Comandos Routers ¡ CISCO !
BASIC DEVICE COMMANDS
Show Running Configuration File
>show running-config
Show Startup Configuration File (NVRAM)
>show startup-config
Show Flash Memory Information
>show flash
Show Command History
>show history
Copy Changes from Running Config to the Startup Config
#copy running-config startup-config
Show Version (Platform Type / OS Revision / Last Boot / Memory / Interfaces /Conf Register)
>show version
Show Devices Clock (Time/Date)
>show clock
Show Users Connected to Device
>show users
Set password exec & non-exec (console / aux / telnet)
>enable
#configure terminal
#enable password EnablePass1
#line console 0
#login
#password ConsolePass1
#exit
#line aux 0
#login
#password AuxPass1
#exit
#line vty 0 4
#login
#password TelnetPass1
#exit
Set Secret Password (recommended method)
>enable
#configure terminal
#enable secret EnableSecret1
#exit
Set a Warning Banner For Login Prompt
>enable
#configure terminal
#banner motd &
#banner line1
#banner line2 &
#exit
Set hostname
>enable
#configure terminal
#hostname router1
#prompt router01
#exit
Save Running Config to Startup Config
#copy running-configuration startup-configuration
Save Running Config to a Remote TFTP Server
#copy running-configuration tftp
<enter IP>
<enter filename>
Save Config From Remote TFTP Server to the Running Config
#copy tftp running-configuration
<enter IP>
<enter filename>
Erase NVRAM
#erase nvram
Show Summary of All Interfaces (IP & Status)
>show ip interface brief
Show Detailed Interface Information (All Interfaces)
>show interfaces
Show Detailed Interface Information (Single Interface)
>show interfaces serial 0
Show Detailed Interface Protocol Information (Single Interface)
>show ip interface serial 0
Show Status of Interface Layer 3 Protocols
>show protocols
Show Information About IP Routing Protocols
>show ip protocols
Show IP Routes (Interfaces that are routing)
>show ip route
Show Cached Hosts List
>show hosts
Set description for an interface
>enable
#configure terminal
#interface serial 0
#description this is the serial0 link to router2
#exit
Configure an IP for an interface
#configure terminal
#interface Ethernet 0
#ip address 10.1.1.251 255.255.255.0
#exit
Enable an Interface
#configure terminal
#interface Ethernet 0
#no shutdown
#exit
Disable an Interface (Administratively Down)
#configure terminal
#interface Serial 1
#shutdown
#exit
Set Serial Interface Clock Rate (DCE Cable – Data Circuit-Terminating Equipment)
R1#configure terminal
R1#interface serial 0
R1#clock rate 56000
R1#no shut
R2#configure terminal
R2#interface serial 0
R2#no shut
Set Serial Interface Bandwidth and Clock Rate
#configure terminal
#interface serial 0
#bandwidth 64
#clock rate 64000
#exit
Create a Loopback Interface and Set the IP Address and Mask
R1#configure terminal
R1#interface loopback 0
R1#ip address 10.1.100.1 255.255.255.0
R1#no shut
Show CDP General Information
>show cdp
Show CDP Interface Information
>show cdp interface
Show CDP Neighbors
>show cdp neighbors
Show CDP Neighbors Detail
>show cdp neighbors detail
Show Specific CDP Entry Details
>show cdp entry R4
Set / Adjust the Time between CDP Updates
#configure terminal
(config)#cdp timer 45
Set / Adjust the CDP Information Hold Time
#configure terminal
(config)#cdp holdtime 60
Disable CDP on the Entire Router
#configure terminal
(config)#no cdp run
Enable CDP on the Entire Router
#configure terminal
(config)#cdp run
Disable CDP on an Interface
#configure terminal
(config)#interface Ethernet 0
(config-if)#no cdp run
Enable CDP on an Interface
#configure terminal
(config)#interface Ethernet 0
(config-if)#cdp run
Show ARP Table
