récapitualtif commandes
TRANSCRIPT
8/8/2019 Récapitualtif commandes
http://slidepdf.com/reader/full/recapitualtif-commandes 1/11
Commandes 1 / 11
Router#
dir
WORD Directory or file name
flash: Directory or file name
nvram: Directory or file name
delete
WORD File to be deleted
flash: File to be deleted (fort ex: vlan.dat)
erase
startup-config Erase contents of configuration memory
reload
vlan database Configure VLAN database
Router#
show
interfaces Interface status and configuration
Ethernet, Fast, ... etc ... Ethernet IEEE 802.3, etc ...
switchport Show interface switchport informationtrunk Show interface trunk information
Vlan Catalyst Vlans
<1-1005> Vlan interface number
port-security ?????
interface ... etc ...
running-config Current operating configuration
startup-config Contents of startup configuration
ip IP information
interface IP interface status and configuration
brief Brief summary of IP ...
Router/configure + terminal Enter config. mode + terminal l. param.
bootsystem System image file
WORD TFTP filename or URL
flash Boot from flash memory
WORD System image filename
mac-address-table
static Configure a static 802.1d static address
H.H.H 48-bit hardware address
interface ... etc ... Configure output interfaces
vlan ... etc ... vlan number
interface
Vlan Catalyst Vlans
<1-1005> Vlan interface number
Router/configure interface .../...
ip Interface Int. Prot. config commands
address Set the IP address of an interface
A.B.C.D A.B.C.D IP address & IP subnet mask
dhcp IP Address negotiated via DHCP
duplex
auto / full / half Enable auto/full/half-duplex config ...
speed
10 / 100 / auto Force 10/100/auto Mbps operation
config-subif
encapsulation Set encapsulation type for an interface
dot1Q IEEE 802.1Q Virtual LAN
<1-1005> IEEE 802.1Q VLAN ID
native Make this as native vlan
ip Interface I... Protocol config commands
8/8/2019 Récapitualtif commandes
http://slidepdf.com/reader/full/recapitualtif-commandes 2/11
Commandes 2 / 11
Switch#
show
vtp VTP information
counters VTP statistics
password VTP password
status VTP domain status
spanning-tree Spanning tree topology
active Report on active interfaces only
vlan VLAN Switch Spanning Trees
WORD vlan range, example: 1,3-5,7,9-11
Switch/configure terminal Enter config. mode from the terminal
vlan Vlan commands
<1-1005> ISL VLAN IDs 1-1005
name Ascii name of the VLAN
no vlan Negate a vlan
vtp Configure global VTP state
domain Set the name of the VTP ... domainWORD The ascii name for the VTP ... domain.
mode Configure VTP device mode
client Set the device to client mode.
server Set the device to server mode.
transparent Set the device to transparent mode.
password Set the password for the VTP ...
WORD The ... password for the VTP ... domain
version Set the adminstrative domain to VTP ...
<1-2> Set the ... VTP version number
Switch#
configure terminal Enter config. mode from the terminal
spanning-tree Spanning Tree Subsystemmode Spanning tree operating mode
pvst Per-Vlan spanning tree mode
rapid-pvst Per-Vlan rapid spanning tree mode
portfast Spanning tree portfast options
default Enable portfast ... on all access ports
vlan VLAN Switch Spanning Tree
WORD vlan range, example: 1,3-5,7,9-11
priority Set the bridge priority ...
<0-61440> bridge priority in increments of 4096
root Configure switch as root
primary Configure this switch as primary root ...
secondary Configure switch as secondary root
Switch/configure terminal/interface ../... Select an interface to configure
spanning-tree Spanning Tree Subsystem
bpduguard Don't accept BPDUs on this interface
guard Change an interface's spt... tree guard ...
link-type Specify a link type ... spt... protocol use
point-to-point Consider the interface as point-to-point
shared Consider the interface as shared
portfast Enable ... directly ... on link up
disable Disable portfast for this interface
trunk Enable portfast ... even in trunk mode
vlan VLAN Switch Spanning Tree
WORD vlan range, example: 1,3-5,7,9-11
port-priority Change ... port priority
<0-240> port priority in increments of 16
8/8/2019 Récapitualtif commandes
http://slidepdf.com/reader/full/recapitualtif-commandes 3/11
Commandes 3 / 11
Switch/configure terminal/interface ../... Select an interface to configure
Vlan Catalyst Vlans
<1-1005> Vlan interface number
ip Interface Int. Prot. config commands
address ... etc ... Set the IP address/mask of an interface
dhcp IP Address negotiated via DHCP
switchport Set switching mode characteristics
mode Set trunking mode of the interface
access Set trunking mode to ACCESS ...
dynamic Set trunking mode to dynamically ...
trunk Set trunking mode to TRUNK ...
access Set access mode characteristics ...
vlan Set VLAN ...
