+ Cc ch cu hnh: Router> (ch user mode) Router>enable (vo ch Privileged EXEC Mode) Router#configure terminal (vo ch Configuration Mode)

ode) + Cu hnh t tn v password cho router: Router(config)#hostname tn_mun_t (t tn cho router) Router(config)#enable password pass_mun t (cu hnh pass ko m ha) Router(config)#enable secret pass_mun_t (cu hnh pass c m ha bng MD5) + Cu hnh cc ng truy cp (console, aux v vty) - Cu hnh cng console: Router(config)#line console 0 Router(config-line)#password pass_cho_cng_console (c th khc pass ca router) Router(config-line)#login (bt buc phi c ch t pass cho cng console c hiu lc) - Cu hnh cng aux: Router(config)#line aux 0 Router(config-line)#password pass_cho_cng_aux (c th khc pass ca router) Router(config-line)#login (bt buc phi c ch t pass cho cng console c hiu lc) - Cu hnh cng vty (cng telnet) Router(config)#line vty 0 4 (ch cu hnh 5 ng telnet trong 1 thi im). Router(config-line)#password pass_cho_cng_vty (c th khc pass ca router) Router(config-line)#login (bt buc phi c ch t pass cho cng vty c hiu lc) + Cu lnh m ha tt c mt khu: Router(config)#service password-encryption + Cu hnh a ch ip cho interface: Router(config)#interface tn_cng (vo interface) Router(config-if)#no shutdown (cho php interface hot ng) Router(config-if)#clock rate 64000 (t thi gian ng b gia 2 router, ch dng vi ng serial) Router(config-if)#ip address a_ch_ip subnet_mask (t a ch ip cho interface) + Cu hnh static route: C 2 cch cu hnh Static Route, l cu hnh theo "next hop"address v exit interface. - Cu hnh theo "next hop" address: Router(config)#ip route a_ch_mng_mun_qung_b subnet_mask a_ch_ip_ca_interface_ni_vi_mng _mun_qung_b. - Cu hnh theo exit interface: Router(config)#ip route a_ch_mng_mun_qung_b subnet_mask interface_ni_vi_mng_mun_qung_b.

Pham Van Hoan- DH02 K1 - BKACAD

+ Cu hnh ng default route: Router(config)#ip route 0.0.0.0 0.0.0.0 [exit interface/ip address]. + Cu hnh RIP: Router(config)#router rip (dng giao thc nh tuyn RIP) Router(config-router)#network a_ch_ip (a ch mng mun qung b bng giao thc RIP) Router(config-router)#passive-interface tn_cng (thng tin nh tuyn RIP ko c gi ra cng ny) Router(config-router)#version 2 (dng RIP version 2,mc nh l version 1) + Cu hnh EIGRP : 1.Cu hnh c bn. Router(config)#router eigrp eigrp_mun_t ( 1->65535) Router(config-router)#network IP_mng_mun_qung_b Router(config-router)#no auto-summary (ko t ghp cc di a ch IP thnh 1 di ln) - Thay i bng thng v t tng hp tuyn trong interface Router(config-if)#bandwidth kilobits Router(config-if)#ip summary-address protocol AS network number subnets mask - Cn bng ti trong EIGRP Router(config-router)#variance number - Qung b default route Cch 1: Router(config)#ip route 0.0.0.0 0.0.0.0 [interface/nexthop] Router(config)#redistribute static Cch 2: Router(config)#ip default-network network number Cch 3: Router(config-if)#ip summary-network eigrp AS number 0.0.0.0 0.0.0.0 - Qung b cc tuyn khc trong EIGRP (khng phi l default) Router(config-router)#redistribute giao_thc_mun_qung_b ID_metrics k1 k2 k3 k4 k5 V d: Router(config-router)#redistribute ospf metrics 100 100 100 100 100 - Chia s traffic trong EIGRP Router(config-router)#traffic share {balanced/min} - Cc lnh kim tra cu hnh EIGRP show ip eigrp neighbor show ip eigrp interface show ip eigrp topology

