piszczynski>Aleks |
No edit summary |
||
(12 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
== Cisco Routers Commands == | == Cisco Routers Commands == | ||
Enable commands | |||
*en | |||
Show MAC address table | Show MAC address table | ||
Line 8: | Line 12: | ||
Show VLAN Information | Show VLAN Information | ||
*show vlan brief | *show vlan brief | ||
Show IP address assignments and status of interfaces | |||
*show ip interface brief | |||
Show DHCP info | |||
*show ip dhcp pool | |||
Show which IP addresses are associated with which MAC addresses | |||
*show ip dhcp binding | |||
Show DHCP errors / IP conflicts | |||
*show ip dhcp conflict | |||
Show NAT translation table | |||
*show ip nat translations | |||
*show ip nat statistics | |||
Show ARP cache | |||
*show arp | |||
Clear arp cache | |||
*clear arp-cache | |||
Line 44: | Line 76: | ||
*g <port number> | *g <port number> | ||
*shutdown | *shutdown | ||
Enable port | |||
*conf t | |||
*int | |||
*g <port number> | |||
*no shutdown | |||
Port mirroring | |||
*monitor session <number of session> source int g <port> | |||
*monitor session <number of session> destination int g <port> | |||
Show IP Routes | |||
*show iproute | |||
Configure route | |||
*conf t | |||
*ip route <ipaddress of network> <subnet mask of network> <next hop - ipaddress of next router> | |||
Copy running config to flash memory | |||
*copy run flash | |||
== VPN Commands == | |||
Check status of VPN | |||
Phase 1:<syntaxhighlight lang="bash"> | |||
show crypto isakmp sa | |||
</syntaxhighlight>Phase 2<syntaxhighlight lang="bash"> | |||
show crypto ipsec sa | |||
</syntaxhighlight>Verify Crypto Map Configuration:<syntaxhighlight lang="bash"> | |||
show crypto map | |||
</syntaxhighlight>Check active connections:<syntaxhighlight lang="bash"> | |||
show crypto engine connections active | |||
</syntaxhighlight> | |||
=== Change peer IP of VPN === | |||
To change the peer of a configured VPN you will need to enable the configuration in the terminal<syntaxhighlight lang="bash"> | |||
enable | |||
configure terminal | |||
</syntaxhighlight>Then you will need to select the VPN tunnel to change:<syntaxhighlight lang="bash"> | |||
crypto map <name of crypto map> 10 ipsec-isakmp | |||
set peer <new peer IP> | |||
</syntaxhighlight>You will need to update the shared key used for connections to the new peer ip:<syntaxhighlight lang="bash"> | |||
crypto isakmp key <preshared key> address <new ip> | |||
</syntaxhighlight>You will also need to remove the previous peer IP from the crypto map:<syntaxhighlight lang="bash"> | |||
crypto map <name of crypto map> 10 ipsec-isakmp | |||
no set peer <old ip> | |||
</syntaxhighlight> | |||
== DNS Commands == | |||
To setup a Router as a DNS Client: | |||
*ip domain-lookup | |||
*ip name-server <dns server ip address> | |||
*ip domain-name <FQDN of domain eg piszczynski.com> | |||
*ip domain-list <FQDN of any other domains> | |||
To setup as a server use these commands additionally: | |||
*ipdns server | |||
*ip host <hostname> <ip address of host> |
Latest revision as of 19:34, 7 December 2023
Cisco Routers Commands
Enable commands
- en
Show MAC address table
- show mac-address-table
Show VLAN Information
- show vlan brief
Show IP address assignments and status of interfaces
- show ip interface brief
Show DHCP info
- show ip dhcp pool
Show which IP addresses are associated with which MAC addresses
- show ip dhcp binding
Show DHCP errors / IP conflicts
- show ip dhcp conflict
Show NAT translation table
- show ip nat translations
- show ip nat statistics
Show ARP cache
- show arp
Clear arp cache
- clear arp-cache
Put into config mode
- conf t
Create VLAN
- vlan <number>
- name <name>
- exit
Configure VLAN
- interface range Gig <port range>
- switchport mode access
- switchport access vlan <number>
- end
Show interfaces command - shows trunks
- show interfaces trunk
Configure Trunk
- interface gig <port>
- switchport trunk encapsulation dot1q
- switchport mode trunk
- end
Write command - write config to memory to keep changes after reboot
- wr
shutdown port
- conf t
- int
- g <port number>
- shutdown
Enable port
- conf t
- int
- g <port number>
- no shutdown
Port mirroring
- monitor session <number of session> source int g <port>
- monitor session <number of session> destination int g <port>
Show IP Routes
- show iproute
Configure route
- conf t
- ip route <ipaddress of network> <subnet mask of network> <next hop - ipaddress of next router>
Copy running config to flash memory
- copy run flash
VPN Commands
Check status of VPN
Phase 1:
show crypto isakmp sa
Phase 2
show crypto ipsec sa
Verify Crypto Map Configuration:
show crypto map
Check active connections:
show crypto engine connections active
Change peer IP of VPN
To change the peer of a configured VPN you will need to enable the configuration in the terminal
enable
configure terminal
Then you will need to select the VPN tunnel to change:
crypto map <name of crypto map> 10 ipsec-isakmp
set peer <new peer IP>
You will need to update the shared key used for connections to the new peer ip:
crypto isakmp key <preshared key> address <new ip>
You will also need to remove the previous peer IP from the crypto map:
crypto map <name of crypto map> 10 ipsec-isakmp
no set peer <old ip>
DNS Commands
To setup a Router as a DNS Client:
- ip domain-lookup
- ip name-server <dns server ip address>
- ip domain-name <FQDN of domain eg piszczynski.com>
- ip domain-list <FQDN of any other domains>
To setup as a server use these commands additionally:
- ipdns server
- ip host <hostname> <ip address of host>