<1-1005> VLAN ID ...
trunk Set trunking characteristics ...
allowed Set allowed VLAN characteristics ...
vlan Set allowed VLANs ...
WORD VLAN IDs
add ... etc ... add VLANs to the current list
all all VLANs
except.. etc ...all VLANs except the following
none no VLANs
remove etc... remove VLANs from the current list
native Set trunking native characteristics ...
vlan Set native VLAN ...
<1-1005> VLAN ID ...
port-security Security related command
mac-address Secure mac address
H.H.H 48 bit mac address
sticky Configure ... as stickymaximum Max secure addresses
<1-132> Maximum addresses
violation Security violation mode
protect Security violation protect mode
restrict Security violation restrict mode
shutdown Security violation shutdown mode
<cr> ????????????
nonegotiate Device will not engage in negotiation ...
priority Set appliance 802.1p priority
voice Voice appliance attributes
Commandes inconnues ?????
Spanning-tree cost xx
no spanning-tree cost
En mode config d'interface Attribution d'un coût spt
(entre 1 et 200,000,000)
Attribution du coût spt par défaut
Spanning-tree vlan x root primary diamter y En mode config générale Config minuteurs de switch
(ne pas modifier les minuteurs mais le
diamètre)
clear spanning-tree detected-protocols En mode de confi d'interface Désactivation des protocoles STP
détectés
8/8/2019 Récapitualtif commandes
http://slidepdf.com/reader/full/recapitualtif-commandes 4/11
Commandes 4 / 11
Etapes:
1. Concevoir et documenter un diagramme d’adressage
2. Configurer et vérifier les configurations de base des périphériques (nom – sécurité accès privilégié , accès àdistance – services divers )
3. Configurer le protocole VTP (client – serveur – domaine – mot de passe)
4. Configurer l’agrégation et le vlan natif
5. Configurer des réseaux locaux virtuels avec vtp (client – serveur – domaine – mot de passe)
6. Affecter des réseaux locaux virtuels aux ports
7. Configurer le protocole STP ( priorités des bridge)
8. Configurer des PC hôtes (ip – msq - passerelle)
8/8/2019 Récapitualtif commandes
http://slidepdf.com/reader/full/recapitualtif-commandes 5/11
Commandes 5 / 11
Router(config)#router ?eigrp Enhanced Interior Gateway Routing Protocol (EIGRP)ospf Open Shortest Path First (OSPF)rip Routing Information Protocol (RIP)
Router(config)#router ripRouter(config-router)> auto-summary Enter Address Family command mode> default-information Control distribution of default information
originate Distribute a default route> distance Define an administrative distance
<1-255> Administrative distance> exit Exit from routing protocol configurationmode> network Enable routing on an IP network
A.B.C.D Network number> no Negate a command or set its defaults> passive-interface Suppress routing updates on an interface
Ethernet ... IEEE 802.3FastEthernet ... FastEthernet IEEE 802.3GigabitEthernet ... GigabitEthernet IEEE 802.3zLoopback .... Loopback interfaceSerial .... SerialVlan .... Vlan interfacedefault ..... Suppress routing updates on all
interfaces> redistribute Redistribute info from another routingprotocol
connected Connectedeigrp Enhanced Interior Gateway Routing Protocol<1-65535> Autonomous system number
metric Metric for redistributed routes<0-16> Default metrictransparent Transparently redistribute metric
ospf Open Shortest Path First (OSPF)<1-65535> ... Process ID
match ... Redistribution of OSPF routesexternal ... Redistribute OSPF external routesinternal ... Redistribute OSPF internal routesnssa-external ... Redistribute OSPF NSSA external routes
metric ... Metric for redistributed routes
rip Routing Information Protocol (RIP)metric Metric for redistributed routes
<0-16> Default metrictransparent Transparently redistribute metric
static Static routesmetric Metric for redistributed routes
<0-16> Default metrictransparent Transparently redistribute metric
> timers Adjust routing timersbasic Basic routing protocol update timers
<0-4294967295> Interval between updates<1-4294967295> Invalid
<0-4294967295> Holddown
<1-4294967295> Flush> version Set routing protocol version
<1-2> version
8/8/2019 Récapitualtif commandes
http://slidepdf.com/reader/full/recapitualtif-commandes 6/11
Commandes 6 / 11
Router(config)#router ospf ?<1-65535> Process ID
Router(config-router) ?
