{"id":13608892,"url":"https://github.com/grplyler/cisco-cheatsheet","last_synced_at":"2025-06-10T20:11:09.604Z","repository":{"id":42044280,"uuid":"236258572","full_name":"grplyler/cisco-cheatsheet","owner":"grplyler","description":"A Cisco Cheatsheet: Commands and Snippets for bootstrapping, boilerplate, configuration, and hardening of Cisco routers and switches.","archived":false,"fork":false,"pushed_at":"2024-12-03T04:15:05.000Z","size":90,"stargazers_count":364,"open_issues_count":3,"forks_count":94,"subscribers_count":12,"default_branch":"master","last_synced_at":"2025-06-07T23:34:58.732Z","etag":null,"topics":["ccna","ccnav7","cheat-sheet","cheatsheet","cisco","cisco-cheatsheet","cisco-ios","cisco-packet-tracer","scripts","vlan-creation"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/grplyler.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-01-26T02:40:47.000Z","updated_at":"2025-06-07T16:39:07.000Z","dependencies_parsed_at":"2025-03-01T00:19:07.686Z","dependency_job_id":"e83d9fc1-9cbb-4898-a788-4900c431ce9d","html_url":"https://github.com/grplyler/cisco-cheatsheet","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/grplyler%2Fcisco-cheatsheet","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/grplyler%2Fcisco-cheatsheet/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/grplyler%2Fcisco-cheatsheet/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/grplyler%2Fcisco-cheatsheet/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/grplyler","download_url":"https://codeload.github.com/grplyler/cisco-cheatsheet/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/grplyler%2Fcisco-cheatsheet/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":259144473,"owners_count":22811923,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ccna","ccnav7","cheat-sheet","cheatsheet","cisco","cisco-cheatsheet","cisco-ios","cisco-packet-tracer","scripts","vlan-creation"],"created_at":"2024-08-01T19:01:30.832Z","updated_at":"2025-06-10T20:11:09.552Z","avatar_url":"https://github.com/grplyler.png","language":"Python","funding_links":[],"categories":["others"],"sub_categories":[],"readme":"# Cisco Cheetsheet\n\n**Cisco CLI Reference, Howtos, and Tools**\n\n_Warning, use at your own risk. I created these scripts with an educational mindset while studying for my CCNA_\n\n## Quick Navigtation\n\n### Quick Snippets \u0026 Scripts\n  - [Intialize](#intialize)\n  - [Basic Config](#basic-config)\n  - [Assign Static IP to Interface](#assign-static-ip-to-interface)\n  - [Snippet: Enable Router DHCP Server](#snippet-enable-router-dhcp-server)\n  - [Snippet: Enable Switch DHCP Server](#snippet-enable-switch-dhcp-server)\n  - [Nuking (ROMMON, Password Recovery, etc)](#nuking-rommon-password-recovery-etc)\n  - [Howto: File Transfer Over Console (linux / xmodem)](#file-transfer-over-console-linux--xmodem)\n  - [Access Console over USB on Linux](#access-console-over-usb-on-linux)\n\n  \n\n### General Sections\n  * [Basic Networking](#basic-networking)\n    + [Basic Setup](#setup)\n    + [Interfaces](#interfaces)\n    + [DHCP](#dhcp)\n  * [Intermediate Networking](#intermediate-networking)\n    + [VLANs](#vlans)\n    + [Trunks](#trunks)\n    + [Etherchannel](#etherchannel)\n    + [Dynamic Trunking Protocol (DTP)](#dtp-dynamic-trunking-protocol)\n    + [Routing](#routing)\n    + [Spanning Tree Protocol](#spaning-tree-protocol)\n  * [Advanced Networking](#advanced-networking)\n    + [OSPFv2](#ospfv2)\n  * [How To's](#how-tos)\n    + [FTP Server Usage](#ftp-server-usage)\n    + [Access Console over USB on Linux](#access-console-over-usb-on-linux)\n  * [Tools](#tools)\n\n## Full Navigation\n\n  * [Basic Networking](#basic-networking)\n    + [Setup](#setup)\n      - [Intialize](#intialize)\n      - [Basic Switch Config](#basic-switch-config)\n      - [Basic Router Config](#basic-router-config)\n      - [Basic Config with Password Security](#basic-config-with-password-security)\n      - [Basic Security](#basic-security)\n      - [Configure SSH](#configure-ssh)\n      - [Set Clock](#set-clock)\n      - [Basic Hardening (Work Needed)](#basic-hardening-work-needed)\n      - [Backup config over FTP](#backup-config-over-ftp)\n      - [Backup config over console](#backup-config-over-console)\n      - [Restore Config](#restore-config)\n      - [Nuking (ROMMON, Password Recovery, etc)](#nuking-rommon-password-recovery-etc)\n    + [Interfaces](#interfaces)\n      - [Interface Selection](#interface-selection)\n      - [Assign Static IP to Interface](#assign-static-ip-to-interface)\n      - [Interface Ranges](#interface-ranges)\n    + [Interface Verification](#interface-verification)\n      - [Remove IP Addresses](#remove-ip-addresses)\n    + [Console Port](#console-port)\n      - [Change Console Baudrate](#change-console-baudrate)\n    + [DHCP](#dhcp)\n      - [Snippet: Enable Router DHCP Server](#snippet-enable-router-dhcp-server)\n      - [Snippet: Enable Switch DHCP Server](#snippet-enable-switch-dhcp-server)\n      - [Create DHCP Pool](#create-dhcp-pool)\n      - [DHCP Verification](#dhcp-verification)\n      - [Disable DHCP](#disable-dhcp)\n      - [Re-enabled DHCP](#re-enabled-dhcp)\n      - [Create VLAN DHCP](#create-vlan-dhcp)\n      - [Verify DHCP Pool](#verify-dhcp-pool)\n      - [Delete DHCP Pool](#delete-dhcp-pool)\n  * [Intermediate Networking](#intermediate-networking)\n    + [VLANs](#vlans)\n      - [VLAN Creation](#vlan-creation)\n      - [Port Assignment](#port-assignment)\n      - [IP Assignemnt](#ip-assignemnt)\n      - [Verification](#verification)\n      - [Voice and Data VLAN](#voice-and-data-vlan)\n      - [Management VLAN](#management-vlan)\n      - [Delete VLANS on file](#delete-vlans-on-file)\n      - [Delete VLANS in memory](#delete-vlans-in-memory)\n      - [Inter-VLAN Routing](#inter-vlan-routing)\n    + [Trunks](#trunks)\n      - [Create multi-switch vlan trunk](#create-multi-switch-vlan-trunk)\n      - [Trunk Verification](#trunk-verification)\n    + [EtherChannel](#etherchannel)\n      - [Configure EtherChannel](#configure-etherchannel)\n      - [Verify EtherChannel](#verify-etherchannel)\n    + [DTP (Dynamic Trunking Protocol)](#dtp-dynamic-trunking-protocol)\n      - [Configure DTP](#configure-dtp)\n      - [Disable DTP](#disable-dtp)\n      - [Verify DTP](#verify-dtp)\n  * [Advanced Networking](#advanced-networking)\n    + [OSPFv2](#ospfv2)\n      - [OSPF Router IDs](#ospf-router-ids)\n        * [All Commands](#all-commands)\n        * [Enable router OSPF process](#enable-router-ospf-process)\n        * [Configure Loopback](#configure-loopback)\n        * [Configure OSPF Router ID](#configure-ospf-router-id)\n        * [Modify OSPF router ID](#modify-ospf-router-id)\n      - [OSPF - Point-to-Point Networks](#ospf---point-to-point-networks)\n        * [Network Command Syntax](#network-command-syntax)\n        * [Configure OSPF With Network Command](#configure-ospf-with-network-command)\n        * [Use Entire Gigabit Interfaces](#use-entire-gigabit-interfaces)\n        * [Configure OSPF with `ip ospf`](#configure-ospf-with-ip-ospf)\n        * [OSPF Passive Interfaces](#ospf-passive-interfaces)\n        * [Find Designated Router and Backup](#find-designated-router-and-backup)\n        * [Change OSPF from Broadcast to Point-to-Point](#change-ospf-from-broadcast-to-point-to-point)\n        * [Loopback and P2P Networks](#loopback-and-p2p-networks)\n      - [Multiaccess OSPF Networks](#multiaccess-ospf-networks)\n        * [Configure OSPF Priority](#configure-ospf-priority)\n      - [Modifying Single Area OSPF](#modifying-single-area-ospf)\n        * [Adjusting Reference Bandwidth](#adjusting-reference-bandwidth)\n        * [Manually Set OSPF Link Cost](#manually-set-ospf-link-cost)\n        * [Show OSPF Hello Packet Intervals](#show-ospf-hello-packet-intervals)\n        * [Set OSPF Hello Packet Intervals](#set-ospf-hello-packet-intervals)\n        * [Set OSPF Dead Interval](#set-ospf-dead-interval)\n      - [OSPF Default Routes](#ospf-default-routes)\n        * [Propogate Default Route](#propogate-default-route)\n        * [Verify Propogated Default Route](#verify-propogated-default-route)\n      - [Verify Single-Area OSPF](#verify-single-area-ospf)\n        * [Verify OSPF Neighbors](#verify-ospf-neighbors)\n        * [Verify OSPF Protocols](#verify-ospf-protocols)\n        * [Verify OSPF Process Info](#verify-ospf-process-info)\n        * [Verify OSPF Interface Setting](#verify-ospf-interface-setting)\n  * [How To's](#how-tos)\n    + [FTP Server Usage](#ftp-server-usage)\n    + [Install Packet Tracer on Fedora Workstation](#install-packet-tracer-on-fedora-workstation)\n    + [Console Access with `minicom` on Linux](#console-access-with-minicom-on-linux)\n    + [Configure Serial Port with `stty` on Linux](#configure-serial-port-with-stty-on-linux)\n  * [Tools](#tools)\n    + [Subnetting/Calcuation](#subnettingcalcuation)\n      - [ipcalc (*nix)](#ipcalc-nix)\n      - [sipcalc (*nix)](#sipcalc-nix)\n      - [whatmask (*nix)](#whatmask-nix)\n    \n## Basic Networking\n\n### Setup\n---\n\n#### Intialize\n\nThese commands wipe all config and reboot the device\n\n```\nerase startup-config\ndelete vlan.dat\nreload\n```\n\n**Note:** Remeber to say \"no\" to saving running config on reload. If you say yes, running config will be saved and you wont be working with fresh config on reload.