You are on page 1of 11

Commandes 1 / 11

Router#
dir
WORD Directory or file name
flash: Directory or file name
nvram: Directory or file name
delete
WORD File to be deleted
flash: File to be deleted (fort ex: vlan.dat)
erase
startup-config Erase contents of configuration memory
reload
vlan database Configure VLAN database

Router#
show
interfaces Interface status and configuration
Ethernet, Fast, ... etc ... Ethernet IEEE 802.3, etc ...
switchport Show interface switchport information
trunk Show interface trunk information
Vlan Catalyst Vlans
<1-1005> Vlan interface number
port-security ?????
interface ... etc ...
running-config Current operating configuration
startup-config Contents of startup configuration
ip IP information
interface IP interface status and configuration
brief Brief summary of IP ...

Router/configure + terminal Enter config. mode + terminal l. param.


boot
system System image file
WORD TFTP filename or URL
flash Boot from flash memory
WORD System image filename
mac-address-table
static Configure a static 802.1d static address
H.H.H 48-bit hardware address
interface ... etc ... Configure output interfaces
vlan ... etc ... vlan number
interface
Vlan Catalyst Vlans
<1-1005> Vlan interface number

Router/configure interface .../...


ip Interface Int. Prot. config commands
address Set the IP address of an interface
A.B.C.D A.B.C.D IP address & IP subnet mask
dhcp IP Address negotiated via DHCP
duplex
auto / full / half Enable auto/full/half-duplex config ...
speed
10 / 100 / auto Force 10/100/auto Mbps operation
config-subif
encapsulation Set encapsulation type for an interface
dot1Q IEEE 802.1Q Virtual LAN
<1-1005> IEEE 802.1Q VLAN ID
native Make this as native vlan
ip Interface I... Protocol config commands
Commandes 2 / 11

Switch#
show
vtp VTP information
counters VTP statistics
password VTP password
status VTP domain status
spanning-tree Spanning tree topology
active Report on active interfaces only
vlan VLAN Switch Spanning Trees
WORD vlan range, example: 1,3-5,7,9-11

Switch/configure terminal Enter config. mode from the terminal


vlan Vlan commands
<1-1005> ISL VLAN IDs 1-1005
name Ascii name of the VLAN
no vlan Negate a vlan
vtp Configure global VTP state
domain Set the name of the VTP ... domain
WORD The ascii name for the VTP ... domain.
mode Configure VTP device mode
client Set the device to client mode.
server Set the device to server mode.
transparent Set the device to transparent mode.
password Set the password for the VTP ...
WORD The ... password for the VTP ... domain
version Set the adminstrative domain to VTP ...
<1-2> Set the ... VTP version number

Switch#
configure terminal Enter config. mode from the terminal
spanning-tree Spanning Tree Subsystem
mode Spanning tree operating mode
pvst Per-Vlan spanning tree mode
rapid-pvst Per-Vlan rapid spanning tree mode
portfast Spanning tree portfast options
default Enable portfast ... on all access ports
vlan VLAN Switch Spanning Tree
WORD vlan range, example: 1,3-5,7,9-11
priority Set the bridge priority ...
<0-61440> bridge priority in increments of 4096
root Configure switch as root
primary Configure this switch as primary root ...
secondary Configure switch as secondary root

Switch/configure terminal/interface ../... Select an interface to configure


spanning-tree Spanning Tree Subsystem
bpduguard Don't accept BPDUs on this interface
guard Change an interface's spt... tree guard ...
link-type Specify a link type ... spt... protocol use
point-to-point Consider the interface as point-to-point
shared Consider the interface as shared
portfast Enable ... directly ... on link up
disable Disable portfast for this interface
trunk Enable portfast ... even in trunk mode
vlan VLAN Switch Spanning Tree
WORD vlan range, example: 1,3-5,7,9-11
port-priority Change ... port priority
<0-240> port priority in increments of 16
Commandes 3 / 11