Pham Van Hoan- DH02 K1 - BKACAD

show ip eigrp traffic debug eigrp fsm debug eigrp packet + OSPF: - Cu hnh c bn Router(config)#router ospf ospf_mun_chn ( 1->65535) Router(config-router)#network di_i_ch_mun_qung_b Wildcard_mask area_ID (thng l area 0) - Cu hnh priority cc interface bu DR v BDR Priority cng ln th kh nng c bu lm DR cng cao, ngc vi bu Root brige ca Switch, cng nh th li cng c bu. Router(config)#interface fastethernet 0/0 Router(config-int)#ip ospf priority 55 Sau khi cu hnh xong priority c th kim tra bng lnh. Router# show ip ospf interface f0/0 - Chnh sa li OSPF cost metric trong mi interface Cost cng nh th tuyn cng c coi l best path Router(config-int)#ip ospf cost 1 - Cu hnh OSPF Authentication cc interface v p dng vo router Authentication key c hiu nh l password cc router trong cng mt vng chia s vi nhau. a. Cu hnh authentication n gin Router(config-if)#ip ospf authentication-key password Router(config-router)#area area number authentication b. Cu hnh authentication theo dng m ho, bo mt cao. Router(config-if)ip ospf message-digest-key key ID md5 encryption-type key Router(config-router)#area area ID authentication message-digest - Cu hnh OSPF timer trong cc interface Router(config-if)ip ospf hello-interval timer Router(config-if)ip ospf dead-interval timer - Cu hnh qung b mt tuyn mc nh trong OSPF Router(config-router)#default-information originate - Qung b mt tuyn khc (khng phi l default) Router(config-router)#redistribute protocols subnets - Cc lnh show dng kim tra cu hnh OSPF show ip protocol show ip route show ip ospf

Pham Van Hoan- DH02 K1 - BKACAD

show ip ospf interface show ip ospf database show ip ospf neighbor detail clear ip route * debug ip ospf events debug ip ospf adj

Phn 1. Routing - nh Tuyn ---------------------------------------------------------------------------------------RIP v2 r(config)#router rip r(config-router)#ver 2 r(config-router)#net ip-add (major network) r(config-router)#no auto-summary OSPF Note: Tt c nhng router c cng area phi cu hnh ging nhau tt c cc thng s th khu vc mi hot ng ng chc nng c. 1. Cu hnh c bn Router(config)#router ospf process ID (difference) Router(config-router)#network ip-add Wildcard-mask area-ID 2. Cu hnh priority cc interface bu DR v BDR Priority cng ln th kh nng c bu lm DR cng cao, ngc vi bu Root brige ca Switch, cng nh th li cng c bu. Router(config)#interface fastethernet 0/0 Router(config-int)#ip ospf priority 55 Sau khi cu hnh xong priority c th kim tra bng lnh. Router# show ip ospf interface f0/0 3. Chnh sa li OSPF cost metric trong mi interface Cost cng nh th tuyn cng c coi l best path

Pham Van Hoan- DH02 K1 - BKACAD

Router(config-int)#ip ospf cost 1 4.Cc lnh show dng kim tra cu hnh OSPF show ip protocol show ip route show ip ospf show ip ospf interface show ip ospf database show ip ospf neighbor detail clear ip route * debug ip ospf events debug ip ospf adj EIGRP 1.Cu hnh c bn. Router(config)#router eigrp As-id Router(config-router)#network network number Router(config-router)#no auto-summary 2.Thay i bng thng v t tng hp tuyn trong interface Router(config-if)#bandwidth kilobits Router(config-if)#ip summary-address protocol AS network number subnets mask 3.Cn bng ti trong EIGRP Router(config-router)#variance number 4.Qung b default route Cch 1: Router(config)#ip route 0.0.0.0 0.0.0.0 [interface/nexthop] Router(config)#redistribute static Cch 2: Router(config)#ip default-network network number Cch 3: Router(config-if)#ip summary-network eigrp AS number 0.0.0.0 0.0.0.0 5.Qung b cc tuyn khc trong EIGRP (khng phi l default)

