Uncategorized – Page 2 – Saikat Infotech

Cisco Commands Cheat Sheet PDF 1Cisco Commands Cheat Sheet PDF 2Cisco Commands Cheat Sheet PDF 3 Cisco Router & Switch Ether-Channel Routerint port-channel 1no shutdownexitint fa0/0channel-group 1no shutdownexitint fa0/1channel-group 1no shutdownexitint port-channel 1ip add 192.168.1.1 255.255.255.0no shutdown.exitSwitchint range fa0/1-2channel-group 1 mode onexitint port-channel 1exit Layer 2 Switch To Switch Ether-channel Switch1interface range fa0/1-2channel-group 1 mode activeSwitch2interface range fa0/1-2channel-group 1 mode passiveHow To Ether-Channel Checkingshow etherchannel summary show etherchannel detailshow etherchannel port-channel L3 Etherchannel Multilayer Switch Switch1int fa0/1no switchportip address 10.10.10.1 255.255.255.0no shutdownexithostname sw1int portchannel 1no switchportip address 172.16.1.1 255.255.255.0no shutdownexitint range fa0/2-3no switchportchannel-group 1 mode activeSwitch2int fa0/1no switchportip address 11.11.11.1 255.255.255.0no shutdownexithostname sw2int portchannel 1no switchportip address 172.16.2.1 255.255.255.0no shutdownexitint range fa0/2-3no switchportchannel-group 1 mode passive Router To Router Ether-channel Router1int port-channel 1no shutdownexitint fa0/0channel-group 1no shutdownexitint fa0/1channel-group 1no shutdownexitint port-channel 1ip add 192.168.1.1 255.255.255.0no shutdown.exitRouter2int port-channel 1no shutdownexitint fa0/0channel-group 1no shutdownexitint fa0/1channel-group 1no shutdownexitint port-channel 1ip add 192.168.1.1 255.255.255.0no shutdownexit Configuring VLANs on Cisco Switches Creating the VLAN in the VLAN Database Switch1vlan 10name REDexitvlan 20name ORANGEexitvlan 30name BLUEexitAssigning the Switchport to a VLANinterface Ethernet 0/2 switchport mode accessswitchport access vlan 10exitinterface Ethernet 0/3switchport mode accessswitchport access vlan 30exitCreating a trunk port interface Ethernet 2/1switchport trunk encapsulation dot1qswitchport mode trunkexitinterface Ethernet 2/2switchport trunk encapsulation dot1qswitchport mode trunkexitTo set the Native VLAN Untag Trafficinterface Ethernet 2/1switchport trunk native vlan 3exitinterface Ethernet 2/2switchport trunk native vlan 3exitAllowed VLAN Listinterface Ethernet 2/1switchport trunk allowed vlan 10,20switchport trunk allowed vlan 20switchport trunk allowed vlan add 30interface Ethernet1/1switchport trunk allowed vlan remove 20interface Ethernet1/1no switchport trunk allowed vlan Show Commnd Switchshow vlan brief show interfaces trunk show interfaces switchportshow interfaces statusshow spanning-treeRoutershow startup-config show running-configshow clockshow hostsshow usersshow arpshow protocolsshow historyshow ip routeshow versionshow ipv6 routeshow interfacesshow interfaces gigabitEthernet 0/0show ip interface briefshow ipv6 interface briefshow cdp neighborsshow ntp statusshow Flash:show loggingshow access-listsshow ip dhcp bindingshow ip dhcp poolshow ip eigrp neighborsshow ip ospf neighborshow ip nat translationsshow standbyshow mac address-tableshow spanning tree summaryshow etherchannelshow vlanshow vtp statusshow port-securityshow monitor session allshow interfaces statusshow interfaces switchportshow interfaces trunkSwitching Commndconfigure terminal enable reload hostname Copy startup-config running-config Copy running-config startup-config show startup-config show running-config