Enableenable secret (password)service password-encryptionbanner motd # Una

1. Enable
2. enable secret (password)
3. service password-encryption
4. banner motd # Unauthorized access will be prosecuted to the fullest extent of criminal law #
5. no ip domain-lookup
6. ip default-gateway x.x.x.x.
7. line console 0
8. logging synchronous
9. exit
10. interface range fa 0/0 - fa 0/24 (switch only)
11. spanning-tree portfast bpduguard
12. shutdown (remember to re enable the used ports) (switch only)
13. exit
14. vlan 1
15. exit
16. interface vlan1
17. ip address x.x.x.x x.x.x.x
18. exit
19. Assigning a vlan to a interface
20. enable
21. configure terminal
22. interface (interface here) (interface port here)
23. switchport mode access
24. switchport access vlan (vlan number here)
25. GNS = Packet tracer pero mejor
26. configurar telnet en router
27. conf t
28. line vty 0 4
29. password password here
30. login
31. do wr
32. ex
33. configurar ssh en router/switch
34. hostname es requerido
35. nombre de dominio tambien
36. ip domain-name domainnamehere(ucr.ac.cr)
37. crypto key generate rsa
38. 1024 bits
39. username usernamehere password passwordhere
40. line vty 0 4
41. transport input ssh
42. login local
43. exec-timeout 1
44. para connectarse via ssh usando Command prompt en pc
45. ssh -1 usernamehere router/switchipaddresshere
46.  
47.  
48.  
49.  
50.  
51. ººººººººººººººººººººSJºººººººººººººººººººººººººº
52. s0/0/0: 192.168.1.1 255.255.255.252
53. s0/0/1 192.168.1.9 255.255.255.252
54. fa0/0 192.168.100.1 255.255.255.0
55. fa0/1 201.193.45.1 255.255.255.252
56.  
57.  
58.  
59.  
60. ººººººººººººººººººººalajuelaºººººººººººººººººººººººººº
61.  
62. s0/0/0: 192.168.1.2 255.255.255.252
63. s0/0/1 192.168.1.5 255.255.255.252
64. fa0/0.10 192.168.10.1 255.255.255.128
65. fa0/0.20 192.168.10.129 255.255.255.128
66.  
67.  
68. ººººººººººººººººººººherediaºººººººººººººººººººººººººº
69.  
70.  
71. s0/0/0: 192.168.1.6 255.255.255.252
72. s0/0/1 192.168.1.10 255.255.255.252
73. fa0/0.10 192.168.10.1 255.255.255.128
74. fa0/0.20 192.168.10.129 255.255.255.128
75.  
76.  
77.  
78.  
79. Frontier Router must be good
80.  
81.  
82. dhcp
83. ip dhcp excluded-address fromx.x.x.x tox.x.x.x
84. (exclude the first 10 ip addresses from each network/vlan)
85. creating dhcp pools
86. ip dhcp pool poolnamehere
87. network ipaddresshere maskhere
88. default-router vlanfirstaddresshere
89. dns-server dnsaddresshere
90. exit
91.  
92. (repeat the same for different vlans)
93.  
94.  
95.  
96.  
97.  
98. (helper address vlan )
99. int fa0/0.10
100. ip helper-address dhcprouteraddresshere
101. intfa0/0.20
102. ip helper-address dhcprouteraddresshere
103.  
104. (helper address)
105. int fa0/1
106. ip helper-address dhcprouteraddresshere
107.  
108.  
109.  
110.  
111.  
112.  
113. Static NAT Routing
114.  
115. only works if the isp has given you more than 1 public address
116.  
117. ip nat inside source static
118. ip nat inside source static privateaddresshere publicaddresshere
119. ip nat inside source static privateaddresshere publicaddresshere
120.  
121. example ip nat inside source static 192.168.100.254 201.193.45.93
122.  
123. example ip nat inside source static 192.168.100.253 201.193.45.94
124.  
125.  
126. (dynamic nat routing)
127.  
128.  
129. PAT
130. ip nat pool poolnamehere natpooladdressstart natpooladdressend netmask subnetmaskhere
131. example ip nat pool UCR 201.193.45.81 201.193.45.82 netmask 255.255.255.240
132. ip nat inside source list 10
133. ip nat inside source list 10 pool UCR
134. ip nat inside source list 10 pool UCR overload *IMPORTANT*
135.  
136. now enter the frontier router interfaces and enter the command
137.  
138. ip nat inside
139.  
140. *-****
141. show ip nat translations (shows all the currently network access translations done from inside the private network)
142.  
143.  
144. (ACL)
145.  
146. access-list 10 permit 192.168.0.0 0.0.255.255
147. access-lsit 10 permit ipaddress wildcard