熟练掌握cisco 3550的常用配置命令

  1. 设置设备的标示名,一般按设备型号+物理位置+管理IP地址

    command:(config)#hostname machine_name

    查看设备系统版本和信息

    show version

    show boot

    show flash:

    sh cpu 

  2. 配置登录的用户名和密码

    username Cisco password cisco

  3. 关闭错误命令查询:no ip domain-lookup

  4. SSH登录配置

    在配置模式下:

    line vty 0 15  //"(config)#"在配置远程管理登录

    password cisco 

    login local //先设置密码,开启远程的效果

    transport input {ssh|telnet|none|all} //

    access-class 1 in //字符"1"为access-list 表名

    no exec-timeout

    enable 模式下:

    enable password cisco

    enable secret cisco1 //同时设置了secret密码和password,enable密码不生效

  5. sh lacp sys-id

    sh file system

    sh hardware

    dir or show flash

  6. crypto key generate rsa //要先创建域名,使用命令ip domain name syx.com

  7. AAA认证开启,aaa new-module

  8. 邻居发现协议

    cdp run

    cdp timer 10

    cdp holdtime 30

    cdp advertise-v2

    int f0/1接口下开启cdp协议

    cdp enable

7.line con 0 配置// console 口配置

password cisco

login local

8.spanning-tree 

sh spanning-tree active

sh spanning-tree vlan XX active

9.NTP

ntp peer 192.168.1.1 ver 3 key 2 source f0/10 prefer

ntp authenticate

ntp broadcastdelay 3000

ntp trustkey 2

ntp authentication-key 2 md5 cisco

10.VTP

vtp mode {client |server|transparent}

vtp password cisco

vtp domain domain_name

vtp version 2

vtp pruning

查看vtp配置信息

sh vtp password

sh vtp status

11.端口安全port-security 

int f0/1

swithport port-security ?

ip dhcp snooping(arp 防止***)

全局开启 ip dhcp snooping

int  f0/1 

ip dhcp snooping {limit rate |trust|vlan}

sh ip dhcp snooping

12.终端显示缓冲的大小

terminal length 100

terminal width 100

sh mac address-table dy int f0/1

sh int counters

errdisable recovery {internal|cause}

13.dhcp配置,在cisco 3550设备上配置

ip dhcp pool 0

   network 192.168.10.0 255.255.255.0

   default-router 192.168.10.1 

   dns-server 192.168.1.254 

   domain-name cisco-china.com

   lease 7 9

不被dhcp 地址池分配给用户的地址设置

ip dhcp excluded-address 192.168.10.254

ip dhcp excluded-address 192.168.10.1 192.168.10.20