Cisco CLI - samuel-richardson/Sam-Tech-Journal GitHub Wiki

Cisco CLI

  • > readonly, # root, (config) in configuration mode, (config-if) interface config.
  • enable to enter permissive mode.
  • conf t to enter configuration mode.
  • copy running-config startup-config or copy run start to save config.

Reseting MLS

  1. As the switch boots press and hold the power button for 15secds which should show the below text.
The system has been interrupted prior to initializing the
flash filesystem.  The following commands will initialize
the flash filesystem, and finish loading the operating
system software:
flash_init
load_helper
boot
switch:
  1. flash_init to enter flash system.
  2. Delete the config del flash:config.text del flash:vlan.dat these may have slightly different names.
  3. Type boot to start and N to decline the the wizard.

Configure interfaces

  • ip routing enable routing on layer 3 switch.

Configure physical ip.

int fa0/0 
no shut 
ip address 192.168.1.1 255.255.255.0

Configure vlan port

interface vlan x
ip address 192.168.1.1 255.255.255.0

Assign vlan to multiple ports.

interface range FastEthernet 0/x-y
switchport access vlan vlan_id

Assign trunk port

int fa0/x
switchport trunk encapsulation [dot1q | isl]
switchport mode trunk
switchport trunk allowed vlan {add | all | except | remove} x-y

Add vlans

vlan 10
name vlan10

DHCP Relay

int fa 0/x
ip helper-address 192.168.1.100

Static Route

ip route 30.0.0.0 255.0.0.0 20.0.0.1

Serial ports

  • May need additional settings.
R0(config)#interface serial 0/0/0
R0(config-if)#ip address 20.0.0.1 255.0.0.0
R0(config-if)#clock rate 64000
R0(config-if)#bandwidth 64
R0(config-if)#no shutdown
R0(config-if)#exit

NAT

Static

  • define inside nat
R1(config)#interface fastEthernet 0/0
R1(config-if)#ip nat inside
  • define outside nat
R1(config)#interface serial 0/0/0
R1(config-if)#ip nat outside
  • Create static rule
R1(config)#ip nat inside source static 10.0.0.2 50.0.0.1

PAT

  • Set default route ip route 0.0.0.0 0.0.0.0 30.0.0.2
  • Create nat pool
R1(config)#ip nat pool test 30.0.0.120 30.0.0.120 netmask 255.0.0.0
  • create access list
R1(config)#access-list 1 permit 192.168.0.0 0.0.0.255
  • assign a pool to an access list
R1(config)#ip nat inside source list 1 pool test overload

OSPF

Enable OSPF for simple area 0

router ospf 1 # process-id typically 1
network 192.168.1.0 0.0.0.255 area 0 # Setup for each directly attached network on the router.

Distribute default route with OSPF useful for BGP

ip route 0.0.0.0 0.0.0.0 192.168.1.1
default-information originate #In ospf conf

BGP

Simple BGP configuration.

router bgp <AS>
 neighbor <ip-address-peer> remote-as <as-of-peer> #Do this for each BGP peer 
 network 10.10.52.0 mask 255.255.255.0 #Do this for all networks part of the routes AS can not share network advertisement with another AS.
 redistribute ospf 1 #To distribute route from ospf.

ACL

ip access-list standard <name>
 perit|deny <ip> <*mask>
ip access-group <ACL number> in|out

R2> enable
R2# configure terminal
R2(config)# ip access-list extended EXTEND-1
R2(config-ext-nacl)# deny ip 192.168.10.0 0.0.0.255 host 200.200.200.1
R2(config-ext-nacl)# permit ip any any
R2(config-ext-nacl)# exit

R2(config)# interface Serial0/0/0
R2(config-if)# ip access-group EXTEND-1 out
R2(config-if)# exit

IPv6

ipv6 general-prefix champ-pre 2620:E4:C000::/64
int fa0/1
 ipv6 address 2620:E4:C000::1/64 #Manual
 ipv6 address 2620:E4:C000::/64 eui-64 # Mac based automatic
 ipv6 address autoconfig #Auto eui but requires a router with an assigned address in the network.
 ipv6 rip proccessx enable
ipv6 unicast-routing
⚠️ **GitHub.com Fallback** ⚠️