 Basic SWITCH/ROUTER configuration.

Command Description
S1> enable User EXEC mode.
S1# configure terminal Privileged EXEC mode.
S1(config)# hostname name Global configuration..
S1(config)# banner motd *message*
S1(config)# enable secret password
S1(config)# service password-encryption
S1(config)# line console 0
S1(config-line)# password password Line configuration.
S1(config-line)# login
S1(config-line)# logging synchronous
S1(config)# line vty 0 15
S1(config-line)# password password
S1(config-line)# login
S1(config-line)# logging synchronous
S1(config)# default-gateway ip
S1(config)# interface vlan 1
S1(config-if)# ip address ip Interface configuration.
S1(config-if)# no shutdown
S1# copy running-config startup-config
R1# clock rate 128000 On DCE. (Router only).

 SSH configuration.
Command Description
S1(config)# ip domain-name name
S1(config)# cryto key generate rsa
S1(config)# username name secret password
S1(config)# line vty 0 15
S1(config-line)# transport input ssh
S1(config-line)# login local
S1(config-line)# access-class access-list-number { in|out} Opcional for access list configuration
S1(config)# ip ssh version 2
  DHCP snooping configuration.
Determinates witch interfaces can snoop DHCP addresses.
Command Description
S1(config)# ip dhcp snooping
S1(config)# ip dhcp snooping vlan number
S1(config)# interface interface
S1(config)# ip dhcp snooping trust When the interface is a trusted one.
S1(config)# ip dhcp snooping limit rate number When the interface is not trusted.

 MAC security configuration.

Command
S1(config)# interface interface
S1(config)# interface range interface-interface
S1(config)# switchport mode access
S1(config)# switchport port-security
S1(config)# switchport port-security maximun number
S1(config)# switchport port-security mac-address mac
S1(config)# switchport port-security mac-address sticky
S1(config)# switchport port-security violation mode
Description
Individual interface.
Several interfaces.
Maximun of MAC address that can be saved for one port.
Configure an specific mac address as secure.
Learn dynamically mac address and set them as secure.
Protect: Denied service to unknow mac address. Restrict: Denied service to
unknow mac address and send message. Shutdown: Default.

 Network time protocol (NTP).

Command Description
S1(config)# ntp server ip Used on client to show the server.
S1(config)# ntp master 0-15 Used on server.

 Auto-negotiation configuration.
Command Description
S1(config)# duplex mode Auto. Full. Half.
S1(config)# speed mode Auto. Number.
S1(config)# mdix auto Allows the system to transfer data independently of the wire used.
  Deleting files.
Command Description
S1# erase startup-config
S1# delete flash:vlan.dat Delete VLAN DB.

 Creatin VLAN.
Command Description
S1(config)# vlan number
S1(config)# name name

 Asigning port to a VLAN.

Command Description
S1(config)# interface interface
S1(config-if)# switchport mode access
S1(config-if)# switchport access vlan vlan

 Loopback configuration.
Command Description
R1# interface loopback number
R1# ip address ip mask Delete VLAN DB.

 Loopback configuration.
Command Description
R1# interface loopback number
R1# ip address ip mask Delete VLAN DB.
  Trunk configuration.
Command Description
S1(config)# interface interface
S1(config-if)# switchport mode trunk
S1(config-if)# switchport trunk native vlan number
S1(config-if)# switchport trunk allowed vlan vlan_list

 Port protection.
Command Description
S1(config)# interface interface
S1(config)# switchport protected Doesn’t send traffic to other protectec ports but it does to unprotected.

 Static route.
Command Description
R1(config)# ip route ip mask type IP, mask: Remote.Network. Type: Next hop. Exit interface.
R1(config)# ipv6 unicast-routing Enable the router to forward IPv6 packets.

 Default static route.

Command Description
R1(config)# ip route 0.0.0.0 0.0.0.0 type Type: Next hop. Exit interface.
R1(config)# ipv6 route ::/0 type Type: Next hop. Exit interface.
  Floating static route.
Command Description
R1(config)# ip route 0.0.0.0 0.0.0.0 type AD Type: Next hop. Exit interface. AD: Administrative distance.
R1(config)# ipv6 route ::/0 type Type: Next hop. Exit interface.

 Legacy inner vlan routing.

Command Description
S1# vlan number Create all the VLANs.
S1# interface interface For each link interface…
S1# switchport access vlan number …configure the correspondent vlan.
R1# interface interface
R1# ip address ip mask

 Router on a stick inner vlan routing.

Command Description
S1(config)# vlan number Create all the VLANs.
S1(config)# interface interface
S1(config-if)# switchport mode trunk
R1(config-if)# interface interface.vlan
R1(config-if)# encapsulation dot1q vlan
R1(config-if)# ip address ip mask
R1(config-if)# interface interface
R1(config-if)# no shutdown
  RIPv1-2
Command Description
R1(config)# router rip Enable RIPv1
R1(config-router)# network network
R1(config-router)# version 2 Enable RIPv2
R1(config-router)# no auto-summary Disable network auto summary (RIPv2 only).
R1(config-router)# passive-interface interface Disable RIP updates to a network.
R1(config-router)# default-information originate Propagate the default statict route on RIP.
R1(config)# ipv6 unicast-routing Enable ipv6 to sed trafic.
R1(config)# ipv6 router rip domain IPV6
R1(config-rtr)# interface interface IPV6
R1(config-if)# ipv6 rip domain enable IPV6

