CCNA R&S config
Views
hostname S1
enable secret
line console 0
logging synchronous
password console
login
line vty 0 4
password telnet
login
exit
no ip domain-lookup
ip default-gateway 192.168.10.1
banner motd # Welcome #
ip dhcp excluded-address 192.168.10.1
ip dhcp pool NET1
ip dhcp network 192.168.10.0 255.255.255.0
ip dhcp default-router 192.168.10.1
ip dhcp name-server 8.8.8.8
hostname R1
ip domain-name home.com
username root password toor
crypto key generate rsa
ip ssh version 2
line vty 0 4
transport input ssh
login local
no cdp run
int f0/0
no cdp enable
show hosts
int f0/0
ip nat inside
int f0/1
ip nat outside
exit
ip nat inside source static 192.168.10.10 123.45.67.89
int f0/0
ip nat inside
int f0/1
ip nat outside
exit
ip access-list standard NAT_INSIDE
permit 192.168.10.0 0.0.0.255
exit
ip nat pool NAT_OUTSIDE 170.168.2.3 170.168.2.254 netmask 255.255.255.0
ip nat inside source list NAT_INSIDE pool NAT_OUSIDE
int f0/0
ip nat inside
int f0/1
ip nat outside
exit
ip access-list standard NAT_INSIDE
permit 192.168.10.0 0.0.0.255
exit
ip nat inside source list NAT_INSIDE interface f0/1 overload
int f0/0
switchport mode access
switchport access vlan 10
int f0/0
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan 1,2,3
switchport trunk native vlan 1
int f0/0
ip address 192.168.10.1 255.255.255.0
no shutdown
int f0/0.10
encapsulation dot1q 10
ip address 192.168.20.1 255.255.255.0
int f0/0.20
encapsulation dot1q 20
ip address 192.168.30.1 255.255.255.0
int f0/0
switchport mode access
switchport port-security
switchport port-security maximum 1
switchport port-security violation shutdown
switchport port-security mac-address sticky
switchport port-security mac-address aaaa.bbbb.cccc
config t
hostname R1
username R2 password cisco
int s0/0
encapsulation ppp
ppp authentication pap
On Router2:
config t
hostname R2
int s0/0
encapsulation ppp
ppp pap sent-username R2 password cisco
config t
hostname R1
username R2 password cisco
int s0/0
encapsulation ppp
ppp authentication chap
On Router2:
config t
hostname R2
username R1 password cisco
int s0/0
encapsulation ppp
int s0/0
encapsulation frame-relay
int s0/0.102 point-to-point
ip address 172.16.10.1 255.255.255.252
frame-relay interface-dlci 102
int s0/0
no shutdown
hostname ISP
frame-relay switching
int s0/0
encapsulation frame-relay
frame intf-type dce
clock rate 64000
frame-relay route 102 interface s0/1 201
config t
int f0/0
ip address 192.168.10.1 255.255.255.0
no shutdown
int tunnel 1
ip address 10.1.1.1 255.255.255.252
tunnel source f0/0
tunnel destination 192.168.20.1
On Router2:
config t
int f0/0
ip address 192.168.20.1 255.255.255.0
no shutdown
int tunnel 1
ip address 10.1.1.2 255.255.255.252
tunnel source f0/0
tunnel destination 192.168.10.1
config t
config-register 0x2142
reload
config t
config-register 0x2102
set IP_SUBNET_MASK=255.0.0.0
set DEFAULT_GATEWAY=1.1.1.2
set TFTP_SERVER=1.1.1.2
set TFTP_FILE=flash:c2800nm-advipservicesk9-mz.124-12.bin
tftpdnld
- General configuration
hostname S1
enable secret
line console 0
logging synchronous
password console
login
line vty 0 4
password telnet
login
exit
no ip domain-lookup
ip default-gateway 192.168.10.1
banner motd # Welcome #
- Configure DHCP
ip dhcp excluded-address 192.168.10.1
ip dhcp pool NET1
