Cheatsheet

Expert IT Systems and Devices (Crebo 25606)

Kerntaak B1-K2 – Infrastructuur

Basisconfiguratie

Deze instellingen voorkomen fouten, vertragingen en puntenverlies.

Router> enable
Router# configure terminal
Router(config)# hostname R1
Router(config)# no ip domain-lookup
Router(config)# service password-encryption
Router(config)# banner motd #VERBODEN TOEGANG#

Interface activeren

Router(config)# interface gigabitEthernet 0/0
Router(config-if)# ip address 192.168.1.1 255.255.255.0
Router(config-if)# description Link naar Switch
Router(config-if)# no shutdown

2️ Switching & VLANs (Laag 2)

VLANs aanmaken

Switch(config)# vlan 10
Switch(config-vlan)# name PERSONEEL
Switch(config-vlan)# exit
Switch(config)# vlan 20
Switch(config-vlan)# name GASTEN

Access poorten

Switch(config)# interface fastEthernet 0/1
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 10
Switch(config-if)# no shutdown

Trunk poorten

Switch(config)# interface gigabitEthernet 0/1
Switch(config-if)# switchport trunk encapsulation dot1q
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport trunk allowed vlan 10,20,99
Switch(config-if)# no shutdown

3️ EtherChannel / LACP

Switch(config)# interface range g0/1 - 2
Switch(config-if-range)# channel-group 1 mode active
Switch(config-if-range)# no shutdown

Switch(config)# interface port-channel 1
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport trunk allowed vlan 10,20

4️Routing (Laag 3)

Router-on-a-Stick

Router(config)# interface g0/0
Router(config-if)# no shutdown

Router(config)# interface g0/0.10
Router(config-subif)# encapsulation dot1q 10
Router(config-subif)# ip address 192.168.10.1 255.255.255.0

Router(config)# interface g0/0.20
Router(config-subif)# encapsulation dot1q 20
Router(config-subif)# ip address 192.168.20.1 255.255.255.0

Default route

Router(config)# ip route 0.0.0.0 0.0.0.0 203.0.113.1

5️Services – DHCP & NAT

DHCP

Router(config)# ip dhcp pool LAN-10
Router(dhcp-config)# network 192.168.10.0 255.255.255.0
Router(dhcp-config)# default-router 192.168.10.1
Router(dhcp-config)# dns-server 8.8.8.8

NAT

Router(config)# interface g0/0
Router(config-if)# ip nat inside

Router(config)# interface g0/1
Router(config-if)# ip nat outside

Router(config)# access-list 1 permit 192.168.10.0 0.0.0.255

Router(config)# ip nat inside source list 1 interface g0/1 overload

6️Beveiliging – SSH & ACL

SSH

Router(config)# hostname R1
Router(config)# ip domain-name examen.local
Router(config)# crypto key generate rsa
Router(config)# username beheerder secret Cisco123

Router(config)# line vty 0 4
Router(config-line)# transport input ssh
Router(config-line)# login local

ACL

Router(config)# access-list 100 deny icmp 192.168.10.0 0.0.0.255 host 192.168.20.50
Router(config)# access-list 100 permit ip any any

Router(config)# interface g0/0.10
Router(config-subif)# ip access-group 100 in

7️ Troubleshooting

show ip interface brief
show vlan brief
show ip route
show run
show ip nat translations
show etherchannel summary

Testen

ping 192.168.20.1
tracert 8.8.8.8

Revision #2
Created 2026-01-28 12:18:15 UTC by Finn Teuwsen
Updated 2026-01-28 12:24:33 UTC by Finn Teuwsen