 OSPF
Command Description
R1(config)# router ospf id 1-65535
R1(config-router)# router-id rid Restart ospf process
R1# clear ip ospf process Enable RIPv2
R1(config-router)# network network- wildcard-mask area id. Wildcast is 255.255.255.255-the mask.
R1(config-router)# passive-interface interface

 Access Lists.
Command Description
Type: Allow/Deny. Network: ip. Wildmask: host->all any->none can be
R1(config)# access-list number { deny | permit | remark } source [
use intead. Source: tcp/udp log: equal (eq), not equal (neq), greater
source-wildcard ][ log ]
than (gt), and less than (lt)
R1(config)# interface interface
R1(config-if)# ip access-group { access-list-number | access-list-name
} { in | out }
R1(config)# ip access-list [standar|extended] name ip if for named access lists only. Standar blocks comunication from all
sourses, extended filter sourse and destination
R1(config)# clear access-list counters name
  DHCP.
Command Description
R1(config)# ip dhcp excluded-address low_address [high_address] Excluses an address o a range from dhcp assignation.
R1(config)# ip dhcp pool pool_name Name a DHCP server
R1(dhcp-config)# network ip mask
R1(dhcp-config)# default-router ip
R1(dhcp-config)# dns-server ip
R1(dhcp-config)# domain-name name
R1(config)# [no] service dhcp Enables/Disables dhcp
R1(config)# interface interface
R1(config-if)# ip helper-address ip Relay router IP of dhcp server
R1(config-if)# ip address dhcp Configures a router as a dhcp client.
R1(config-if)# no shutdown
R1# debug ip dhcp server events
R1(config)# access-list 100 permit udp any any eq 67/68
R1# debug ip packet 100
R1(config)# ipv6 unicast-routing Activate ipv6
R1(config-if)# no ipv6 nd managed-config-flag SLAAC ONLY
R1(config-if)# no ipv6 nd other-config-flag
R1(config-if)# ipv6 nd other-config-flag Stateless DHCPV6
R1(config-if)# ipv6 nd managed-config-flag DHCPV6
R1(config-if)# ipv6 enable Router as client dhcpv6 stateless
R1(config-if)# ipv6 address autoconfig
R1(config-if)# ipv6 address ipv6 Router address
R1(config-if)# ipv6 dhcp server name
R1(config-dhcpv6)# address prefix/length [lifetime {valid_lifetime Configure pool parameters stateful
preferred_lifetime | infinite}]
R1(config-if)# ipv6 enable Router as client dhcpv6 statefull
R1(config-if)# ipv6 address dhcp
R1(config-if) ipv6 dhcp relay destination ipv6 Relay router IPv6 of dhcp server
R1# debug ipv6 dhcp detail
R1# debug ipv6 dhcp server events observar, en tiempo real, las asignaciones de direcciones IP que
realiza el router.
  NAT
Command Description
R1(config)# ip nat inside sourse static local_ip global_ip Static NAT
R1(config)# interface interface
R1(config-if)# ip nat inside | outside Set the nat in or out depending of the interface Dynamic & static &
PAT & port forwarding
R1(config)# ip nat pool name ip_star ip_end {netmask mask | prefix- Dynamic NAT & PAT POOL
length prefix-length}
R1(config)# access-list number permit sourse wildcast Dynamic NAT & PAT POOL & PAT
R1(config)# ip nat inside sourse list number pool name Dynamic Nat
R1(config)# ip nat inside sourse list access_list number pool name PAT POOL
overload
R1(config)# ip nat inside sourse list access_list number interface PAT
name overload
R1(config)# ip nat inside source {static { tcp | udp local_ip local_port Port forwading
global_ip global_port} [extendable]

 Command prompt.
Command Description
PC> ssh –l (elle) user ip Access to SSH.
PC> nslookup DNS Determinates if the ip matches the DNS.
PC> tracert IP/DNS Determinates the route to a package.

 Shows.
Command Description
S1# show running-config Shows actual configuration.
S1# show startup-config Shows saved configuration.
S1# show ip interfaces brief Shows a condensed information about all interfaces.
S1# show interfaces
S1# show inferface interface
S1# show ip ssh
S1# show port-security interface interface
S1# show port-security address
S1# show ntp associations
S1# show ntp status
S1# show vlan brief
S1# show interfaces interface switchport
S1# show vlan id number
S1# show vlan summary
S1# show interface trunk
S1# show dtp interface interface
R1# show ip interface brief
R1# show ip route
R1# show history
R1# show ip route | begin gateway
R1# show ip route static
R1# show ip protocols
R1# show ipv6 route rip
R1# show ipv6 protocols
R1# show ip ospf neighbor
R1# show ip ospf database
R1# show ip ospf
R1# show access-lists
R1# show ip dhcp binding
R1# show ip dhcp server statistics
R1# show ip interface interface
R1# show ip dhcp conflict
R1# show ip nat translations
R1# show ip nat statistics
Shows complete information about all interfaces.
Shows complete informatio about a single interface.
Displays the version and configuration data for SSH.
Shows complete information about an interface security.
Shows secure MAC addresses table.
Shows NTP stadistics.
Shows the status of the NTP.
Shows condensed information about all vlans.
Shows trunking and vlan info.
Display information about a single vlan.
Display vlan summary information.
Shows the trunking interfaces.
Shows the point to point trunking protocol in use.
Shows the status of the interfaces.
Shows the routing table.
Shows router’s commands.
??
Shows only static routes.
Ospf neighbor table (adjacency db).
Ospf topology table (link state db LSDB).
Displays a list of all IPv4 address to MAC address bindings that have
been provided by the DHCPv4 service.
Verifies that messages are being received or sent by the router.
Dhcp debug
Shows douplicated ips