ca Cisco nn n c mc nh khi ng, v vy khi ta

5. Cc lnh trong giao thc CDP :

thit b lin kt trc tip l Vsic2

Ti liu dnh cho hc vin

IOS (tm) 2500 Software (C2500-I-L), Version 12.1(26), RELEASE SOFTWARE

Ti liu dnh cho hc vin

VSIC Education Corporation

Ti liu dnh cho hc vin

T Router Vsic3 ch xem c thng tin ca thit b ni trc tip l Router

6. Cu hnh s dng Dynagen(dnh cho Hc vin t thc hnh)

VSIC Education Corporation

VSIC Education Corporation

Ti liu dnh cho hc vin

Ti liu dnh cho hc vin

hnh bi lab nh hnh trn, cc router c ni vi nhau bng cp serial. Host1 ni vi

Ti liu dnh cho hc vin

Ti liu dnh cho hc vin

C:\Documentsand settings\Administrator>Telnet 10.0.0.1

VSIC Education Corporation

Ti liu dnh cho hc vin

Ti liu dnh cho hc vin

# by the interface specification under Router VSIC1

Thay a ch ca card mng hin hnh ti my PC vo file cu hnh. Nh vy ta

Save file cu hnh v chy, chng ta bt u vo bi thc hnh

VSIC Education Corporation

Ti liu dnh cho hc vin

BI 4: KHI PHC MT KHU CHO CISCO ROUTER

Trong hnh trn PC ni vi router bng cp console

Ti liu dnh cho hc vin

9 Bc 4 : Thay i thanh ghi (t 0x2142 sang 0x2102).

Ti liu dnh cho hc vin

vsic(config)#ena pass class

Ti liu dnh cho hc vin

enable secret 5 $1$49cD$jrvYyRSQhpTAHuDA1/R1v.

VSIC Education Corporation

Ti liu dnh cho hc vin

BI 5: RECOVERY PASSWORD CHO SWITCH 2950