4. Router config files
Last edited March 19, 2009
More by KHobbits »
Standard Configs

Router config for isp
enable
conf t
hostname ISP
no ip domain-lookup
enable secret cisco
banner motd #No access you!#
line c 0
password class
login
no exec-timeout
exit
line vty 0 4
password cisco
login
exit
int lo0
ip add 12.0.0.1 255.255.255.0
no shutdown
exit
int s0/1
ip add 200.1.1.9 255.255.255.252
no shutdown
clock rate 64000
exit

ip route 31.0.0.0 255.255.255.0 200.1.1.10
ip route 84.0.0.0 255.255.255.0 200.1.1.10
ip route 11.0.0.0 255.255.255.0 200.1.1.10
exit

show cdp neighbors
show ip int b
show ip route
Router config for fa leaf, with 3 loop back
enable
conf t
hostname Bart
no ip domain-lookup
enable secret cisco
banner motd #No access you!#
line c 0
password class
login
no exec-timeout
exit
line vty 0 4
password cisco
login
exit
int lo0
ip add 123.0.2.17 255.255.255.240
no shutdown
exit
int lo1
ip add 123.0.2.33 255.255.255.240
no shutdown
exit
int lo2
ip add 123.0.2.49 255.255.255.240
no shutdown
exit
int fa0/0
ip add 123.0.2.113 255.255.255.240
no shutdown
exit

<see routing protocol>

exit
show cdp neighbors
show ip eigrp neighbors
show ip int b
show ip route
router config for 2loop 1fa leaf and a serial
enable
conf t
hostname Betelgeuse
no ip domain-lookup
enable secret cisco
banner motd #No access you!#
line c 0
password class
login
no exec-timeout
exit
line vty 0 4
password cisco
login
exit
int lo0
ip add 192.168.30.97 255.255.255.240
no shutdown
exit
int lo1
ip add 192.168.30.113 255.255.255.240
no shutdown
exit
int fa0/0
ip add 192.168.30.19 255.255.255.240
no shutdown
exit
int s0/1
ip add 10.0.0.5 255.255.255.252
clock rate 56000
no shutdown
exit

ip route 192.168.1.0 255.255.255.0 10.0.0.6
ip route 172.16.0.0 255.255.0.0 10.0.0.6

<see routing protocol>

exit
show cdp neighbors
show ip int b
show ip route
router config for 2serial and NAT
en
conf t
hostname Border
no ip domain-lookup
enable secret cisco
banner motd #Access Denied#
line c 0
password class
login
no exec-timeout
exit
line vty 0 4
password cisco
login
exit

int s0/0
ip add 198.1.1.2 255.255.255.0
clockrate 56000
no shutdown
exit

int s0/1
ip add 192.168.1.1 255.255.255.0
no shutdown
ip nat inside
exit

router ospf 100
network 192.168.1.0 0.0.0.255 area 0
network 192.168.2.0 0.0.0.255 area 0
default-information originate
exit

int s0/0
ip nat outside
exit

ip nat pool border 198.1.1.0 198.1.1.15 netmask 255.255.255.0
ip nat inside source list 1 pool border overload
access-list 1 permit 192.168.0.0 0.0.255.255

ip route 0.0.0.0 0.0.0.0 s0/0
exit
VLAN Configs

router on a stick
enable
conf t
hostname Rob
no ip domain-lookup
enable secret cisco
banner motd #No access you!#
line c 0
password class
login
no exec-timeout
exit

int fa0/0.10
encap dot1q 10
ip add 192.168.10.1 255.255.255.0
exit

int fa0/0.20
encap dot1q 20
ip add 192.168.20.1 255.255.255.0
exit

int fa0/0
no shutdown
exit
exit

show ip int b
show ip route
Routing protocol

RIPv2 
router rip
version 2
network 192.168.30.0
redist static
no auto
exit
RIPv2 - Share default routes
router rip
redist static
exit
EIGRP
router eigrp 200
no auto-summary
network <ip subnet>
network 123.0.2.0
redist static
exit
OSPF 
router ospf 100
network <ip subnet> <wildcard mask> area 0
network 192.168.10.0 0.0.0.255 area 0
network 192.168.20.0 0.0.0.255 area 0
default-information originate
exit
OSPF - Priority (Setting priority on routers)
int fa0/0
ip opsf priority 0
ip address...
no shutdown
exit
Nat

