Tuesday, November 26, 2013

CCNA Commands|CISCO Router Configuration Command



ccna commands
CCNA Commands is very important knowledge for installing, configuring, operating and troubleshooting CISCO router.

CCNA (Cisco Certified Network Associate) is a certification from Cisco. CCNA certification is a first-level Cisco Career certification. CCNA certification  certify the capacity to install, configure, operate, and troubleshoot medium-size routed and switched networks, including implementation and verification of connections to remote sites in a WAN.

 The following CCNA Commands is very essential for Cisco router configuration.




Mode       

      Definition
UserEXEC mode                                  Router>     
Limited to basic monitoring commands                     
Privileged EXEC mode        Router#        
Provides access to all other router com-mands            
Global configuration mode     
Router(config)#      
Commands that affect the entire system         
Specific configuration modes   
Router(config-subif)#
Commands that affect interfaces,sub-interfaces, routing processes, or lines only                           

 Moving Between Modes:


Mode       

Definition
Router>enable                                       

Changes from user EXEC to privileged EXEC mode
Router#disable                                      

Changes from user EXEC to privileged EXEC mode
Router#config                                       

Term Changes to global configuration mode from privileged mode
Router(config)#exit                                

Exits from any configuration mode to privileged mode (Ctrl+Z is  also commonly used)
Router(config)#interface <int>               

Enters interface configuration mode from global configuration  mode
Router(config)#interface <subint>          

Enters subinterface configuration mode from global configuration mode
Router(config)#line <line>                      

Enters line configuration mode from global  configuration mode 
Router(config)#router eigrp 1                 

Enters router configuration mode from global configuration mode




Mode       

      Definition
Ctrl+P or Up arrow

Shows last command entered
Ctrl+N or Down arrow

Shows previous commands entered |show history Shows last 10  commands entered by default| Shows terminal configurations and history buffer size terminal history size |Changes buffer size (the maximum is 256)
Ctrl+A

Moves your cursor to the beginning of the line
Ctrl+E            

Moves your cursor to the end of the line
Esc+B            

Moves back one word
Ctrl+B

Moves back one character
Ctrl+F            

Moves forward one character
Ctrl+D            

Deletes a single character
Backspace

Deletes a single character
Ctrl+R

Redisplays a line
Ctrl+U

Erases a line
Ctrl+W

Erases a word
Ctrl+Z            

Ends configuration mode and returns to EXEC mode Tab Finishes typing a command for you
Tab     

Finishes typing a command for you
Router#?

Shows all available commands
Router#c?

Shows all available commands beginning with the letter c
Router#clock ?

Shows all available options for the clock command


To set Date and Time

Router#clock set 16:45:00 12 jul 2011



Pipe Commands   

      Command Meaning
Router#sh running-config | ?

Shows the options for the pipe com-mand.  These include the  ability to begin, include, exclude, and so on.
Router#sh run | begin interface                 

Shows the running configuration, beginning at the interface configurations
Router#sh ip route | include 192.168.3.32


Shows all entries in the IP routing table that include the IP address  92.168.3.32.

Set Up  Host Name
Router(config)#hostname SpeedDatabase

Banners 



Command   

Meaning
Router(config)#banner motd #              

Enters a banner MOTD message and ends the message  with the # character
Router(config)#banner exec #               

Enters a banner exec message and ends the message with the #  character
Router(config)#banner incoming #         

Enters a banner incoming message and ends the mes-sage with the # character
Router(config)#banner login #    

Enters a banner login message and ends the message with the # character
  


MOTD banner The MOTD banner will be displayed whenever anyone attaches to the
router, regardless of how they access the router.

Exec banner You can configure a line activation (exec) banner to be displayed when an
EXEC process (such as a line activation or incoming connection to a VTY line) is created. By
simply starting a user exec session through a console port, you’ll activate the exec banner.


Incoming banner You can configure a banner to be displayed on terminals connected to reverse
Telnet lines. This banner is useful for providing instructions to users who use reverse Telnet.

Login banner You can configure a login banner to be displayed on all connected terminals.
This banner is displayed after the MOTD banner but before the login prompts. The login
banner can’t be disabled on a per-line basis, so to globally disable it, you have to delete it with
the no banner login command.
  

