Skip to main content

Cheatsheet

Expert IT Systems and Devices (Crebo 25606)

Kerntaak B1-K2 – Infrastructuur

Basisconfiguratie

Deze instellingen voorkomen fouten, vertragingen en puntenverlies.

Router> enable
Router# configure terminal
Router(config)# hostname R1
Router(config)# no ip domain-lookup
Router(config)# service password-encryption
Router(config)# banner motd #VERBODEN TOEGANG#

Interface activeren

Router(config)# interface gigabitEthernet 0/0
Router(config-if)# ip address 192.168.1.1 255.255.255.0
Router(config-if)# description Link naar Switch
Router(config-if)# no shutdown

2️ Switching & VLANs (Laag 2)

VLANs aanmaken

Switch(config)# vlan 10
Switch(config-vlan)# name PERSONEEL
Switch(config-vlan)# exit
Switch(config)# vlan 20
Switch(config-vlan)# name GASTEN

Access poorten

Switch(config)# interface fastEthernet 0/1
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 10
Switch(config-if)# no shutdown

Trunk poorten

Switch(config)# interface gigabitEthernet 0/1
Switch(config-if)# switchport trunk encapsulation dot1q
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport trunk allowed vlan 10,20,99
Switch(config-if)# no shutdown

3️ EtherChannel / LACP

Switch(config)# interface range g0/1 - 2
Switch(config-if-range)# channel-group 1 mode active
Switch(config-if-range)# no shutdown

Switch(config)# interface port-channel 1
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport trunk allowed vlan 10,20

4️Routing (Laag 3)

Router-on-a-Stick

Router(config)# interface g0/0
Router(config-if)# no shutdown

Router(config)# interface g0/0.10
Router(config-subif)# encapsulation dot1q 10
Router(config-subif)# ip address 192.168.10.1 255.255.255.0

Router(config)# interface g0/0.20
Router(config-subif)# encapsulation dot1q 20
Router(config-subif)# ip address 192.168.20.1 255.255.255.0

Default route

Router(config)# ip route 0.0.0.0 0.0.0.0 203.0.113.1

5️Services – DHCP & NAT

DHCP

Router(config)# ip dhcp pool LAN-10
Router(dhcp-config)# network 192.168.10.0 255.255.255.0
Router(dhcp-config)# default-router 192.168.10.1
Router(dhcp-config)# dns-server 8.8.8.8

NAT

Router(config)# interface g0/0
Router(config-if)# ip nat inside

Router(config)# interface g0/1
Router(config-if)# ip nat outside

Router(config)# access-list 1 permit 192.168.10.0 0.0.0.255

Router(config)# ip nat inside source list 1 interface g0/1 overload

6️Beveiliging – SSH & ACL

SSH

Router(config)# hostname R1
Router(config)# ip domain-name examen.local
Router(config)# crypto key generate rsa
Router(config)# username beheerder secret Cisco123

Router(config)# line vty 0 4
Router(config-line)# transport input ssh
Router(config-line)# login local

ACL

Router(config)# access-list 100 deny icmp 192.168.10.0 0.0.0.255 host 192.168.20.50
Router(config)# access-list 100 permit ip any any

Router(config)# interface g0/0.10
Router(config-subif)# ip access-group 100 in

7️ Troubleshooting

show ip interface brief
show vlan brief
show ip route
show run
show ip nat translations
show etherchannel summary

Testen

ping 192.168.20.1
tracert 8.8.8.8

No comments to display

Back to top