Switch/configure terminal/interface ../... Select an interface to configure


Vlan Catalyst Vlans
<1-1005> Vlan interface number
ip Interface Int. Prot. config commands
address ... etc ... Set the IP address/mask of an interface
dhcp IP Address negotiated via DHCP
switchport Set switching mode characteristics
mode Set trunking mode of the interface
access Set trunking mode to ACCESS ...
dynamic Set trunking mode to dynamically ...
trunk Set trunking mode to TRUNK ...
access Set access mode characteristics ...
vlan Set VLAN ...
<1-1005> VLAN ID ...
trunk Set trunking characteristics ...
allowed Set allowed VLAN characteristics ...
vlan Set allowed VLANs ...
WORD VLAN IDs
add ... etc ... add VLANs to the current list
all all VLANs
except.. etc ...all VLANs except the following
none no VLANs
remove etc... remove VLANs from the current list
native Set trunking native characteristics ...
vlan Set native VLAN ...
<1-1005> VLAN ID ...
port-security Security related command
mac-address Secure mac address
H.H.H 48 bit mac address
sticky Configure ... as sticky
maximum Max secure addresses
<1-132> Maximum addresses
violation Security violation mode
protect Security violation protect mode
restrict Security violation restrict mode
shutdown Security violation shutdown mode
<cr> ????????????
nonegotiate Device will not engage in negotiation ...
priority Set appliance 802.1p priority
voice Voice appliance attributes

Commandes inconnues ?????


Spanning-tree cost xx En mode config d'interface Attribution d'un coût spt
no spanning-tree cost (entre 1 et 200,000,000)
Attribution du coût spt par défaut
Spanning-tree vlan x root primary diamter y En mode config générale Config minuteurs de switch
(ne pas modifier les minuteurs mais le
diamètre)
clear spanning-tree detected-protocols En mode de confi d'interface Désactivation des protocoles STP
détectés
Commandes 4 / 11

Etapes:

1. Concevoir et documenter un diagramme d’adressage


2. Configurer et vérifier les configurations de base des périphériques (nom – sécurité accès privilégié , accès à
distance – services divers )
3. Configurer le protocole VTP (client – serveur – domaine – mot de passe)
4. Configurer l’agrégation et le vlan natif
5. Configurer des réseaux locaux virtuels avec vtp (client – serveur – domaine – mot de passe)
6. Affecter des réseaux locaux virtuels aux ports
7. Configurer le protocole STP ( priorités des bridge)
8. Configurer des PC hôtes (ip – msq - passerelle)
Commandes 5 / 11

Router(config)#router ?
eigrp Enhanced Interior Gateway Routing Protocol (EIGRP)
ospf Open Shortest Path First (OSPF)
rip Routing Information Protocol (RIP)

Router(config)#router rip
Router(config-router)
> auto-summary Enter Address Family command mode
> default-information Control distribution of default information
originate Distribute a default route
> distance Define an administrative distance
<1-255> Administrative distance
> exit Exit from routing protocol configuration
mode
> network Enable routing on an IP network
A.B.C.D Network number
> no Negate a command or set its defaults
> passive-interface Suppress routing updates on an interface
Ethernet ... IEEE 802.3
FastEthernet ... FastEthernet IEEE 802.3
GigabitEthernet ... GigabitEthernet IEEE 802.3z
Loopback .... Loopback interface
Serial .... Serial
Vlan .... Vlan interface
default ..... Suppress routing updates on all
interfaces
> redistribute Redistribute info from another routing
protocol
connected Connected
eigrp Enhanced Interior Gateway Routing Protocol
<1-65535> Autonomous system number
metric Metric for redistributed routes
<0-16> Default metric
transparent Transparently redistribute metric
ospf Open Shortest Path First (OSPF)
<1-65535> ... Process ID
match ... Redistribution of OSPF routes
external ... Redistribute OSPF external routes
internal ... Redistribute OSPF internal routes
nssa-external ... Redistribute OSPF NSSA external routes
metric ... Metric for redistributed routes
rip Routing Information Protocol (RIP)
metric Metric for redistributed routes
<0-16> Default metric
transparent Transparently redistribute metric
static Static routes
metric Metric for redistributed routes
<0-16> Default metric
transparent Transparently redistribute metric
> timers Adjust routing timers
basic Basic routing protocol update timers
<0-4294967295> Interval between updates
<1-4294967295> Invalid
<0-4294967295> Holddown
<1-4294967295> Flush
> version Set routing protocol version
<1-2> version
Commandes 6 / 11