Pham Van Hoan- DH02 K1 - BKACAD

Router(config-router)#redistribute protocol process ID metrics k1 k2 k3 k4 k5 Ex: Router(config-router)#redistribute ospf metrics 100 100 100 100 100 6.Chia s traffic trong EIGRP Router(config-router)#traffic share {balanced/min} 7.Cc lnh kim tra cu hnh EIGRP show ip eigrp neighbor show ip eigrp interface show ip eigrp topology show ip eigrp traffic debug eigrp packet -------------------------------------------------------------------------------------------Phn 2. Switching - Chuyn mch -------------------------------------------------------------------------------------------1.Cu hnh c bn chung cho mt Switch Reset tt c cu hnh ca Switch v reload li. Switch#delete flash:vlan.dat Switch#erase startup-config Switch#reload 2.Cu hnh v Security v management Switch(config)#hostname tn switch Switch(config)#line console 0 Switch(config-line)#password mt khu Switch(config-line)#login Switch(config)#line vty 0 4 Switch(config-line)#pass mt khu Switch(config-line)#login 3.Thit lp a ch IP v default gateway cho Switch Switch(config)#interface vlan1 Switch(config-int)#ip address a ch subnetmask Switch(config)#ip default-gateway a ch 4.Thit lp tc v duplex ca cng

Pham Van Hoan- DH02 K1 - BKACAD

Switch(config-int)#speed tc Switch(config-int)#duplex full 5.Thit lp dch v HTTP v cng Switch(config)#ip http server Switch(config)#ip http port 80 6.Thit lp, qun l a ch MAC Switch(config)#mac-address-table static a ch MAC interface fastethernet s vlan Switch#show mac-address-table Switch#clear mac-address-table 7.Cu hnh bo mt cho cng Switch(config-if)#switchport mode acess Switch(config-if)#switchport port-security Cu hnh Static: Switch(config-if)#switchport port-security mac-address a ch Mac Cu hnh Sticky: Switch(config-if)#switchport port-security mac-address sticky (thng dng nht) Switch(config-if)#switchport port-security maximum value Switch(config-if)#switchport port-security violation shutdown 8.To Vlan Cch 1. Switch#vlan database Switch(vlan)#vlan number Cch 2. Khi gn cc cng vo vlan, d vlan cha tn ti nhng Switch vn t to. Switch(config)#interface fastethernet 0/0 Switch(config-int)#switchport access vlan vlan-id Mun xo vlan ta lm nh sau: Switch(config-if)#no switchport access vlan vlan-id Switch#clear vlan vlan_number (xo ton b vlan ) 9.Gn nhiu cng vo trong vlan cng mt lc, cu hnh Range

Pham Van Hoan- DH02 K1 - BKACAD

i vi dy cng khng lin tc. Switch(config)#interface range cng 1 , cng 2 , cng 3 i vi mt dy lin tc. Switch(config)#interface range cng 1-n Switch(config-range)#switchport access vlan vlan-id V d: Switch(config)#interface range f0/0 , f0/2 , f0/4 Switch(config)#interface range f0/0-10 Switch(config-range)#switchport access vlan 10 10.Cu hnh Trunk Switch(config-if)#switchport mode trunk Switch(config-if)#switchpor trunk encapsulation encapsulation-type Switch#show int trunk 11.Cu hnh VTP Switch#vlan database Switch(vlan)#vtp mode {server/client/transperant} Switch(vlan)#vtp domain domain-name ( cng domain th mi giao tip c) Switch(vlan)#vtp password password-number (To pass cho domain- cng pass th mi giao tip c) Switch(vlan)#vtp pruning------>ch sd cho mode server Switch#show vtp status Switch#show cdp nei Switch#show vlan brief 12.Cu hnh Inter-Vlan trn Router Router(config)#interface fastethernet 0/0.1 Router(config-subif)#encapsulation type Router(config-subif)#ip address a-ch subnetmask ------------------------------------------------------------------------------------------Phn 3. Access-list v cc cu hnh lin quan. ------------------------------------------------------------------------------------------1.Nhc li v l thuyt. C 2 loi access-list: Loi th nht: Standard IP Access-list ch lc d liu da vo a ch IP ngun. Range ca loi ny l t 1->99. Nn c p dng vi cng gn ch nht.

