Commands Flashcards
Get into Privileged Executive Mode
enable
Get into Global Configuration Mode
configuration terminal
Get into Interface Configuration Mode
interface s0/0
Get into Line Configuration Mode
line console 0
Get into Router Configuration Mode
router ospf 1
Save configurations on the device
copy running-config startup-config
Configure privileged executive mode password
enable secret cisco
Configure telnet
line vty 0 15
login
password cisco
Show information of nearby network devices
show cdp neighbors detail
Set the hostname
hostname R1
Set default gateway
ip default-gateway 192.168.1.1
Configure VLAN interface
int vlan 1
ip address 192.168.1.200 255.255.255.0
Set speed and duplex on an interface
speed 100
duplex full
Encrypt passwords
service password-encryption
Configure ssh
username jordan secret cisco ip domain-name lab.local crypto key generate rsa line vty 0 15 transport input ssh
enable port security
switchport port security
Allow only one device at a time to access a port
switchport port-security max 1
Allow only one unique device to access a port.
switchport port-security mac-address FFFFFFFFFFFF
Change a port to an access port and a trunk port
switchport mode access
switchport mode trunk
Display the security configurations of f0/0
show port-security interface f0/0
Configure a static route
ip route 192.168.2.0 255.255.255.0 192.168.1.1
Configure a default route
ip route 0.0.0.0 0.0.0.0 192.168.1.1
Configure a default route for OSPF
default-information originate
Configure router on a stick
interface f0/0 no ip address interface f0/0.1 encapsulation dot1q 1 native ip address 10.0.0.1 255.255.255.0 int f0/0.10 encapsulation dot1q 10 ip address 10.10.10.1 255.255.255.0
Change the OSPF cost reference to 1GB
router ospf 1
auto-cast reference-bandwidth 1000
Enable OSPFv2 and advertise a network
router ospf 1
network 192.168.1.1 0.0.0.0 area 0
Change the priority number of f0/0 for DR/BDR to 5
int f0/0
ip ospf priority 5
Change OSPFv2 cost of f0/0 to 20
int f0/0
ip ospf cost 20
For OSPFv2, don’t send hello packets to interface f0/0
router ospf 1
passive-interface f0/0
Inject configured default routes into OSPFv2
router ospf 1
default-information originate
Enable IPv6 routing and OSPFv3 and give the router an ID of 1.1.1.1
ipv6 unicast-routing
ipv6 router osrouter-id 1.1.1.1
Advertise f0/0 in OSPFv3
int f0/0
ipv6 ospf 1 area 0
Display OSPFv2 and OSPFv3 area ID and DR/BDR info
show ip ospf interface
show ipv6 ospf interface
Display nearby router OSPFv2 and OSPFv3 info
show ip ospf neighbor
show ipv6 ospf neighbor
Display ipv4 and ipv6 routes
show ip route
show ipv6 route
Display ARP table
show mac address-table dynamic
Change OSPFv2 cost of f0/0 to 5
int f0/0
ip ospf cost 5
Only send hello packets to f0/0 for OSPFv2
router ospf 1
passive-interface default
no passive-interface f0/0
Create an access list that denies 10.0.0.1 from communicating with 10.0.1.1 in HTTP
access-list 100 deny tcp host 10.0.0.1 host 10.0.1.1 eq 80
access-list 100 permit ip any any
Create an access list that denies 10.0.0.0 from echo requesting 11.0.0.0
access-list 100 deny icmp 10.0.0.0 0.255.255.255 11.0.0.0 0.255.255.255 echo
access-list 100 permit ip any any
Run OSPFv3, add a router ID of 1.1.1.1 and advertise netowrk 192.168.1.0.
ipv6 router ospf 1
router-id 1.1.1.1
int f0/0
ipv6 ospf 1 area 0
Display OSPFv2 area ID and DR/BDR information
show ip ospf interface
Display OSPFv2 information of nearby routers
show ip ospf neighbor
Display OSPFv3 area ID and DR/BDR information
show ipv6 ospf interface
Display OSPFv3 information of nearby routers
show ipv6 ospf neighbor
Display ipv4 and ipv6 routes
show ip route
show ipv6 route
Display ARP table
show mac address-table dynamic
Create an access list that denies 10.0.0.1 and permits 10.0.0.0
access-list 1 deny 10.0.0.1 0.0.0.0
access-list 1 permit 10.0.0.0 0.255.255.255
Apply an access list to interface g0/0 in-bound
int g0/0
ip access-group 1 in
Create an access list that denies 10.0.0.1 from communicating with 10.0.1.1 in HTTP
access-list 100 deny tcp host 10.0.0.1 host 10.0.1.1 eq 80
access-list 100 ip any any
Create an access list that denies 10.0.0.0 from echo requesting 11.0.0.0
access-list 100 deny icmp 10.0.0.0 0.255.255.255 11.0.0.0 0.255.255.255 echo
access-list 100 permit ip any any
Allow only 10.0.0.50 to SSH or Telnet to the router
access-list 1 permit host 10.0.0.50
line vty 0 15
access-class 1 in
Deny 10.0.0.50 from sending http traffic to 11.0.0.11
ip access-list extended 100 deny tcp host 10.0.0.50 host 11.0.0.11 eq 80 permit any any int g0/0 ip access-group 100 in
Configure static NAT by setting 25.1.1.25 as the inside global IP for the inside private IP 192.168.1.2
ip nat inside source static 192.168.1.2 25.1.1.25 int g0/0 ip nat inside int g0/1 ip nat outside
Configure dynamic NAT by setting 25.1.1.25 - 30 as the inside global IP range for the inside private IP network 192.168.1.0
ip nat pool INSIDEPUBLIC 25.1.1.25 25.1.1.30 netmask 255.255.255.0
access-list 1 permit 192.168.1.0 0.0.0.255
ip nat inside source list 1 pool INSIDEGLOBAL
int g0/0
ip nat inside
int g0/1
ip nat outside
Configure PAT by setting 25.1.1.25 as the inside global IP range for the inside private IP network 192.168.1.0
access-list 1 permit 192.168.1.0 0.0.0.255
ip nat inside source list 1 interface g0/1 overload
int g0/0
ip nat inside
int g0/1
ip nat outside
Display NAT translation
show nat translations
Display general overview of NAT configuration
show nat statistics
Remove all nat translation translations
clear ip nat translation*
Configure 25.1.1.25 as the NTP server
ntp server 25.1.1.25 version 4
Display all NTP servers the router is configured to use.
show ntp associations
Confirm that the router is receiving info from the NTP server
show ntp status
Enable DHCP client
int g0/0
ip address dhcp
Display which IP address have been leased to who
show ip dhcp binding
Display details of a pool of IP’s used for DHCP
show ip dhcp pool POOLNAME
Confirm trunking is functioning
show interface trunk