\n\n#### Basic Switch Config\n\n```\nconfigure terminal\nno ip domain-lookup\nhostname S1\nline console 0\nlogging synchronous\nexit\nbanner motd $ Authorized Access Only! And Godzilla will beat Kong any day $\nexit\ncopy running-config startup-config\n```\n\n#### Basic Router Config\n\n```\nconfigure terminal\nno ip domain-lookup\nhostname R1\nline console 0\nlogging synchronous\nexit\nbanner motd $ Authorized Access Only! And Godzilla will beat Kong any day $\nexit\ncopy running-config startup-config\n```\n\n#### Basic Config with Password Security\n\n_pastable_\n\n```\nconfigure terminal\nno ip domain-lookup\nhostname R1\nline console 0\nlogging synchronous\nexit\nbanner motd $ Authorized Access Only! And Godzilla will beat Kong any day $\nexit\ncopy running-config startup-config\nconf t\nenable secret class\nline console 0\npassword cisco\nlogin\nexit\nline vty 0 4\npassword cisco\nlogin\nexit\nservice password-encryption\nend\ncopy running-config startup-config\n```\n\n#### Basic Security\n\n```\nconf t\nenable secret class\nline console 0\npassword cisco\nlogin\nexit\nline vty 0 4\npassword cisco\nlogin\nexit\nservice password-encryption\nend\n```\n\n#### Configure SSH\n\n```\nshow ip ssh\nconf t\nip domain-name cisco.com\ncrypto key generate rsa\n\nusername admin secret ccna\nline vty 0 15\ntransport input ssh\nlogin local\nexit\nip ssh version 2\nexit\n```\n\n#### Set Clock\n\n*Show Clock*\n\n```\nshow clock\n```\n\n*Sets clock to eastern US time*\n\n```\nclock timezone EST -5\n```\n\n*Revert to Default Timezone*\n\n```\nno clock timezone\n```\n\n#### Basic Hardening (Work Needed)\n\n```\nconf t\n! Logout timer\n!\nline con 0\n exec-timeout 5\nline vty 0 4\n exec-timeout 5\n \nexit\n\nip ssh time-out 60\nip ssh authentication-retries 3\nend\n```\n\n#### Backup config over FTP\n\n*Using included [FTP server](#ftp-server-usage)*\n\n```\ncopy running-config startup-config\ncopy startup-config ftp://192.168.1.10/config.txt\n```\n\n#### Backup config over console\n\n_coming soon_\n\n#### Restore Config\n```\ncopy ftp://192.168.1.10/config.txt running-config\n```\n\n#### Nuking (ROMMON, Password Recovery, etc)\n\n*Perform a Boot Interupt to Recover a lost or unknown password*\n\n**WARNING**: This operation will delete all current config on the device\n\n1. Ensure Console Cable is connected at 9600 Baudrate\n2. Backup config if you need\n3. Unplug Power\n4. Wait for a few seconds\n5. Re-insert the power cord to the switch\n6. Within 15 seconds, hold the `Mode` button until the green flashing light flashes amber and then returns to flashing green. Release the `Mode` button.\n7. Something like the following should display:\n\n    ```\n    initialize the flash file system, and finish loading the operating system software#\n    \n    flash_init\n    load_helper\n    boot\n    ```\n8. Run `flash_init`\n9. Run `copy flash:config.text flash:config.text.old`\n10. Run `boot`\n\n    The device should now boot with no config and grant you access to it.\n\n\n### Interfaces\n---\n\n\n#### Interface Selection\n\n*Assign and IP address to a port*\n```\nconf t\nint f0/1\nip addr 192.168.10.11 255.255.255.0\nend\n```\n\n#### Assign Static IP to Interface\n\n```\nconf t\nint g0/0\nip addr 10.0.0.10 255.255.255.0\n```\n\n#### Interface Ranges\n\n*Assign and IP address to a port*\n```\nconf t\nint f0/1\nip addr 192.168.10.11 255.255.255.0\nend\n```\n\n*Select Single Range and Assign to a VLAN*\n```\nconf t\nint range f0/1-12\nswitchport mode access\nswitch access vlan 10\nend\n```\n\n```\nconf t\nint range