VL A NS -config trunk config-int# switchport mode trunk -if you get an error, do this first config-if# switchport trunk encapap dot1q - to setup vlan config# vlan 1 config-vlan# name sales add port to vlan config-if# switchport mode access config-if# switchport access vlan 1 -vlan database stored in VLAN.DAT sh commands sh vlan VTP config# vtp mode client config# vtp password sh commands sh interface trunk sh vtp status SP AN NING TREE P ROT OC OL -per vlan stp is on by default -set this router to root config# spanning-tree vlan 1 root primary -to turn on rapid stp config# spanning-tree mode rapid-pvst -turn on portfast config-if#spanning-tree portfast -turn on bpdu guard config-if#spanning-tree bpdu guard ROUTIN G -router on a stick = to route between vlans config# interface fastethernet 0/0.20 -set the encapsulation and the vlan config-sub-if# encapsulation dot1q 20 config-sub-if# ip address 192.168.1.20 ACL s -to create config# access-list 1 deny 192.168.5.100 0.0.0.255 -to remark config# access-list 2 remark PCHANGOUT.COM RULES -to apply the access-list config# int s0/0 config-if# ip access-group 1 in -access list for VTY ports config# line vty 0 4 config-line# access class 70 in -extended ACLs config# access-list 150 deny ip 192.168.10.50 0.0.0.0 192.168.10.1 0.0.0.0 OSPF -to enable: config# router ospf 1 -then enter the network to advertise followed by the area config-router# network 192.168.1.0 0.0.0.255 area 0 -to send the default route to others config-router# default-information originate -ospf router ID is the highest physical interface (largest IP). Loopback beats physical. Router ID beats all. Must reload ospf to take effect config# router ospf 1 config-router# router-id 3.3.3.3 #clear ip ospf process -show commands sh ip ospf 1 sh ip route sh ip protocol sh ip ospf neighbor debug ip ospf adj EIG RP -to enable: config# router eigrp 1 config-router# network 192.168.1.0 0.0.0.255 -show commands sh ip route sh ip eigrp 1 sh ip eigrp neighbor NAT -to enable - first label interfaces config# int e0/0 config-if# ip nat inside -then create lists config#ip access-list standard NAT_ADDRESSES config#deny 10.1.1.10 0.0.0.0 config#permit 10.1.1.1 0.0.0.255 -turn on NAT overload config#ip nat inside source list NAT_ADDRESSES interface e0/1 overload -you must have a permit statememt, or you will block everything -to create a pool (first address, then last address, followed by cider notation) config# ip nat pool PUBLIC_ADD 10.0.0.1 10.0.0.5 24 -to setup static mapping config# ip nat inside source static tcp 192.168.10.50 80 interface e0/1 80 sh commands sh ip nat translations PPP -default is encapsulation HDLC. you must change to PPP config# int s0/1/0 config-if# encapsulation ppp -to have passwords config# enable password cisco1 config# service password encryption
sh commands sh interfaces serial 0/0 FRAME REL AY multipoint = uses the same subnet everywhere, also doesn't use subinterfaces -to enable (on one router) config# int s0/1/0 config-if# ip address 192.168.1.1 255.255.255.0 config-if# encapsulation frame-relay lmi-type -to map a remote ip to a DLCI (broadcast is needed for routing protocol to work) config# frame relay map ip 192.168.1.2 DLCI 102 broadcast sh commands sh frame-relay map point to point = uses different subnets and subinterfaces config# int s0/1/0 config-if# encap frame relay config-if# exit config# int s0/1/0.102 point to point config-subif# ip address 192.168.1.1 255.255.255.0 config-subif# frame relay interface dlci 102 sh commands sh frame-relay pvc MISC -DTE cables can be used with CSU/DSUs and modems