Your SlideShare is downloading. ×
Ccna
Ccna
Ccna
Ccna
Ccna
Ccna
Ccna
Ccna
Ccna
Ccna
Ccna
Ccna
Ccna
Ccna
Ccna
Ccna
Ccna
Ccna
Ccna
Ccna
Ccna
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Ccna

2,669

Published on

Published in: Technology, Business
0 Comments
5 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
2,669
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
559
Comments
0
Likes
5
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. 1 INITIAL CONFIGURATION OF ROUTER: Connect one end of console cable to console port of router and other end of cable to your computer’s com port. Now open Hyper-terminal and power on the router. User mode: Router > Router > enable Privilege mode: Router # Router # config terminal Global configuration mode: Router(config) # Assigning ip address to Ethernet interface: Router(config) # interface <interface type> <interface no> Router(config-if) # ip address <ip address> <subnet mask> (Interface mode) Router(config-if) # no shut Assigning Telnet password: Router(config) # line vty 0 4 Router(config-line) #login Router(config-line) #password <password> Router(config-line) #exit Router(config) #exit Assigning console password: Router(config) # line con 0 Router(config-line) # login Router(config-line) # password <password> Router(config-line) # exit Router(config) # exit Assigning Auxiliary password: Router(config) # line aux 0 Router(config-line) # login Router(config-line) # password <password> Router(config-line) # exit Router(config) # exit Assigning enable password: Router(config) # enable secret <password> Router(config) # enable password <password> (line mode) (line mode) (line mode) (To encrypt the password)
  • 2. 2 Show commands: Router # show running-config Router # show startup-config Router # show version Router # show flash Commands to save the configuration: Router # copy running-config startup-config ( OR ) Router # write memory ( OR ) Router # wr
  • 3. 3 Wan interface configuration: 10.0.0.1/8 S0/0 HYD 11.0.0.1/8 S0/0 S0/1 10.0.0.2/8 E0 192.168.1.150/24 LAN - 192.168.1.0/24 CHE E0 192.168.2.150/24 LAN - 192.168.2.0/24 ON HYD: HYD # configure terminal HYD (config) # interface serial 0/0 HYD (config-if) # ip address 10.0.0.1 255.0.0.0 HYD (config-if) # no shutdown HYD (config-if) # encapsulation hdlc HYD (config-if) # exit HYD (config) # exit S0/1 11.0.0.2/8 (This is DTE interface) ON CHE : CHE # configure terminal CHE (config) # interface serial 0/1 CHE (config-if) # ip address 10.0.0.2 255.0.0.0 CHE (config-if) # no shutdown CHE (config-if) # clockrate 64000(clock rate Applies for DCE interfaces) CHE (config-if) # encapsulation hdlc CHE (config-if) # exit CHE (config) # exit CHE # configure terminal CHE (config) # interface serial 0 CHE (config-if) # ip address 11.0.0.1 255.0.0.0 CHE (config-if) # no shutdown CHE (config-if) # encapsulation hdlc CHE (config-if) # clock rate 64000 (Applies for DCE interfaces) CHE (config-if) # exit CHE (config) # exit BAN E0 192.168.3.150/24 LAN - 192.168.3.0/24
  • 4. 4 ON BAN : BAN # configure terminal BAN (config) # interface serial BAN (config-if) # ip address 11.0.0.2 255.0.0.0 BAN (config-if) # no shutdown BAN (config-if) # encapsulation hdlc BAN (config-if) # exit BAN (config) # exit Trouble shooting commands: Router # show interfaces (s 0/0 or s 0/1) 1. 2. 3. 4. Serial is up , line protocol is up (connectivity is fine) Serial is administratively down, line protocol is down (No Shutdown has to be given on the local router serial interface) Serial is up, line protocol is down (Encapsulation mismatch or clock rate has to be given on dce) Serial is down, line protocol is down (Serial interface on the remote router has to be configured) Router # show controllers (s0/0 or s0/1) (To know whether the cable connected to the serial interface is DCE or DTE)
