User mode (Router>)

Privelege mode (Router#)

Config mode (Router(COnfig)#

command: en,conf t

? - help
enable password 123 - set password
no enable pass - disable password
banner motd * welcom - message of the day
no banner motd - remove banner
hostname 1 - router name
show running-config - information
service password-encryption - to not show password publicly.

do show running-config - privelege mode info

line console 0 & password 123 - to set password to console.

interface f0/0 - fast ethernet port

ip address 10.0.0.1 255.0.0.0 - ip
no shutdown - save configuration

copy - save used command

write & reload - will start from where your pc shutdown

copy running-config tftp - send details of router config to server

copy tftp: running-config - to access saved data on server

show vlan - to show vlan ports

int vlan1 - to set vlan ip
ip add 10.0.0.1 255.0.0.0 - to set ip

COnfigure router to remote access Telnet

enable password 123 - password

en
conf t
line vty 0 - 0 means 1 user can get remote access
password 1234 - password

COnfigure router to remote access SSH

en
conf t
enable password 123 - password
ip add 10.0.0.50 255.0.0.0
no shut
ip domain-name r1
crypto key generate rsa
line vty 0
transport input ssh
login local
username r1 password 123

Divide Switch to HR dept can't share data with MR dept

show vlan
vlan database
vlan 2 name hr
exit
conf t vlan 3
name mr
ctr + z
show vlan (2 hr 3 mr will be created)

to show port on hr and mr

conf t
int f0/1
switchport access vlan 2
int f0/2
switchport access vlan 3

Now we have 2 other pc connected to other switch

they have to communicate with their dept
show vlan
vlan database
vlan 2 name hr
exit
conf t vlan 3
name mr
ctr + z
show vlan (2 hr 3 mr will be created)
en
conf t
int f0/1
switchport access vlan 2
int f0/2
switchport access vlan 3

Now connect both switch with cross cable

We have to put both fa/03 port on trunking mode

to communicate same VLAN with different Switch.

goto command line of any switch

conf t
int f0/3
switchport mode trunk

How to delete VLAN

switch# vlan database

no vlan 2

Intervlan

Intern vlan is used to connect two different vlan to each other using cisco switch & router
both vlan have different Network Id & can connect to each other.
Create a router & switch & 2 pc
192.168.0.2
255.255.255.0 1pc ip
192.168.0.1

172.168.0.2
255.255.0.0 2pc ip
172.168.0.1/GW

create 2 vlan in switch hr & mr

and create f0/3 trunk on switch to router

goto router cli

en
conf t
host intervlan
int f0/0
no shutdown
conf t
int f0/0.1
encapsulation dot1Q 2 - (means vlan 2 dot1q intervlan routing protocol allow us to communicate to two
different vlan to communicate with inter communication.)
ip add 192.168.0.1 255.255.255.0
int f0/0.2
encapsulation dot 1Q 3 - means vlan 3
ip add 172.168.0.2 255.255.0.0

types of trunking protocol

we have seen for vlan dept we have to create manually or send 1switch to other
now dynamic vlan

1)Static vlan
In static vlan network administrator can create manual vlan database in network switches.
In a static vlan the network administrator creates a vlan and then assigns switch ports to the LAN.
2)Dynamic Vlan
In Dynamic vlan network administrator can assign dynamic value in single switch and all switches get up
to date vlan database via particular switch.

Dynamic VLAN creation

Will allow to copy settings from 1 Vlan to another so we don’t have to configure every vlan
Note: we need to create one server and one client

Take two switch

Anyone cli
En
Conf t
Vlan 2
Name hr
Vlan 3
Name mr
Int f0/1
Switchport mode trunk
Show vtp status
Conf t
Vtp mode server
vtp domain info.com
Vtp password 123

Goto another switch

En
Conf t
Vtp mode client
Vtp domain info.com
Vtp password 123

Spanning Tree Protocol

Spanning tree is to avoid loop

If you want to make a switch root

En
Conf t
Spanning-tree vlan 1 root primary

Rapid speed spanning tree protocol

Established fast connectivity speed

En
Conf t
Int f0/3
Spanning-tree portfast
Basic routing protocol

Routing means – Process of sending packets from one n/w to another n/w.

Static routing – If you have four routers and they want to send data between them so you have to give
manual entry of each router to do communication between them.
Router connects 2 Lan networks by creating routing table
(On Every router we have to route other 3 router ip)
(manual path decide)
(One to one communication)

Dynamic routing – Dynamic routing uses routing protocol for creating route for data packets, and store
dynamic route in routing table.
it is depending routing. It chooses the best path like bandwidth fast,secure etc.
Router selects the best path to send data.

3 types of dynamic routing

1.Distance vector routing (RIP,RIPv2,IGRP)
2.Link-state routing (OSPF,IS-IS)
3.Hybrid or Advanced routing (EIGRP).

