Table
- Basic Device Configuration
- Configure Passwords
- Encrypt Passwords
- Banner Messages
- Save the Running Configuration File
- VLAN and Trunk Configure
- Create VLAN
- Configure Ports to VLAN
- Delete VLAN
- View the VLAN Configuration
- Configure Trunk
- Router
- Router basic configuration
- IPv4 Config and DCE Clock Rate
- IPv6 Config
- IPv4 loopback interface
- Configure Static and Default Routes
- IPv4 Static and Default Routes
- IPv6 Static and Default Routes
- Floating Static Routes
- Configure RIPv2
- Configuring Router-on-a-Stick Inter-VLAN Routing
- Router basic configuration
- IPv4 ACL
- DHCPv4
- DHCP Server
- DHCP Relay
- DHCP Client
- NAT and PAT
- Configure Static NAT
- Configure Dynamic NAT
- Configure PAT:pool
Basic Device Configuration
Configure Passwords
1
2
3
4
5
6
7
8
9
10
11
12
Switch(config)# enable password cisco
Switch(config)# enable secret class
Switch(config)# line console 0
Switch(config)# password cisco
Switch(config)# login
Switch(config)# line vty 0 15
Switch(config)# password cisco
Switch(config)# login
Switch# show running-config
Encrypt Passwords
S1(config)# service password-encryption
Use the show running-config command to verify that passwords are now encrypted.
Banner Messages
S1(config)#banner motd # the message of the day #
Save the Running Configuration File
S1#copy running-config startup-config
As shown in the figure, use the show running-config privileged EXEC mode command to view the running configuration file. To view the startup configuration file, use the show startup-config privileged EXEC command.
VLAN and Trunk Configure
Create VLAN
1
2
3
Switch(config)# vlan 10
Switch(config-vlan)# name Students
Switch(config-vlan)# end
Configure Ports to VLAN
1
2
3
4
5
6
7
8
9
Switch(config)# interface f0/0
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 10
Switch(config-if)# end
Switch(config)# interface range f0/1 - 24
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 10
Switch(config-if)# end
Delete VLAN
1
2
3
4
5
Switch(config)# interface f0/0
Switch(config-if)# no switchport access vlan
Switch(config-if)# exit
Switch(config)# no vlan 10
Switch(config)# end
View the VLAN Configuration
Switch# show vlan brief
Configure Trunk
1
2
3
4
5
Switch(config)# interface f0/1
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport trunk native vlan 99
Switch(config-if)# end
Switch# show interfaces f0/1 switchport
Router
Router basic configuration
IPv4 Config and DCE Clock Rate
1
2
3
4
5
6
7
8
9
10
Router# show controllers S0/0/1 !检查路由器接口是DCE还是DTE
Router(config)# interface S0/0/1
Router(config-if)# description Link to LAN1
Router(config-if)# ip address 192.168.10.1 255.255.255.0
Router(config-if)# clock rate 64000
Router(config-if)# no shutdown
Router(config-if)# exit
IPv6 Config
1
2
3
4
5
6
7
8
Router(config)# interface G0/0
Router(config-if)# description Link to LAN1
Router(config-if)# ipv6 address 2001:db8:acad:1::1/64
Router(config-if)# clock rate 64000
Router(config-if)# no shutdown
Router(config-if)# exit
IPv4 loopback interface
1
2
3
Router(config)# interface loopback 0
Router(config-if)# ip address 10.0.0.1 255.255.255.0
Router(config-if)# exit
Configure Static and Default Routes
IPv4 Static and Default Routes
1
2
3
4
5
6
7
Router(config)# ip route network-address subnet-mask {ip-address | exit-interface}
Router(config)# ip route 192.168.1.0 255.255.255.0 172.16.2.2
Router(config)# ip route 0.0.0.0 0.0.0.0 G0/0 !默认路由
Router(config)# exit
Router# show ip route
IPv6 Static and Default Routes
1
2
3
4
5