f0/13-24\nswitchport mode access\nswitchport access vlan 20\nend\n```\n\n*Select Multiple Interface Ranges and Move to a VLAN*\n```\nconf t\nint range f0/1-4,g0/1,f0/16-20\nswitchport mode access\nswitchport access vlan 10\nend\n```\n\n### Interface Verification\n\n```\nshow ip interface brief\n```\n\n*or*\n\n```\nshow ip int br\n```\n\n#### Remove IP Addresses\n\n```\nconf t\nint f0/1\nno ip addr\nend\n```\n\n### Console Port\n\n#### Change Console Baudrate\n\n```\nconf t\nline con 0\nspeed 115200\nend\n```\n\n```\nconf t\nline con 0\nspeed 9600\nend\n```\n\n### DHCP\n---\n\n#### Snippet: Enable Router DHCP Server\n\nThis snippet configures a DHCP Server on R1 and will hand out\nIPs on the `10.0.0.1/24` network. Great for using an [FTP Server](#ftp-server-usage) with.\n\n```\nconf t\nip domain name cisco.com\nip dhcp excluded-address 10.0.0.1\nip dhcp pool test\nnetwork 10.0.0.0 255.255.255.0\ndefault-router 10.0.0.1\nend\n```\n\n#### Snippet: Enable Switch DHCP Server\n\n```\nip dhcp pool test\nnetwork 10.0.0.0 255.255.255.0\ndomain-name cisco.com\ndefault-router 10.0.0.1\ndns-server 10.0.0.1\nlease 4\nip dhcp snooping\nip dhcp-server 10.0.0.3\ninterface vlan 1\nip address 10.0.0.3\n```\n\n#### Create DHCP Pool\n\n*Workaround for CCNA labs at Liberty University since we can't change the LAB IP addresses*\n\n```\nconf t\nip domain name cisco.com\nip dhcp excluded-address 10.0.0.1\nip dhcp pool managementpool\nnetwork 10.0.0.1 255.255.255.0\ndefault-router 10.0.0.1\nend\n```\n\n```\nconf t\nip dhcp excluded-address 192.168.10.1\nip dhcp excluded-address 192.168.10.254\nip dhcp pool office-pool-1\nnetwork 192.168.10.0 255.255.255.0\ndefault-router 192.168.10.1\ndns-server 192.168.5.5\ndomain-name linux.org\nend\n```\n\n#### DHCP Verification\n\n```\nshow running-config | section dhcp\nshow ip dhcp binding\nshow ip dhcp server statistics\n```\n\n#### Disable DHCP\n\n```\nconf t\nno service dhcp\nend\n```\n\n#### Re-enabled DHCP\n\n```\nconf t\nservice dhcp\nend\n```\n\n#### Create VLAN DHCP\n\n*Creates a Seperate DHCP Pool for each VLAN*\n\n*Create VLANS*\n```\nconf t\nvlan 10\nname Management\nvlan 20\nname Sales\nvlan 30\nname Operations\nend\n```\n\n*Configure SVI's and IP Address*\n\n| VLAN | IP Address | Gateway\n|------|------------|--------|\n| 10   | 192.168.10.254 | 192.168.10.1\n| 20 | 192.168.20.254 | 192.168.20.1|\n| 30 | 192.168.30.254 | 192.168.30.1|\n\n```\nconf t\nint vlan 10\nip address 192.168.10.254 255.255.255.0\nip default-gateway 192.168.10.1\nno shut\n\nint vlan 20\nip address 192.168.20.254 255.255.255.0\nip default-gateway 192.168.20.1\nno shut\n\nint vlan 30\nip address 192.168.30.254 255.255.255.0\nip default-gateway 192.168.30.1\nno shut\nend\n```\n\n*Add interfaces to VLANS, 8 ports per vlan*\n\n```\nconf t\nint range f0/1-7\nswitchport mode access\nswitchport access vlan 10\n\nint range f0/8-15\nswitchport mode access\nswitchport access vlan 20\n\nint range f0/16-24\nswitchport mode access\nswitchport access vlan 30\nend\n```\n\n*Create DHCP Pools for each vlan*\n\n```\nconf t\nip domain name cisco.com\nip dhcp excluded-address 192.168.10.1\nip dhcp pool vlan10pool\nnetwork 192.168.10.0 255.255.255.0\ndefault-router 192.168.10.1\nimport all\n\n\nip