  • 5. 5 ROUTING 10.0.0.1/8 S0 11.0.0.1/8 S0 S1 10.0.0.2/8 E0 192.168.1.150/24 HYD LAN - 192.168.1.0/24 S1 11.0.0.2/8 E0 192.168.2.150/24 CHE LAN - 192.168.2.0/24 HYD # config terminal HYD(config) # ip routing HYD(config) # ip route 192.168.2.0 255.255.255.0 10.0.0.2 HYD(config) # ip route 192.168.3.0 255.255.255.0 10.0.0.2 HYD(config) # ip route 11.0.0.0 255.0.0.0 10.0.0.2 HYD # show ip route C C S S S 192.168.1.0/24 is directly connected on Ethernet 0/0 10.0.0.0/8 is directly connected on serial 0/0 192.168.2.0/24 via [1/0] 10.0.0.2 192.168.3.0/24 via [1/0] 10.0.0.2 11.0.0.0/8 via [1/0] 10.0.0.2 ON CHE : CHE # config terminal CHE(config) # ip routing CHE(config) # ip route 192.168.1.0 255.255.255.0 10.0.0.1 CHE(config) # ip route 192.168.3.0 255.255.255.0 11.0.0.2 E0 192.168.3.150/24 LAN - 192.168.3.0/24 STATIC ROUTING: ON HYD : BAN
  • 6. 6 CHE # show ip route C 192.168.2.0/24 is directly connected on Ethernet 0/0 C 10.0.0.0/8 is directly connected on serial 0/1 C 11.0.0.0/8 is direc ON BAN : BAN # config terminal BAN(config) # ip routing BAN(config) # ip route 192.168.2.0 255.255.255.0 11.0.0.1 BAN(config) # ip route 192.168.1.0 255.255.255.0 11.0.0.1 BAN(config) # ip route 10.0.0.0 255.0.0.0 11.0.0.1 BAN # show ip route DEFAULT ROUTING: ON HYD give default route. HYD # config terminal HYD(config) # ip routing HYD(config) # ip route 0.0.0.0 0.0.0.0 s0 HYD # show ip route ON CHE give static route. CHE # config terminal CHE(config) # ip routing CHE(config) # ip route 192.168.1.0 255.255.255.0 10.0.0.1 CHE(config) # ip route 192.168.3.0 255.255.255.0 11.0.0.2 CHE # show ip route ON BAN give default route. BAN # config terminal BAN(config) # ip routing BAN(config) # ip route 0.0.0.0 0.0.0.0 s1 BAN # show ip route
  • 7. 7 DYNAMIC ROUTING: RIP : (Routing information protocol) ON HYD : HYD # config terminal HYD(config) # ip routing HYD(config) # router rip HYD(config-router) # network 192.168.1.0 HYD(config-router) # network 10.0.0.0 HYD(config-router) # exit HYD(config) # exit HYD # show ip route ON CHE : CHE # config terminal CHE(config) # ip routing CHE(config) # router rip CHE(config-router) # network 192.168.2.0 CHE(config-router) # network 10.0.0.0 CHE(config-router) # network 11.0.0.0 CHE(config-router) # exit CHE(config) # exit CHE # show ip route ON BAN: BAN # config terminal BAN(config) # ip routing BAN(config) # router rip BAN(config-router) # network 192.168.3.0 BAN(config-router) # network 11.0.0.0 BAN(config-router) # exit BAN(config) # exit BAN # show ip route IGRP:(Interior gateway routing protocol) ON HYD: HYD # config terminal HYD(config) # ip routing HYD(config) # router igrp 10 HYD(config-router) # network 192.168.1.0 HYD(config-router) # network 10.0.0.0 HYD(config-router) # exit HYD(config) # exit
  • 8. 8 HYD # show ip route ON CHE: CHE # config terminal CHE(config) # ip routing CHE(config) # router igrp 10 CHE(config-router) # network 192.168.2.0 CHE(config-router) # network 10.0.0.0 CHE(config-router) # network 11.0.0.0 CHE(config-router) # exit CHE(config) # exit CHE # show ip route ON BAN: BAN # config terminal BAN(config) # ip routing BAN(config) # router igrp 10 BAN(config-router) # network 192.168.3.0 BAN(config-router) # network 11.0.0.0 BAN(config-router) # exit BAN(config) # exit BAN # show ip route EIGRP: (Enhanced interior gateway protocol) ON HYD: HYD # config terminal HYD(config) # ip routing HYD(config) # router eigrp 10 HYD(config-router) # network 192.168.1.0 HYD(config-router) # network 10.0.0.0 HYD(config-router) # exit HYD(config) # exit HYD # show ip route ON CHE: CHE # config terminal CHE(config) # ip routing CHE(config) # router eigrp 10 CHE(config-router) # network 192.168.2.0 CHE(config-router) # network 10.0.0.0 CHE(config-router) # network 11.0.0.0
