LarsErikWiki

User Tools

Site Tools

You are here: start » imt2521_nettverksadministrasjon » kommandoer
Trace: kommandoer
imt2521_nettverksadministrasjon:kommandoer

This is an old revision of the document!

Table of Contents

Frame-relay

On FR-Switch

FR(config)#frame-relay switching
FR(config-if)#clock rate 64000
FR(config-if)#encap frame-relay
FR(config-if)#frame-relay intf-type dce
FR(config-if)#frame-relay route <input DLCI> interface <outgoing interface> <output DLCI>

On Router

R1(config-if)#ip address <ip> <mask>
R1(config-if)#encap frame-relay
R1(config-if)#frame-relay map ip <ip to destination> <own dlci> [broadcast]
R1(config-if)#no frame-relay inverse-arp  // Only if you really want this
R1(config)#int s0/1/0.212 point-to-point
R1(config-subif)#ip address <ip> <mask>
R1(config-subif)#frame-relay interface-dlci <dlci>
// Give the subif same number as its dlci!!!!!

ACL

Standard numbered ACL

R1(config)#access-list 1 {permit|deny} {<source-ip>|any} [source-wildcard] [log]	// Deinfes ACL
R1(config-if) ip access-group <ACL-num/name> {out|in}					// Apply either in- our outbound on an iface

Named ACL

R1(config)#ip access-list {standard|extended} <name>

Ext ACL

R1(config)#access-list <number> {permit|deny} <protocol> <source> [src-wildcard] [operand] [port] <dest-ip> [dest-wildcard] [operand] [port] [established]

F.eks 

R1(config)#access-list 1 deny tcp 0.0.0.0 0.0.0.0 10.0.0.0 0.0.0.255 eq 22   // Applied inbound on iface againts internet, will deny ssh into 10.0.0.0 net.

DHCP

R1(config)# ip dhcp excluded-address <low-address> [high-address]
R1(config)# ip dhcp pool <POOL-NAME>
R1(dhcp-config)# network <netw.address> <mask>
R1(dhcp-config)# default-router <ip to gateway>
R1(dhcp-config)# domain-name <uri>
R1(dhcp-config)# dns-server <ip> [ip2....ip8]
R1(dhcp-config)# lease { <days> [hours] [minutes] | infinite }

NAT

Static NAT

R1(conf)# ip nat inside source static <inside local ip> <inside global ip>
R1(config-if)# /* i.e s0/1/0 */ ip nat inside
R1(config-if)# /* i.e s0/1/1 */ ip nat outside

Dynamic NAT

R1(config)# ip nat pool <name> <start-ip> <end-ip> netmask <mask>		// Create pool
R1(config)# ip access-list standard <number> permit <source-ip> [wildcard]	// Defines ACL for addresses to be translated
R1(config)# ip nat inside source list <acl-num> pool <pool-name> 		// Establish dynamic source translation, specifying the acl defined.
R1(config-if)#ip nat inside							// Specify inside NAT iface.
R1(config-if)#ip nat outside							// Specify outside NAT iface

NAT Overload

  • Add keyword overload to second statement above. Thats for overloading of a pool.
  • Replace second statement with. Thats for overloading one single IP
    • R1(config)# ip nat inside source list <acl-num> interface <iface> overload
imt2521_nettverksadministrasjon/kommandoer.1322482198.txt.gz · Last modified: (external edit)
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki