Cisco
From Whats notepad
Contents |
[edit] Recuperar password
- connectar el cable de corrent tot apretant el botó mode
- Escriure flash_init per poder accedir a la flash
- Escriure load_helper
- dir flash:
- rename flash:config.text flash:config.old
- boot
- Type n to skip the initial setup configuration
- Type enable
- Type rename flash:config.old flash:config.txt
- copy flash:config.text system:running-config
- config t
- enable secret <password>
- write memory
[edit] Varis
Entrar en mode administració
enable
Entrar en mode administració avançada
configure terminal
Establir un password
enable secret <password>
Consultar interfícies
Router#show ip interface brief Interface IP-Address OK? Method Status Protocol Ethernet0 unassigned YES unset administratively down down ATM0 unassigned YES unset administratively down down
Configurar una interfície
Router(config)#interface Ethernet0/0 Router(config-if)#no shutdown
Guardar configuració
Router#copy running-config startup-config Destination filename [startup-config]? Building configuration... [OK]
Veure la versió de l'ios
Router#show version
Activar nat
ip nat inside source static (TCP/UDP) (IP LOCAL DEL EQUIPO) (PUERTO) (IP PUBLICA) (PUERTO)
Per borrar una entrada
(escriure el mateix amb un no debant) no ip nat inside source static (TCP/UDP) (IP LOCAL DEL EQUIPO) (PUERTO) (IP PUBLICA) (PUERTO)
[edit] Exemple de configuració router ADSL
ktJmb93R no service pad service password-encryption ! hostname (nombre del router) ! enable secret (password del enable) ! ! ! ! ! ip subnet-zero no ip domain-lookup ! ! ! ! ! ! interface Ethernet0 ip address (IP de la red) (mascara de la red) ip nat inside no ip mroute-cache no cdp enable interface ATM0 no ip address no ip route-cache no ip mroute-cache no atm auto-configuration no atm ilmi-keepalive no atm address-registration no atm ilmi-enable bundle-enable dsl operating-mode auto hold-queue 208 in ! interface ATM0.1 point-to-point ip address (ip que te da el proveedor) (mascara) ip nat outside no ip route-cache no ip mroute-cache pvc 8/32 encapsulation aal5snap ! ! ip nat inside source list 101 interface ATM0.1 overload ip classless ip route 0.0.0.0 0.0.0.0 ATM0.1 no ip http server
[edit] Exemple 2
Router>enable Router#conf t Router#line vty 0 4 Router#password clave_que_quieras Router#login
!version 12.3 no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption service sequence-numbers ! hostname cisco ! boot-start-marker boot-end-marker ! logging buffered 51200 debugging logging console critical enable secret 5 $1$ACS9$lZLhCBT0pgJcq7lnILdLo1 ! username cisco837 privilege 15 secret 5 $1$6Jyk$DoKKX.Tgg34p0c/p.ukNS. clock timezone PCTime 1 clock summer-time PCTime date Mar 30 2003 2:00 Oct 26 2003 3:00 no aaa new-model ip subnet-zero no ip source-route ip tcp synwait-time 10 ip domain name cisco.com ip name-server XX.XX.XX.XX ip name-server XX.XX.XX.XX ip dhcp excluded-address XX.XX.XX.XX ! ip dhcp pool sdm-pool1 import all network XXX.XX.XX.XX 255.255.255.0 dns-server XX.XX.XX.XX XX.XX.XX.XX. default-router XX.XX.XX.XX. ! ! no ip bootp server ip cef ip inspect name DEFAULT100 cuseeme ip inspect name DEFAULT100 ftp ip inspect name DEFAULT100 h323 ip inspect name DEFAULT100 netshow ip inspect name DEFAULT100 rcmd ip inspect name DEFAULT100 realaudio ip inspect name DEFAULT100 rtsp ip inspect name DEFAULT100 smtp ip inspect name DEFAULT100 sqlnet ip inspect name DEFAULT100 streamworks ip inspect name DEFAULT100 tftp ip inspect name DEFAULT100 tcp ip inspect name DEFAULT100 udp ip inspect name DEFAULT100 vdolive ip inspect name DEFAULT100 icmp ip audit notify log ip audit po max-events 100 ip ssh time-out 60 ip ssh authentication-retries 2 no ftp-server write-enable ! ! ! no crypto isakmp enable ! ! ! ! interface Ethernet0 description $FW_INSIDE$$ETH-LAN$$INTF-INFO-Ethernet 10/100$ ip address XX.XX.XX.XX XXX.XXX.XXX.X ip access-group 100 in no ip redirects no ip unreachables no ip proxy-arp ip nat inside ip route-cache flow hold-queue 100 out ! interface ATM0 no ip address no ip redirects no ip unreachables no ip proxy-arp ip route-cache flow no atm ilmi-keepalive dsl operating-mode auto ! interface ATM0.3 point-to-point ip address XX.XX.XX.XX XXX.XXX.XXX.X ip nat outside pvc 8/32 encapsulation aal5snap ! ! ip nat inside source list 1 interface ATM0.3 overload ip classless ip route 0.0.0.0 0.0.0.0 80.36.153.1 ip http server ip http authentication local ip http secure-server ! ! logging trap debugging access-list 1 remark INSIDE_IF=Ethernet0 access-list 1 remark SDM_ACL Category=2 access-list 1 permit XXX.XX.XX.0 0.0.0.255 access-list 100 remark auto generated by SDM firewall configuration access-list 100 remark SDM_ACL Category=1 access-list 100 deny ip XX.XX.XX.0 0.0.0.255 any access-list 100 deny ip host 255.255.255.255 any access-list 100 deny ip XXX.0.0.0 0.255.255.255 any access-list 100 permit ip any any access-list 101 remark auto generated by SDM firewall configuration access-list 101 remark SDM_ACL Category=1 access-list 101 deny ip XXX.XX.XX.0 0.0.0.255 any access-list 101 permit icmp any host XX.XX.XX.XX echo-reply access-list 101 permit icmp any host XX.XX.XX.XX time-exceeded access-list 101 permit icmp any host XX.XX.XX.XX unreachable access-list 101 deny ip XX.XX.XX.XX.255.255.255 any access-list 101 deny ip XX.XX.XX.XX.XX..255.255 any access-list 101 deny ip XX.XX.XXX.0.0 0.0.255.255 any access-list 101 deny ip XX.XX.XXX..255.255.255 any access-list 101 deny ip host XXX.XXX.XXX.XXX. any access-list 101 deny ip host 0.0.0.0 any access-list 101 deny ip any any no cdp run ! control-plane ! banner login ^CAuthorized access only! Disconnect IMMEDIATELY if you are not an authorized user!^C ! line con 0 login local no modem enable transport preferred all transport output telnet line aux 0 login local transport preferred all transport output telnet line vty 0 4 privilege level 15 login local transport preferred all transport input telnet ssh transport output all ! scheduler max-task-time 5000 scheduler interval 500 ! end
