Вы находитесь на странице: 1из 4

Cisco Router Basic Configuration & Cheatsheet

Set Hostname
(config)# hostname <NAME>

Set Default Gateway (Gateway of Last Resort)


(config)# ip default-gateway <ROUTERIP>

Set Domain Name


(config)# ip domain-name <DOMAIN.TLD>

Enable Secret (Encrypted Password)


(config)# enable secret <PASSWORD>

Disable IP Domain Lookup (Prevents translating typos)


(config)# no ip domain-lookup

Configure WAN Interface


DHCP
(config)# interface <WANIFACE>
(config-if)# ip address DHCP
(config-if)# no shutdown

STATIC
(config)# interface <WANIFACE> [ex: Gi0/0]
(config)# ip address <WANIP> <SUBNETMASK>
(config)# no shutdown

Configure LAN Interface


(config)# interface <LANIFACE> [ex: Gi0/1]
(config-if)# ip address <LANIP> <SUBNETMASK> [ex: 10.0.0.1 255.255.255.0]
(config-if)# no shutdown

Generate RSA Keys For SSH


(config)# crypto key generate rsa [note: it is advised to use 2048 or higher]

Enable SSH With Username/Password Authentication


(config)# line vty ? [note: retrieve # of available lines]
(config)# line vty <MIN LINE #> <MAX LINE #> [ex: 0 15]
(config-line)# transport input ssh
(config-line)# login local

Enable Console With Username/Password Authentication


(config)# line con 0
(config-line)# login local
Create Username/Password With Admin Access
(config)# username <USERNAME> secret <PASSWORD>
(config)# username <USERNAME> privilege 15

Verify SSH Is Enabled


# sh ip ssh

Disable Console Logging


(config)# line con 0
(config-line)# logging synchronous

Create VLAN(s) As Necessary (Sub Interfaces)


(config)# int <LANIFACE> [ex: Gi0/1]
(config-if)# int <LANIFACE>.<VLANID> [ex: Gi0/1.10]
(config-if)# encap dot1Q <VLANID> [ex: encap dot1Q 10]
(config-if)# ip address <VLANGATEWAYIP> <SUBNETMASK> [ex: 10.0.10.1 255.255.255.0]

Verify Route(s)
# sh ip route
Cisco Switch Basic Configuration & Cheatsheet
Set Hostname
(config)# hostname <NAME>

Set Default Gateway (Gateway of Last Resort)


(config)# ip default-gateway <ROUTERIP>

Set Domain Name


(config)# ip domain-name <DOMAIN.TLD>

Enable Secret (Encrypted Password)


(config)# enable secret <PASSWORD>

Disable IP Domain Lookup (Prevents translating typos)


(config)# no ip domain-lookup

Set Switch Management IP


(config)# int vlan 1
(config-if)# ip address <MANAGEMENTIP> <SUBNETMASK>
(config-if)# no shut

Generate RSA Keys For SSH


(config)# crypto key generate rsa [note: it is advised to use 2048 or higher]

Enable SSH With Username/Password Authentication


(config)# line vty ? [note: retrieve # of available lines]
(config)# line vty <MIN LINE #> <MAX LINE #> [ex: 0 15]
(config-line)# transport input ssh
(config-line)# login local

Enable Console With Username/Password Authentication


(config)# line con 0
(config-line)# login local

Create Username/Password With Admin Access


(config)# username <USERNAME> secret <PASSWORD>
(config)# username <USERNAME> privilege 15

Verify SSH Is Enabled


# sh ip ssh

Disable Console Logging


(config)# line con 0
(config-line)# logging synchronous
Create and Name VLAN(s)
(config)# vlan <#>
(config-vlan)# name <VLANNAME>

Verify VLAN(s) Were Created and Named


# sh vlan

Add Ports To VLAN(s)


(config)# int <INTERFACE>
(config-if)# switchport mode access
(config-if)# switchport mode access vlan <#>

Set VLAN(s) IP Address


(config)# int vlan <#>
(config)# ip address <VLANIP> <SUBNETMASK> [ex: 10.0.10.2 255.255.255.0]

Configure Trunk To Router


(config)# int <IFACE-CONNECTING-SWITCH-TO-ROUTER>
(config-if)# switchport trunk allowed vlan VLAN#,VLAN#,VLAN# [note: range can also be used]