Home CCNA Python menu icon

How To Use Cisco Routers & Switches

Nature

The Best Cert for Network Engineers

The CCNA is a tough cert to earn; I should know I have earned mine. It takes a lot of learning to pass the exam. Of course, I will never tell you what is on the exam (I would lose my CCNA for that), but I can teach to the objectives. The best and must fun way to learn is through hands-on exercises. Thank goodness Cisco provides a state of the art emulator for free. I will provide labs through Packet Tracer, so you can learn how to configure the Cisco IOS and gain that hands-on experience. All you need to do is register to access all the learning material Below is my cheat-sheet of commands I used to study. As you can see, there a lot to learn.

Example of Cisco IOS Commands

Configure PPP
Router(config)# interface s0/0/0
Router(config-if)# encapsulation ppp

Configure PPP CHAP Authentication
Central(config)# username Branch3 password cisco
Branch3(config)# username Central password cisco
Branch3(config)# interface s0/0/1
Branch3(config-if)# ppp authentication chap

Configure default route
WEST(config)# ip route 0.0.0.0 0.0.0.0 10.1.1.2

Configure the GRE Tunnel Interface
WEST(config)# interface tunnel 0
WEST(config-if)# ip address 172.16.12.1 255.255.255.252
WEST(config-if)# tunnel source s0/0/0
WEST(config-if)# tunnel destination 10.2.2.1

EAST(config)# interface tunnel 0
EAST(config-if)# ip address 172.16.12.2 255.255.255.252
EAST(config-if)# tunnel source 10.2.2.1
EAST(config-if)# tunnel destination 10.1.1.1

Configure eBGP
R2(config)# router bgp 65000
R2(config-router)# neighbor 209.165.200.1 remote-as 65001
R2(config-router)# network 198.133.219.0 mask 255.255.255.248

Configure PPPoE
R1(config)# interface dialer 5
R1(config-if)# encapsulation ppp
R1(config-if)# ip address negotiated
R1(config-if)# ip mtu 1492
R1(config-if)# dialer pool 5
R1(config-if)# ppp chap hostname customer2222
R1(config-if)# ppp chap password ConnectMe
R1(config-if)#no shutdown

Configure DSL to Interface
R1(config-if)# interface GigabitEthernet 0/0
R1(config-if)# no ip address
R1(config-if)# pppoe enable
R1(config-if)# pppoe-client dial-pool-number 5
R1(config-if)# ip tcp adjust-mss 1452
R1(config-if)# no shutdown

Configure IP HTTPS Server
R1(config)# ip http server
R1(config)# ip http authentication local
R1(config)# username admin privilege 15 secret class

Enable remote connection
R3(config)# ip domain-name cisco.com
R3(config)# crypto key generate rsa modulus 1024
R3(config)# line vty 0 4
R3(config-line)# login local
R3(config-line)# transport input ssh

Enable SNMP
S1# configure terminal
S1(config)# sdm prefer lanbase-routing
S1(config)# end
S1# reload

S1(config)# snmp-server community ciscolab ro SNMP_ACL
S1(config)# snmp-server location Company_HQ
S1(config)# snmp-server contact admin@company.com
S1(config)# snmp-server host 192.168.1.3 version 2c ciscolab
S1(config)# snmp-server enable traps
S1(config)# ip access-list standard SNMP_ACL
S1(config-std-nacl)# permit 192.168.1.3

R1(config)# ip access-list standard PERMIT-ADMIN
R1(config-std-nacl)# permit 192.168.1.0 0.0.0.255
R1(config-std-nacl)# exit
R1(config)# snmp-server view SNMP-RO iso included
R1(config)# snmp-server group ADMIN v3 priv read SNMP-RO access PERMIT-ADMIN
R1(config)# snmp-server user USER1 ADMIN v3 auth sha cisco12345 pri aes 128 cisco54321

Configure IP SlAN
R1(config)# ip sla 1
R1(config-ip-sla)icmp-echo 192.168.1.5
R1(config-ip-sla-echo)frequency 30
R1(config-ip-sla-echo)# exit
R1(config)# ip sla schedule 1 start-time now life forever

Extended ACL
R1(config)# access-list 100 remark Allow Web & SSH Access
R1(config)# access-list 100 permit tcp host 192.168.10.3 host 10.2.2.1 eq 22
R1(config)# access-list 100 permit tcp any any eq 80
R1(config)# interface s0/0/0
R1(config-if)# ip access-group 100 out
R1(config)# ip access-list extended 100
R1(config-ext-nacl)# 30 permit ip 192.168.10.0 0.0.0.255 192.168.30.0 0.0.0.255
R1(config-ext-nacl)# end

R3(config)# ip access-list extended WEB-POLICY
R3(config-ext-nacl)# permit tcp 192.168.30.0 0.0.0.255 host 10.1.1.1 eq 80
R3(config-ext-nacl)# permit tcp 192.168.30.0 0.0.0.255 209.165.200.224 0.0.0.31 eq 80
R3(config-ext-nacl)# interface S0/0/1
R3(config-if)# ip access-group WEB-POLICY out