Scribd Logo
Carica

Benvenuto in Scribd!

  • Comandos-Ccna1 1

    Caricato da

    Lukas
    17 visualizzazioni6 pagine
    comandos ccna

    Titolo originale

    comandos-ccna1.1

    Copyright

    © © All Rights Reserved

    Formati disponibili

    DOCX, PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    comandos ccna

    Copyright:

    © All Rights Reserved
    Scarica in formato DOCX, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    17 visualizzazioni6 pagine

    Comandos-Ccna1 1

    Caricato da

    Lukas
    comandos ccna

    Copyright:

    © All Rights Reserved
    Scarica in formato DOCX, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 6

    crear vlan

    vlan X
    name X

    puerto acceso (int hacia host)

    int X
    switchport mode access
    switchport access vlan x

    Troncales (en switch)

    int x
    switchport mode trunk
    switchport trunk native vlan 99
    switchport trunk allowed vlan 2,4,5,10,15,99
    switchport nonegotiate

    conf. int router (enrutar vlan)

    int g0/0.x x=n° de la vlan


    encapsulation dot1q x
    ip ad
    exit
    int g0/0
    no sh

    OSPF (router) wildcard: resta de mascara X: numero del area

    Router ospf 1
    Network (ip red) (wildcard) area x

    Seguridad de puerto

    int x
    switchport mode access
    switchport port-security
    switchport port-security mac-address sticky
    switchport port-security maximum 1
    switchport port-security violation shutdown
    DHCP en router

    Ip dhcp excluded-address 192.168.0.1 192.168.0.6 (rango a excluir)


    Ip dhcp pool LANX
    (dhcp-config) Network 192.168.0.0 255.255.255.0 (usar ip de red de la lan a configurar)
    (dhcp-config) default-rouer 192.168.0.1 (gateway de la red)
    (dhcp-config) Dns-server 20.0.0..2
    Show ip dhcp

    Para DELAY:

    Int f0/1.5
    Ip helper-address 30.0.0.2

    RIPV2

    router rip
    version 2
    network x.x.x.x ip de red
    no auto-sumary
    exit

    SSH

    R1(config)#enable secret contraseña


    R1(config)#ip domain-name duoc.cl
    R1 (config)#crypto key generate rsa

    How many bits in the modulus [512]: 1024

    R1(config)#line vty 0 4
    R1(config-line)#transport input ssh
    R1 (config-line)#login local
    R1(config)#username usuario secret pass
    R1(config)#ip ssh authentication-retries 2
    R1(config)#ip ssh time-out 120
    R1(config)#ip ssh version 2
    R1(config)#security passwords min-length 8
    OSPF 3 IPV6

    Router(config)# ipv6 unicast-routing


    Router(config)# ipv6 router ospf 1
    Router(config-rtr)# router-id 1.1.1.1
    Router(config-rtr)# exit

    Router(config)# interface FastEthernet 1/0


    Router(config-router)#ipv6 address 2001:db8:1::1/64
    Router(config-router)#ipv6 ospf 1 area 0
    Router(config-router)#no shutdown
    Router(config-router)#exit

    Configuración enrutamiento estático

    R1(config)#ip route 192.168.0.0 255.255.255.0 S0/0/0 [ó Ip next hope]

    R1(config)#ipv6 route 2001:db8:acad:a::/64 s0/0/0 [ó Ip next hope]

    Configuración enrutamiento estático por defecto

    R1(config)#ip route 0.0.0.0 0.0.0.0 S0/0/0 [ó Ip next hope]

    R1(config)#ipv6 route ::/0 S0/0/0 [ó Ip next hope

    Configuración enrutamiento dinámico RIPv2

    R1(config)#router rip
    R1(config)#version 2
    R1(config)#no auto-summary
    R1(config)#network 192.168.0.0
    R1(config)#network 10.0.0.0
    R1(config)#exit

    R1(config)#router rip
    R1(config)#passive-interface G0/0
    R1(config)#exit

    R1(config)#router rip
    R1(config)#default-information originate
    R1(config)#exit
    Configuración enrutamiento dinámico RIPng

    R1(config)#interface g0/0
    R1(config)#ipv6 rip FDN enable
    R1(config)#exit
    R1(config)#interface S0/0/0
    R1(config)#ipv6 rip FDN enable
    R1(config)#exit

    R1(config)#ipv6 router rip FDN


    R1(config-rtr)#redistribute static

    Conexiones telnet:
    R(config)#access-list 5 permit host 170.190.64.10
    R(config)#line vty 0 4
    R(config)#password ‘x’
    R(config)#acces-class 5 in

    Estándar numerada:
    R(config)#access-list 3 deny 192.168.10.0 0.0.0.255
    R(config)#access-list 3 permit host 192.168.10.10
    R(config)#access-list 3 permit any
    R(config)# int s0/0/0
    R(config-ip)#ip access-group 1 out

    Estandar nombrada

    R(config)#ip access-list standard xxxx


    R(config)#ip access-list standard deny 192.168.10.0 0.0.0.255
    R(config)# int s0/0/0
    R(config-ip)#ip access-group xxxx out
    ACL Extendido (SI LA WILDCARD ES DE UN HOST SON SOLO CEROS 0.0.0.0)
    Numerada:

    R(config)#access-list 101 permit (o deny) ip (tcp, udp o icmp) ip de origen wildcar ip destino
    wildcard eq n°puerto

    R(config)#ip access-list extended nombre


    R(config)#permit ip dir ip origen wildcard dir ip destino wildcard eq n° de puerto

    Permitir ping
    Access-list 120 permit (o deny) icmp 10.10.0.0 0.0.0.255 any
    R(Config)#int g0/0
    R(config)#ip access-group 120 in

    NAT estático

    R2(config)#ip nat inside source static 192.168.20.254 209.165.200.254 (privada y publica)

    R2(config)#interface serial 0/0/1


    R2(config-if)#ip nat outside
    R2(config-if)#interface fa0/0
    R2(config-if)#ip nat inside

    NAT dinámico

    ip nat pool MY-NAT-POOL 209.165.200.241 209.165.200.246 netmask 255.255.255.248

    R2(config)#ip access-list extended NAT


    R2(config-ext-nacl)#permit ip 192.168.10.0 0.0.0.255 any
    R2(config-ext-nacl)#permit ip 192.168.11.0 0.0.0.255 any

    R2(config)#ip nat inside source list NAT pool MY-NAT-POOL


    sobrecarga de NAT (PAT)

    R2(config)#ip access-list extended NAT


    R2(config-ext-nacl)#permit ip 192.168.10.0 0.0.0.255 any

    R2(config)#ip nat inside source list NAT interface S0/0/1 overload

    ip nat pool MY-NAT-POOL 209.165.200.241 209.165.200.246 netmask 255.255.255.248


    R2(config)#ip access-list extended NAT
    R2(config-ext-nacl)#permit ip 192.168.10.0 0.0.0.255 any
    R2(config)#ip nat inside source list NAT pool MY-NAT-POOL overload

    Potrebbero piacerti anche