1)Distance Vector Routing:

Each node knows the distance to its directly connected neighnours
A node sends periodically a list of routing updates to its neighbors.
If all nodes update their distances, the routing tables eventually converge.
It works on Bellman ford algorithm: router calculates the route based on distance.

Static route configuration

(ip route) command to check route

Show int s0/0
Router0
En
Conf t
Host r1
Int f0/0
ip add192.168.0.1 255.255.255.0
no shut
int s0/0
clock rate 6400
no shut
ip add 10.0.0.1 255.0.0.0

Router1
En
Conf t
Host r2
Int f0/0
Ip add 172.168.0.1 255.255.0.0
No shut
Int s0/0
Ip add 10.0.0.2 255.0.0.0
No shut
Int s0/1
No shut
Clock rate 64000
No shut
Ip add 11.0.0.2 255.0.0.0
No shut
Router2

En
Conf t
Host r3
Int f0/0
Ip add 110.0.0.1 255.0.0.0
No shut
Int s0/1
Ip add 11.0.0.2 255.0.0.0
No shut

Router 0
En
Conf t
Ip route 172.168.0.0 255.255.0.0 10.0.0.2
Ip route 110.0.0.0 255.0.0.0 11.0.0.02
Ip route 11.0.0.0 255.0.0.0 10.0.0.2
Router 1
En
Conf t
Ip route 192.168.0.0 255.255.255.0 10.0.0.1
Ip route 110.0.0.0 255.0.0.0 11.0.0.02

Router2
En
Conf t
Ip route 192.168.0.0 255.255.255.0 10.0.0.1
Ip route 10.0.0.0 255.0.0.0 11.0.0.1
Ip route 172.168.0.0 255.255.0.0 11.0.0.1

Routing Information protocol

Steps after assigning ip to pc’s
Router 1
En
Conf t
Host r1
Int f0/0
Ip add 192.168.0.1 255.255.255.0
No shut
Int s0/0
Ip add 10.0.0.1 255.0.0.0
Clock rate 64000
No shut
Router rip
Network 10.0.0.0
Net 192.168.0.0

Router 2
En
Conf t
Host r2
Int f0/0
Ip add 172.168.0.1 255.255.0.0
No shut
Int s0/0
Ip add 10.0.0.2 255.0.0.0
No shut
Router rip
Network 10.0.0.0
Net 172.168.0.0
Show ip route (R means rip protocol)

To add rip version 2

Remove first rip
No router rip command on both router
On Router 1
Router rip
Version 2
Net 10.0.0.0
Net 192.168.0.0

On Router 2
Router rip
Version 2
Net 10.0.0.0
Net 172.168.0.0

Configuration of EIGRP

Steps after assigning ip to pc’s

Router 1
En
Conf t
Host r1
Int f0/0
Ip add 192.168.0.1 255.255.255.0
No shut
Int s0/0
Ip add 10.0.0.1 255.0.0.0
Clock rate 64000
No shut
Router eigrp 12
Net 10.0.0.0
Net 192.168.0.0

Router 2
En
Conf t
Host r2
Int f0/0
Ip add 172.168.0.1 255.255.0.0
No shut
Int s0/0
Ip add 10.0.0.2 255.0.0.0
No shut
Router eigrp 12
Net 10.0.0.0
Net 172.168.0.0

Configuration of OSPF
Steps after assigning ip to pc’s
Router 1
En
Conf t
Host r1
Int f0/0
Ip add 192.168.0.1 255.255.255.0
No shut
Int s0/0
Ip add 10.0.0.1 255.0.0.0
Clock rate 64000
No shut
Router ospf 15 (process id)
Network 192.168.0.0 0.0.0.255 area 0
Network 10.0.0.0 0.255.255.255 area 0

Router 1
En
Conf t
Host r1
Int f0/0
Ip add 192.168.0.1 255.255.255.0
No shut
Int s0/0
Ip add 10.0.0.1 255.0.0.0
Clock rate 64000
No shut
Router ospf 15 (process id)
network 172.168.0.0 0.0.255.255 area 0
network 10.0.0.0 0.255.255.255 area 0
ex
show ip route

What is ACL?
ACL is used to filter and manage the traffic with the help of ACL protocol you can block any host,ports
etc.
We can specify a list of Numbered or Named which contains block ip’s or block hostname’s

Named Standard – filter traffic only source side

Named Extended – filter traffic source as well as Destination side

Standard value – 0 to 99 or 1300 to 1999

Extended value – 100 to 199 or 2000 to 2699

s0/0 – for outbount traffic

f0/0 – inbound traffic

Router
En
Conf t
Access-list 90 deny host 172.168.0.20
Access-list 90 permit any
Int s0/0
Ip access-group 90 out
Int f0/0 ip access-group 90 in

To remove ACL
en
Conf t
No access-list 90

Now to block inbound and outbound

router
En
Conf t
Access-list 110 deny ip 172.168.0.20 255.255.0.0 192.168.0.2 255.255.255.0
Access-list 110 permit any any
Int f0/0
Ip access-group 110 in
Int s0/0
Ip access-group 110 out

After this both pc will not be able to communicate with each other.