ip dhcp network 192.168.10.0 255.255.255.0
ip dhcp default-router 192.168.10.1
ip dhcp name-server 8.8.8.8
- SSH setup
hostname R1
ip domain-name home.com
username root password toor
crypto key generate rsa
ip ssh version 2
line vty 0 4
transport input ssh
login local
- Disable CDP globally and on an interface
no cdp run
int f0/0
no cdp enable
- Build a host table
show hosts
- Static NAT (192.168.10.10 will be visible as 123.45.67.89 from outside)
int f0/0
ip nat inside
int f0/1
ip nat outside
exit
ip nat inside source static 192.168.10.10 123.45.67.89
- Dynamic NAT (inside IP is transformed into another IP from a pool)
int f0/0
ip nat inside
int f0/1
ip nat outside
exit
ip access-list standard NAT_INSIDE
permit 192.168.10.0 0.0.0.255
exit
ip nat pool NAT_OUTSIDE 170.168.2.3 170.168.2.254 netmask 255.255.255.0
ip nat inside source list NAT_INSIDE pool NAT_OUSIDE
- PAT
int f0/0
ip nat inside
int f0/1
ip nat outside
exit
ip access-list standard NAT_INSIDE
permit 192.168.10.0 0.0.0.255
exit
ip nat inside source list NAT_INSIDE interface f0/1 overload
- Configure access port
int f0/0
switchport mode access
switchport access vlan 10
- Configure trunk port
int f0/0
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan 1,2,3
switchport trunk native vlan 1
- Configure router-on-a-stick
int f0/0
ip address 192.168.10.1 255.255.255.0
no shutdown
int f0/0.10
encapsulation dot1q 10
ip address 192.168.20.1 255.255.255.0
int f0/0.20
encapsulation dot1q 20
ip address 192.168.30.1 255.255.255.0
- Configure port security
int f0/0
switchport mode access
switchport port-security
switchport port-security maximum 1
switchport port-security violation shutdown
switchport port-security mac-address sticky
switchport port-security mac-address aaaa.bbbb.cccc
- Configure PPP with pap
config t
hostname R1
username R2 password cisco
int s0/0
encapsulation ppp
ppp authentication pap
On Router2:
config t
hostname R2
int s0/0
encapsulation ppp
ppp pap sent-username R2 password cisco
- Configure PPP with chap
config t
hostname R1
username R2 password cisco
int s0/0
encapsulation ppp
ppp authentication chap
On Router2:
config t
hostname R2
username R1 password cisco
int s0/0
encapsulation ppp
- Configure frame-relay
int s0/0
encapsulation frame-relay
int s0/0.102 point-to-point
ip address 172.16.10.1 255.255.255.252
frame-relay interface-dlci 102
int s0/0
no shutdown
- Configure frame-relay switch
hostname ISP
frame-relay switching
int s0/0
encapsulation frame-relay
frame intf-type dce
clock rate 64000
frame-relay route 102 interface s0/1 201
- GRE tunnel
config t
int f0/0
ip address 192.168.10.1 255.255.255.0
no shutdown
int tunnel 1
ip address 10.1.1.1 255.255.255.252
tunnel source f0/0
tunnel destination 192.168.20.1
On Router2:
config t
int f0/0
ip address 192.168.20.1 255.255.255.0
no shutdown
int tunnel 1
ip address 10.1.1.2 255.255.255.252
tunnel source f0/0
tunnel destination 192.168.10.1
- Password recovery
config t
config-register 0x2142
reload
config t
config-register 0x2102
- Copy IOS image to flash from TFTP (TFTP and CISCO device should be connected with crosslink cable)
set IP_SUBNET_MASK=255.0.0.0
set DEFAULT_GATEWAY=1.1.1.2
set TFTP_SERVER=1.1.1.2
set TFTP_FILE=flash:c2800nm-advipservicesk9-mz.124-12.bin
tftpdnld
