 Basic SWITCH/ROUTER configuration.

Command Description
S1> enable User EXEC mode.
S1# configure terminal Privileged EXEC mode.
S1(config)# hostname name Global configuration..
S1(config)# banner motd *message*
S1(config)# enable secret password
S1(config)# service password-encryption
S1(config)# line console 0
S1(config-line)# password password Line configuration.
S1(config-line)# login
S1(config-line)# logging synchronous
S1(config)# line vty 0 15
S1(config-line)# password password
S1(config-line)# login
S1(config-line)# logging synchronous
S1(config)# default-gateway ip
S1(config)# interface vlan 1
S1(config-if)# ip address ip Interface configuration.
S1(config-if)# no shutdown
S1# copy running-config startup-config
R1# clock rate 128000 On DCE. (Router only).

 SSH configuration.
Command Description
S1(config)# ip domain-name name
S1(config)# cryto key generate rsa
S1(config)# username name secret password
S1(config)# line vty 0 15
S1(config-line)# transport input ssh
S1(config-line)# login local
S1(config-line)# access-class access-list-number { in|out} Opcional for access list configuration
S1(config)# ip ssh version 2
  DHCP snooping configuration.
Determinates witch interfaces can snoop DHCP addresses.
Command Description
S1(config)# ip dhcp snooping
S1(config)# ip dhcp snooping vlan number
S1(config)# interface interface
S1(config)# ip dhcp snooping trust When the interface is a trusted one.
S1(config)# ip dhcp snooping limit rate number When the interface is not trusted.

 MAC security configuration.

Command Description
S1(config)# interface interface Individual interface.
S1(config)# interface range interface-interface Several interfaces.
S1(config)# switchport mode access
S1(config)# switchport port-security
S1(config)# switchport port-security maximun number Maximun of MAC address that can be saved for one port.
S1(config)# switchport port-security mac-address mac Configure an specific mac address as secure.
S1(config)# switchport port-security mac-address sticky Learn dynamically mac address and set them as secure.
Protect: Denied service to unknow mac address. Restrict: Denied service to
S1(config)# switchport port-security violation mode
unknow mac address and send message. Shutdown: Default.

 Network time protocol (NTP).

Command Description
S1(config)# ntp server ip Used on client to show the server.
S1(config)# ntp master 0-15 Used on server.

 Auto-negotiation configuration.
Command Description
S1(config)# duplex mode Auto. Full. Half.
S1(config)# speed mode Auto. Number.
S1(config)# mdix auto Allows the system to transfer data independently of the wire used.
  Deleting files.
Command Description
S1# erase startup-config
S1# delete flash:vlan.dat Delete VLAN DB.

 Creatin VLAN.
Command Description
S1(config)# vlan number
S1(config)# name name

 Asigning port to a VLAN.

Command Description
S1(config)# interface interface
S1(config-if)# switchport mode access
S1(config-if)# switchport access vlan vlan

 Loopback configuration.
Command Description
R1# interface loopback number
R1# ip address ip mask Delete VLAN DB.

 Loopback configuration.
Command Description
R1# interface loopback number
R1# ip address ip mask Delete VLAN DB.
  Trunk configuration.
Command Description
S1(config)# interface interface
S1(config-if)# switchport mode trunk
S1(config-if)# switchport trunk native vlan number
S1(config-if)# switchport trunk allowed vlan vlan_list

 Port protection.
Command Description
S1(config)# interface interface
S1(config)# switchport protected Doesn’t send traffic to other protectec ports but it does to unprotected.

 Static route.
Command Description
R1(config)# ip route ip mask type IP, mask: Remote.Network. Type: Next hop. Exit interface.
R1(config)# ipv6 unicast-routing Enable the router to forward IPv6 packets.

 Default static route.

Command Description
R1(config)# ip route 0.0.0.0 0.0.0.0 type Type: Next hop. Exit interface.
R1(config)# ipv6 route ::/0 type Type: Next hop. Exit interface.
  Floating static route.
Command Description
R1(config)# ip route 0.0.0.0 0.0.0.0 type AD Type: Next hop. Exit interface. AD: Administrative distance.
R1(config)# ipv6 route ::/0 type Type: Next hop. Exit interface.

 Legacy inner vlan routing.

Command Description
S1# vlan number Create all the VLANs.
S1# interface interface For each link interface…
S1# switchport access vlan number …configure the correspondent vlan.
R1# interface interface
R1# ip address ip mask

 Router on a stick inner vlan routing.

Command Description
S1(config)# vlan number Create all the VLANs.
S1(config)# interface interface
S1(config-if)# switchport mode trunk
R1(config-if)# interface interface.vlan
R1(config-if)# encapsulation dot1q vlan
R1(config-if)# ip address ip mask
R1(config-if)# interface interface
R1(config-if)# no shutdown
  RIPv1-2
Command Description
R1(config)# router rip Enable RIPv1
R1(config-router)# network network
R1(config-router)# version 2 Enable RIPv2
R1(config-router)# no auto-summary Disable network auto summary (RIPv2 only).
R1(config-router)# passive-interface interface Disable RIP updates to a network.
R1(config-router)# default-information originate Propagate the default statict route on RIP.
R1(config)# ipv6 unicast-routing Enable ipv6 to sed trafic.
R1(config)# ipv6 router rip domain IPV6
R1(config-rtr)# interface interface IPV6
R1(config-if)# ipv6 rip domain enable IPV6

