m (16 revisions imported) |
No edit summary |
||
Line 97: | Line 97: | ||
Copy running config to flash memory | Copy running config to flash memory | ||
*copy run flash | *copy run flash | ||
== VPN Commands == | |||
Check status of VPN | |||
Phase 1:<syntaxhighlight lang="bash"> | |||
show crypto isakmp sa | |||
</syntaxhighlight>Phase 2<syntaxhighlight lang="bash"> | |||
show crypto ipsec sa | |||
</syntaxhighlight>Verify Crypto Map Configuration:<syntaxhighlight lang="bash"> | |||
show crypto map | |||
</syntaxhighlight>Check active connections:<syntaxhighlight lang="bash"> | |||
show crypto engine connections active | |||
</syntaxhighlight> | |||
=== Change peer IP of VPN === | |||
To change the peer of a configured VPN you will need to enable the configuration in the terminal<syntaxhighlight lang="bash"> | |||
enable | |||
configure terminal | |||
</syntaxhighlight>Then you will need to select the VPN tunnel to change:<syntaxhighlight lang="bash"> | |||
crypto map <name of crypto map> 10 ipsec-isakmp | |||
set peer <new peer IP> | |||
</syntaxhighlight>You will need to update the shared key used for connections to the new peer ip:<syntaxhighlight lang="bash"> | |||
crypto isakmp key <preshared key> address <new ip> | |||
</syntaxhighlight>You will also need to remove the previous peer IP from the crypto map:<syntaxhighlight lang="bash"> | |||
crypto map <name of crypto map> 10 ipsec-isakmp | |||
no set peer <old ip> | |||
</syntaxhighlight> | |||
== DNS Commands == | == DNS Commands == |
Latest revision as of 19:34, 7 December 2023
Cisco Routers Commands
Enable commands
- en
Show MAC address table
- show mac-address-table
Show VLAN Information
- show vlan brief
Show IP address assignments and status of interfaces
- show ip interface brief
Show DHCP info
- show ip dhcp pool
Show which IP addresses are associated with which MAC addresses
- show ip dhcp binding
Show DHCP errors / IP conflicts
- show ip dhcp conflict
Show NAT translation table
- show ip nat translations
- show ip nat statistics
Show ARP cache
- show arp
Clear arp cache
- clear arp-cache
Put into config mode
- conf t
Create VLAN
- vlan <number>
- name <name>
- exit
Configure VLAN
- interface range Gig <port range>
- switchport mode access
- switchport access vlan <number>
- end
Show interfaces command - shows trunks
- show interfaces trunk
Configure Trunk
- interface gig <port>
- switchport trunk encapsulation dot1q
- switchport mode trunk
- end
Write command - write config to memory to keep changes after reboot
- wr
shutdown port
- conf t
- int
- g <port number>
- shutdown
Enable port
- conf t
- int
- g <port number>
- no shutdown
Port mirroring
- monitor session <number of session> source int g <port>
- monitor session <number of session> destination int g <port>
Show IP Routes
- show iproute
Configure route
- conf t
- ip route <ipaddress of network> <subnet mask of network> <next hop - ipaddress of next router>
Copy running config to flash memory
- copy run flash
VPN Commands
Check status of VPN
Phase 1:
show crypto isakmp sa
Phase 2
show crypto ipsec sa
Verify Crypto Map Configuration:
show crypto map
Check active connections:
show crypto engine connections active
Change peer IP of VPN
To change the peer of a configured VPN you will need to enable the configuration in the terminal
enable
configure terminal
Then you will need to select the VPN tunnel to change:
crypto map <name of crypto map> 10 ipsec-isakmp
set peer <new peer IP>
You will need to update the shared key used for connections to the new peer ip:
crypto isakmp key <preshared key> address <new ip>
You will also need to remove the previous peer IP from the crypto map:
crypto map <name of crypto map> 10 ipsec-isakmp
no set peer <old ip>
DNS Commands
To setup a Router as a DNS Client:
- ip domain-lookup
- ip name-server <dns server ip address>
- ip domain-name <FQDN of domain eg piszczynski.com>
- ip domain-list <FQDN of any other domains>
To setup as a server use these commands additionally:
- ipdns server
- ip host <hostname> <ip address of host>