Pham Van Hoan- DH02 K1 - BKACAD

Loi th hai: Extended IP Access-list lc d liu da vo: -a ch IP ngun -a ch IP ch -Giao thc (TCP, UDP) -S cng (HTTP, Telnet) -V cc thng s khc nh Windcard mask Range ca loi ny l t 100 ->199. Nn c p dng vi cng gn ngun nht. Hai bc cu hnh Access-list -->Bc 1: To access-list trong ch cu hnh config. -->Bc 2: p dng access-list cho tng cng tu theo yu cu ch cu hnh (config-if) Lu : -->Mc nh ca tt c Access-list l deny all, v vy trong tt c cc access-list ti thiu phi c 1 lnh permit. Nu trong access-list c c permit v deny th nn cc dng lnh permit bn trn. -->V hng ca access-list (In/Out) khi p dng vo cng c th hiu n gin l: In l t host, Out l ti host hay In vo trongRouter, cn Out l ra khi Router. -->i vi IN router kim tra gi tin trc khi n c a ti bng x l. i vi OUT, router kim tra gi tin sau khi n vo bng x l. -->Windcard mask c tnh bng cng thc: WM = 255.255.255.255 Subnet mask (p dng cho c Classful v Classless addreess) -->0.0.0.0 255.255.255.255 = any. -->Ip address 0.0.0.0 = host ip address (ch nh tng host mt ) 2.Cu hnh Standard Access-list (V d) Router(config)#access-list 1 deny 172.16.0.0 0.0.255.255 Router(config)#access-list 1 permit any Router(config)#interface fastethernet 0/0 Router(config-in)#ip access-group in 3.Cu hnh Extended Access-list (V d) Router(config)#access-list 101 deny tcp 172.16.0.0 0.0.255.255 host 192.168.1.1 eq telnet Router(config)#access-list 101 deny tcp 172.16.0.0 0.0.255.255 host 192.168.1.2 eq ftp Router(config)#access-list 101 permit any any Router(config)#interface fastethernet 0/0 Router(config-int)#ip access-group out 4.Cu hnh named ACL thay cho cc s hiu. Router(config)#ip access-list extended server-access (tn ca access-list) Router(config-ext-nacl)#permit tcp any host 192.168.1.3 eq telnet

Pham Van Hoan- DH02 K1 - BKACAD

Router(config)#interface fastethernet 0/0 Router(config-int)#ip access-group server-access out 5.Permit hoc Deny Telnet s dng Standard Acl (V d) Router(config)#access-list 2 permit 172.16.0.0 0.0.255.255 Router(config)#access-list 2 deny any Router(config)#line vty 0 4 Router(config-line)#password cisco Router(config-line)#login Router(config-line)#ip access-class 2 in 6.Xo v kim tra Access-list Mun xo th ta dng lnh sau: Router(config)# no ip access-list id Kim tra Acl ta dng cc lnh sau: -->show access-list -->show running-config -->show ip interface ------------------------------------------------------------------------------------------------Phn 4. NAT PPP Frame Relay ------------------------------------------------------------------------------------------------I.Cu hnh NAT * Cu hnh Static NAT Router(config)#ip nat inside source static [inside local address] [inside global address] V d: R(config)#ip nat inside source statice 10.0.0.1 202.103.2.1 (a ch 10.10.0.1 s c chuyn thnh 202.103.2.1 khi i ra khi Router) Sau khi cu hnh xong phi p dng vo cng in v cng out, trong v d di y, cng Ethernet l cng in, cn cng Serial l cng out Router(config)#interface ethernet 0 Router(config-if)#ip nat inside Router(config)#interface serial 0 Router(config-if)#ip nat outside * Cu hnh Dynamic NAT