ip address ip-address mask shutdown no shutdown show ip interface 0/0 show mac address-table show interfaces show interface status show interfaces switchport show cdp show cdp neighbors[detail] show vlanshow vlan brief show port security [interface interface-id] Static NAT Dynamic NAT Dynamic PAT DST NAT Static NATConfigure the router's Define inside & Outside interface fa0/0ip nat outsideinterface fa0/1ip nat insideip nat inside source static 192.168.10.10 202.202.10.1Dynamic NAT int f0/0ip nat outsideexitint f1/0ip nat insideexitip nat pool saikat 20.1.1.5 20.1.1.20 netmask 255.255.255.0access-list 1 permit 192.168.1.0 0.0.0.255ip nat inside source list 1 pool pool1show ip nat translationsDynamic PATint f0/0ip nat outsideexitint f1/0ip nat insideexitaccess-list 1 permit 192.168.123.0 0.0.0.255ip nat inside source list 1 interface fastEthernet 1/0 overloadshow ip nat translations Port ForwardingWAN Interfaceconf tinterface gigabitEthernet 0/0ip address 50.50.50.1 255.255.255.0ip nat outside <– Configure the WAN as NAT outside interfaceno shutdownexitLAN Interfaceinterface gigabitEthernet 0/1ip address 192.168.1.1 255.255.255.0ip nat inside <– Configure the LAN as NAT inside interfaceno shutdownexitip route 0.0.0.0 0.0.0.0 50.50.50.2 <– Configure default routeaccess-list 1 permit 192.168.1.0 0.0.0.255 <– Configure ACL to be used for PATip nat inside source list 1 interface GigabitEthernet0/0 overload <– Configure PAT (NAT overload)ip nat inside source static tcp 192.168.1.10 80 50.50.50.1 80 <– Port Forwarding for Web Serverip nat inside source static tcp 192.168.1.11 25 50.50.50.1 25 <– Port Forwarding for SMTP Servershow ip nat translations <---- Checking For NAT Working Or Not HSRP VRRP GLBP Redundancy Protocol HSRP ConfigurationR1interface Ethernet0/1description LAN Interface of Active Routerip address 192.168.1.1 255.255.255.0standby 1 ip 192.168.1.254 <—- Create HSRP Group 1 and assign Virtual IPstandby 1 priority 101 <—- Assign priority above 100 to make this the primary routerstandby 1 preempt <—- Makes router active if it has higher priorityR2interface Ethernet0/1description LAN Interface of Standby Routerip address 192.168.1.2 255.255.255.0standby 1 ip 192.168.1.254 <—- Create HSRP Group 1 and assign Virtual IPstandby 1 preempt <—- Makes router active if it has higher priorityVRRP Configuration------------------R1interface Ethernet0/1description LAN Interface of Active Routerip addressip address 192.168.1.1 255.255.255.0vrrp 1 ip 192.168.1.254 <—- Create VRRP Group 1 and assign Virtual IPvrrp 1 priority 101 <—- Assign priority above 100 to make this the primary routervrrp 1 preempt <—- Makes router active if it has higher priorityR2--interface Ethernet0/1description LAN Interface of Standby Routerip address 192.168.1.2 255.255.255.0vrrp 1 ip 192.168.1.254 <—- Create VRRP Group 1 and assign Virtual IPvrrp 1 preempt <—- Makes router active if it has higher priorityGLBP Configuration..................R1interface Ethernet0/1description LAN Interface of Primary Routerip address 192.168.1.1 255.255.255.0glbp 1 ip 192.168.1.254 <—- Create GLBP Group 1 and assign Virtual IPglbp 1 priority 101 <—- Assign priority above 100 to make this the primary routerglbp 1 preempt <—- Makes router active if it has higher priorityglbp 1 load-balancing round-robin <—- Configure round-robin balancing of trafficR2interface Ethernet0/1description LAN Interface of Secondary Routerip