VPN troubleshooting subnetting
2 posters
Page 1 of 1
VPN troubleshooting subnetting
Basic configuration Router en switch
Router en Switch Basic
ROUTER>enable
ROUTER#conf t
ROUTER#end Fast command to exit
No lookup
ROUTER(config)#no ip domain-lookup
Saving config
ROUTER#copy running-config startup-config | wr
Giving a router/switch a hostname
ROUTER(config)#hostname <NAME FOR THE DEVICE>
Host table
ROUTER(conf)#ip host <Hostname> <IP ADDRESS(ES)>
Password on console
ROUTER(config) #line console <PORT NR>
ROUTER(config-line)#password cisco
ROUTER(config-line)#logging synchronous
ROUTER(config-line)#exec-timeout <min sec>
ROUTER(config-line)#exit
Password on terminal connections
ROUTER(config)#line vty <PORT NR>
ROUTER(config-line)#password cisco
ROUTER(config-line)l#logging synchronous
ROUTER(config-line)#exec-timeout <min sec>
ROUTER(config-line)#exit
Enable Encrypted Password
ROUTER(config)#enable secret class
ROUTER(config)#exit
Interfaces Configuration
ROUTER(config)#interface <INTERFACE>
ROUTER(config-if)#ip address <IP ADDRESS> <SUBNETMASK>
ROUTER(config-if)#clock rate 56000 (ONLY on DCE Serial interface)
ROUTER(config-if)#no shutdown
ROUTER(config-if)#exit
Password
Banner
ROUTER(config)#banner motd &<tekst>&
ROUTER(config)#exit
Configuring Routing Protocol
RIP Configureren
ROUTER(config)#router rip
ROUTER((config-router)#passive-interface <INTERFACE>
ROUTER(config-router)#network <IP ADDRESS>
ROUTER(config-router)#exit
ROUTER(config)#exit
Enable RIP-V2
ROUTER (config)#router rip
ROUTER (config-router)#version 2
ROUTER((config-router)#passive-interface <INTERFACE>
ROUTER (config-router)#no auto-summary
ROUTER (config-router)#exit
ROUTER (config)#exit
- Router RIP versie 2
Netwerken 172.16.0.0 192.168.10.0 192.168.40.0 en 192.168.50.0.
passive-interface fastethernet 0/0
Enable OSPF
ROUTER (config)#router ospf <ID>
Summarize an area in the OSPF Table
ROUTER((config-router)#passive-interface <INTERFACE>
ROUTER (config)#<IP ADDESS> <WILDCARD> area <NR>
ROUTER (config)#end
Sends a static route thought OSPF
ROUTER (config)#default-information originate
Create Trunk link on sub interfaces
ROUTER(config)#interface <INTERFACE>
ROUTER(config-if)#no shutdown
Create sub an interface
ROUTER(config-if)#interface <INTERFACE> . <NR>
ROUTER(config-subif)#encapsulation dot1q <VLAN NR>
ROUTER(config-subif)#ip address <IP ADDRESS> <SUBNET MASK>
ROUTER(config-subif)#end
Enable DHCP Service
ROUTER(config)#ip dhcp pool <NAME OF THE POOL>
ROUTER(dhcp-config)#network <IP ADDRESS> <SUBNET MASK>
ROUTER(dhcp-config)#default-router <IP OF THE GATEWAY(ROUTER)>
ROUTER(config)#ip dchp excluded-addresses <START IP ADDESS> <END IP ADDRESS>
Configure a static route
ROUTER(config)ip route <NETWORK ID> <SUBNET MASK> <INTERFACE | NEXT ROUTER IP>
Send packets to a last resort gateway
ROUTER(config)ip route 0.0.0.0 0.0.0.0 <INTERFACE | NEXT ROUTER IP ADDRESS>
Switch Configuration
Configuring a default-gateway
SWITCH(config)#ip default-gateway <IP OF THE GATEWAY(ROUTER)>
Method 2
SWITCH(config)#vlan <NUMBER FOR THE VLAN>
SWITCH(config-vlan)#name <NAME OF VLAN>
Delete a VLAN
SWITCH#vlan database
SWITCH(vlan)#no vlan <NUMBER OF VLAN>
Assing an IP address to a VLAN
SWITCH(config)#interface VLAN <NR>
SWITCH (config-if)#ip address <IP ADDRESS> <SUBNET MASK>
SWITCH (`config-if)#exit
Assign/remove a Port to VLAN
Assign a single Port to a VLAN
SWITCH(config)#interface <INTERFACE>
SWITCH(config-if)#switchport mode access
SWITCH(config-if)#switchport access vlan <NUMBER OF VLAN>
SWITCH(config-if)#end
Assign/remove a Port to security
SWITCH(config)#interface <INTERFACE>
