Basic Configurations of Routers and Switchs

Info Tech Vibe June 14, 2025

 

Basic Configurations of Routers and Switchs
Basic Configurations of Routers and Switchs

Basic Configurations of Router and Switch

 

no ip domain lookup

hostname R1

enable password cisco

service password-encryption

=========================

Set Banner in Router and Switch

=========================

enable

Configure terminal

banner motd #unauthorized access to this device is prohibited#

exit

=========================

Set console Password

=========================

line console 0

password ----

login

==========================

Enable Telnet Session

==========================

line vty 0 15

password cisco

login

exit

============================

Set Router Interfaces

============================

Serial Interface

interface se0/0/0

description "Uplink to R2""

ip address 1.1.1.1 255.0.0.0

 

encapsulation hdlc

clock rate 64000

no shut

exit

-----------------

Giga/Fastethernet

-----------------

interface gi0/0

ip address 10.0.0.1 255.0.0.0

no shut

===============================

Set Static Routing

===============================

R1

             Far end Net     Subnet Mask         Last Hope           

ip route      2.0.0.0        255.0.0.0         1.1.1.2

ip route      20.0.0.0       255.0.0.0        1.1.1.2

ip route      30.0.0.0       255.0.0.0        1.1.1.2

 

R2

ip route     10.0.0.0        255.0.0.0           1.1.1.1

ip route     30.0.0.0        255.0.0.0           2.1.1.2

 

R3

ip route     10.0.0.0        255.0.0.0           2.1.1.1

ip route     20.0.0.0        255.0.0.0           2.1.1.1

ip route     1.0.0.0         255.0.0.0           2.1.1.1

===================================

Set Default Routing

===================================

R1

            Any Network        Any Subnet Mask       Last Hope            

ip route    0.0.0.0           0.0.0.0               1.1.1.2

 

R2

ip route    0.0.0.0           0.0.0.0               1.1.1.1

ip route    30.0.0.0          0.0.0.0               2.1.1.2


R3

ip route    0.0.0.0          0.0.0.0                2.1.1.1

=================================

Set DHCP Server

=================================

ip dhcp pool technetwork

network 10.0.0.0 255.0.0.0

default-router 10.0.0.1

dns-server 8.8.8.8

=================================

RIP V1

=================================

R1

router rip

network 1.0.0.0 (Own Network)

network 10.0.0.0 (Own Network)

 

R2

router rip

network 2.0.0.0 (Own Network)

network 1.0.0.0 (Own Network)

network 20.0.0.0 (Own Network)

 

R3

router rip

network 2.0.0.0 (Own Network)

network 30.0.0.0 (Own Network)

---------------------------------

To see Background packet exchange

---------------------------------

Router#debug ip packet

to stop debuginig

u all

==================================

RIP V2

==================================

R1

#router rip

version 2

network 1.0.0.0 (Own Network)

network 10.0.0.0 (Own Network)

 

R2

#router rip

version 2

network 2.0.0.0 (Own Network)

network 1.0.0.0 (Own Network)

network 20.0.0.0 (Own Network)

 

R3

#router rip

version 2

network 2.0.0.0 (Own Network)

network 30.0.0.0 (Own Network)

==================================

OSPF 

condition Area# Same

==================================

R1

#router ospf 1

                Own Network       Wlidcard Mask          Area

network           1.0.0.0             0.255.255.255                        area 0

network           10.0.0.0            0.255.255.255                        area 0

 

R2

#router ospf 1

network        1.0.0.0           0.255.255.255           area 0

network        2.0.0.0           0.255.255.255           area 0

network        20.0.0.0          0.255.255.255           area 0

 

R3

#router ospf 1

network         2.0.0.0          0.255.255.255           area 0

network         30.0.0.0         0.255.255.255           area 0

 

Commands for OSPF

--------------------

#show ip ospf neighbor

show ip ospf database

show ip ospf route

 

==================================

EIGRP  (condition  AS# same)

==================================

R1

#router eigrp 1

network 1.0.0.0 (Own Network)

network 10.0.0.0 (Own Network)

 

R2

#ROUTER EIGRP 1

network 1.0.0.0 (Own Network)

network 2.0.0.0 (Own Network)

network 20.0.0.0 (Own Network)

 

R3

router eigrp 1

network 2.0.0.0 (Own Network)

network 30.0.0.0 (Own Network)

 

===================================

Password Reset of Router

===================================

*reboot the Router then

----------------------------------

clt+alt+break

rommon 1>confreg 0x2142

rommon 2>reset

 

router will boot again

 

configuration dialouge   no

 

router#copy starup-config running-config

router(config)#confreg-register 0x2102

 