Pham Van Hoan- DH02 K1 - BKACAD

Router(config)#ip nat pool [ tn pool] [A.B.C.D A1.B1.C1.D1] netmask [mt n] Router(config)#ip nat inside source list [s hiu ACL] pool [tn pool] Router(config)#access-list [s hiu ACL] permit A.B.C.D windcard masks V d: R(config)#ip nat pool nat-pool1 179.9.8.80 179.9.8.95 netmask 255.255.255.0 R(config)#ip nat inside source list 1 pool nat-pool1 R(config)#access-list 1 permit 10.1.0.0 0.0.0.255 Sau p vo cng In v Out nh Static NAT Note: Gii a ch inside local address v inside global address phi nm trong gii cho php ca ACL * Cu hnh NAT overload o Cu hnh overload vi 1 a ch IP c th: Router(config)#ip nat pool [tn pool] [ip global inside] [subnet mask] Router(config)#ip nat inside source list [tn s hiu ACL] pool [tn pool] overload Router(config)#access-list [s hiu] permit [a ch] [windcard mask] V d: R(config)#access-list 2 permit 10.0.0.0 0.0.0.255 R(config)#ip nat pool nat-pool2 179.9.8.20 255.255.255.240 R(config)#ip nat inside source list 2 nat-pool2 overload o Cu hnh overload dng a ch ca cng ra.(Thng xuyn c dung hn l trng hp trn) Router(config)#ip nat inside source list [tn s hiu ACL] interface [cng ra] overload Router(config)#access-list [s hiu] permit [a ch] [windcard mask] V d: R(config)#ip nat inside source list 3 interface serial 0 overload R(config)#access-list 3 permit 10.0.0.0 0.0.0.255 * Cc lnh Clear NAT/PAT Lnh xa tt c dynamic nat trn ton b cc interface. -->Router#clear ip nat translation * Lnh xa cc single nat trn tng interface -->Router#clear ip nat translation [inside/outside] [global ip - local ip]

Pham Van Hoan- DH02 K1 - BKACAD

Lnh xa cc extended nat trn tng interface -->Router#clear ip nat translation protocol [inside/outside] [global ip - global port local ip local port] * Kim tra v Debug cc NAT v PAT Router#show ip nat translation Router#show ip nat statics Router#debug ip nat * Cu hnh DHCP Router(config)#ip dhcp excluded-address ip-address (end-ip-address) Router(config)#ip dhcp pool [tn pool] Router(dhcp-config)#network addess subnetmask Router(dhcp-config)#default-router address Router(dhcp-config)#dns-server address Router(dhcp-config)#netbios-name-server address Router(dhcp-config)#domain-name tn domain Router(dhcp-config)#lease ngy/gi/pht * Kim tra v troubleshoot cu hnh DHCP Router#show ip dhcp binding Router#debug ip dhcp server events * Trong trng hp DHCP server khng nm cng mng vi host Note: khi DHCP server khng cng mng vi host th ta phi dng lnh ip helper-address gip host n DHCP server. Router(config)#interface [cng nm cng mng vi host] Router(config-if)#ip helper-address [a ch ca DHCP server] Note: Trong trng hp mun gi tin ca host c broadcast mng cha DHCP th ta dng thm lnh ip directed-broadcast cng cng mng vi DHCP server Router(config)#interface [cng nm cng mng vi dhcp] Router(config-)#ip directed-broadcast II. Cu hnh PPP 1. Cu hnh c bn: R(config)#interface serial 0/0 R(config-if)#encapsulation ppp