address 192.168.1.2 255.255.255.0glbp 1 ip 192.168.1.254 Hello interval in secondsmsec Specify hello interval in millisecondsredirect Specify timeout values for failed forwardersAuthentication – A router will ignore incoming GLBP packets from routers that do not have the same authentication configuration for a GLBP group.R1(config-if)#glbp 10 authentication ?md5 MD5 authenticationtext Plain text authenticationBy default, GLBP will load balance traffic using the round-robin method. But we can change it by using the following command:R1(config-if)#glbp 10 load-balancing ?host-dependent Load balance equally, source MAC determines forwarder choiceround-robin Load balance equally using each forwarder in turnweighted Load balance in proportion to forwarder weightingLet’s try changing it from round-robin to weighted.R1(config-if)#glbp 10 load-balancing weighted R1(config-if)#glbp 10 weighting 50For verification, let’s use the ‘show glbp’ command.R1#sh glbp | inc weightLoad balancing: weightedActive is local, weighting 150Active is 10.10.10.2 (primary), weighting 100 (expires in 11.424 sec)Interface Tracking For ISP Link Router s0/0 Porttrack 10 interface s0/0 line-protocolshow trackinterface fa0/0glbp 1 weighting track 10 decrement 10glbp 1 weighting 120hostname router-A!track 1 interface Serial0/0 line-protocol!interface FastEthernet0/0ip address 192.168.10.1 255.255.255.0glbp 10 ip 192.168.10.254glbp 10 priority 255glbp 10 weighting track 1 decrement 100!hostname router-B!track 1 interface Serial0/0 line-protocol!interface FastEthernet0/0ip address 192.168.10.2 255.255.255.0glbp 10 ip 192.168.10.254glbp 10 priority 254glbp 10 weighting track 1 decrement 100! CDP & LLDP CDP---show cdpshow cdp neighborshow cdp neighbor detail Enable CDP----------cdp run Disable CDP-----------no cdp run LLDP----show lldpshow lldp neighborshow lldp neighbor detail Activate LLDP----------------lldp runno lldp run Disable/Enable LLDP on Port---------------------------int fa0/1no lldp transmitno lldp reciveTo configure cdp Hello time and Hold time, you can use the below commands. Time is mentioned as seconds.-----------------------------------------------------------Switch(config)# cdp timer 50Switch(config)# cdp holdtime 100To clear the CDP table, use the “clear cdp table” command.--------------------------------------------------------Switch# clear cdp tableTo verify CDP, you can use general CDP verification commands below:-------------------------------------------------------------------Switch# show cdpSwitch# show cdp interfaceSwitch# show cdp neighborsSwitch# show cdp entrySwitch# show cdp trafficCDP Disable For Interfaces--------------------------fa0/10no cdp run IPsec VPN Site To Site R1--access-list 100 permit ip 10.1.1.0 0.0.0.255 10.1.2.0 0.0.0.255crypto isakmp enable <Phase 1crypto isakmp policy 1encr 3deshash md5authentication pre-sharegroup 2lifetime 8640exitcrypto isakmp key 0 HQoffice address 22.1.1.1 <-R2 Public IPcrypto ipsec transform-set TS esp-3des esp-md5-hmac <IPSEC Tunnel Createcrypto map CMAP 10 ipsec-isakmpset peer 12.1.1.1set transform-set TSmatch address 100interface s2/0 <-Enable IPsec Router Interfacescrypto map CMAPping 12.1.1.10 repeat 10000IPsec Checking Commnd---------------------show crypto isakmp policy <-Checking Policyshow crypto isakmp key <-Checking keyshow crypto ipsec transform-setshow crypto mapshow crypto isakmp sa <-Checking Phase 1 Statusshow crypto