Router(config)#router ospf ?
<1-65535> Process ID
Router(config-router) ?
> area ... OSPF area parameters
> default-information Control distribution of default information
originate Distribute a default route
> distance Define an administrative distance
<1-255> Administrative distance
> exit Exit from routing protocol configuration mode
> log-adjacency-changes Log changes in adjacency state
detail Log all state changes
> network Enable routing on an IP network
A.B.C.D Network number
A.B.C.D OSPF wild card bits
area Set the OSPF area ID
<0-4294967295> OSPF area ID as a decimal value
A.B.C.D OSPF area ID in IP address format
> no Negate a command or set its defaults
> passive-interface Suppress routing updates on an interface
Ethernet IEEE 802.3
FastEthernet .... FastEthternet IEEE 802.3
GigabitEthernet ... GigabitEthernet IEEE 802.3
Loopback ... Loopback interface
Serial ... Serial
Vlan ... Vlan interface
default .... Suppress routing updates on all
interfaces
> redistribute Redistribute info from another routing
protocol
connected Connected
eigrp ... Enhanced Interior Gateway Routing Protocol
metric ... Metric for redistributed routes
ospf ... Open Shortest Path First (OSPF)
rip .... Routing Information Protocol (RIP)
static ... Static routes
> router-id router-id for this OSPF process
A.B.C.D OSPF router-id in IP address format
Commandes 7 / 11

Router(config)#router eigrp ?
<1-65535> Autonomous system number
Router(config-router) ?
> auto-summary Enable auto. network number
summarization
> distance Define an administrative distance
eigrp IP-EIGRP distance
<1-255> Distance for internal routes
<1-255> Distance for external routes
> exit Exit from routing protocol configuration mode
> metric Modify IGRP routing metrics and parameters
weights Modify IGRP coefficients
<0-8> Type Of Service (Only TOS 0
supported)
<0-256> K1 ... K2 .... K3 .... K4 .... K5
> network Enable routing on an IP network
A.B.C.D Network number
A.B.C.D EIGRP wild card bits
> no Negate a command or set its defaults
> passive-interface Suppress routing updates on an
interface
Ethernet IEEE 802.3
FastEthernet .... FastEthternet IEEE 802.3
GigabitEthernet ... GigabitEthernet IEEE 802.3
Loopback ... Loopback interface
Serial ... Serial
Vlan ... Vlan interface
default .... Suppress routing updates on all
interfaces
> redistribute Redistribute info from another routing
protocol
connected Connected
eigrp ... Enhanced Interior Gateway Routing Protocol
metric ... Metric for redistributed routes
ospf ... Open Shortest Path First (OSPF)
rip .... Routing Information Protocol (RIP)
static ... Static routes
> variance Control load balancing variance
<1-128> Metric variance Multiplier
Commandes 8 / 11

Encapsulation

Router(config)#
username
xxxx User name
password etc... Specify the password for the user
(sub)interface serial xx/xx(.yyy)
multipoint Treat as a multipoint link
point-to-point Treat as a point-to-point link
bandwidth Set bandwidth informational
parameter