Passwords



Setting Password

Command Meaning
Todd(config)#enable password todd                

Sets the enable password to Todd
Todd(config)#enable secret todd                      

Sets the enable secret password to Todd. Supersedes the enable password.
Todd(config)#line                                             

line Changes to line mode to configure the console, aux, and VTY (Telnet).
Todd(config-line)#password                             

password The line password for aux, console, and VTY   Telnet) are all set in line configuration mode
                                                           (When a line is configured to use a password, the login command must be set to prompt or login.)
Todd(config)#service  password-encryption

Encrypts the passwords in the clear-text configuration file (both running-config and startup-config).





Setting Password

Console
SpeedDatabase>en
SpeedDatabase#config t
SpeedDatabase(config)#line console ?
  <0-0>  First Line number
SpeedDatabase(config)#line console 0
SpeedDatabase(config-line)#password speed
SpeedDatabase(config-line)#login
SpeedDatabase(config-line)#exit

Telnet
SpeedDatabase(config)#line vty 0?
<0-15> 
SpeedDatabase(config)#line vty 0 15
SpeedDatabase(config-line)#password speed
SpeedDatabase(config-line)#login
SpeedDatabase(config-line)#exit


 Enable
SpeedDatabase(config)#enable password speed

Secret
SpeedDatabase(config)#enable secret database

Note: secrect password will  Supersedes the enable password

Password Encription

SpeedDatabase(config)#service password-encryption

Password Description

SpeedDatabase(config)#no service password-encryption

To save configuration

SpeedDatabase(config)#exit
SpeedDatabase#wr
Building configuration...
[OK]


Setting Exec Timeout
SpeedDatabase(config-line)#exec-timeout ?
  <0-35791>  Timeout in minutes
SpeedDatabase(config-line)#exec-timeout 0 ?
  <0-2147483>  Timeout in seconds
  <cr>
SpeedDatabase(config-line)#exec-timeout 0 100
SpeedDatabase(config-line)#exec-timeout 0 ?
  <0-2147483>  Timeout in seconds
  <cr>
SpeedDatabase(config-line)#exec-timeout 0 100
SpeedDatabase(config-line)#logging synchronous

Setting Up Secure Shell (SSH)

Instead of Telnet, you can use Secure Shell, which creates a more secure session than the Telnet
application that uses an unencrypted data stream. SSH uses encrypted keys to send data so that
your username and password are not sent in the clear. Table 1.9 lists the commands.



Command

Meaning
ip domain-name Lammle.com            

Sets your domain name. You must set this. 
crypto key generate rsa

                                                           Sets the size of the key up to 2048.
ip ssh authentication-retries               

Sets the max failed attempts up to 120
line vty first-line last_line                  

Chooses your VTY lines to config







Tells the router to use SSH and then Telnet. You do not need the telnet command at the end of the line, but if you don’t use it, only SSH will work on the router.

Setting Up Secure Shell (SSH)
  1. Set hostnameSpeedDatabase(config)#hostname speeddatabase

  1. Set domain NameSpeedDatabase(config)#ip domain-name speeddatabase.com

  1. Generate keysspeeddatabase(config)#crypto key generate rsa
The name for the keys will be: speeddatabase.speeddatabase.com
Choose the size of the key modulus in the range of 360 to 2048 for your
  General Purpose Keys. Choosing a key modulus greater than 512 may take
  a few minutes.

How many bits in the modulus [512]:2048
  1. Set the maximam idle timer for an SSH sessionspeeddatabase(config)#ip ssh time-out ?
  <1-120>  SSH time-out interval (secs)
  speeddatabase(config)#ip ssh time-out 120
  1. Set the maximum failed attemps for an SSH connectionspeeddatabase(config)#ip ssh authentication-retries ?
  <0-5>  Number of authentication retries
  speeddatabase(config)#ip ssh authentication-retries 3
  1. Connect to VTY lines of the routerspeeddatabase(config)#line vty 0 15
  1. Configure ssh and then tel net as access protocolsspeeddatabase(config-line)#transport input ssh
    speeddatabase(config-line)#transport input telnet
If you do not use the keyword telnet at the end of the command string, then only SSH will
work on the router. I suggest that you use just SSH if at all possible. Telnet is just too insecure
for today’s networks.


Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)