> area ... OSPF area parameters> default-information Control distribution of default information
originate Distribute a default route> distance Define an administrative distance
<1-255> Administrative distance> exit Exit from routing protocol configuration mode> log-adjacency-changes Log changes in adjacency state
detail Log all state changes> network Enable routing on an IP network
A.B.C.D Network numberA.B.C.D OSPF wild card bits
area Set the OSPF area ID<0-4294967295> OSPF area ID as a decimal value
A.B.C.D OSPF area ID in IP address format> no Negate a command or set its defaults> passive-interface Suppress routing updates on an interface
Ethernet IEEE 802.3FastEthernet .... FastEthternet IEEE 802.3GigabitEthernet ... GigabitEthernet IEEE 802.3Loopback ... Loopback interfaceSerial ... SerialVlan ... Vlan interfacedefault .... Suppress routing updates on all
interfaces> redistribute Redistribute info from another routingprotocol
connected Connectedeigrp ... Enhanced Interior Gateway Routing Protocolmetric ... Metric for redistributed routesospf ... Open Shortest Path First (OSPF)rip .... Routing Information Protocol (RIP)static ... Static routes
> router-id router-id for this OSPF processA.B.C.D OSPF router-id in IP address format
8/8/2019 Récapitualtif commandes
http://slidepdf.com/reader/full/recapitualtif-commandes 7/11
Commandes 7 / 11
Router(config)#router eigrp ?<1-65535> Autonomous system number
Router(config-router) ?> auto-summary Enable auto. network number
summarization> distance Define an administrative distanceeigrp IP-EIGRP distance
<1-255> Distance for internal routes<1-255> Distance for external routes
> exit Exit from routing protocol configuration mode> metric Modify IGRP routing metrics and parameters
weights Modify IGRP coefficients<0-8> Type Of Service (Only TOS 0
supported)<0-256> K1 ... K2 .... K3 .... K4 .... K5
> network Enable routing on an IP networkA.B.C.D Network number
A.B.C.D EIGRP wild card bits> no Negate a command or set its defaults> passive-interface Suppress routing updates on aninterface
Ethernet IEEE 802.3FastEthernet .... FastEthternet IEEE 802.3GigabitEthernet ... GigabitEthernet IEEE 802.3Loopback ... Loopback interfaceSerial ... SerialVlan ... Vlan interfacedefault .... Suppress routing updates on all
interfaces> redistribute Redistribute info from another routing
protocolconnected Connectedeigrp ... Enhanced Interior Gateway Routing Protocolmetric ... Metric for redistributed routesospf ... Open Shortest Path First (OSPF)rip .... Routing Information Protocol (RIP)static ... Static routes
> variance Control load balancing variance<1-128> Metric variance Multiplier
8/8/2019 Récapitualtif commandes
http://slidepdf.com/reader/full/recapitualtif-commandes 8/11
Commandes 8 / 11
Encapsulation
Router(config)#username
xxxx User namepassword etc... Specify the password for the user
(sub)interface serial xx/xx(.yyy)multipoint Treat as a multipoint linkpoint-to-point Treat as a point-to-point linkbandwidth Set bandwidth informational
parameter
Router(config-if)#encapsulation
hdlc Serial HDLC synchronous
ppp Point-to-Point protocolauthentication Set PPP link authentication
method(1) chap Challenge Handshake Authentication
Protocol (2) chap pap CHAP + Password AuthenticationProtocol
(3) pap Password Authentication Protocol(4) pap chap PAP + Challenge Handshake
Authentication Pro.
