Encyclopedia of Cisco Basic Commands, recommended collection!

Cisco Basic Port Setting Command

no ip routing    \\Layer 2 switching off routing function

configure terminal (conf t)     \\Enter global mode

interface fastEthernet 1/0    \\(int f1/0) Enter port 1/0 shorthand int f1/0

speed 100    \\Set the rate to 100MB

duplex full    \\Set the port to duplex half half duplex

show interfaces fastEthernet 1/0    \\Display port information in user mode

do show interface fastEtherne 1/0    \\Display port information in port or global mode

show ip interface brie    \\Show all ports and vlan IP addresses

vlan create command

dir    \\View device storage space

erase flash:    \\Format storage space

vlan database    \\Enter vlan data mode

In data mode

vlan 10 name caiwu    \\Create vlan10 with the name caiwu

abort    \\Exit vlan data mode

show vlan-switch brief    \\User mode view vlan situation

do show vlan-switch brief    \\View vlan status in global mode

vlan 20    \\ create vlan 20 directly

vlan 20 name renshi first enter vlan20    \\ is changing the name to renshi

switchport mode access (sw mo acc)    \\Set the port to access mode

switchport access vlan 10    \\Add port as vlan10

interface range fastEthernet 1/1 -2    \\Enter multiple consecutive ports for setting

switchport mode trunk    \\Set the port to trunk mode

switchport trunk encapsulation dot1q    \\to trunk port encapsulation protocol

Default route and static route

ip ip address 192.168.10.1 255.255.255.0    \\Configure IP address for the port

no shutdown    \\start port, on routing or Layer 3 switching

ip route 0.0.0.0 0.0.0.0 1.1.1.1 (next hop address)    \\Add default route

ip route 192.168.10.0 255.255.255.0 1.1.1.1 (next hop address)    \\Add static route

Layer 3 switching

do show interfaces fastEthernet 1/0 switchport    \\View port protocol

vlan 10    \\Create vlan

interface vlan num    \\Enter vlan

ip address 192.168.100.1 255.255.255.0    \\Create the gateway address of the vlan

interface range fastEthernet 1/1 -4    \\Enter multiple consecutive ports

channel-group 1 mode on    \\Bind two trunk ports to increase links and increase bandwidth

Even if one link is damaged, it will not affect

RIP routing protocol

router rip    \\Enable rip protocol process

network 192.168.10.0    \\Declares the direct network segment

version 2    \\Enable rip2 version

no auto-summary    \\Turn off the aggregation function

do show ip route    \\View routing table in global mode

OSPF routing protocol

interface loopback 1    \\Enter the loopback network port

no shutdown     \\activate port

router ospf 1    \\Start ospf process 1

router-id example (1.1.1.1)    \\Set routerID

network 192.168.10.0 0.0.0.255 area 0    \\ declares that the network segment is in area 0 area, pay attention to the reverse mask!!!

show running-config    \\User mode to view all processes

no router ospf process ID    \\Clear OSPF process

redistribute connected subnets    \\Inject direct network segments

redistribute static subnets    \\Inject static routing network segments

default-infomation originate    \\inject external default route

redistribute ospf 1 metric 5    \\Inject ospf protocol into rip protocol

redistribute rip subnets    \\inject rip protocol in ospf protocol

Standard ACL access list for source IP address

access-list 1-99 permit A.B.C.D 0.0.0.0 (reverse mask)

permit host A.B.C.D    \\Allow the IP address to access traffic

Write allow rule to deny all by default

access-list 1-99 deny A.B.C.D 0.0.0.0 (reverse mask)

deny host A.B.C.D    \\ Deny access to traffic from this IP address

Must write permit any to allow other IP addresses to access traffic

do show access-list    \\Global mode, view the list of ACL written rules

ip access-group 1 in/out \\ access port, acting on the port

no ip access-group 1 in/out    \\Cancel applied to port

no access-list 1    \\Delete the entire ACL list

Extended ACL access list

(100-19) Source IP address Destination IP address is equal to service name or port

access-list 100 permit tcp host 192.168.1.2 host 192.168.100.100 eq www (or port)

\\Allow 192.168.1.2 to access http service

acess-list 100 deny ip host 192.168.1.2 host 192.168.100.100

\\Deny 192.168.1.2 access to other services

access-list 100 permit ip host 192.168.1.2 192.168.2.0 0.0.0.255

\\Allow 192.168.1.2 to access the target network segment 192.168.2.0

Named ACL access control list

• access-list (standard/extended) kgc

\\Writing is the same as standard and extension

\\Delete entry no Entry ID

ip access-group kgc out/in \\enter port and apply port

Static NAT

ip nat inside source static 192.168.100.20 12.0.0.20    \\ convert private network address to public network address

ip nat inside/outside    \\applied to port

debug ip nat    \\Start debug mode to monitor NAT status

ip nat inside source static tcp 192.168.100.100 80 12.0.0.100 8080 extendable

Dynamic NAT

access-list 1 permit 192.168.100.0 0.0.0.255    \\Allow network segment address

ip nat pool test 12.0.0.10 12.0.0.100 netmask 255.255.255.0    \\ converted to the address pool name test

ip nat inside source list 1 pool test    \\ convert allowed network segment addresses to address pool

ip nat inside/outside    \\applied to port

debug ip nat    \\Start debug mode in user mode

PAT

access-list 1 permit 192.168.100.0 0.0.0.255    \\Add ACL to allow network segment

ip nat inside source list 1 interface fastEthernet 0/1 overload    \\Set the network segment to disguise as 0/1 port IP

ip nat inside/outside    \\applied to port

The above is the news sharing from the PASSHOT. I hope it can be inspired you. If you think today' s content is not too bad, you are welcome to share it with other friends. There are more latest Linux dumps, CCNA 200-301 dumps, CCNP Written dumps and CCIE Written dumps waiting for you.