>show arp
Clear ARP Table
#clear arp
Telnet to another Device
>telnet 10.1.1.2
password: ****
Show Sessions
>show sessions
Disconnect from a session
>disconnect 1
Setup to Allow Telnet Logins
#conf term
(config)#line vty 0 4
(config-line)#login
(config-line)#password Pass1
Add an Entry to the Hosts Table
#conf term
(config)#ip host California 192.168.10.1
Show IP Routes (S = Static)
>show ip route
Add a Static Route
#conf term
#ip route 10.1.1.0 255.255.255.0 192.168.10.1
Remove a Static Route
#conf term
#no ip route 10.1.1.0 255.255.255.0 192.168.10.1
Show IP Routes (S = Static * = Default Candidate)
>show ip route
Add a Default Route
#conf term
#ip route 0.0.0.0 0.0.0.0 192.168.10.1
Remove a Default Route
#conf term
#no ip route 0.0.0.0 0.0.0.0 192.168.10.1
Uses UDP port 520
Show IP Routes (R = RIP)
>show ip route
Show Information About IP Routing Protocols
>show ip protocols
Enable RIP
#conf term
#router rip
Disable RIP
#conf term
#no router rip
Add a Network for RIP Advertisements/Receives (Delay <30secs)
#conf term
#router rip
#network 10.0.0.0
Remove a Network from RIP Advertisements/Receives
#conf term
#router rip
#no network 10.0.0.0
Turn on RIP Debugging
#debug ip rip
Turn off RIP Debugging
#no debug ip rip
Clear and Re-Create IP Routing Table
#clear ip route *
Show IP Routes (I = IGRP)
>show ip route
Show Information About IP Routing Protocols
>show ip protocols
Enable IGRP
#conf term
#router igrp 100
Add Networks Directly Connected to Router for IGRP Routing
#conf term
#router igrp 100
#network 10.0.0.0
Remove Networks Directly Connected to Router for IGRP Routing
#conf term
#router igrp 100
#no network 10.0.0.0
Show IP Routes (D = EIGRP)
>show ip route
Show Information About IP Routing Protocols
>show ip protocols
Show EIGRP Neighbours
>show ip eigrp neighbours
Show EIGRP Traffic, Shows EIGRP Packet Types Sent and Recieved
>show ip eigrp traffic
Enable EGRP 100
#conf term
#router eigrp 100
Add Networks Directly Connected to Router for EIGRP Routing
#conf term
#router eigrp 100
#network 10.0.0.0
Remove Networks Directly Connected to Router for EIGRP Routing
#conf term
#router eigrp 100
#no network 10.0.0.0
Show Routing Table (O = OSPF)
>show ip route
Show Routing Protocol Information
>show ip protocols
Show the OSPF Database
>show ip ospf database
Show OSPF Neighbours
>show ip ospf neighbour
Show Interfaces Running OSPF – Detailed Information
>show ip ospf interface
Configure OSPF Routing and Set the Process Number
R1#conf term
R1(config)#router ospf 100
R2#conf term
R2(config)#router ospf 100
R3#conf term
R3(config)#router ospf 100
Configure Networks that the Router is Connected to
R1#conf term
R1(config)#router ospf 100
R1(config-router)#network 10.1.20.0 0.0.0.255 area 0
R1(config-router)#network 192.16.1.0 0.0.255.255 area 0
R2#conf term
R2(config)#router ospf 100
R2(config-router)#network 10.1.20.0 0.0.0.255 area 0
R3#conf term
R3(config)#router ospf 100
R3(config-router)#network 192.16.1.0 0.0.255.255 area 0
With CHAP Authentication (Challenge-Handshake Authentication Protocol)
R1
Set the Enable Secret on R1
R1#conf term
R1#enable secret secretPassR1
Create a User on R1 with Same Password as R2’s Enable Secret
R1#username R2 password secretPassR2
Set an IP and Enable the Serial Interface on R1
R1#interface serial 0
R1#ip address 10.1.0.1 255.255.255.0
R1#no shutdown
Set Encapsulation for the Serial Interface to PPP on R1
R1#encapsulation ppp
Set PPP Authentication to CHAP for the Serial Interface on R1
R1#ppp authentication chap
R2
Set the Enable Secret on R2
R2#conf term
R2#enable secret secretPassR2
Create a User on R2 with Same Password as R1’s Enable Secret