SWITCH(config-if)#switchport port-security
SWITCH(config-if)#switchport port-security maximum <NUMBER>
SWITCH(config-if)#switchport port-security mac-address sticky
SWITCH(config-if)#switchport port-security violation protect
Assign a Port range to a VLAN
SWITCH(config)#interface range <RANGE OF THE SELECTED INTERFACE> 0/4 – 6
SWITCH(config-if-range)#switchport mode access
SWITCH(config-if-range)#switchport access vlan <NUMBER OF VLAN>
Remove a Port from a VLAN
SWITCH(config)#interface <INTERFACE>
SWITCH(config-if)#no switchport access vlan <NUMBER OF VLAN>
Create a trunk link <INTERFACE>
SWITCH(config)#interface <INTERFACE>
SWITCH(config-if)#switchport mode trunk
SWITCH(config-if)#end
Create a VTP connection
Server side
SWITCH1#vlan database
SWITCH1(vlan)#vtp server
SWITCH1(vlan)#vtp domain <NAME DOMAIN>
SWITCH1(vlan)#exit
Client Side
Switch2#vlan database
Switch2(vlan)#vtp client
Switch2(vlan)#vtp domain <NAME DOMAIN>
Switch2(vlan)#exit
Access lists
<0-99> IP Standard list
<100-199>IP Extended list
<1300-1999>Extra IP Standard list
<2000-2699>Extra IP Extended list
Standard Accesslists
Standard Accesslist are applied close as possible to the destination.(outgoing port of the router)
Standard Accesslist = Destination
Accesslist-list <NR> <PERMIT | DENY> <SOURCE> <WILDCARD>
Extended Accesslist
Extended Accesslist are applied close as possible to the source.(incoming port of the router)
Extended Accesslist = Source
Accesslist-list <NR> < PERMIT | DENY > <PROTOCOL> <SOURCE> <DESTINATION> [eq <PORTNUMBER | SERVICE NAME>]
<SOURCE> <SOURCE ADDRESS WILDCARD | ANY | HOST IP ADDRESS>
<DESTINATION> <DESTINATION ADDRESS WILDCARD | ANY | HOST IP ADDRESS>
<PROTOCOL>
TCP = TCP Traffic
UDP = UDP Traffic
ICMP = PING
IP = All traffic
Apply accesslist number, which way and on what interface
ROUTER(config)#interface <INTERFACE>
ROUTER(config-if)#ip access-group <NUMBER OF ACCESSLIST> <IN | OUT>
Apply accesslist on a vty | console
ROUTER(config)#line <vty | console>
ROUTER(config)#access-class <NUMBER OF ACCESSLIST <IN | OUT>
Show Commands
Show running config
DEVICE#show running-config | show run
Shows running configuration
Show start config
DEVICE#show startup-config | show start
Shows startup configuration
Show VLAN
DEVICE#show vlan
Show ip interface brief
DEVICE#show ip interface brief
Shows interface information briefly
Show Controllers
Router#show controllers <INTERFACE>
Show ip show ip protocols
DEVICE#show ip protocols
Show ip route
DEVICE#show ip route
Shows Routes learned by a routing protocol
Show ip access-lists
DEVICE#show ip access-lists
Shows made access lists
DEBUG RIP
DEVICE#debug ip rip
DEBUG RIP OFF
DEVICE#no debug ip rip
ALL DEBUGS OFF
DEVICE#no debug all
Router en Switch Basic
ROUTER>enable
ROUTER#conf t
ROUTER#end Fast command to exit
No lookup
ROUTER(config)#no ip domain-lookup
Saving config
ROUTER#copy running-config startup-config | wr
Giving a router/switch a hostname
ROUTER(config)#hostname <NAME FOR THE DEVICE>
Host table
ROUTER(conf)#ip host <Hostname> <IP ADDRESS(ES)>
Password on console
ROUTER(config) #line console <PORT NR>
ROUTER(config-line)#password cisco
ROUTER(config-line)#logging synchronous
ROUTER(config-line)#exec-timeout <min sec>
ROUTER(config-line)#exit
Password on terminal connections
ROUTER(config)#line vty <PORT NR>
ROUTER(config-line)#password cisco
ROUTER(config-line)l#logging synchronous
ROUTER(config-line)#exec-timeout <min sec>
ROUTER(config-line)#exit
Enable Encrypted Password
ROUTER(config)#enable secret class
ROUTER(config)#exit
Interfaces Configuration
ROUTER(config)#interface <INTERFACE>
