熟练掌握cisco 3550的常用配置命令
设置设备的标示名,一般按设备型号+物理位置+管理IP地址
command:(config)#hostname machine_name
查看设备系统版本和信息
show version
show boot
show flash:
sh cpu
配置登录的用户名和密码
username Cisco password cisco
关闭错误命令查询:no ip domain-lookup
SSH登录配置
在配置模式下:
line vty 0 15 //"(config)#"在配置远程管理登录
password cisco
login local //先设置密码,开启远程的效果
transport input {ssh|telnet|none|all} //
access-class 1 in //字符"1"为access-list 表名
no exec-timeout
enable 模式下:
enable password cisco
enable secret cisco1 //同时设置了secret密码和password,enable密码不生效
sh lacp sys-id
sh file system
sh hardware
dir or show flash
crypto key generate rsa //要先创建域名,使用命令ip domain name syx.com
AAA认证开启,aaa new-module
邻居发现协议
cdp run
cdp timer 10
cdp holdtime 30
cdp advertise-v2
int f0/1接口下开启cdp协议
cdp enable
7.line con 0 配置// console 口配置
password cisco
login local
8.spanning-tree
sh spanning-tree active
sh spanning-tree vlan XX active
9.NTP
ntp peer 192.168.1.1 ver 3 key 2 source f0/10 prefer
ntp authenticate
ntp broadcastdelay 3000
ntp trustkey 2
ntp authentication-key 2 md5 cisco
10.VTP
vtp mode {client |server|transparent}
vtp password cisco
vtp domain domain_name
vtp version 2
vtp pruning
查看vtp配置信息
sh vtp password
sh vtp status
11.端口安全port-security
int f0/1
swithport port-security ?
ip dhcp snooping(arp 防止***)
全局开启 ip dhcp snooping
int f0/1
ip dhcp snooping {limit rate |trust|vlan}
sh ip dhcp snooping
12.终端显示缓冲的大小
terminal length 100
terminal width 100
sh mac address-table dy int f0/1
sh int counters
errdisable recovery {internal|cause}
13.dhcp配置,在cisco 3550设备上配置
ip dhcp pool 0
network 192.168.10.0 255.255.255.0
default-router 192.168.10.1
dns-server 192.168.1.254
domain-name cisco-china.com
lease 7 9
不被dhcp 地址池分配给用户的地址设置
ip dhcp excluded-address 192.168.10.254
ip dhcp excluded-address 192.168.10.1 192.168.10.20