R1#username R1 password secretPassR1
Set an IP and Enable the Serial Interface on R2
R2#interface serial 0
R2#ip address 10.1.0.2 255.255.255.0
R2#no shutdown
Set Encapsulation for the Serial Interface to PPP on R2
R2#encapsulation ppp
Set PPP Authentication to CHAP for the Serial Interface on R2
R2#ppp authentication chap
Show Serial Interface Details including Encapsulation Type
>show interfaces serial 0
Without CHAP Authentication
R1
Set an IP and Enable the Serial Interface on R1
R1#conf term
R1#interface serial 0
R1#ip address 10.1.0.1 255.255.255.0
R1#no shutdown
Set Encapsulation for the Serial Interface to PPP on R1
R1#encapsulation ppp
R2
Set an IP and Enable the Serial Interface on R2
R2#conf term
R2#interface serial 0
R2#ip address 10.1.0.2 255.255.255.0
R2#no shutdown
Set Encapsulation for the Serial Interface to PPP on R2
R2#encapsulation ppp
Show Serial Interface Details including Encapsulation Type
>show interfaces serial 0
Show ISDN Status (Check Layer1 = Active, Layer2 = Multi-Frame Established)
>show isdn status
Show ISDN Interface Information
>show interface bri 0
Specify the ISDN Switch Type
#conf term
#isdn switch-type basic-ni
Set the SPID for the Interface
#interface bri 0
#isdn spid1 32177820010100
Set the Dialler String on the Interface to Establish Layer 3
#interface bri 0
#dialer string 7782002
Setup a Dialer-list to Permit All IP Traffic
#dialer-list 1 protocol ip permit
Show ISDN Status (Check Layer1 = Active, Layer2 = Multi-Frame Established)
>show isdn status
Configure ISDN BRI-BRI using Legacy DDR
R1(config)#isdn switch-type basic-ni
R1(config)#dialer-list 1 protocol ip permit
R1(config)#username R2 password cisco
R1(config)#interface bri0
R1(config-if)#encapsulation ppp
R1(config-if)#ip address 200.10.1.1 255.255.255.0
R1(config-if)#isdn spid1 32177820010100
R1(config-if)#dialer-group 1
R1(config-if)#dialer map ip 200.10.1.2 name R2 broadcast 7782001
R1(config-if)#ppp authentication chap
R1(config-if)#no shut
R2(config)#isdn switch-type basic-ni
R2(config)#dialer-list 1 protocol ip permit
R2(config)#username R1 password cisco
R2(config)#interface bri0
R2(config-if)#encapsulation ppp
R2(config-if)#ip address 200.10.1.1 255.255.255.0
R2(config-if)#isdn spid1 32177820020100
R2(config-if)#dialer-group 1
R2(config-if)#dialer map ip 200.10.1.1 name R1 broadcast 7782002
R2(config-if)#ppp authentication chap
R2(config-if)#no shut
Show ISDN Status (Check Layer1 = Active, Layer2 = Multi-Frame Established)
>show isdn status
Configure ISDN BRI-BRI using Dialer Profiles
R1(config)#isdn switch-type basic-ni
R1(config)#dialer-list 1 protocol ip permit
R1(config)#username R2 password cisco
R1(config)#int bri0
R1(config-if)#encap ppp
R1(config-if)#ppp authentication chap
R1(config-if)#isdn spid1 32177820010100
R1(config-if)#dialer pool-member 1
R1(config-if)#no shut
R1(config-if)#int dialer 1
R1(config-if)#no shut
R1(config-if)#ip address 200.10.1.1 255.255.255.0
R1(config-if)#encap ppp
R1(config-if)#dialer-group 1
R1(config-if)#dialer pool 1
R1(config-if)#dialer remote-name R2
R1(config-if)#dilaer string 7782001
R1(config-if)#ppp authentication chap
R2(config)#isdn switch-type basic-ni
R2(config)#dialer-list 1 protocol ip permit
R2(config)#username R1 password cisco
R2(config)#int bri0
R2(config-if)#encap ppp
R2(config-if)#ppp authentication chap
R2(config-if)#isdn spid1 32177820020100
R2(config-if)#dialer pool-member 1
R2(config-if)#no shut
R2(config-if)#int dialer 1
R2(config-if)#no shut
R2(config-if)#ip address 200.10.1.2 255.255.255.0
R2(config-if)#encap ppp
R2(config-if)#dialer-group 1
R2(config-if)#dialer pool 1
