CCNA R&S

  • General configuration

config t
hostname S1
enable secret
line console 0
logging synchronous
password console
login
line vty 0 4
password telnet
login
exit
no ip domain-lookup
ip default-gateway 192.168.10.1
banner motd # Welcome #

 

  • Configure DHCP

config t
ip dhcp excluded-address 192.168.10.1
ip dhcp pool NET1
ip dhcp network 192.168.10.0 255.255.255.0
ip dhcp default-router 192.168.10.1
ip dhcp name-server 8.8.8.8

 

  • SSH setup

config t
hostname R1
ip domain-name home.com
username root password toor
crypto key generate rsa
ip ssh version 2
line vty 0 4
transport input ssh
login local

 

  • Disable CDP globally and on an interface

config t
no cdp run
int f0/0
no cdp enable

 

  • Build a host table

ip host HOST1 192.168.10.10
show hosts

 

  • Static NAT (192.168.10.10 will be visible as 123.45.67.89 from outside)

config t
int f0/0
ip nat inside
int f0/1
ip nat outside
exit
ip nat inside source static 192.168.10.10 123.45.67.89

 

  • Dynamic NAT (inside IP is transformed into another IP from a pool)

config t
int f0/0
ip nat inside
int f0/1
ip nat outside
exit
ip access-list standard NAT_INSIDE
permit 192.168.10.0 0.0.0.255
exit
ip nat pool NAT_OUTSIDE 170.168.2.3 170.168.2.254 netmask 255.255.255.0
ip nat inside source list NAT_INSIDE pool NAT_OUSIDE

 

  • PAT

config t
int f0/0
ip nat inside
int f0/1
ip nat outside
exit
ip access-list standard NAT_INSIDE
permit 192.168.10.0 0.0.0.255
exit
ip nat inside source list NAT_INSIDE interface f0/1 overload

 

  • Configure access port

config t
int f0/0
switchport mode access
switchport access vlan 10

 

  • Configure trunk port

config t
int f0/0
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan 1,2,3
switchport trunk native vlan 1

 

  • Configure router-on-a-stick

config t
int f0/0
ip address 192.168.10.1 255.255.255.0
no shutdown
int f0/0.10
encapsulation dot1q 10
ip address 192.168.20.1 255.255.255.0
int f0/0.20
encapsulation dot1q 20
ip address 192.168.30.1 255.255.255.0

 

  • Configure port security

config t
int f0/0
switchport mode access
switchport port-security
switchport port-security maximum 1
switchport port-security violation shutdown

switchport port-security mac-address sticky

switchport port-security mac-address aaaa.bbbb.cccc

 

  • Configure PPP with pap

On Router1:

config t
hostname R1
username R2 password cisco
int s0/0
encapsulation ppp
ppp authentication pap

On Router2:

config t
hostname R2
int s0/0
encapsulation ppp
ppp pap sent-username R2 password cisco

 

  • Configure PPP with chap

On Router1:

config t
hostname R1
username R2 password cisco
int s0/0
encapsulation ppp
ppp authentication chap

On Router2:

config t
hostname R2
username R1 password cisco
int s0/0
encapsulation ppp

 

  • Configure frame-relay

config t
int s0/0
encapsulation frame-relay
int s0/0.102 point-to-point
ip address 172.16.10.1 255.255.255.252
frame-relay interface-dlci 102
int s0/0
no shutdown

 

  • Configure frame-relay switch

config t
hostname ISP
frame-relay switching
int s0/0
encapsulation frame-relay
frame intf-type dce
clock rate 64000
frame-relay route 102 interface s0/1 201

 

  • GRE tunnel

On Router1:

config t
int f0/0
ip address 192.168.10.1 255.255.255.0
no shutdown
int tunnel 1
ip address 10.1.1.1 255.255.255.252
tunnel source f0/0
tunnel destination 192.168.20.1
On Router2:

config t
int f0/0
ip address 192.168.20.1 255.255.255.0
no shutdown
int tunnel 1
ip address 10.1.1.2 255.255.255.252
tunnel source f0/0
tunnel destination 192.168.10.1

 

  • Password recovery

show version
config t
config-register 0x2142
reload
config t
config-register 0x2102

 

  • Copy IOS image to flash from TFTP (TFTP and CISCO device should be connected with crosslink cable)

set IP_Address=1.1.1.1
set IP_SUBNET_MASK=255.0.0.0
set DEFAULT_GATEWAY=1.1.1.2
set TFTP_SERVER=1.1.1.2
set TFTP_FILE=flash:c2800nm-advipservicesk9-mz.124-12.bin
tftpdnld