Password encryption

Rapid PVST+
Configure hostnames
Telnet
SSH
Ping
Banner motd
Use a TFTP and Syslog server
Switchport security
VTP
VLANs
STP primary and secondary bridge
EtherChannel
Router-on-a-Stick
DHCP for IPv4
Multi-Area OSPF for IPv4
NAT with a standard ACL
PPP with CHAP

::::::::::BASE SWITCH CONFIG:::::::::::::::::::

hostname HOST_NAME
service password-encryption
spanning-tree mode rapid
enable secret XXXXX
username USERNAME secret XXXXX
no ip domain-lookup
ip domain-name NAME.COM
ip default-gateway #.#.#.#
crypto key generate rsa
1024 (at least)
ip ssh version 2
banner motd .
MOTD_BANNER.

interface vlan 1
ip address #.#.#.# #.#.#.#
no shut
exit

line con 0
password XXXXX
login
logging sync
exec-timeout 120
exit

line vty 0 4
password XXXXX
login
logging sync
exec-timeout 120
exit

line vty 5 15
transport input all
login local
logging sync
exec-timeout 120
exit

sh run

::::::::::PORT SECURITY::::::::::::::::::::::::

interface INT#/#
switchport port-security mac-address (#.#.# | sticky)
switchport port-security maximum (#)
switchport port-security violation (protect | restrirct | shutdown)
switchport port-security
exit

sh port-security
sh port-security interface INTERFACE #/#

::::::::::VTP::::::::::::::::::::::::::::::::::

vtp domain DOMAIN

vtp mode (client | server | tranparent)
vtp password PASSWORD
vtp version (1 | 2)
exit

sh vtp status

::::::::::VLANs & TRUNKS:::::::::::::::::::::::

vlan ###
vlan name NAME
exit

sh vlan brief

interface vlan ###

ip address #.#.#.#.#.#.#.#
no shut
exit

interface INT#/#
switchport mode access
switchport access vlan (#)
exit

sh ip interface brief

interface INT#/#
switchport mode trunk
switchport trunk allowed vlan (#,#)
exit

sh interface trunk

::::::::::ROUTER-ON-A-STICK::::::::::::::::::::

interface INT#/#.###
encapsulation dot1Q ###
ip address #.#.#.# #.#.#.#
no shut
exit

sh ip interface brief

::::::::::DHCP:::::::::::::::::::::::::::::::::

ip dhcp excluded list #.#.#.# #.#.#.#

ip dhcp pool POOL_NAME
default-router #.#.#.#
domain-name DOMAIN.COM
network #.#.#.# #.#.#.#
exit

sh ip dhcp binding
sh ip dhcp conflict
sh ip dhcp pool
sh ip dhcp relay

::::::::::OSPF:::::::::::::::::::::::::::::::::

router ospf PROCESS_ID_#

router-id #.#.#.#
passive-interface default
no passive-interface INT#/#.#
network #.#.#.# 0.0.0.0 area # |OR| network #.#.#.# WI.LD.CA.RD area #
redistribute static | OR | default-information originate (for gateway)

sh ip ospf
sh ip ospf neighbor
sh ip protocols
exit

::::::::::ACCESS-LISTS:::::::::::::::::::::::::

access-list ## (PERMIT | DENY) (#.#.#.# | any | host)

interface INT#/#.#
ip access-group ### (IN | OUT)

sh access-lists

::::::::::NAT::::::::::::::::::::::::::::::::::

INT#/#.# (inside interface)

ip nat inside
exit

INT#/#.# (outside interface)

ip nat outside
exit

ip access-list standard NAT_POOL_NAME

permit #.#.#.# WI.LD.CA.RD
exit

(optional) ip nat pool POOL_NAME L.O.W.IP H.I.G.H netmask #.#.#.#

(optional) ip nat inside source static tcp #.#.#.# P# #.#.#.# P#

ip nat inside source list NAT_POOL_NAME (interface INT#/#.# | pool POOL_NAME)

overload
exit

sh ip nat translation

::::::::::NAT POOL w/ STATIC NAT:::::::::::::::

ip nat outside
ip nat inside

ip access-list standard NAT

permit #.#.#.# W.I.L.D

ip nat inside source list NAT interface INT#/#.# overload

ip nat inside source static tcp #.#.#.# P# #.#.#.# P#

::::::::::ETHERCHANNEL:::::::::::::::::::::::::

speed
duplex
vlans
trunk
e
channel-group # mode (active | auto |desirable | on | passive)

sh etherchannel summary

::::::::::SYSLOG:::::::::::::::::::::::::::::::

service timestamps log datetime msec

logging host #.#.#.#

::::::::::PPP CHAP:::::::::::::::::::::::::::::

username USERNAME secret PASSWORD (for use by other router)

int SERIAL #/#

encapsulation ppp
ppp authentication chap

:::::::::::::::::::::::::::::::::::::::::::::::