ROUTER(config-if)#ip address <IP ADDRESS> <SUBNETMASK>
ROUTER(config-if)#clock rate 56000 (ONLY on DCE Serial interface)
ROUTER(config-if)#no shutdown
ROUTER(config-if)#exit
Password
Banner
ROUTER(config)#banner motd &<tekst>&
ROUTER(config)#exit
Configuring Routing Protocol
RIP Configureren
ROUTER(config)#router rip
ROUTER((config-router)#passive-interface <INTERFACE>
ROUTER(config-router)#network <IP ADDRESS>
ROUTER(config-router)#exit
ROUTER(config)#exit
Enable RIP-V2
ROUTER (config)#router rip
ROUTER (config-router)#version 2
ROUTER((config-router)#passive-interface <INTERFACE>
ROUTER (config-router)#no auto-summary
ROUTER (config-router)#exit
ROUTER (config)#exit
- Router RIP versie 2
Netwerken 172.16.0.0 192.168.10.0 192.168.40.0 en 192.168.50.0.
passive-interface fastethernet 0/0
Enable OSPF
ROUTER (config)#router ospf <ID>
Summarize an area in the OSPF Table
ROUTER((config-router)#passive-interface <INTERFACE>
ROUTER (config)#<IP ADDESS> <WILDCARD> area <NR>
ROUTER (config)#end
Sends a static route thought OSPF
ROUTER (config)#default-information originate
Create Trunk link on sub interfaces
ROUTER(config)#interface <INTERFACE>
ROUTER(config-if)#no shutdown
Create sub an interface
ROUTER(config-if)#interface <INTERFACE> . <NR>
ROUTER(config-subif)#encapsulation dot1q <VLAN NR>
ROUTER(config-subif)#ip address <IP ADDRESS> <SUBNET MASK>
ROUTER(config-subif)#end
Enable DHCP Service
ROUTER(config)#ip dhcp pool <NAME OF THE POOL>
ROUTER(dhcp-config)#network <IP ADDRESS> <SUBNET MASK>
ROUTER(dhcp-config)#default-router <IP OF THE GATEWAY(ROUTER)>
ROUTER(config)#ip dchp excluded-addresses <START IP ADDESS> <END IP ADDRESS>
Configure a static route
ROUTER(config)ip route <NETWORK ID> <SUBNET MASK> <INTERFACE | NEXT ROUTER IP>
Send packets to a last resort gateway
ROUTER(config)ip route 0.0.0.0 0.0.0.0 <INTERFACE | NEXT ROUTER IP ADDRESS>
Switch Configuration
Configuring a default-gateway
SWITCH(config)#ip default-gateway <IP OF THE GATEWAY(ROUTER)>
Method 2
SWITCH(config)#vlan <NUMBER FOR THE VLAN>
SWITCH(config-vlan)#name <NAME OF VLAN>
Delete a VLAN
SWITCH#vlan database
SWITCH(vlan)#no vlan <NUMBER OF VLAN>
Assing an IP address to a VLAN
SWITCH(config)#interface VLAN <NR>
SWITCH (config-if)#ip address <IP ADDRESS> <SUBNET MASK>
SWITCH (`config-if)#exit
Assign/remove a Port to VLAN
Assign a single Port to a VLAN
SWITCH(config)#interface <INTERFACE>
SWITCH(config-if)#switchport mode access
SWITCH(config-if)#switchport access vlan <NUMBER OF VLAN>
SWITCH(config-if)#end
Assign/remove a Port to security
SWITCH(config)#interface <INTERFACE>
SWITCH(config-if)#switchport port-security
SWITCH(config-if)#switchport port-security maximum <NUMBER>
SWITCH(config-if)#switchport port-security mac-address sticky
SWITCH(config-if)#switchport port-security violation protect
Assign a Port range to a VLAN
SWITCH(config)#interface range <RANGE OF THE SELECTED INTERFACE> 0/4 – 6
SWITCH(config-if-range)#switchport mode access
SWITCH(config-if-range)#switchport access vlan <NUMBER OF VLAN>
Remove a Port from a VLAN
SWITCH(config)#interface <INTERFACE>
SWITCH(config-if)#no switchport access vlan <NUMBER OF VLAN>
Create a trunk link <INTERFACE>
SWITCH(config)#interface <INTERFACE>
SWITCH(config-if)#switchport mode trunk
SWITCH(config-if)#end
Create a VTP connection
Server side
SWITCH1#vlan database
SWITCH1(vlan)#vtp server
SWITCH1(vlan)#vtp domain <NAME DOMAIN>
SWITCH1(vlan)#exit
Client Side
Switch2#vlan database
Switch2(vlan)#vtp client
Switch2(vlan)#vtp domain <NAME DOMAIN>
Switch2(vlan)#exit
Access lists
<0-99> IP Standard list
<100-199>IP Extended list
<1300-1999>Extra IP Standard list
