ICND1-100-101 IOS CLI Study Guide (CCENT)



Similar documents
CCT vs. CCENT Skill Set Comparison

: Interconnecting Cisco Networking Devices Part 1 v2.0 (ICND1)

Skills Assessment Student Training Exam

Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials.

Interconnecting Cisco Network Devices 1 Course, Class Outline

Cisco Certified Network Associate Exam. Operation of IP Data Networks. LAN Switching Technologies. IP addressing (IPv4 / IPv6)

Interconnecting Cisco Networking Devices, Part 1 (ICND1) v3.0

Cisco - Configure the 1721 Router for VLANs Using a Switch Module (WIC-4ESW)

INTERCONNECTING CISCO NETWORK DEVICES PART 1 V2.0 (ICND 1)

Basic Wireless Configuration

Topic 7 DHCP and NAT. Networking BAsics.

Lab Configure Basic AP Security through IOS CLI

8 steps to protect your Cisco router

Network Simulator Lab Study Plan

CCNA Exploration 4.0: ESwitching Basic Switching / Wireless PT Practice SBA. Switch S1 S1#sh ru Building configuration...

The Cisco IOS Firewall feature set is supported on the following platforms: Cisco 2600 series Cisco 3600 series

Welcome to Todd Lammle s CCNA Bootcamp

Brocade to Cisco Comparisons

Device Interface IP Address Subnet Mask Default Gateway

WiNG 5.X How To. Policy Based Routing Cache Redirection. Part No. TME Rev. A

Objectives. Router as a Computer. Router components and their functions. Router components and their functions

Configuring Network Address Translation

Lab Configuring Basic Router Settings with the Cisco IOS CLI

- The PIX OS Command-Line Interface -

Configuring Server Load Balancing

How To Learn Cisco Cisco Ios And Cisco Vlan

"Charting the Course...

TotalCloud Phone System

Router Lab Reference Guide

Brest. Backup : copy flash:ppe_brest1 running-config

How To Configure InterVLAN Routing on Layer 3 Switches

Configuring Static and Dynamic NAT Translation

Securing Networks with PIX and ASA

CCNA Security. Chapter Two Securing Network Devices Cisco Learning Institute.

PT Activity: Configure Cisco Routers for Syslog, NTP, and SSH Operations

Lab Configuring PAT with SDM and Static NAT using Cisco IOS Commands

Lab Organizing CCENT Objectives by OSI Layer

Experts in Networking. CCNA Cheat Sheet. This CCNA command cheat sheet covers both ICND parts 1 & 2 and covers the current CCNA exam ( ).

Cisco Networking Professional-6Months Project Based Training

Configuring Port Security

Configure ISDN Backup and VPN Connection

Chapter 11 Network Address Translation

Virtual Fragmentation Reassembly

Geschreven door Administrator woensdag 13 februari :37 - Laatst aangepast woensdag 13 februari :05

Cisco Certified Network Associate (CCNA) 120 Hours / 12 Months / Self-Paced WIA Fee: $

Troubleshooting the Firewall Services Module

Savvius Insight Initial Configuration

ICND1 Lab Guide Interconnecting Cisco Networking Devices Part 1 Version 2.0. Labs powered by

- Basic Router Security -

Configuring Role-Based Access Control

Felix Rohrer. PT Activity 7.5.3: Troubleshooting Wireless WRT300N. Topology Diagram

LAB II: Securing The Data Path and Routing Infrastructure

Configuring WAN Failover with a Cisco 881 Router and an AirLink ES440

Lab Configuring Syslog and NTP (Instructor Version)

ASA 8.3 and Later: Mail (SMTP) Server Access on Inside Network Configuration Example

GregSowell.com. Mikrotik Basics

Lab Configuring Basic Router Settings with the Cisco IOS CLI

ISE TACACS+ Configuration Guide for Cisco NX-OS Based Network Devices. Secure Access How-to User Series

Enabling Remote Access to the ACE

Cisco Configuring Commonly Used IP ACLs

Configuring a Leased Line

Using LiveAction with Cisco Secure ACS (TACACS+ Server)

Objectives. Background. Required Resources. CCNA Security

Lab Configuring DHCP with SDM and the Cisco IOS CLI

login timeout 30 access list ALL line 20 extended permit ip any any port 9053 interval 15 passdetect interval 30

What is VLAN Routing?