Router(config-if)#
encapsulation
hdlc Serial HDLC synchronous

ppp Point-to-Point protocol


authentication Set PPP link authentication
method
(1) chap Challenge Handshake Authentication
Protocol
(2) chap pap CHAP + Password Authentication
Protocol
(3) pap Password Authentication Protocol
(4) pap chap PAP + Challenge Handshake
Authentication Pro.
pap (3 et 4 bis) Set PAP authentication
parameters
sent-username Set outbound PAP username
Routerx Outbound PAP username
password etc... Set outbound PAP password

frame-relay Frame Relay networks


ietf Use RFC1490/RFC2427 encapsulation
frame-relay
interface-dlci Define a DLCI on an
interface/subinterface
<16-1007> Define a switched or locally terminated
DLCI
lmi-type Use CISCO-ANSI-CCITT type LMI
ansi
cisco
q933a
map Map a protocol address to a DLCI
address
ip xxx.xxx. ….. Protocol specific address
<16-1007> DLCI
broadcast Broadcasts should be forwarded to this
address
cisco Use CISCO Encapsulation
ietf Use RFC1490/RFC2427
Encapsulation

Router(config-if)#
Commandes 9 / 11

ppp quality percentage (optional) specifies the link quality …


(range 1 to 100)
-------------------------------------------------------------------------------------------------------------------------------------
----------
Router(config-if)#
compress
predictor (optional) using predictor compression algorithm
stac (optional) using Stacker (LZS) compression
algorithm

SHOW

Router#
show
interfaces … for all interfaces
interfaces serial … about a serial interface
frame-relay
lmi show frame relay lmi statistics
map Frame-Relay map table
pvc show frame relay pvc statistics
<16-1022> DLCI
interface show frame relay information on one
interface
Serial xx/xx Serial
<16-1022> DLCI
access-lists List access lists
<1-199> ACL number
WORD ACL name

DEBUG - UNDEBUG

debug
ppp debugs ppp
packet
negotiation
error
authentication
compression
cbcp
frame-relay Frame Relay
lmi LMI packet exchanges with service
provider
undebug all turns off all debugging displays

clear
frame-relay Clear Frame Relay information
inarp Clear inverse ARP entries from
the map table

SECURITY

Router(config)
service Modify use of network based services
password-encryption Encrypt system passwords
enable Modify enable password parameters
password Assign the privileged level password
secret … etc … Assign the privileged level
secret
Commandes 10 / 11

Router(config-line)#
no password
transport or no transport Define transport protocols for line
input or output Define which … to use when ...
all All protocols
none No protocols
ssh TCP/IP SSH protocol
telnet TCP/IP Telnet protocol

exec-timeout Set the EXEC timeout


<0-35791> Timeout in minutes
<0-2147483> Timeout in seconds

ACCESS LIST

Router(config)#
username
xxxx User name
password etc... Specify the password for the user

Router(config)#
access-list ou no access-list Add (or delete) an access list entry
<1-99> IP standard access list
<100-199> IP extended access list
permit Specify packets to forward
deny Specify packets to reject
ip Any Internet Protocol (icmp / tcp / udp)
tcp Transmission Control Protocol
eigrp Cisco's EIGRP routing protocol
ospf OSPF routing protocol
host A single source host
xxx... yyy ... Source address & Wildcard bits
any Any source host
host A single destination host
xxx... yyy ... Destination address & Wildcard bits
any Any destination host
eq Match only packets on a given port number
gt Match only packets with a greater port number
lt Match only packets with a lower port number
neq Match only packets not on a given port number
range Match only packets in the range of port numbers
<0-65535> Port number
ftp File Transfer Protocol (21)
pop3 Post Office Protocol v3 (110)
smtp Simple Mail Transport Protocol (25)
telnet Telnet (23)
www World Wide Web (HTTP, 80)
remark Access list entry comment
R2(config)#
ip
access-list Named access-list
standard or extended Standard or Extended Access List
<1-99> Standard IP access-list number
WORD Access-list name
Commandes 11 / 11

Router(config-if)#
ip
access-group Specify access control for packets
<1-199> IP access list (standard or extended)
WORD Access-list name
in inbound packets
out outbound packets

Router(config-line)#
access-class Filter connections based on an IP access list
<1-199> IP access list
WORD Access-list name
in Filter incoming connections
out Filter outgoing connections

logging Modify message logging facilities


console Set console logging parameters