ROUTER COMMANDS

Lu Hue Thu - ritalu2610@yahoo.com References by Commands Guide of Cisco

*********************
Router enable Router ! confi"ure terminal Router(config) ! Router ! sho# runnin"-confi" Router ! sho# startu$-confi" Router ! #rite 1. Hostname Router(config) ! ostname {name} 2. Set !ass"or# %to access &ri'ile"ed (ode ) Router(config) ! ena$%e &ass"or# {password} Router(config) ! ena$%e secret {password} &ass#ord is encry$ted '. (! A##ress Router(config) ! interface {interface} {interface_number} Router(config)if) ! i& a##ress {ip-address} { mask} Router(config)if) ! no s ut#o"n Turn on the interface *. Te%net Router(config)+ %ine ,t- . * Router(config)%ine)+ %ogin Router(config)%ine)+ &ass"or# {password} /. Ena$%e Router to act as an HTT! ser,er Router (config)+ i& tt& ser,er 0. Set c%oc1 rate on DCE Seria% interface Router+ s o" contro%%er seria% {interface_number} chec* to find out #hether the serial interface is +C, or +T,. Router(config) ! interface {interface} {interface_number} Router(config)if) !c%oc1 rate {clock} 2. Routing !rotoco%s - .tatic Router(config)+ i$ route /network} [mask] {address|interface} 0distance10$ermanent1 distance metric for this route - R2& 3 Routin" 2nformation &rotocol Router(config) ! router ri& +efines 2& routin" $rotocol.
1

Router(config)router) ! net"or1 {network-number} s$ecifies a directly connected net#or*. 2GR& 3 2nterior Gate#ay Routin" &rotocol Router(config)+ router igr& autonomous-system Router(config)router) ! net"or1 {network-number} ,2GR& 3 ,nhanced 2nterior Gate#ay Routin" &rotocol Router(config)+ router eigr& autonomous-system Router(config)router) ! net"or1 {network-number} 4.&5 3 4$en .hortest &ath 5irst &rotocol Router(config)+ router os&f process-id Router(config)router)+ net"or1 {address} {wildcard-mask} area {area-id} .ho# command Router+ s o" i& route Router+ s o" i& route ".3.-.4 Router+ s o" i& &rotoco%s Router+ s o" i& {protocol} 5 interface 6 #ata$ase 6 neig $ors 6 to&o%og- 7 Route Source Connected interface .tatic route ,2GR& summary route ,7ternal 8G& 2nternal ,2GR& 2GR& 4.&5 2.-2. R2& ,G& ,2GR& e7ternal route 2nternal 8G& <n*no#n Defau%t Distance 0 1 6 20 90 100 110 116 120 1:0 1;0 200 266

8. Route Re#istri$ute #efau%t9metric {bandwidth delay reliability loading mtu} = set metric 'alue for all redistributed routes %2GR&> ,2GR&> 4.&5> 8G&> ,G&).

Static = metric [metric_value] R(! = metric [metric_value]

re#istri$ute {protocol}
redistribute from one routin" domain into another routin" domain
(>R! = [autonomous-system] metric [metric-value] E(>R! = [autonomous-system] metric [metric-value] OS!? = [process id] metric [metric-value]

:. Access Contro% ;ists .te$ 1 = Choose ty$e of ?CL % .tandard or ,7tended) and set $arameters for the ?CL test statements .tandard 2& ?CL Router(config) ! access)%ist access-list-number < &ermit 6 #en- = source [mask] !arameters Descri&tion access-list-number 2dentifies the list that the entry belon"s to@ a number from 1 to 99 permit | deny 2ndicates #hether this entry allo#s or bloc*s traffic from the s$ecified address source 2dentifies the source 2& address source [mask] 2dentifies #hich bits in the address field are matched@ default #ildcard mas* is 0.0.0.0 Ahost ,7tended 2& ?CL Router(config) ! access)%ist access-list-number < &ermit 6 #en- = protocol source sourcewildcard [operator port] destination destination-wildcard [operator port] [established] [log] !arameters access-list-number permit | deny protocol source / destination source-wildcard destination-wildcard operator port established Descri&tion 2dentifies the list usin" a number in the ran"es of 100 to 199 or 2000 to 2699. 2ndicates #hether this entry allo#s or bloc*s traffic from the s$ecified address 2&> TC&> <+&> 2C(&> 2G(&>.. 2dentifies the source B destination 2& addresses Cildcard mas* %0s = match> 1s = indicate DdonEt careF $ositions ) 2t%less than)> "t %"reater than)> eG %eGual)> neG %not eGual) and a $ort number. 5or inbound TC& only> allo#s TC& traffic to $ass if the $ac*et uses an established connection. %,7 = it has ?CH bits set )
3

log

.ends a lo""in" messa"e to the console

.te$ 2 = ,nable an interface to use the s$ecified ?CL Router(config) ! i& access)grou& access-list-number < in 6 out = !arameters access-list-number in | out Descri&tion 2ndicates number of ?CL to be lin*ed to this interface .elects #hether the ?CL is a$$lied as an incomin" or out"oin" filter@ out is default.