Introduction about cisco company and its products (network devices) Tell about cisco offered courses and its salary benefits (ccna ccnp ccie )

CT5760 Controller and Catalyst 3850 Switch Configuration Example

PIX/ASA 7.x and above : Mail (SMTP) Server Access on Inside Network Configuration Example

WorldSkills Hong Kong Competition Test Project IT Network Systems Administration (Linux Module) English Version only 只 提 供 英 文 版 本

Table of Contents. Cisco Using the Cisco IOS Firewall to Allow Java Applets From Known Sites while Denying Others

LAB Configuring NAT. Objective. Background/Preparation

Chapter 3 Using Access Control Lists (ACLs)

Using a Sierra Wireless AirLink Raven X or Raven-E with a Cisco Router Application Note

CCNA Routing & Switching

Lab 3.5.1: Basic VLAN Configuration (Instructor Version)

Remote Access VPN Business Scenarios

Basic Router Configuration Using Cisco Configuration Professional

Chapter 2 Reading Organizer

Lab Creating a Logical Network Diagram

APNIC Members Training Course Security workshop. 2-4 July, Port Vila Vanuatu. In conjunction with PACNOG 4

Adding an Extended Access List

Interconnecting Cisco Networking Devices Part 2

Chapter 7 Lab 7-1, Configuring Switches for IP Telephony Support

Configuring Network Address Translation (NAT)

Implementing Secured Converged Wide Area Networks (ISCW) Version 1.0

How To Block On A Network With A Group Control On A Router On A Linux Box On A Pc Or Ip Access Group On A Pnet 2 On A 2G Router On An Ip Access-Group On A Ip Ip-Control On A Net

CCBOOTCAMP s Comprehensive ICND2 Study Guide With Sample Questions

LAN-Cell to Cisco Tunneling

C H A P T E R Management Cisco SAFE Reference Guide OL

Securing the Connected Enterprise

Firewall Authentication Proxy for FTP and Telnet Sessions

Network Protocol Configuration

Lab 6.1 Configuring a Cisco IOS Firewall Using SDM

Network Address Translation Commands

Lab 8.3.3b Configuring a Remote Router Using SSH

IP Addressing and Subnetting. 2002, Cisco Systems, Inc. All rights reserved.

Troubleshooting the Firewall Services Module

Transcription:

ICND1-100-101 IOS CLI Study Guide (CCENT) Hostname: 2. hostname SW1 SWITCH CONFIGURATION Mgmt IP: 2. interface vlan 1 3. ip address 10.0.0.2 4. no shut Gateway: 2. ip default-gateway 10.0.0.1 Local User/Pwd: 2. username shane password cisco Enable Secret Pwd: 2. enable secret cisco Console/VTY Logins: 2. lin con 0 OR lin vty 0 4 (range of virtual connections) 3. password cisco 4. login (OR login local to use a local username & pwd) Exec Timeout: 2. lin con 0 OR vty 0 4 3. exec-timeout 10 10 (10 mins & 10 secs) Service Pwd Encryption: 2. service password-encryption (encrypts "lin", "enable pwd", & local user pwds) Copy Run Start: 2. cop run start Hostname: 2. hostname R1 ROUTER CONFIGURATION Local User/Pwd: 2. username shane password cisco Enable Secret Pwd: 2. enable secret cisco Console/VTY Logins: 2. lin con 0 OR lin vty 0 4 (range of virtual connections) 3. password cisco 4. login (OR login local to use a local username & pwd) Exec Timeout: 2. lin con 0 OR vty 0 4 3. exec-timeout 10 10 (10 mins & 10 secs) Service Pwd Encryption: 2. service password-encryption (encrypts "lin", "enable pwd", & local user pwds) Interface IP Address: 2. int f0/0 3. ip address 10.0.0.1 4. no shut 5. Loopback Address: a. int loopback 0 b. ip address 192.168.1.1 Banner: 2. banner motd #Temp Maintenance msgs# 3. banner login #Perm Unauth Msg#

Configure VLANs: 2. vlan 10 3. name Clients 4. int range f0/1-14 5. switchport access vlan 10 6. Repeat 2-5 for additional VLANs 7. show vlan brief Configure Trunking: 2. int f0/24 3. switchport trunk encapsulation dot1q 4. switchport mode trunk 5. switchport trunk allowed vlan 10,20 (or 10-20 for Range or single VLAN #) 6. show interface f0/24 trunk 5. switchport trunk allowed vlan add # (add a VLAN if needed or forgot earlier) Enable/Configure Port Security: 2. int range f0/1-14 3. switchport mode access 4. DYNAMIC: 5. STATIC: mac-address 0111.2222.3344 6. STICKY: mac-address sticky 7. LIMITATION: maximum 2 8. switchport port-security violation protect restrict 9. show port-security interface Shutdown Unused ports: 2. int range f1/0-1/5 3. shut Reassign Unused Ports: 2. int range f1/12-1/5 3. switchport access vlan 999 (optionally, 1st creat vlan, then sub vlan config give name unused) 4. banner exec #Msg displayed AFTER a user logs in# Configure Ethernet Interface: 1. See IP Address config above 2. show interface f0/0 Verify Configuration: 1. show cmds -> running-config, cdp neighbors detail, ip interface brief Configure Static Route: 2. ip route 10.0.10.0 172.16.2.1 NOTE: IP Address in above cmd = remote Network, remote Network Mask, Next Hop Router IP 3. ip route 0.0.0.0 0.0.0.0 172.16.2.1 (the Default route) 4. show ip route Configure OSPF: 2. router ospf 1 3. (optional) router-id 1.1.1.1 4. network 10.0.0.0 0.0.0.255 area 0 5. Repeat #4 for all Directly Connected Routes OR: b. int f0/0 c. ip ospf 1 area 0 d. repeat a-c for remaining Connected Interfaces 6. sho ip ospf neighbor AND/OR database ; show ip protocol 7. Configure on ALL Routers 8. For IPv6 b. ipv6 unicast-routing c. ipv6 router ospf 1 d. router-id 1.1.1.1 e. pass-interface g0/0.10 (opt) f. int f0/0 g. ipv6 ospf 1 area 0 h. repeat f-g for other interfaces Configure a Passive Interface: 2. router ospf 1 3. passive-interface g0/0.11 4. show ip ospf interface