dhcp excluded-address 192.168.20.1\nip dhcp pool vlan20pool\nnetwork 192.168.20.0 255.255.255.0\ndefault-router 192.168.20.1\nimport all\n\nip dhcp excluded-address 192.168.30.1\nip dhcp pool vlan30pool\nnetwork 192.168.30.0 255.255.255.0\ndefault-router 192.168.30.1\nimport all\nend\n```\n\nNow when a device plugs into a port `f0/4` for instance and performs a DHCP request, it should get an IP like `192.168.10.3` because it is plugged into the ports assigned to VLAN 10\n\n#### Verify DHCP Pool\n\n```\nshow ip dhcp pool\n```\n\n#### Delete DHCP Pool\n\n```\nconf t\nno ip dhcp pool managementpool\nend\n```\n\n## Intermediate Networking\n\n### VLANs\n---\n\n#### VLAN Creation\n\n```\nconf t\nvlan 10\nname Faculty\nexit\n```\n\n```\nconf t\nvlan 20\nname Students\nexit\n```\n\n#### Port Assignment\n\n```\nconf t\ninterface range Fa0/1-12\nswitchport mode access\nswitchport access vlan 10\nend\n```\n\n```\nconf t interface range Fa0/13-24\nswitchport mode access\nswitchport access vlan 20\nend\n```\n\n```\nconf t\ninterface Gi0/1\nswitchport mode access\nswitchport access vlan 99\nend\n```\n\n#### IP Assignemnt\n\n```\nconf t\nint vlan 99\nip address 10.0.0.1 255.255.255.0\nend\n```\n\n#### Verification\n\n```\nshow vlan brief\n```\n\n#### Voice and Data VLAN\n\n*Assuming Data on VLAN 10, Voice on VLAN 20*\n\n```\nconf t\nint Fa0/4\nswitchport mode access\nswitchport access vlan 10\nswitchport voice vlan 20\nend\n```\n\n#### Management VLAN\n\n```\nconf t\nvlan 99\nname Management\nexit\ninterface Fa0/24\nswitchport mode access\nswitchport access vlan 99\nexit\nint vlan 99\nip addr 10.0.0.1 255.255.255.0\nend\n```\n\n#### Delete VLANS on file\n\n```\ndelete vlan.dat\n```\n\n#### Delete VLANS in memory\n*Warning: Make sure you move ports to another vlan or the will be unsable*\n\n```\nconf t\nno vlan 10\nno vlan 20\nend\n```\n\n#### Inter-VLAN Routing\n\n*Creates multiple sub-interfaces on a router port to enable inter-vlan routing.*\n\n*Note: `encapsulation dot1q` must be called on a sub interface before an IP can be assigned to it.*\n\n```\nconf t\ninterface G0/0/1.10\ndescription Default Gateway for VLAN 10\nencapsulation dot1Q 10\nip add 192.168.10.1 255.255.255.0\nexit\n\ninterface G0/0/1.20\ndescription Default Gateway for VLAN 20\nencapsulation dot1Q 20\nip addr 192.168.20.1 255.255.255.0\nexit\n\ninterface G0/0/1.99\ndescription Default Gateway for VLAN 99\nencapsulation dot1Q 99\nip addr 192.168.99.1 255.255.255.0\nexit\n\ninterface G0/0/1\ndescription Trunk link to S1\nno shut\nend\n```\n\n### Trunks\n---\n\n#### Create multi-switch vlan trunk\n\n*S1*\n\n```\nconf t\ninterface Gi0/1\ndescription Trunk Line to S2 Gi0/1\nswitchport mode trunk\nswitchport trunk native vlan 99\nswitchport trunk allowed vlan 99\nend\n```\n\n*Note: Remember to set the native vlan (to 99 for instance) on each switch in the trunk so you don't get a native vlan mismatch warning*\n\n#### Trunk Verification\n\n```\nshow interface trunk\nshow interface g0/1 switchport\n```\n\n### EtherChannel\n---\n\nEtherchannel protocols LACP and PAgP configure multiple physical interfaces and links to act as one logical one. You can configure up to 8 ports to act as a single link. This increases bandwidth and improves redundancy.