6
7
8
Router(config)# ipv6 unicast-routing !启用IPv6单播路由
Router(config)# ipv6 route 2001:DB8:ACAD:2::/64 2001:DB8:ACAD:4::2
Router(config)# ipv6 route 2001:DB8:ACAD:2::/64 S0/0/1
Router(config)# ipv6 route ::/0 {ipv6-address | exit-interface}
Router(config)# exit
Router# show ipv6 route
Floating Static Routes
1
2
3
4
5
Router(config)# ip route 0.0.0.0 0.0.0.0 172.16.2.2 !主链路
Router(config)# ip route 0.0.0.0 0.0.0.0 10.10.10.2 5 !浮动链路,距离为5,距离越小,优先级越高
Router(config)# ipv6 route ::/0 2001:db8:acad:4::2
Router(config)# ipv6 route ::/0 2001:db8:acad:6::2 5
Configure RIPv2
1
2
3
4
5
6
Router(config)# router rip
Router(config-router)# version 2
Router(config-router)# network 192.168.1.0 // network-address : 与路由直接网络
Router(config-router)# network 192.168.2.0
Router(config-router)# no auto-summary
Router(config-router)# end
Configuring Router-on-a-Stick Inter-VLAN Routing
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
! 交换机配置
S1(config)# interface f0/11
S1(config-if)# switchport access vlan 10
S1(config)# interface f0/6
S1(config-if)# switchport access vlan 30
S1(config)# interface f0/5
S1(config-ig)# switchport mode trunk
! 路由器配置
Router(config)# interface g0/0.10
Router(config-subif)# encapsulation dot1q 10
Router(config-subif)# ip address 172.17.10.1 255.255.255.0
Router(config)# interface g0/0.30
Router(config-subif)# encapsulation dot1q 30
Router(config-subif)# ip address 172.17.30.1 255.255.255.0
Router(config)# interface g0/0
Router(config-if)# no shutdown
IPv4 ACL
1
2
3
4
5
6
7
8
9
Router(config)# access-list 1 permit 192.168.0.0 0.0.0.255
Router(config)# exit
Router# show access-lists
Router(config)# interface S0/0/0
Router(config-if)# ip access-group 1 out !将ACL 1作为接口的出站过滤器
Router# config t
Router(config)# no access-list 1
1
2
3
4
5
6
Router(config)#i p access-list standard NO-ACCESS
Router(config-std-nacl)# deny host 192.168.11.10 !拒绝特定主机
Router(config-std-nacl)# permit any
Router(config-std-nacl)# exit
Router(config)# interface g0/0
Router(config-if)# ip access-list NO-ACCESS out
DHCPv4
DHCP Server
1
2
3
4
5
6
7
8
9
10
Router(config)# ip dhcp excluded-address 192.168.10.1 192.168.10.9
Router(config)# ip dhcp excluded-address 192.168.10.254 !排除IPv4地址
Router(config)# ip dhcp pool LAN-POOL-1 !配置dhcp池
Router(dhcp-config)# network 192.168.10.0 255.255.255.0 !定义可用地址范围
Router(dhcp-config)# default-router 192.168.10.0 !定义默认网关路由器。通常,网关是最接近客户端设备的路由器的 LAN 接口
Router(dhcp-config)# dns-server 192.168.11.5
Router(dhcp-config)# domain-name example.com
Router(dhcp-config)# end
DHCP Relay
1
2
3
4
R1(config)# interface g0/0
R1(config-if)# ip helper-address 192.168.11.6 ! dhcp服务器的地址
R1(config-if)# end
R1# show ip interface g0/0
DHCP Client
1
2
3
Router(config)# interface g0/1
Router(config-if)# ip address dhcp
Router(config-if)# no shutdown
NAT and PAT
Configure Static NAT
1
2
3
4
5
R2(config)# ip nat inside static 192.168.11.99 209.165.201.5
R2(config)# interface S0/0/0
R2(config-if)# ip nat inside
R2(config)# interface S0/1/0
R2(config-if)# ip nat outside
Configure Dynamic NAT
1
2
3
4
5
6
7
8
9
R2(config)# ip nat pool NAT-POOL1 209.165.200.226 209.165.200.240 netmask 255.255.255.224 ! 定义地址池
R2(config)# access-list 1 permit 192.168.0.0 0.0.255.255 ! 定义ACL1
R2(config)# ip nat inside source list 1 pool NAT-POOL1 ! 绑定nat地址池和ACL 1
R2(config)# interface S0/0/0
R2(config-if)# ip nat inside
R2(config)# interface S0/1/0
R2(config-if)# ip nat outside
Configure PAT:pool
1 | R2(config)# ip nat pool NAT-POOL2 209.165.200.226 209.165.200.240 netmask 255.255.255.224 ! 定义地址池 |