  • 9. 9 CHE(config-router) # exit CHE(config) # exit CHE # show ip route ON BAN: BAN # config terminal BAN(config) # ip routing BAN(config) # router eigrp 10 BAN(config-router) # network 192.168.3.0 BAN(config-router) # network 11.0.0.0 BAN(config-router) # exit BAN(config) # exit BAN # show ip route OSPF: (Open shortest path first) Single Area ospf: AREA 0 10.0.0.1/8 S0 HYD 11.0.0.1/8 S0 S1 10.0.0.2/8 E0 192.168.1.150/24 LAN - 192.168.1.0/24 ON HYD: CHE S1 11.0.0.2/8 E0 192.168.2.150/24 LAN - 192.168.2.0/24 BAN E0 192.168.3.150/24 LAN - 192.168.3.0/24
  • 10. 10 HYD # config terminal HYD(config) # ip routing HYD(config) # router ospf 2 HYD(config-router) # network 192.168.1.0 0.0.0.255 area 0 HYD(config-router) # network 10.0.0.0 0.255.255.255 area 0 HYD(config-router) # exit HYD(config) # exit HYD # show ip route HYD # show ip ospf database HYD # show ip ospf neighbors ON CHE: CHE # config terminal CHE(config) # ip routing CHE(config) # router ospf 2 CHE(config-router) # network 192.168.2.0 0.0.0.255 area 0 CHE(config-router) # network 10.0.0.0 0.255.255.255 area 0 CHE(config-router) # network 11.0.0.0 0.255.255.255 area 0 CHE(config-router) # exit CHE(config) # exit CHE # show ip route CHE # show ip ospf database CHE # show ip ospf neighbors ON BAN: BAN # config terminal BAN(config) # ip routing BAN(config) # router ospf 2 BAN(config-router) # network 192.168.3.0 0.0.0.255 area 0 BAN(config-router) # network 11.0.0.0 0.255.255.255 area 0 BAN(config-router) # exit BAN(config) # exit BAN # show ip route BAN # show ip ospf database BAN # show ip ospf neighbors Multiple Area ospf:
  • 11. 11 AREA 1 10.0.0.1/8 S0 HYD 11.0.0.1/8 S0 S1 10.0.0.2/8 E0 192.168.1.150/24 LAN - 192.168.1.0/24 S1 BAN 11.0.0.2/8 E0 E0 192.168.2.150/24 192.168.3.150/24 CHE AREA 0 LAN - 192.168.2.0/24 ON HYD: HYD # config terminal HYD(config) # ip routing HYD(config) # router ospf 1 HYD(config-router) # network 192.168.1.0 0.0.0.255 area 1 HYD(config-router) # network 10.0.0.0 0.255.255.255 area 1 HYD(config-router) # exit HYD(config) # exit HYD # show ip route HYD # show ip ospf database HYD # show ip ospf neighbors ON CHE: CHE # config terminal CHE(config) # ip routing CHE(config) # router ospf 2 CHE(config-router) # network 192.168.2.0 0.0.0.255 area 0 CHE(config-router) # network 10.0.0.0 0.255.255.255 area 1 CHE(config-router) # network 11.0.0.0 0.255.255.255 area 2 CHE(config-router) # exit CHE(config) # exit CHE # show ip route CHE # show ip ospf database CHE # show ip ospf neighbors ON BAN: AREA 2 LAN - 192.168.3.0/24
  • 12. 12 BAN # config terminal BAN(config) # ip routing BAN(config) # router ospf 3 BAN(config-router) # network 192.168.3.0 0.0.0.255 area 2 BAN(config-router) # network 11.0.0.0 0.255.255.255 area 2 BAN(config-router) # exit BAN(config) # exit BAN # show ip route BAN # show ip ospf database BAN # show ip ospf neighbors ACCESS-LIST: Standard access-list: SCENARIO 1: Network 192.168.1.0 should not communicate with network 192.168.2.0 ON CHE: CHE #config terminal CHE (config) # access-list 1 deny 192.168.1.0 0.0.0.255 CHE (config) # access-list 1 permit any CHE (config) # int e0 CHE (config-if) # ip access-group 1 out CHE (config-if) # exit CHE (config) # exit Che # show ip access-list Note: Use the command prompt of a PC try to ping the filtered ip address. SCENARIO 2: 192.168.1.1 should not communicate with network 192.168.2.0 ON CHE: CHE #config terminal CHE (config) # access-list 1 deny 192.168.1.1 0.0.0.0 CHE (config) # access-list 1 permit any CHE (config) # int e0 CHE (config-if) # ip access-group 1 out CHE (config-if) # exit CHE (config) # exit CHE # show ip access-list
