Cheatsheet

Expert IT Systems and Devices (Crebo 25606) 
 Kerntaak B1-K2 – Infrastructuur 
 
 Basisconfiguratie 
 Deze instellingen voorkomen fouten, vertragingen en puntenverlies. 
 Router> enable 
Router# configure terminal 
Router(config)# hostname R1 
Router(config)# no ip domain-lookup 
Router(config)# service password-encryption 
Router(config)# banner motd #VERBODEN TOEGANG# 
 Interface activeren 
 Router(config)# interface gigabitEthernet 0/0 
Router(config-if)# ip address 192.168.1.1 255.255.255.0 
Router(config-if)# description Link naar Switch 
Router(config-if)# no shutdown 
 
 2️ Switching & VLANs (Laag 2) 
 VLANs aanmaken 
 Switch(config)# vlan 10 
Switch(config-vlan)# name PERSONEEL 
Switch(config-vlan)# exit 
Switch(config)# vlan 20 
Switch(config-vlan)# name GASTEN 
 Access poorten 
 Switch(config)# interface fastEthernet 0/1 
Switch(config-if)# switchport mode access 
Switch(config-if)# switchport access vlan 10 
Switch(config-if)# no shutdown 
 Trunk poorten 
 Switch(config)# interface gigabitEthernet 0/1 
Switch(config-if)# switchport trunk encapsulation dot1q 
Switch(config-if)# switchport mode trunk 
Switch(config-if)# switchport trunk allowed vlan 10,20,99 
Switch(config-if)# no shutdown 
 
 3️ EtherChannel / LACP 
 Switch(config)# interface range g0/1 - 2 
Switch(config-if-range)# channel-group 1 mode active 
Switch(config-if-range)# no shutdown 
 Switch(config)# interface port-channel 1 
Switch(config-if)# switchport mode trunk 
Switch(config-if)# switchport trunk allowed vlan 10,20 
 
 4️Routing (Laag 3) 
 Router-on-a-Stick 
 Router(config)# interface g0/0 
Router(config-if)# no shutdown 
 Router(config)# interface g0/0.10 
Router(config-subif)# encapsulation dot1q 10 
Router(config-subif)# ip address 192.168.10.1 255.255.255.0 
 Router(config)# interface g0/0.20 
Router(config-subif)# encapsulation dot1q 20 
Router(config-subif)# ip address 192.168.20.1 255.255.255.0 
 Default route 
 Router(config)# ip route 0.0.0.0 0.0.0.0 203.0.113.1 
 
 5️Services – DHCP & NAT 
 DHCP 
 Router(config)# ip dhcp pool LAN-10 
Router(dhcp-config)# network 192.168.10.0 255.255.255.0 
Router(dhcp-config)# default-router 192.168.10.1 
Router(dhcp-config)# dns-server 8.8.8.8 
 NAT 
 Router(config)# interface g0/0 
Router(config-if)# ip nat inside 
 Router(config)# interface g0/1 
Router(config-if)# ip nat outside 
 Router(config)# access-list 1 permit 192.168.10.0 0.0.0.255 
 Router(config)# ip nat inside source list 1 interface g0/1 overload 
 
 6️Beveiliging – SSH & ACL 
 SSH 
 Router(config)# hostname R1 
Router(config)# ip domain-name examen.local 
Router(config)# crypto key generate rsa 
Router(config)# username beheerder secret Cisco123 
 Router(config)# line vty 0 4 
Router(config-line)# transport input ssh 
Router(config-line)# login local 
 ACL 
 Router(config)# access-list 100 deny icmp 192.168.10.0 0.0.0.255 host 192.168.20.50 
Router(config)# access-list 100 permit ip any any 
 Router(config)# interface g0/0.10 
Router(config-subif)# ip access-group 100 in 
 
 7️ Troubleshooting 
 show ip interface brief 
show vlan brief 
show ip route 
show run 
show ip nat translations 
show etherchannel summary 
 Testen 
 ping 192.168.20.1 
tracert 8.8.8.8