Set the enabel password

=========================================

ACL

Standard ACL to block 10.0.0.2 host

=========================================

R3

#access-list 1 deny host 10.0.0.2

access-list 1 permit any

exit

 

interface gi0/0

ip access-group 1 out

==============================================

ACL

Extended

To block a single host (10.0.0.2  to 30.0.0.2)

==============================================

R1

#Access-list 100 deny ip host 10.0.0.2 host 30.0.0.2

Access-list 100 permit ip any host 30.0.0.2

Access-list 100 ip any any

exit

 

interface se0/0/0

ip access-group 100 out

========================================================

ACL

TO block WEB ACCESS on a single host (10.0.0.2 to 30.0.0.2)

========================================================

R1

#Access-list 101 deny tcp host 10.0.0.2 host 30.0.0.2 eq 80

Access-list 101 permit tcp any host 30.0.0.2 eq 80

access-list 101 permit ip any any

 

#interface se0/0/0

ip access-group 101 out

================

Set Named ACL

================

#Ip access-list extended/Standed XYZ

permit ip host 10.0.0.2(Source Ip) host 30.0.0.2(Destination Ip)

deny ip any host 30.0.0.2

permit ip any any

 

*apply on interface

=======================

Set ACL to block web access

=======================

#ip access-list extended XYZ

#permit tcp host 10.0.0.2 host 30.0.0.2 eq 80

#deny tcp any host 30.0.0.2 eq 80

#permit ip any any

 

*apply on interface

==========================================================

NAT (Network Address )

==========================================================

Creation

1-Static (one to one)

IP nat inside source static 192.168.0.77 (Private Ip) 2.1.1.2 (Public IP)

2-Dynamic (Many to Many)

 2.1-create a acl for your privte Ip

            #Access-list 1 permit 192.168.0.0 0.255.255.255

    2.2-Create a Pool of Public Ip

            #Ip nat Pool ABC 1.0.0.0 1.0.0.255 netmask 255.255.255.0

    *Now relate the ACL with POOL

        #ip Nat inside source list-3 pool ABC

 

3-PAT  (one to All)

            3.1-Create a ACL of Private Network

           #Access-list 1 permit 192.168.0.0 0.255.255.255

        3.2-ACL and Public Ip

          #ip nat inside source list 3 1.0.0.0 overload


#interface se0/0/0

ip nat outside

 

#interface gi0/0

ip nat inside

=========================================================

Switching

=========================================================

STP (Loop aviodance)

--------------------------------------------------------

#spanning-tree vlan 1 priority 4096

 

to reduce the time of STP process

#spanning-tree mode rapid-pvst

=======================================================

Vlan configuration

=======================================================

**vlan creation**


#Vlan 10

name HR

 

#vlan 20

name Accounts

 

#vlan 21

name NOC

 

#vlan 22

name Wireless

 

**Port assiging/membership**

--------------------------

*via single interface*

---------------------

#interface fa0/1

switchport mode access

switchport access vlan 10

 

**via range**        

-----------

#interface range fa0/1 - 10

swtichport mode access

switchport access vlan 10

 

#interface range fa0/11 - 15

switchport mode access

switchport access vlan 20

-----------------------

Trunk           

-----------------------

#interface fa0/24

switchport mode trunk

switchport trunk allowed vlan all

-------------------------

inter vlan communication     

-------------------------

on Router

 

*for vlan 10*

interface gi0/0

no shut

 

#interface gi0/0.1

encapsulation dot1Q 10

ip address 10.0.0.100 255.0.0.0

 

*for vlan 20*

 

#interface gi0/0.2

encapsulation dot1Q 20

 

*for vlan 30*

 

#interface gi0/0.3

encapsulation dot1Q 30

ip address 30.0.0.100 255.0.0.0

================================

how to make a Switch Telnet Able

================================

#line vty 0 4

password ---

login

 

assign IP address

 

#interface vlan --

ip address 192.168.X.X 255.255.x.x

no shut

====================================

Port-Security (MAC based)    

====================================

*to resitrict the Access of un-authroized user 

 

#switchport port-security

switchport port-security maximum --

switchport port-security mac-address sticky

switchport port-security violation (shutdwon,restrict,prevent)

======================================

HSRP       

========================================

R1

standby 1 ip (VIP)

standby 1 proiorty 105  (down by 10,default 100)

standby 1 preemt

standby 1 tack gi0/0 (ISP interface)

 

R1

standby 1 ip (VIP)

standby 1 proiorty 100  (down by 10,default 100)

standby 1 tack gi0/0 (ISP interface)

=========================================

active—Places  sending LACP packets.

passive—Places responds to LACP packets

on—Forces: On vs ON  only nothing else.

Tags:CCNA,Network Basics