R2(config-if)#dialer remote-name R1
R2(config-if)#dilaer string 7782002
R2(config-if)#ppp authentication chap
Show ISDN Status (Check Layer1 = Active, Layer2 = Multi-Frame Established)
>show isdn status
Configure ISDN PRI using Dialer Profiles
R1(config)#isdn switch-type basic-ni
R1(config)#dialer-list 1 protocol ip permit
R1(config)#username R2 password cisco
R1(config)#interface bri0
R1(config-if)#encap ppp
R1(config-if)#ppp authentication chap
R1(config-if)#isdn spid1 32177820010100
R1(config-if)#dialer pool-member 1
R1(config-if)#no shut
R1(config-if)#int dialer 2
R1(config-if)#no shut
R1(config-if)#ip add 201.10.1.1 255.255.255.0
R1(config-if)#encap ppp
R1(config-if)#dialer-group 1
R1(config-if)#dialer pool 1
R1(config-if)#dialer remote-name R2
R1(config-if)#dialer string 7782001
R1(config-if)#ppp authentication chap
R2(config)#isdn switch-type primary-5ess
R2(config)#dialer-list 1 protocol ip permit
R2(config)#username R1 password cisco
R2(config)#controller tl 0/0
R2(config-contoller)#framing esf
R2(config-contoller)#linecode b8zs
R2(config-contoller)#pri-group timeslots 1-24
R2(config-contoller)#exit
R2(config)#interface serial0/0:23
R2(config-if)#encapsulation ppp
R2(config-if)#ppp authentication chap
R2(config-if)#dialer pool-member 2
R2(config-if)#no shut
R2(config-if)#interface dialer 2
R2(config-if)#ip add 201.10.1.2 255.255.255.0
R2(config-if)#encaps ppp
R2(config-if)#dialer-group 1
R2(config-if)#dialer pool 2
R2(config-if)#dialer remote-name R1
R2(config-if)#dialer string 7782002
R2(config-if)#ppp authentication chap
R2(config-if)#no shut
Show IPX Interface Information
>show ipx interface
Show IPX Interface Information Brief
>show ipx interface brief
Show IPX Traffic
>show ipx traffic
Enable IPX Routing on Both Routers
#conf term
#ipx routing
Assign an IPX Network to the Ethernet Interfaces on the Routers
#interface Ethernet 0
(config-if)#ipx network AAA
(config-if)#no shut
Show Global Frame-Relay Traffic Statistics
>show frame-relay traffic
Show Frame-Relay LMI (Local Management Interface) Traffic
>show frame-relay lmi
Show Frame-Relay Mappings of DLCI (Layer 2) to the IP Address (Layer 3)
>show frame-relay map
Show Frame-Relay PVC (Permanent Virtual Circuit) Mappings between Router and the Frame-Relay Switch
>show frame-relay pvc
Set the Interfaces Encapsulation to Frame-Relay on Both Routers
#interface serial 0
#encapsulation frame-relay
#no shut
Set the Frame-Relay Interface DLCI (Data Link Connection Identifer) for the Connection
R1(config-if)#frame-relay interface-dlci 102
R2(config-if)#frame-relay interface-dlci 202
Create Sub Interface and IP for Each Connection and Set DLCI on Connections
R1(config-if)#interface serial 0.100 point-to-point
R1(config-subif)#frame-relay interface-dlci 102
R1(config-subif)#ip address 172.16.1.1 255.255.255.0
R1(config-if)#interface serial 0.200 point-to-point
R1(config-subif)#frame-relay interface-dlci 103
R1(config-subif)#ip address 172.16.1.2 255.255.255.0
R2(config-if)#interface serial 0.100 point-to-point
R2(config-subif)#frame-relay interface-dlci 201
R2(config-subif)#ip address 172.16.2.1 255.255.255.0
R3(config-if)#interface serial 0.100 point-to-point
R3(config-subif)#frame-relay interface-dlci 301
R3(config-subif)#ip address 172.16.2.1 255.255.255.0
Set the LMI (Local Management Interface) Type
#conf term
(config)#int serial1
(config-if)#frame-relay lmi-type ansi
Set Frame Relay Map IP
#conf term
(config)#int serial1
(config-if)#frame-relay map ip 10.50.1.1 105 broadcast
Show Access Lists
>show access-lists
>show access-lists 1
>show access-lists 99
View Access Lists Applied to an Interface
>show ip interface
