-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathcisco.txt
142 lines (92 loc) · 3.28 KB
/
cisco.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
Miscellaneous
=============
Netstat-like output of listening ports
show ip ports all
SSH
===
Check if SSH is enabled
show ip ssh
If not enables, generating a crypto key could help
crypto key generate rsa
It may be necessary to add a domain name first
ip domain name example.com
Add SSH public key for a user
-----------------------------
ip ssh pubkey-chain
username user
key-string
Copy the entire public key as appears in the cat id_rsa.pub including the ssh-rsa and username@hostname
Please note that some IOS versions will accept maximum 254 characters.
You can paste multiple lines.
exit
exit
exit
DHCP
====
Server
------
Show current bindings:
show ip dhcp binding
Delete binding(s):
clear ip dhcp binding {address|*}
Determine fields sent by clients:
debug ip dhcp server packet
Client
------
Release or renew DHCP address:
release dhcp ethernet 0/0
renew dhcp ethernet 0/0
Show Date/Time
==============
show clock [detail]
Access Point upgrade
====================
Note: access points can operate in autonomous or unified modes, with the
latter they need centralized control. Autonomous images have k9w7 in their
name, while LWAPP images have k9w8.
archive download-sw /leave-old-sw /reload tftp://10.10.10.3/ap801-k9w7-tar.152-2.JB
Once the new version is tested, the old version can be deleted:
delete /force /recursive flash:ap801-k9w7-mx.124-21a.JA1
Access Point recovery from bootloader
=====================================
1. Enter bootloader mode from the main router
service-module wlan-ap 0 reset bootloader
2. Enter AP
service-module wlan-ap 0 session
3. Configure an IP address in bootloader mode and init TFTP subsystem
set IP_ADDR 10.10.10.2
set NETMASK 255.255.255.248
set DEFAULT_ROUTER 10.10.10.1
tftp_init
4. Get and extract a tar image from a TFTP server
tar -xtract tftp://10.10.10.3/ap801-k9w7-tar.152-2.JB flash:
5. Set the new image as the boot image check variables and boot
set BOOT flash:ap801-k9w7-mx.152-2.JB/ap801-k9w7-mx.152-2.JB
set
boot
6. If the configuration gets wiped out, default username/password/enable are
all Cisco.
Static routes between VRFs
==========================
ip vrf Example
rd 1:1
route-target 1:1
interface FastEthernet0/0
description Interface in a VRF
ip vrf forwarding Example
ip address 192.0.2.1 255.255.255.0
no shutdown
interface FastEthernet0/1
description Interface in a global table
ip address 199.99.9.1 255.255.255.0
! This command adds a route into the VRF
! that points to a route reachable via the global table
ip route vrf Example 223.255.255.0 255.255.255.0 199.99.9.2 global
! This command adds a route into the global table
! that points to a route reachable in the VRF Example
ip route 126.0.0.0 255.0.0.0 FastEthernet0/0 192.0.2.2
This way, there is a route added to the VRF Example pointing to the network
223.255.255.0/24 via the next hop 199.99.9.2 (somewhere behind the Fa0/1
interface). Also, another route to 126.0.0.0/8 is added to the global routing
table which is reachable via the next hop 199.0.2.2 somewhere behind the Fa0/0
interface in the VRF Example.