ipsec sa <-Checking Phase 2R2--access-list 100 permit ip 10.1.2.0 0.0.0.255 10.1.1.0 0.0.0.255crypto isakmp enablecrypto isakmp policy 1encr 3deshash md5authentication pre-sharegroup 2lifetime 8640exitcrypto isakmp key 0 HQoffice address 11.1.1.1 network 10.10.10.0 255.255.255.0default router 10.10.10.1dns-server 8.8.8.8exitconfig tip dhcp pool 20network 10.10.20.0 255.255.255.0default router 10.10.20.1dns-server 8.8.8.8exitconfig tip dhcp pool 30network 10.10.30.0 255.255.255.0default router 10.10.30.1dns-server 8.8.8.8exit Normal DHCP ip dhcp excluded-address 192.168.2.0 192.168.2.10ip dhcp pool Saikat Infotechdefault-router 192.168.2.1dns-server 192.168.2.2network 192.168.2.0 255.255.255.0exit Dhcp Snooping enableconfigure terminalip dhcp snoopingip dhcp snooping vlan 1interface fa0/4ip dhcp snooping trust DM VPN ============================================================How To Configration DM-VPN Hub Phase - 1 - Branch Router ?============================================================-R1-Router-Hub-HQ-Office------------------------------------Step #1 interface tunnel 1Step #2 ip address 40.40.40.1 255.255.255.0 Step #3 tunnel source fa0/0Step #4 tunnel mode gre multipointStep #5 ip nhrp network id 123Step #6 ip nhrp map multicast dynamicStep #7 no ip split-horizon eigrp 10===========================================================How To Configration DM-VPN Hub Phase - 2 - Branch Router ?===========================================================-R1-Router-Hub-HQ-Office-----------------------------------Step #1 interface tunnel 1Step #2 ip address 40.40.40.1 255.255.255.0 Step #3 tunnel source fa0/0Step #4 tunnel mode gre multipointStep #5 ip nhrp network id 123Step #5 ip nhrp authentication saikatStep #5 ip nhrp holdtime 300Step #6 ip nhrp map multicast dynamicStep #7 no ip split-horizon eigrp 10Step #8 no ip next hop self eigrp 10 ==========================================================================How To Configration DM-VPN Spoke Phase - 1 - Branch Router ?==========================================================================-R2-Router-Spoke-2--------------------------------------------------------Step #1 interface tunnel 1Step #2 ip address 40.40.40.2 255.255.255.0Step #3 tunnel source fa0/0Step #4 tunnel destination 203.202.2.2 Step #5 ip nhrp network id 123Step #6 ip nhrp nhs 40.40.40.1 Step #7 Exit==========================================================================How To Configration DM-VPN Spoke Phase - 2 - Branch Router ?==========================================================================-R2-Router-Spoke-2--------------------------------------------------------Step #1 interface tunnel 1Step #2 ip address 40.40.40.2 255.255.255.0Step #3 tunnel source fa0/0Step #4 tunnel mode gre multipointStep #5 ip nhrp network id 123Step #6 ip nhrp authentication saikat Step #7 ip nhrp holdtime 300Step #6 ip nhrp map multicast 203.202.2.2 Step #7 ip nhrp nhs 40.40.40.1 Step #8 ip nhrp map 40.40.40.1 203.202.2.2 =======================================================================How To Configration DM-VPN Duel Hub Phase - 2 - Branch Router ?=======================================================================Step #01 Same Configration DM-VPN Hub ==================================================================================How To Configration DM-VPN Spoke Phase - 2 Duel Hub 2 Nhs Server - Branch Router ?