Summary of common commands for Cisco routers :
1. Router password setting:
- router>enable enter privileged mode
- router#config terminal Enter global configuration mode
- router(config)#hostname Set the hostname of the switch
- router(config)#enable secret xxx Set privileged encrypted password
- router(config)#enable password xxb Set privileged non-secret password
- router(config)#line console 0 Enter the console port
- router(config-line)#line vty 0 4 enter the virtual terminal
- router(config-line)#login requires password verification
- router(config-line)#password xx Set login password xx
- router(config)#(Ctrl+z) Return to privileged mode
- router#exit return command
2. Router configuration:
- router(config)#int s0/0 enter Serail interface
- router(config-if)#no shutdown activate current interface
- router(config-if)#clock rate 64000 set synchronous clock
- router(config-if)#ip address Set IP address
- router (config-if) #ip address second Set the second IP
- router(config-if)#int f0/0.1 enter subinterface
- router(config-subif.1)#ip address Set sub-interface IP
- router(config-subif.1)#encapsulation dot1q bind vlan trunk protocol
- router(config)#config-register 0x2142 skip configuration file
- router(config)#config-register 0x2102 normal use configuration file
- router#reload Reboot
3. Router file operation:
- router#copy running-config startup-config save-deployment
- router#copy running-config tftp save configuration to tftp
- router#copy startup-config tftp save startup configuration to tftp
- router#copy tftp flash: download files to flash
- router#copy tftp startup-config Download configuration file
- ROM status:
- Ctrl+Break Enter ROM monitoring state
- rommon>confreg 0x2142 skip configuration file
- rommon>confreg 0x2102 restore configuration file
- rommon>reset reboot
- rommon>copy xmodem: flash: transfer files from console
- rommon>IP_ADDRESS=10.65.1.2 Set router IP
- rommon>IP_SUBNET_MASK=255.255.0.0 Set router mask
- rommon>TFTP_SERVER=10.65.1.1 Specify TFTP server IP
- rommon>TFTP_FILE=c2600.bin specifies the downloaded file
- rommon>tftpdnld download from tftp
- rommon>dir flash: view flash contents
- rommon>boot guide IOS
4. Static routing:
- ip route command format
- router(config)#ip route 2.0.0.0 255.0.0.0 1.1.1.2 Static routing example
- router(config)#ip route 0.0.0.0 0.0.0.0 1.1.1.2 Example of default route
5. Dynamic routing:
- router(config)#ip routing start routing forwarding
- router(config)#router rip Start the RIP routing protocol.
- router(config-router)#network set the publishing route
- router(config-router)#negihbor For point-to-point frame relay.
6. Frame relay command:
- router(config)#frame-relay switching Enable frame relay switching
- router(config-s0)#encapsulation frame-relay enable frame relay
- router(config-s0)#fram-relay lmi-type cisco Set management type
- router (config-s0) #frame-relay intf-type DCE set to DCE
- router(config-s0)#frame-relay dlci 16
- router(config-s0)#frame-relay local-dlci 20 set virtual circuit number
- router(config-s0)#frame-relay interface-dlci 16
- router(config)#log-adjacency-changes record adjacency changes
- router(config)#int s0/0.1 point-to-point set sub-interface point-to-point
- router#show frame pvc show permanent virtual circuit
- router#show frame map show frame map
7. Basic access control list:
- router(config)#access-list permit|deny
- router(config)#interface ;default:deny any
- router(config-if)#ip access-group in|out ;defaultut
Example 1:
- router(config)#access-list 1 deny host 10.65.1.1
- router(config)#access-list 1 permit any
- router(config)#int f0/0
- router(config-if)#ip access-group 4 in
Example 2:
- router(config)#access-list 4 permit 10.8.1.1
- router(config)#access-list 4 deny 10.8.1.0 0.0.0.255
- router(config)#access-list 4 permit 10.8.0.0 0.0.255.255
- router(config)#access-list 4 deny 10.0.0.0 0.255.255.255
- router(config)#access-list 4 permit any
- router(config)#int f0/1
- router(config-if)#ip access-group 4 in
- Extended access control list:
- access-list permit|deny icmp [type]
- access-list permit|deny tcp [port]
Example 1:
- router(config)#access-list 101 deny icmp any 10.64.0.2 0.0.0.0 echo
- router(config)#access-list 101 permit ip any any
- router(config)#int s0/0
- router(config-if)#ip access-group 101 in
Example 2:
- router(config)#access-list 102 deny tcp any 10.65.0.2 0.0.0.0 eq 80
- router(config)#access-list 102 permit ip any any
- router(config)#interface s0/1
- router(config-if)#ip access-group 102 out
- Delete the access control example table:
- router(config)#no access-list 102
- router(config-if)#no ip access-group 101 in
- router nat configuration
- Router(config-if)#ip nat inside The current interface is designated as the internal interface
- Router(config-if)#ip nat outside The current interface is designated as the outside interface
- Router(config)#ip nat inside source static [p] <private IP>< public IP > [port]
- Router(config)#ip nat inside source static 10.65.1.2 60.1.1.1
- Router(config)#ip nat inside source static tcp 10.65.1.3 80 60.1.1.1 80
- Router(config)#ip nat pool p1 60.1.1.1 60.1.1.20 255.255.255.0
- Router(config)#ip nat inside source list 1 pool p1
- Router(config)#ip nat inside destination list 2 pool p2
- Router(config)#ip nat inside source list 2 interface s0/0 overload
- Router(config)#ip nat pool p2 10.65.1.2 10.65.1.4 255.255.255.0 type rotary
- Router#show ip nat translation
- The rotary parameter means rotation, the IP in the address pool matches the address assigned by NAT in turn.
- The overload parameter is used for PAT to map the internal IP to a port with a different public IP.
- Exterior Gateway Protocol Configuration
- routerA(config)#router bgp 100
- routerA(config-router)#network 19.0.0.0
- routerA(config-router)#neighbor 8.1.1.2 remote-as 200
- Configure PPP authentication:
- RouterA(config)#username password
- RouterA(config)#int s0
- RouterA(config-if)#ppp authentication {chap|pap}
8. The sub-interface of the router is encapsulated as 8021Q (Supplementary)
Encapsulation .1Q,2是子接口号标识,这里是示范,可以随意设置。