Change Native VLAN: 2. int f0/24 (or, whatever int is trunk port) 3. switchport trunk native vlan 99 Configure Inter-VLAN Routing/ROAS: 2. int f0/0 3. no ip address 4. int f0/0.1 5. ip address 172.16.1.1 6. encapsulation dot1q native 7. no shut 8. int f0/0.10 9. encapsulation dot1q 10 10. ip address 192.168.10.10 11. no shut 12. Repeat #2-#5 to add additional VLANs Configure SVI (Enable Routing on L3 Switch): 1. sdm prefer lanbase-routing 2. reload 3. conf t 4. ip routing 5. interface vlan 1 6. ip address 192.168.10.10 7. no shut 8. vlan 10 9. vlan 30 (repeat if needed) 10. interface vlan 10 11. ip address cmd 12. no shut 13. repeat #10-12 for remaining VLANs Configure DHCP: 1. ip address dhcp (on an interface) 2. ip dhcp pool name 3. network 10.0.0.0 /24 4. default-router 10.0.0.1 5. EXIT, then conf t -> ip dhcp excluded-address #.#.#.# #.#.#.# Configure ACLs: 1. Numbered Standard (1-99; Source IP ONLY) a. access-list 1 permit host 10.1.1.1 b. access-list 1 deny 10.1.1.0 0.0.0.0 c. access-list 1 permit any d. int s0/1 e. ip access-group 1 out 2. Numbered Extended a. access-list 100 permit ip host 10.1.1.1 172.16.10.0 0.0.0.255 b. access-list 100 deny tcp any

any (deny any traffic with a tcp header to any device ) c. access-list 100 permit udp 1.1.1.0 0.0.0.255 any (deny all packets with a udp header from given Subnet to any destination device) d. access-list 100 deny tcp any host 10.1.1.1 eq 23 (deny any packet with a tcp header from any source host to specific device 10.1.1.1 on port 23) e. apply ACL on Interface in/out 3. Named Standard a. ip access-list standard somename b. permit 10.1.1.1 c. deny 10.1.1.0 0.0.0.255 d. permit any e. apply to appropriate Interface in or out 4. Named Extended a. ip access-list extended somename b. permit ip 192.168.10.0 0.0.0.255 any eq www c. permit ip any any d. apply to appropriate Interface in or out Configure NAT: 1. STATIC: b. ip nat inside source static 192.168.10.100 203.0.113.70 c. int f0/1 d. ip nat in e. int s0/0 f. ip nat out g. show ip nat translations 2. DYNAMIC: b. ip access-list standard 100 c. permit ip any d. ip nat pool PoolName 103.10.111.1 103.10.111.31 netmask 255.255.255.240 e. ip nat inside source list 100 pool PoolName f. int f0/0 g. ip nat in h. int s0/1 i. ip nat out 3. PAT: b. access-list 101 permit any

(repeat this step to add to list if needed) c. ip nat inside source list 101 interface S0/0/0 overload Configure NTP Client: 2. ntp server 8.8.8.8 version 4 3. show ntp status OR associations Device Password Security: 2. enable secret cisco (Priv Exec Mode Pwd) 3. services password-encryption (encrypts enable, local user, & lin Pwds) Disable Telnet: 2. lin vty 0 4 3. transport input ssh Enable SSH: 2. ip domain name shane.local 3. username shane password cisco 4. crypto key generate rsa generalkeys modulus 1024 5. ip ssh version 2 6. lin vty 0 4 7. transport input ssh Configure ACL for Telnet/SSH Access: 1. access-list 20 permit 10.2.2.0 0.0.0.255 2. lin vty 0 4 3. access-class 20 in The above configurations assume you know the why behind them. This Guide is solely intended to remove all noise around the ICND1 Outline & provide a direct CLI How-to procedure for each of the listed tasks. Reference the ICND1 Study Guide for detailed explanations of each. Created by Shane Williford 19 October 2014. If you reference this Study Guide, please give credit to the author.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information