Pham Van Hoan- DH02 K1 - BKACAD

2. Cu hnh PAP Cu hnh PAP khng yu cu hai Router ging nhau v password nhng CHAP th phi c. (Cu hnh trn RA) R(config)#host RA RA(config)#username RB password 321 RA(config-if)#encapsulation ppp RA(config-if)#ppp authentication pap RA(config-if)#ppp pap sent-username RA password 123 (Cu hnh trn RB) R(config)#host RB RB(config)#username RA password 123 RB(config-if)#encapsulation ppp RB(config-if)#ppp authentication pap RB(config-if)#ppp pap sent-username RB password 321 3. Cu hnh CHAP. (yu cu phi ging nhau v password) (Cu hnh trn RA) R(config)#host RA RA(config)#username RB password 123 RA(config-if)encapsulation ppp RA(config-if)ppp authentication chap (Cu hnh trn RB) R(config)#host RB RB(config)#username RA password 123 RB(config-if)encapsulation ppp RB(config-if)ppp authentication chap 4. Cc cu hnh khc ca PPP -->Cu hnh Multilink R(config-if)#encapsulation ppp R(config-if)#ppp multilink -->Cu hnh Compression R(config-if)#encapsulation ppp

Pham Van Hoan- DH02 K1 - BKACAD

R(config-if)#compress [predictor/stac/mppc] -->Cu hnh Error detection R(config-if)#encapsulation ppp R(config-if)#ppp quality [phn trm] 5. Cc lnh kim tra cu hnh PPP R#show interface (xem encapsulation) R#debug ppp negotiation (Xem qu trnh kt ni gia 2 node) R#debug ppp authentication (Xem qu trnh xc thc gia 2 node) III. Cu hnh Frame-Relay -->Cu hnh n gin R(config-if)#encapsulation frame-relay {ciso| ietf} (mc nh l cisco) Khi lnh ny c thc thi, DLCI s c Inverse ARP t ng map, ngi dng khng cn phi lm g c. * Nhng Inverse ARP khng lm vic vi cc kt ni Hub-and-Spoke -->Cu hnh Frame-relay static map R(config-if)#encapsulation frame-relay R(config-if)#frame-relay map ip remoteip-address local-dlci [broadcast] [cisco| ietf] (ip address trong dng lnh trn ch ly lm minh ha bi n rt ph bin, chnh xc phi l remoteprotocoladdress) Broadcast trong cu lnh trn c 2 chc nng: -->Forward broadcast khi multicast khng c khi ng. -->n gin ha cu hnh OSPF cho mng nonbroadcast s dng FRelay. V d: R(config-if)#encapsulation frame-relay R(config-if)#frame-relay map ip 192.168.2.1 100 broadcast -->Cu hnh FR trong mng None Broadcast MutiAccess -->Trong mng Broadcast khi 1 my tnh truyn frame tt c cc node lng nghe frame nhng ch c node cn nhn mi nhn c. -->Trong mng None Broadcast khi 1 my tnh truyn frame th ch c node cn nhn mi lng nghe v nhn c frame , cc node cn li th khng. Frame c truyn qua 1 virtual Circuit hoc 1 thit b chuyn mch. -->Star topology c th c coi nh l 1 mng Hub and Spoke.

Pham Van Hoan- DH02 K1 - BKACAD

-->Gii quyt vn vi Routing Updates m khng disable Split Horizal Gii php dng Sub-interface R(config)#interface s0/0 R(config-if)#encapsulation frame-relay R(config-if)interface s0/0.1 [multipoint| point-to-point] -->point-to-point: Mi subinterface c subnet ring ca mnh. Broadcast v Split horizol khng l vn . -->Multi-point: Tt c cc subinterface lin quan phi cng chung 1 subnet v nh vy Broadcast v Split horizol s c vn . V d: (Point-to-point) R(config)#interface s0/0 R(config-if)#encapsulation frame-relay R(config-if)#interface s0/0.1 point-to-point R(config-subif)#frame-relay interface-dlci 18 (Multipoint) R(config)#interface s0/0 R(config-if)#encapsulation frame-relay R(config-if)#interface s0/0.2 multipoint R(config-subif)#frame-relay interface-dlci 19 R(config-subif)#frame-relay interface-dlci 20 -->Cu hnh trn Frame-relay Switching (v d) R(config)#frame-relay switching R(config)#interface s0/0 R(config-if)#encapsulation frame-relay R(config-if)#frame-relay intf-type dce R(config-if)#frame-relay route 103interface serial 0/1 301

Pham Van Hoan- DH02 K1 - BKACAD