Note @ A(;DCARD MASB ?ddress filterin" occurs #hen you use ?CL address #ildcard mas*in" to identify ho# to chec* or i"nore corres$ondin" 2& address bits. Cildcard mas* for 2& address bits uses the number 1 and 0 to identify ho# to treat the corres$ondin" 2& address bits. Ai%#car# mas1 $it . = C ec1 the corres$ondin" bit 'alue in the address. Ai%#car# mas1 $it 1 = (gnore %do not chec*) the corres$ondin" bit 'alue in the address. ,7 = Host = 1;2.I0.16.29 Cildcard (as* = 0.0.0.0 % ost ) .ubnet @ 1;2.16.1.0 Cildcard (as* = 0.266.266.266. ?ll traffic = 0.0.0.0 Cildcard (ar* = 266.266.266.266 % an- ) 1.. Net"or1 A##ress Trans%ation &ri'ate ?ddresses C%ass R?C 1:18 (nterna% A##ress Range C(DR !refi3 ? 8 C 10.0.0.0 10.266.266.266 1;2.16.0.0 1;2.I1.266.266 192.16J.0.0 192.16J.266.266 10.0.0.0BJ 1;2.16.0.0B12 192.16J.0.0B16

- .te$ 1 = Confi"urin" K?T .tatic K?T - 4ne &ri'ate to 4ne &ermanent &ublic ?ddress Translation Router(config)#ip nat inside source static {local-ip} {global-ip} +ynamic K?T - 4ne &ri'ate to 4ne &ublic ?ddress Translation Create an ?CL that #ill identify #hich $ri'ate 2& addresses Router(config) ! access)%ist access-list-number &ermit source {mask} +efine a $ool of usable $ublic 2& addresses Router(config)#ip nat pool name {start-ip} {end-ip} netmask
length}

{ prefix-

Lin* ?CL to the $ool of addresses. Router(config)#ip nat inside

{name}

source list {access-list-number | name} pool

&?T - (any &ri'ate to 4ne &ublic ?ddress Translation

4

Create an ?CL that #ill identify #hich $ri'ate 2& addresses Router(config) ! access)%ist access-list-number < &ermit 6 #en- = source [mask] +efine a $ool of usable $ublic 2& addresses Router(config)# ip nat pool {name} {start-ip end-ip} netmask { prefixlength}

Router(config)+ i& nat &oo% {name} interface {interface-number}

length}

netmas1 { prefix-

Lin* ?CL to the $ool of addresses Router(config)#ip nat inside

{name} overload

source list {access-list-number | name} pool

- .te$ 2 = ?$$ly K?T on interface +efine the inside interface Router(config)+ interface {interface-number} Router(config)if)+ i& nat insi#e +efine the outside interface Router(config)+ int {interface-number} Router(config)if)+ i& nat outsi#e

- Lerifyin" - Troubleshootin" K?T and &?T Confi"uration Router+s o" i& nat trans%ations +is$lays translation table Router+s o" i& nat statistics +is$lays K?T statistics Router+c%ear i& nat trans%ations insi#e a.b.c.d outsi#e e.f.".h Clears a s$ecific translation from the table before it times out Router+c%ear i& nat trans%ations * Router+#e$ug i& nat +is$lays information about e'ery $ac*et that is translated Router+#e$ug i& nat #etai%e#
11. Ena$%e SNM! (Sim&%e Net"or1 Management !rotoco%) Router(config) ! snm&)ser,er communit- snmp-community-string 0ac% 6 ac%Cname 6 i&,0 6 ro 6 r" 6 ,ie" 1 D1)::E D1'..)1:::E AORD i&,0 ro r" ,ie" .tandard 2& access list allo#in" access #ith this community strin" ,7$anded 2& access list allo#in" access #ith this community strin" ?ccess-list name .$ecify 2&'6 Kamed ?ccess-List Read-only access #ith this community strin" Read-#rite access #ith this community strin" Restrict this community to a named (28 'ie#

1F. Netf%o" .te$ 1 = ,nablin" Ket5lo# ,7$ort on interface Router(config) ! interface {interface} {interface_number} Router(config)if) ! ip route-cache flow Router(config)if) ! bandwidth <kbps> .te$ 2 = ,7$ortin" Ket5lo# +ata
5

Router(config) ! i& f%o")e3&ort source {interface} {interface_number} Router(config) ! ip flow-export destination {hostname| ip_address} {port} Router(config) ! ip flow-export version {netflow-version} .te$ I = Lerifyin" +e'ice Confi"uration Router ! s o" i& f%o" e3&ort Router ! s o" i& cac e f%o" Router ! s o" i& cac e ,er$ose f%o"