pap(3 et 4 bis)
Set PAP authenticationparameterssent-username Set outbound PAP usernameRouterx Outbound PAP usernamepassword etc... Set outbound PAP password
frame-relay Frame Relay networksietf Use RFC1490/RFC2427 encapsulation
frame-relayinterface-dlci Define a DLCI on an
interface/subinterface<16-1007> Define a switched or locally terminated
DLCI
lmi-type Use CISCO-ANSI-CCITT type LMIansiciscoq933a
map Map a protocol address to a DLCIaddress
ip xxx.xxx. ….. Protocol specific address<16-1007> DLCI
broadcast Broadcasts should be forwarded to thisaddress
cisco Use CISCO Encapsulationietf Use RFC1490/RFC2427
Encapsulation
Router(config-if)#
8/8/2019 Récapitualtif commandes
http://slidepdf.com/reader/full/recapitualtif-commandes 9/11
Commandes 9 / 11
ppp quality percentage (optional) specifies the link quality …(range 1 to 100)-----------------------------------------------------------------------------------------------------------------------------------------------Router(config-if)#
compresspredictor (optional) using predictor compression algorithmstac (optional) using Stacker (LZS) compression
algorithm
SHOW
Router#show
interfaces … for all interfacesinterfaces serial … about a serial interface
frame-relaylmi show frame relay lmi statisticsmap Frame-Relay map tablepvc show frame relay pvc statistics
<16-1022> DLCIinterface show frame relay information on one
interfaceSerial xx/xx Serial
<16-1022> DLCIaccess-lists List access lists
<1-199> ACL numberWORD ACL name
DEBUG - UNDEBUG
debugppp debugs ppp
packetnegotiationerrorauthenticationcompressioncbcp
frame-relay Frame Relaylmi LMI packet exchanges with service
provider
undebug all turns off all debugging displays
clear frame-relay Clear Frame Relay information
inarp Clear inverse ARP entries fromthe map table
SECURITY
Router(config)service Modify use of network based services
password-encryption Encrypt system passwords
enable Modify enable password parameterspassword Assign the privileged level passwordsecret … etc … Assign the privileged level
secret
8/8/2019 Récapitualtif commandes
http://slidepdf.com/reader/full/recapitualtif-commandes 10/11
Commandes 10 / 11
Router(config-line)#no passwordtransport or no transport Define transport protocols for line
input or output Define which … to use when ...all All protocolsnone No protocolsssh TCP/IP SSH protocoltelnet TCP/IP Telnet protocol
exec-timeout Set the EXEC timeout<0-35791> Timeout in minutes
<0-2147483> Timeout in seconds
ACCESS LIST
Router(config)#username
xxxx User namepassword etc... Specify the password for the user
Router(config)#
access-list ou no access-list Add (or delete) an access list entry
<1-99> IP standard access list
<100-199> IP extended access list
permit Specify packets to forward
deny Specify packets to reject
ip Any Internet Protocol (icmp / tcp / udp)tcp Transmission Control Protocol
eigrp Cisco's EIGRP routing protocol
ospf OSPF routing protocol
host A single source host
xxx... yyy ... Source address & Wildcard bits
any Any source host
host A single destination host
xxx... yyy ... Destination address & Wildcard bits
any Any destination host
eq Match only packets on a given port number
gt Match only packets with a greater port number
lt Match only packets with a lower port number
neq Match only packets not on a given port number range Match only packets in the range of port numbers
<0-65535> Port number
ftp File Transfer Protocol (21)
pop3 Post Office Protocol v3 (110)
smtp Simple Mail Transport Protocol (25)
telnet Telnet (23)
www World Wide Web (HTTP, 80)
remark Access list entry comment
R2(config)#
ip
access-list Named access-list
standard or extended Standard or Extended Access List
<1-99> Standard IP access-list number
WORD Access-list name
8/8/2019 Récapitualtif commandes
http://slidepdf.com/reader/full/recapitualtif-commandes 11/11
Commandes 11 / 11
Router(config-if)#
ip
access-group Specify access control for packets
<1-199> IP access list (standard or extended)
WORD Access-list name
in inbound packetsout outbound packets
Router(config-line)#
access-class Filter connections based on an IP access list
<1-199> IP access list
WORD Access-list name
in Filter incoming connections
out Filter outgoing connections
logging Modify message logging facilities
console Set console logging parameters