access-list [#(1-99) ] [permit | deny] [source-address | keyword any] [source mask]
Create an Access List to Deny
#conf term
(config)#access-list 1 deny host 192.168.20.1
(config)#access-list 1 deny 192.168.20.2
(config)#access-list 1 deny 192.168.20.3 0.0.0.0
Create an Access List to Permit
#conf term
(config)#access-list 1 permit any
Delete an Access List
#conf term
(config)#no access-list 1
ip access-group [access-list] [in | out]
Add the Access Group to an Interface (in/out)
#conf term
(config)#interface ethernet 0
(config-if)#ip access-group 1 in
(config-if)#ip access-group 20 out
Remove the Access Group from an Interface (in/out)
#conf term
(config)#interface ethernet 0
(config-if)#no ip access-group 1 in
Show Access Lists
>show access-lists
>show access-lists 101 (100-199 and 2000-2699)
View Access Lists Applied to an Interface
>show ip interface
Create an Extended Access List
#conf term
(config)#access-list 101 deny icmp any any echo
(config)#access-list 101 permit tcp 24.17.2.16 0.0.0.15 any eq telnet log
(config)#access-list 102 permit tcp 24.17.2.0 0.0.0.15 any log
(config)#access-list 103 permit ip host 192.168.1.123 host 192.168.1.12 log
Delete an Extended Access List
#conf term
(config)#no access-list 101 permit tcp 24.17.2.16 0.0.0.15 any eq telnet log
Add the Access Group to an Interface (in/out)
ip access-group [access-list] [in | out]
#conf term
(config)#interface ethernet 0
(config-if)#ip access-group 101 in
(config-if)#ip access-group 102 out
Remove the Access Group from an Interface (in/out)
#conf term
(config)#interface ethernet 0
(config-if)#no ip access-group 101 in
Show Access Lists
>show access-lists
Create a Named Access List to Deny Ping and Log
#conf term
(config)#ip access-list extended deny_icmp_ping
(config-ext-acl)#deny icmp host 192.168.1.20 192.168.1.1 0.0.0.0 log
(config-ext-acl)#permit ip any any log
Delete a Named Access List
#conf term
(config)#no ip access-list extended deny_icmp_ping
Add the Named Access Group to an Interface (in/out)
#conf term
(config)#interface FA0/0
(config-if)#ip access-group deny_icmp_ping in
Remove the Named Access Group from an Interface (in/out)
#conf term
(config)#interface FA0/0
(config-if)#no ip access-group deny_icmp_ping in
Show IP NAT Translations
>show ip nat translations
Clear IP NAT Translations
#clear ip nat translation *
Show IP NAT Statistics
>show ip nat statistics
Add a Static NAT
#conf term
(config)#ip nat inside source static 10.50.1.2 10.70.1.2
(config)#interface ethernet 0
(config-if)#ip nat inside
(config-if)#interface serial 0
(config-if)#ip nat outside
Remove a Static NAT
#conf term
(config)#no ip nat inside source static 10.50.1.2 10.70.1.2
Add a Many-To-One NAT
#conf term
(config)#access-list 11 permit 10.50.1.0 0.0.0.255
(config)#ip nat inside source list 11 interface serial 0 overload
(config)#interface ethernet 0
(config-if)#ip nat inside
(config-if)#interface serial 0
(config-if)#ip nat outside
Remove a Many-To-One NAT
#conf term
(config)#no ip nat inside source static 10.50.1.2 10.70.1.2
Add a Dynamic NAT
#conf term
(config)#ip nat pool poolname1 10.50.1.100 10.50.1.150 netmask 255.255.255.0
(config)#ip nat inside source list 2 pool poolname1
(config)#interface ethernet 0
(config-if)#ip nat inside
(config-if)#interface serial 0
(config-if)#ip nat outside
Remove a Dynamic NAT
#conf term
(config)#no ip nat pool pool1 10.50.1.100 10.50.1.150 netmask 255.255.255.0
Add a PAT
#conf term
(config)#ip nat inside source list 2 interface serial 0 overload
Remove a PAT
#conf term
(config)#no ip nat inside source list 2 interface serial 0 overload
Fuente: http://www.vmadmin.co.uk
Comentarios