==================================================================================-R1-Router-Spoke-1---------------Step #1 interface tunnel 1Step #2 ip address 40.40.40.2 255.255.255.0Step #3 tunnel source fa0/0Step #4 tunnel mode gre multipointStep #5 ip nhrp network id 123Step #6 ip nhrp map multicast 203.202.2.2 Step #7 ip nhrp map multicast 203.202.2.3 Step #8 ip nhrp nhs 40.40.40.1 Step #9 ip nhrp nhs 40.40.40.5 Step #10 ip nhrp map 40.40.40.1 203.202.2.2 Step #11 ip nhrp registration timeout 5 Step #12 ip nhrp holdtime 20 --Showing-----Commnd-------DM---VPN---------Step #1 show ip nhrp nhsStep #2 clear ip nhrpStep #2 show ip nhrpStep #3 show run int tunnel 0 GRE Over IPsec How To Configration GRE-VPN Tunnel R1-Router-HQ-BranchStep #1 interface tunnel 1Step #2 ip address 40.40.40.1 255.255.255.0Step #3 tunnel source fa0/0Step #4 tunnel destination 203.202.2.2 OptionalStep #5 int tunnel 0Step #6 ip mtu 1400Step #7 ip tcp adjust-mss 1360How To Configure GRE-VPN IP-Sec Policy ?R1-Router-HQ-OfficeStep #1 crypto isakmp policy 10Step #2 authentication pre-shareStep #3 encryption 3desStep #4 hash md5Step #5 group 2Step #6 exit Step #7 crypto isakmp key saikat address 203.202.100.100 Step #8 crypto ipsec transform-set saikat123 esp-sha-hmac esp-3desStep #9 mode transparentStep #10 exitStep #11 crypto ipsec profile CCNPStep #12 set transform-set saikat123R2-Router-Branch-OfficeStep #1 crypto isakmp policy 10Step #2 authentication pre-shareStep #3 encryption 3desStep #4 hash md5Step #5 group 2Step #6 exit Step #7 crypto isakmp key saikat address 203.202.100.100 Step #8 crypto ipsec transform-set saikat123 esp-sha-hmac esp-3desStep #9 mode transparentStep #10 exitStep #11 crypto ipsec profile CCNPStep #12 set transform-set saikat123IP-SEC Policy Apply GRE-VPN Tunnel Interface 1 ?Step #5 int tunnel 1Step #6 tunnel protection ipsec profile CCNP VRF LITE Red int fa0/0ip address 192.168.1.2 255.255.255.0no shutexitint loopback 0ip address 1.1.1.1 255.255.255.255show ip routerouter ospf 1network 0.0.0.0 255.255.255.255 area 0 Red2 int fa0/0ip address 192.168.2.2 255.255.255.0no shutexitint loopback 0ip address 2.2.2.2 255.255.255.255 show ip routerouter ospf 1network 0.0.0.0 255.255.255.255 area 0 Blue int fa0/0ip address 192.168.3.2 255.255.255.0no shutexitint loopback 0ip address 3.3.3.1 255.255.255.255show ip routerouter ospf 1network 0.0.0.0 255.255.255.255 area 0 Blue2 int fa0/0ip address 192.168.4.2 255.255.255.0no shutexitint loopback 0ip address 4.4.4.1 255.255.255.255show ip routerouter ospf 1network 0.0.0.0 255.255.255.255 area 0 ISP Router Config ip vrf REDexitip vrf BLUEexitshow ip vrfRed Customar Configinterface FastEthernet 0/0ip vrf forwarding REDip address 192.168.1.1 255.255.255.0no shutexitrouter ospf 1 vrf REDnetwork 192.168.1.0 0.0.0.255 area 0network 192.168.2.0 0.0.0.255 area 0interface FastEthernet 1/0ip vrf forwarding REDip address 192.168.2.1 255.255.255.0no shutexitshow ip vrf REDshow ip vrfBlue Customar Configinterface FastEthernet 2/0ip vrf forwarding BLUEip address 192.168.3.1 255.255.255.0no shutexitrouter ospf 1 vrf BLUEnetwork 192.168.3.0 0.0.0.255 area 0network 192.168.4.0 0.0.0.255 area 0interface FastEthernet 3/0ip vrf forwarding BLUEip address 192.168.4.1 255.255.255.0no shutexitshow ip vrf REDshow ip vrf

Commnd

What is MLAG

ACI Architecture

OLT

ESP32 Alexa Home Automation

IoT Dashboard

Server Dashboard

Computer Dashboard

Fiber FTTH Dashboard

Networking Dashboard