Inside NAT 
int s0/0
<ip address config ect>
ip nat inside
exit

...repeat above for each internal interface...

int s0/1
ip nat outside
exit

ip nat pool <pool name> <start ip> <end ip> netmask <subnet mask (eg 255.2555.255.0)>
ip nat inside source list 1 pool <pool name> overload
access-list 1 permit <ip subnet> <wild card mask (eg 0.0.255.255)>
Inside NAT Example 
int s0/0
ip address 192.168.0.10 255.255.255.0
no shutdown
ip nat inside
exit

int s0/1
ip nat outside
exit

ip nat pool cisco 195.6.6.1 195.6.6.15 netmask 255.255.255.0
ip nat inside source list 1 pool cisco overload
access-list 1 permit 192.168.0.0 0.0.255.255
Inside Static NAT 
int s0/0
<ip address config ect>
ip nat inside
exit

ip nat inside source static <inside ip> <outside ip>
Outside Static NAT
ip nat outside source static <inside ip> <outside ip>
Help commands 
show access-lists
show ip nat trans

Clear ip nat trans *
DHCP

DHCP Server 
conf t
ip dhcp pool cisco
network <ip subnet (eg 192.168.2.0)> <subnet mask (eg 255.255.255.0)>
default-router <router ip (eg 192.168.2.1)>
exit
ip dhcp excluded-address <router ip (eg 192.168.2.1)>
IP Helper (External DHCP)
Router1
conf t
ip dhcp pool border
network <ip subnet (eg 192.168.2.0)> <subnet mask (eg 255.255.255.0)>
default-router <router ip (eg 192.168.2.1)>
exit
ip dhcp pool internal
network <ip subnet (eg 192.168.4.0)> <subnet mask>
default-router <router ip (eg 192.168.4.1)>
exit
ip dhcp excluded-address <router ip1 (eg 192.168.2.1)>
ip dhcp excluded-address <router ip2>

Router2
conf t
int fa0/0
ip helper-address <ip of router1, interface closest to router2 (eg 192.168.3.1)
exit
Help Commands
show ip dhcp binding
debug ip dhcp server events
PPP

PPP encapsulation 
int s0/0
encapsulation ppp
PPP with pap 
(This assumes the interface already has an ip and no shut)

username <Router2> password <password (eg cisco)>
int s0/0
encapsulation ppp
ppp authentication pap
ppp pap sent-username <Router1> password <password (eg cisco)>
exit
PPP with chap
(This assumes the interface already has an ip and no shut)

username Router2 password cisco
int s0/0
encapsulation ppp
ppp authentication chap
exit
Disable PPP
int s0/0
encapsulation hdlc
exit
Help commands
ppp auth chap pap - fall back to pap
debug ppp neg
debug ppp auth
Frame Relay

frame relay ip address encapsulation
int s0/0
ip address <local ip> <subnet mask>
encapsulation frame-relay

frame-relay map ip <remote ip> <dlci number> broadcast
frame-relay map ip <remote ip2> <dlci number>

..repeat for any other ip's that need access..

frame-relay lmi-type ansi
cdp enable    (highlights layer 3 problems)
no shutdown
exit
Point to point links example
int s0/0
no ip address
encapsulation frame-relay
no shutdown
exit

int s0/0.16 point-to-point
desc link to ammas cars
ip address 192.1.1.1 255.255.255.0
frame-relay interface-dlci 16
ppp auth chap
exit

int s0/0.17 point-to-point
desc link to bills shop
ip address 192.1.2.1 255.255.255.0
frame-relay interface-dlci 17
ppp auth chap
exit

int s0/0.18 point-to-point
desc link to freds bank
ip address 192.1.3.1 255.255.255.0
frame-relay interface-dlci 18
ppp auth chap
exit
Help commands
show frame-relay:
- active means theres no errors
- inactive means the error is on the other end
- deleted means error is on this end

show frame-relay route
show frame-relay pvc <dlci number>
show frame-relay map
Access list

ext
conf t

access-list 101 permit icmp host 192.168.30.18 172.16.0.0 0.0.255.255
access-list 101 deny icmp any 172.16.0.0 0.0.255.255
access-list 101 permit ip any any

int s0/1
ip access-group 101 out
exit
exit
The content on this page is provided by a Google Notebook user, and Google assumes no responsibility for this content.