  • 13. 13 SCENARIO 3: Restricting telnet access using standard access-list Network 192.168.1.0 should not telnet 192.168.2.150 router ON CHE: CHE #config terminal CHE (config) # access-list 1 deny 192.168.1.0 0.0.0.255 CHE (config) #access-list 1 deny 10.0.0.0 0.255.255.255 CHE (config) # access-list 1 permit any CHE (config) # line vty 0 4 CHE (config-line) # access-class 1 in CHE (config-line) # exit CHE (config) # exit (To deny from Hyderabad Router ) Extended access-list: SCENARIO :1 Network 192.168.2.0 should not access the web services of 192.168.3.1 On CHE: CHE # config terminal CHE (config) # access-list 100 deny tcp 192.168.2.0 0.0.0.255 192.168.3.1 0.0.0.0 eq 80 CHE (config) # access-list 100 permit ip any any CHE (config) #interface e0 CHE (config-if) # ip access- group 100 in CHE (config-if) #exit CHE (config) # exit CHE # sh ip access-list SCENARIO :2 Network 192.168.1.0 should not access the telnet services of 192.168.2.150 On CHE: CHE # config terminal CHE (config) # access-list 100 deny tcp 192.168.1.0 0.0.0.255 192.168.2.150 0.0.0.0 eq telnet CHE (config) # access-list 100 permit ip any any CHE (config) #interface s1 CHE (config-if) # ip access- group 100 in CHE (config-if) #exit CHE (config) # exit CHE # sh ip access-list SCENARIO :3 192.168.2.1 should not ping 192.168.3.1 On CHE:
  • 14. 14 CHE # config terminal CHE (config) # access-list 100 deny icmp 192.168.2.1 0.0.0.0 192.168.3.1 0.0.0.0 echo CHE (config) # access-list 100 permit ip any any CHE (config) #interface e0 CHE (config-if) # ip access- group 100 in CHE (config-if) #exit CHE (config) # exit CHE # sh ip access-list SWITCH CONFIGURATION INITIAL CONFIGURATION OF A SWITCH: Connect one end of console cable to console port of switch and other end of cable to your computer’s com port. Now open Hyper-terminal and power on the switch. Would you like to enter into initial configuration dialog (yes/no): no 2950>en 2950#config terminal 2950(config) # interface vlan 1 2950(config-if) # ip address <ip address> <subnet mask> 2950(config-if) # no shutdown 2950(config-if) # exit 2950(config) # line vty 0 4 2950(config-line) # login 2950(config-line) # password <password> 2950(config) # line con 0 2950(config-line) # login 2950(config-line) # password <password> 2950(config) #enable secret < password> 2950(config) #enable password < password> 2950(config) #exit 2950 # write VLAN CREATION: 2950 # config terminal 2950(config) # vlan <vlan no> 2950(config-vlan) # name <name> ASSIGNING MEMBERSHIP TO THE PORTS:
  • 15. 15 2950(config) # interface <interface type> <slot no/port no> 2950(config-if) # switchport mode access 2950(config-if) # switchport access vlan <vlan no> 2950(config-if) # exit 2950(config)#exit TRUNKING: 2950 # config terminal 2950(config) #interface <interface type> <slot no/port no> 2950(config-if) # switchport mode trunk 2950(config-if) # switchport trunk allowed vlan all 2950(config-if) # exit 2950(config) # exit INTEGRTED SERVICE DIGITAL NETWORK (ISDN) Site to internet configuration: ISDN for Internet Configuration INTERNET 2 wires(Copper) RJ-45 Connector BRI0 NT1 TELCO U-Line S/T Cable E0 192.168.20.150 ISDN SWITCH LAN - 192.168.20.0/24 c:> telnet 192.168.20.150
  • 16. 16 ISDN>enable Password: ISDN # configure terminal ISDN (config) # interface bri 0 ISDN (config-if) # ip add negotiated ISDN (config-if) #no shut ISDN (config-if) # encapsulation ppp ISDN (config-if) # ppp authentication pap chap callin ISDN (config-if) # ppp pap sent-username <username> password <password> ISDN (config-if) # ppp chap hostname <username> ISDN (config-if) # ppp chap password <password> ISDN (config-if) # dialer string <tel.phone no.> ISDN (config-if) # dialer idle-timeout 120 ISDN (config-if) # dialer-group 5 ISDN (config-if) # exit ISDN (config) # isdn switch-type basic-net3 ISDN (config) #interface e 0 ISDN (config-if) # ip nat inside ISDN (config-if) # exit ISDN (config) # interface bri 0 ISDN (config-if) # ip nat outside ISDN (config-if) # exit ISDN (config) # access-list 1 permit 192.168.20.0 0.0.0.0255 ISDN (config) # ip nat inside source list 1 interface bri 0 overload ISDN (config) # dialer-list 5 protocol ip permit ISDN (config) # ip routing ISDN (config) # ip route 0.0.0.0 0.0.0.0 bri 0 ISDN (config) # ip name-server 61.0.0.5 ISDN (config) # ip domain-lookup ISDN (config) # exit TROUBLESHOOTING COMMANDS: ISDN # show isdn status ISDN # show isdn active ISDN # show isdn history ISDN # show int bri 0 ISDN # show ip route ISDN #show ip nat translations FRAME-RELAY
