CISCO CCNA CHEAT SHEET PORTS 0 - 1023 Well Known 1024 - 49151 Registered 49152 - 65535 Private/Dynamic Utilities

stop looking for commands outside CMD: no ip domain lookup name the device CMD: hostname [device_name] describe the interface CMD: interface fa0/0 description [interface_desc] Password enable password (not encripted, visible) service password-encryption (type 7) enable secret (encripted, type 5 - MD5) Before Using Device CMD: erase startup-config CMD: erase flash: vlan.dat (switch only) CMD: reload Lost Password connect to console show version (check register) (turn off and on device) ctrl+break when booting (rommonitor) show version (0x2102) confreg 0x2142 en copy start run enable secret [mypwd] line console 0 password [mypwd] copy run start confreg 0x2102 reload Banners banner login &my_phrase& banner motd &my_phrase& Break trying unexistent command Translating "sdf"...domain server (255.255.255.255) Ctrl+shift+6+x % Name lookup aborted Switch# Debug no debug all debug rip service timestamps Domain-colision breaking SWITCH Broadcast-colision breaking ROUTER Set hostnames for quick remoting ip host router_portugal 192.168.0.1 Copper Cable Crossover Connects same layer devices (pc-pc, pc-router) Straight Connects different layer devices (router-switch) Rollover (RJ45 + RS232) Connects to a device's console port Media Copper Cable (cross talk issues, distance QoS loss) Optic Fiber COMMON PORTS 20, 21 FTP 23 Telnet 25 SMTP 69 TFTP 80 HTTP 110 POP3 143 IMAP4 443 HTTP + SSL 465 SMTP + SSL 1863 MSN 989-990 FTP + SSL 993 IMAP4 + SSL 995 POP3 + SSL SSH hostname R1 ip domain-name cisco.com crypto-key gererate rsa username student secret cisco line vty 0 4 no transport input exec-timeout 3 transport input ssh login local exit service tcp-keepalives-in ip ssh time-out 15 ip ssh authentication retries 2 IP ADDRESSES Private IP Addresses Class A 10.0.0.0 to 10.255.255.255 Class B 172.16.0.0 to 172.31.255.255 Class C 192.168.0.0 to 192.168.255.255 Classes A) 1.0.0.0 to 127.0.0.0 B) 127.0.0.0 to 191.255.0.0 C) 192.0.0.0 to 223.255.255.254 D) 224.0.0.0 to 239.255.255.255 E) 240.0.0.0 to 247.255.255.254 Hierarchical Network Access Layer Port Security VLANs Fast Ethernet/Gigabit Ethernet PoE Link Aggregation QoS Distribution Layer Layer 3 Support High Forwarding Rate Gigabit/10 Gigabit Ethernet Redundant Components Security Policies/ACLs Link Aggregation QoS Core Layer Layer 3 Support Very High Forwarding Rate Gigabit/10 Gigabit Ethernet Redundant Components Link Aggregation QoS SWITCHES BOOT SEQUENCE NVRAM BOOT LOADER CPU POST FLASH LOAD IOS Port Security Protect Restrict Shutdown CMD: switchport port-security [protect | shutdown | restrict] switchport port-security mac-address sticky (only first aquired address will be enabled) switchport port-security maximum 1 (only 1 address, cafeful, could be router) Port Mode switchport mode [mode] Access Trunk: Encapsulation ISL (Cisco) or 802.1Q (open standard) Dynamic CMD: switchport mode [access | trunk | dynamic] DTP - Dynamic Trunking Procotol switchport mode dynamic [mode] Auto (looks for trunk or desirable modes) Desirable (looks for trunk, auto, or desirable mode on the other end) VLAN Default (Non-deletable) 1 1002-1005 Configurable 2-1001 CMD: show vlan brief CMD: vlan [#] //creates the vlan name CMD: interface vlan [#] ip address [ip] [mask] VTP (forwarding of VLAN information) Mode Client Server Transparent (just transfers updates) Version, domain and revision should be equal on client and server routers CDP (Neighboring Cisco Devices) show cdp neighbours Spanning-Tree (prevent layer 2 loops) Max Age: 20 secs. BPDU max wait time from current root bridge Hello: 2/2 secs. Sending of BPDUs Forward Delay:Listening/Forwarding state duration Spanning-Tree Ports EDGE - End Users. Faster. Spanning-Tree Variants RST RPT+PVLST Spanning-Tree States Learning +BPDU + MAC - DATA Forwarding + BPDU + MAC + DATA Blocking - BPDU - MAC - DATA Listening + BPDU - MAC - DATA Discarding (RST) Spanning-Tree Neightbours "2" Designated On-Site "2" ROOT directly connected "2" Designated On-Site on the first neighbors "1" Designated, 1 Non-Designated Note: Assuming 1 bridge, two inter routers, 1 end router Fernando Duarte @ 2010 ROUTERS BOOT IOS FIND SEQUENCE NVRAM FLASH TFTP SERVER ROM BOOT ORDER POST Bootstrap NVRAM (register) NVRAM (startup config) No IOS: try Flash, TFTP, ROM Automatic security CMD: auto secure Routing Protocols Dynamic (define self-routes) OSPF router ospf 1 network 10.11.15.0 0.0.0.127 area 0 EIGRP router eigrp 205 RIP router rip version 2 redistribute eigrp 205 metric 1 passive-interface default (best practice) no passive-interface Serial0/3/1 network 192.168.3.0 default-information originate no auto-summary Static Routing (define destination routes) ip route 20.21.22.0 255.255.254.0 100.10.1.6 200 (cost should be higher than routing protocol cost if we want to use the link as backup) WAN PROTOCOLS WAN DATA LINK PROTOCOLS HDLC (CISCO) (Dedicated PPP) PPP (Dedicated PPP) X.25 (Packet Switched) Frame Relay (Packet Switched) ATM (Packet Switched) ISDN (Circuit Switched) WAN ENCAPSULATION PROTOCOLS HDLC (CISCO) PPP SLIP X.25 Frame Relay ATM Access Lists * Standard 1-99 1300-1999 CMD: access-list 1 permit 192.168.10.13 Extended 100-199 2000-2699 Complex Lock & Key Relexive (apenas com extended named IP ACLs) Time Based (~ happy hour) Named Uppercase names Alfanumeric characters in name Must start with a letter Musn't contain white spaces Can be edited (no erase and notepad) CMD: ip access-list [standard|extended] MY_ACL * Uses wildcard mask Actions permit (allow packets) deny (block packets) remark (add comment to running config) evaluate (check reflexive ACL) TCP/UDP Port Definitions eq [port] lt [port] neq [port] gt [port] range [port] [port]