 OSPF
Command Description
R1(config)# router ospf id 1-65535
R1(config-router)# router-id rid Restart ospf process
R1# clear ip ospf process Enable RIPv2
R1(config-router)# network network- wildcard-mask area id. Wildcast is 255.255.255.255-the mask.
R1(config-router)# passive-interface interface

 Access Lists.
Command Description
Type: Allow/Deny. Network: ip. Wildmask: host->all any->none can be
R1(config)# access-list number { deny | permit | remark } source [
use intead. Source: tcp/udp log: equal (eq), not equal (neq), greater
source-wildcard ][ log ]
than (gt), and less than (lt)
R1(config)# interface interface
R1(config-if)# ip access-group { access-list-number | access-list-name
} { in | out }
R1(config)# ip access-list [standar|extended] name ip if for named access lists only. Standar blocks comunication from all
sourses, extended filter sourse and destination
R1(config)# clear access-list counters name
  DHCP.
Command Description
R1(config)# ip dhcp excluded-address low_address [high_address] Excluses an address o a range from dhcp assignation.
R1(config)# ip dhcp pool pool_name Name a DHCP server
R1(dhcp-config)# network ip mask
R1(dhcp-config)# default-router ip
R1(dhcp-config)# dns-server ip
R1(dhcp-config)# domain-name name
R1(config)# [no] service dhcp Enables/Disables dhcp
R1(config)# interface interface
R1(config-if)# ip helper-address ip Relay router IP of dhcp server
R1(config-if)# ip address dhcp Configures a router as a dhcp client.
R1(config-if)# no shutdown
R1# debug ip dhcp server events
R1(config)# access-list 100 permit udp any any eq 67/68
R1# debug ip packet 100
R1(config)# ipv6 unicast-routing Activate ipv6
R1(config-if)# no ipv6 nd managed-config-flag SLAAC ONLY
R1(config-if)# no ipv6 nd other-config-flag
R1(config-if)# ipv6 nd other-config-flag Stateless DHCPV6
R1(config-if)# ipv6 nd managed-config-flag DHCPV6
R1(config-if)# ipv6 enable Router as client dhcpv6 stateless
R1(config-if)# ipv6 address autoconfig
R1(config-if)# ipv6 address ipv6 Router address
R1(config-if)# ipv6 dhcp server name
R1(config-dhcpv6)# address prefix/length [lifetime {valid_lifetime Configure pool parameters stateful
preferred_lifetime | infinite}]
R1(config-if)# ipv6 enable Router as client dhcpv6 statefull
R1(config-if)# ipv6 address dhcp
R1(config-if) ipv6 dhcp relay destination ipv6 Relay router IPv6 of dhcp server
R1# debug ipv6 dhcp detail
R1# debug ipv6 dhcp server events observar, en tiempo real, las asignaciones de direcciones IP que
realiza el router.
  NAT
Command Description
R1(config)# ip nat inside sourse static local_ip global_ip Static NAT
R1(config)# interface interface
R1(config-if)# ip nat inside | outside Set the nat in or out depending of the interface Dynamic & static &
PAT & port forwarding
R1(config)# ip nat pool name ip_star ip_end {netmask mask | prefix- Dynamic NAT & PAT POOL
length prefix-length}
R1(config)# access-list number permit sourse wildcast Dynamic NAT & PAT POOL & PAT
R1(config)# ip nat inside sourse list number pool name Dynamic Nat
R1(config)# ip nat inside sourse list access_list number pool name PAT POOL
overload
R1(config)# ip nat inside sourse list access_list number interface PAT
name overload
R1(config)# ip nat inside source {static { tcp | udp local_ip local_port Port forwading
global_ip global_port} [extendable]

 Command prompt.
Command Description
PC> ssh –l (elle) user ip Access to SSH.
PC> nslookup DNS Determinates if the ip matches the DNS.
PC> tracert IP/DNS Determinates the route to a package.

 Shows.
Command Description
S1# show running-config Shows actual configuration.
S1# show startup-config Shows saved configuration.
S1# show ip interfaces brief Shows a condensed information about all interfaces.
S1# show interfaces Shows complete information about all interfaces.
S1# show inferface interface Shows complete informatio about a single interface.
S1# show ip ssh Displays the version and configuration data for SSH.
S1# show port-security interface interface Shows complete information about an interface security.
S1# show port-security address Shows secure MAC addresses table.
S1# show ntp associations Shows NTP stadistics.
S1# show ntp status Shows the status of the NTP.
S1# show vlan brief Shows condensed information about all vlans.
S1# show interfaces interface switchport Shows trunking and vlan info.
S1# show vlan id number Display information about a single vlan.
S1# show vlan summary Display vlan summary information.
S1# show interface trunk Shows the trunking interfaces.
S1# show dtp interface interface Shows the point to point trunking protocol in use.
R1# show ip interface brief Shows the status of the interfaces.
R1# show ip route Shows the routing table.
R1# show history Shows router’s commands.
R1# show ip route | begin gateway ??
R1# show ip route static Shows only static routes.
R1# show ip protocols
R1# show ipv6 route rip
R1# show ipv6 protocols
R1# show ip ospf neighbor Ospf neighbor table (adjacency db).
R1# show ip ospf database Ospf topology table (link state db LSDB).
R1# show ip ospf
R1# show access-lists
Displays a list of all IPv4 address to MAC address bindings that have
R1# show ip dhcp binding
been provided by the DHCPv4 service.
R1# show ip dhcp server statistics Verifies that messages are being received or sent by the router.
R1# show ip interface interface Dhcp debug
R1# show ip dhcp conflict Shows douplicated ips
R1# show ip nat translations
R1# show ip nat statistics