  • 17. 17 Frame-Relay - Network Diagram FRAME-RELAY SWICH 10.0.0.1/8 S0 HYD E0 192.168.1.150/24 DLCI NO : 100 LAN - 192.168.1.0/24 S1 10.0.0.2/8 CHE E0 192.168.2.150/24 C :> telnet 192.168.1.150 HYD > enable Password: HYD # config terminal HYD (config) # interface s 0 HYD (config-if) # ip add 10.0.0.1 255.0.0.0 HYD (config-if) # no shut HYD (config-if) #encapsulation frame-relay HYD (config-if) #frame-relay lmi-type cisco HYD (config-if) #frame-relay interface–dlci 100 HYD (config-if) #exit HYD (config) # ip routing HYD (config) # router rip HYD (config-router) # network 192.168.1.0 HYD (config-router) # network 10.0.0.0 TROUBLESHOOTING COMMANDS: E0 192.168.3.150/24 DLCI NO : 200 LAN - 192.168.2.0/24 ON HYD: BAN LAN - 192.168.3.0/24
  • 18. 18 HYD # show frame-relay pvc HYD # show frame-relay map HYD # show ip route FRAME-RELAY SWITCH CONFIGURATION: ON CHE: C :> telnet 192.168.2.150 CHE > enable Password: CHE # config terminal CHE (config) # frame-relay switching FRS interface to HYDERABAD CHE (config) # interface s 1 CHE (config-if) # no ip add CHE (config-if) # no shut CHE (config-if) # encapsulation frame-relay CHE (config-if) # clockrate 64000 CHE (config-if) # frame-relay intf-type dce CHE (config-if) # frame-relay lmi-type cisco CHE (config-if) # frame-relay route 100 interface s0 200 CHE (config-if) # exit CHE (config) # exit FRS interface to BANGALORE CHE (config) # interface s 0 CHE (config-if) # no ip add CHE (config-if) # no shut CHE (config-if) # encapsulation frame-relay CHE (config-if) # clockrate 64000 CHE (config-if) # frame-relay intf-type dce CHE (config-if) # frame-relay lmi-type cisco CHE (config-if) # frame-relay route 200 interface s1 100 CHE (config-if) # exit CHE (config) # exit ON BAN: C :> telnet 192.168.3.0 BAN > enable Password: BAN # config terminal BAN (config) # interface s1 BAN (config-if) # ip add 10.0.0.2 255.0.0.0 BAN (config-if) # no shut BAN (config-if) # encapsulation frame-relay BAN (config-if) # frame-relay lmi-type cisco
  • 19. 19 BAN (config-if) # frame-relay interface-dlci 200 BAN (config-if) # exit BAN (config) # ip routing BAN (config) # router rip BAN (config-router) # network 192.168.3.0 BAN (config-router) # network 10.0.0.0 BAN (config-router) # exit BAN (config) # exit TROUBLESHOOTING COMMANDS: BAN # show frame-relay pvc BAN # show frame-relay map BAN # show ip route
  • 20. 20 PASSWORD RECOVERY Con 0 E0 LAN - 192.168.1.0/24 Connect console cable to router’s console port, and other end of the cable to computer’s com port with DB9 converter. Now open hyper terminal in the computer and switch on the router. When router’s boot process is going on press CTRL+BREAK within 60 seconds. ON FIXED ROUTERS: > o/r 0x2142 >i Would you like to enter into initial configuration dialog(y/n): no Router>enable Router # copy startup-config running-config Router # config terminal Router(config) # interface eth 0 Router (config-if) # no shutdown Router (config-if) #exit Router (config) # enable secret <password> Router (config) # config-register 0x2102 Router (config) # exit Router # show version Router # write Router # reload ON MODULAR ROUTERS: Rommon 1 > confreg 0x2142 Rommon 2 > reset Would you like to enter into initial configuration dialog(y/n): no
  • 21. 21 Router>enable Router # copy startup-config running-config Router # config terminal Router(config) # interface eth 0 Router (config-if) # no shutdown Router (config-if) #exit Router (config) # enable secret <password> Router (config) # config-register 0x2102 Router (config) # exit Router # show version Router # write Router # reload

×