<2000-2699>Extra IP Extended list
Standard Accesslists
Standard Accesslist are applied close as possible to the destination.(outgoing port of the router)
Standard Accesslist = Destination
Accesslist-list <NR> <PERMIT | DENY> <SOURCE> <WILDCARD>
Extended Accesslist
Extended Accesslist are applied close as possible to the source.(incoming port of the router)
Extended Accesslist = Source
Accesslist-list <NR> < PERMIT | DENY > <PROTOCOL> <SOURCE> <DESTINATION> [eq <PORTNUMBER | SERVICE NAME>]
<SOURCE> <SOURCE ADDRESS WILDCARD | ANY | HOST IP ADDRESS>
<DESTINATION> <DESTINATION ADDRESS WILDCARD | ANY | HOST IP ADDRESS>
<PROTOCOL>
TCP = TCP Traffic
UDP = UDP Traffic
ICMP = PING
IP = All traffic
Apply accesslist number, which way and on what interface
ROUTER(config)#interface <INTERFACE>
ROUTER(config-if)#ip access-group <NUMBER OF ACCESSLIST> <IN | OUT>
Apply accesslist on a vty | console
ROUTER(config)#line <vty | console>
ROUTER(config)#access-class <NUMBER OF ACCESSLIST <IN | OUT>
Show Commands
Show running config
DEVICE#show running-config | show run
Shows running configuration
Show start config
DEVICE#show startup-config | show start
Shows startup configuration
Show VLAN
DEVICE#show vlan
Show ip interface brief
DEVICE#show ip interface brief
Shows interface information briefly
Show Controllers
Router#show controllers <INTERFACE>
Show ip show ip protocols
DEVICE#show ip protocols
Show ip route
DEVICE#show ip route
Shows Routes learned by a routing protocol
Show ip access-lists
DEVICE#show ip access-lists
Shows made access lists
DEBUG RIP
DEVICE#debug ip rip
DEBUG RIP OFF
DEVICE#no debug ip rip
ALL DEBUGS OFF
DEVICE#no debug all
FutureIT- Posts : 2
Join date : 2017-05-14
Re: VPN troubleshooting subnetting
I have a custom domain that works fine with all (https) sites and Forums I visit.
Forumotion appears to be the only server that exhibits the insecure https.// lock, Why is that? Thanks.
I know the problem is being worked on and it will take time to resolve. Are the other sites way ahead with the latest browser security protocol?
Forumotion appears to be the only server that exhibits the insecure https.// lock, Why is that? Thanks.
I know the problem is being worked on and it will take time to resolve. Are the other sites way ahead with the latest browser security protocol?
Re: VPN troubleshooting subnetting
I have a custom domain that works fine with all (https) sites and Forums I visit.
Forumotion appears to be the only server that exhibits the insecure https.// lock, Why is that? Thanks.
I know the problem is being worked on and it will take time to resolve. Are the other sites way ahead with the latest browser security protocol?
Forumotion appears to be the only server that exhibits the insecure https.// lock, Why is that? Thanks.
I know the problem is being worked on and it will take time to resolve. Are the other sites way ahead with the latest browser security protocol?
Re: VPN troubleshooting subnetting
I have a custom domain that works fine with all (https) sites and Forums I visit.
Forumotion appears to be the only server that exhibits the insecure https.// lock, Why is that? Thanks.
I know the problem is being worked on and it will take time to resolve. Are the other sites way ahead with the latest browser security protocol?
Forumotion appears to be the only server that exhibits the insecure https.// lock, Why is that? Thanks.
I know the problem is being worked on and it will take time to resolve. Are the other sites way ahead with the latest browser security protocol?
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
|
|