To remove ACL
en
Conf t
No access-list 110

Named ACL
Router connected with the pc
En
Conf t
Ip access-list standard sikho
Deny host 172.168.0.20
Permit any
Int f0/0
Ip access-group sikho in
Int s0/0
Ip access-group sikho out

Show access-lists
Show ip access list sikho

Network Address Translation

Router 1 configuration after giving ip’s to pc

e1(config)#host r1
r1(config)#int f0/0
r1(config-if)#ip add
r1(config-if)#ip add 192.168.0.1 255.255.255.0
r1(config-if)#no shut
r1(config-if)#int s0/0
r1(config-if)#ip add 10.0.0.1 255.0.0.0
r1(config-if)#no shut

r1(config-if)#clock rate 64000

r1(config-if)#no shut
r1(config-if)#router rip
r1(config-router)#net 10.0.0.0
r1(config-router)#net 192.168.0.0

Router 2 config

Router>en
Router#conf t
Router(config)#host r2
r2(config)#conf t
r2(config)#int f0/0
r2(config-if)#ip add 172.168.0.1 255.255.0.0
r2(config-if)#no shut
r2(config-if)#int s0/0
r2(config-if)#ip add 10.0.0.2 255.0.0.0
r2(config-if)#no shut
r2(config-if)#router rip
r2(config-router)#net 10.0.0.0
r2(config-router)#net 172.168.0.0
 DHCP Server

Router>en
Router#conf t
Router(config)#int f0/0
Router(config-if)#ip addr 10.0.0.1 255.0.0.0
Router(config-if)#no shut
Ctrl + z
Router#conf t
Router(config)#ip dhcp pool sikho
Router(dhcp-config)#network 10.0.0.0 255.0.0.0
Router(dhcp-config)#default-router 10.0.0.1

To exclude particular range

Router(dhcp-config)#exit
Router(config)#ip dhcp excluded-address 10.0.0.2 10.0.0.10
Frame relay
PPP Security
In computer networking Point to Point Protocol is a Data link layer communication protocol between two
routers directly without any host or any other networking in between.

Types PAP & CHAP

PAP Password Authentication Protocol is used by PPP to validate users. Almost all network operation
system remote servers support PAP.
It can be weak authentication.

CHAP Challenge Handshake Authentication Protocol

Used by Point to point protocol server to validate the identity of remote clients. CHAP periodically
verifies the identity of the client by using three way handshake.

CHAP Configuration
Router 1
Router>en
Router#conf t
Router(config)#host r1
r1(config)#int f0/0
r1(config-if)#ip add 192.168.0.1 255.255.255.0
r1(config-if)#no shut
r1(config-if)#int s0/0
r1(config-if)#ip add 12.0.0.1 255.0.0.0
r1(config-if)#no shut
r1(config-if)#clock rate 64000
r1(config-if)#int s0/0
r1(config-if)#encapsulation ppp
r1(config-if)#enable password 123
r1(config)#username r1 password 123
r1(config)#int s0/0
r1(config-if)#encapsulation ppp
r1(config-if)#ppp authentication chap
r1(config-if)#username r2 password 123
r1(config)#router rip
r1(config-router)#network 12.0.0.0
r1(config-router)#network 192.168.0.0

Router2
Router>en
Router#conf t
Router(config)#host r2
R2(config)#int f0/0
R2(config-if)#ip add 172.168.0.1 255.255.0.0
R2(config-if)#no shut
R2(config-if)#int s0/0
R2(config-if)#ip add 12.0.0.2 255.0.0.0
R2(config-if)#no shut
R2(config-if)#int s0/0
R2(config-if)#encapsulation ppp
R2(config-if)#enable password 123
R2(config-if)#ppp authentication chap
r1(config-if)#username r1 password 123
r2(config)#router rip
r2(config-router)#network 12.0.0.0
r2(config-router)#network 172.168.0.0

PAP COnFIGURATION

Router 1
En
Conf t
Host r1
Enable password 123
Username r2 password 123
Int f0/0
Ip add 192.168.0.1 255.255.255.0
No shut
Int s0/0
Ip add 12.0.0.1 255.0.0.0
Clock rate 64000
No shut
Encapsulation ppp
Ppp authentication pap
Ppp pap sent-username r1 password 123
Router rip
Network 12.0.0.0
Network 192.168.0.0

Router 2
En
Conf t
Host r1
Enable password 123
Username r1 password 123
Int f0/0
Ip add 172.168.0.1 255.255.0.0
No shut
Int s0/0
Ip add 12.0.0.2 255.0.0.0
No shut
Encapsulation ppp
Ppp authentication pap
Ppp pap sent-username r2 password 123
Router rip
Network 12.0.0.0
Network 172.168.0.0

Troubleshooting
show int s0/0