\n\n\n*Note: `mode active` sets the etherchannel group to use the LACP protocol*\n\n#### Configure EtherChannel\n\n*Configure etherchannel between two switches connected with two ethernet cables.*\n```\nconf t\nint range f0/1-2\nchannel-group 1 mode active\nexit\nint port-channel 1\nswitchport mode trunk\nswitchport trunk allowed vlan 1,2,20\n```\n\n\n#### Verify EtherChannel\n\n```\nshow interfaces trunk\nshow etherchannel summary\n```\n\n### DTP (Dynamic Trunking Protocol)\n---\n\n#### Configure DTP\n\n```\nconf t\nint gi0/1\nswitchport mode dynamic auto\nend\n```\n\n**or**\n\n```\nconf t\nint gi0/1\nswitchport mode dynamic desirable\nend\n```\n\n\n#### Disable DTP\n\n*Usefull for connecting to devices that don't support Cisco propietary DTP or creating a static trunk*\n\n```\nconf t\nint gi0/1\nswitchport mode trunk\nswitchport nonegotiate\nend\n```\n\n#### Verify DTP\n\n```\nshow dtp interface gi0/1\n```\n\n## Advanced Networking\n\n### OSPFv2\n\n#### OSPF Router IDs\n\n##### All Commands\n\n```\nshow ip ospf neighbor\nshow ip ospf database \n```\n\n##### Enable router OSPF process\n\nStarting Mode: Global, Non-enabled\n\n```\nenable\nconf t\nrouter ospf 10\n```\n\n##### Configure Loopback\n\n```\nenable\nconf t\ninterface Loopback 1\nip addr 1.1.1.1 255.255.255.255\nend\n```\n\n##### Configure OSPF Router ID\n\n_replace `1.1.1.1` with desired id_\n```\nconf t\nrouter ospf 10\nrouter-id 1.1.1.1\nend\n```\n\n##### Modify OSPF router ID\n\n_Prompt confirmation with 'y' needed_\n\n```\nconf t\nrouter ospf 10\nrouter-id 1.1.1.2\nend\nclear ip ospf process\n```\n\n_Verify_\n\n```\nshow ip proto | include Router ID\n```\n#### OSPF - Point-to-Point Networks\n\n##### Network Command Syntax\n\n`Router(config-router)# network network-address wildcard-mask area area-id`\n\n##### Configure OSPF With Network Command\n\nThe following configures a trianngle of 3 routers connected to\neach other as an OSPF point to point network.\n\n```\nconf t\nrouter ospf 10\nnetwork 10.10.1.0 0.0.0.255 area 0\nnetwork 10.10.1.4 0.0.0.3 area 0\nnetwork 10.10.1.12 0.0.0.3 area 0\nend\n```\n\n##### Use Entire Gigabit Interfaces\n\n```\nconf t\nrouter ospf 10\nnetwork 10.10.1.1 0.0.0.0 area 0\nnetwork 10.10.1.5 0.0.0.0 area 0\nnetwork 10.10.1.14 0.0.0.0 area 0\nend\n```\n\n##### Configure OSPF with `ip ospf`\n\nConfigure OSPF directly on the interfaces rather with with the network\ncommand.\n\nSyntax: `Router(config-if)# ip ospf \u003cprocess-id\u003e area \u003carea-id\u003e`\n\n```\nR1(config)# router ospf 10\nR1(config-router)# no network 10.10.1.1 0.0.0.0 area 0\nR1(config-router)# no network 10.1.1.5 0.0.0.0 area 0\nR1(config-router)# no network 10.1.1.14 0.0.0.0 area 0\nR1(config-router)# interface GigabitEthernet 0/0/0\nR1(config-if)# ip ospf 10 area 0\nR1(config-if)# interface GigabitEthernet 0/0/1 \nR1(config-if)# ip ospf 10 area 0\nR1(config-if)# interface Loopback 0\nR1(config-if)# ip ospf 10 area 0\nR1(config-if)#\n```\n\n##### OSPF Passive Interfaces\n\n```\nconf t\nrouter ospf 10\npassive-interface loopback 0\nend\n```\n\n```\nconf t\nrouter ospf 10\npassive-interface Gi0/0/0\nend\n```\n\n##### Find Designated Router and Backup\n\n```\nshow ip ospf interface GigabitEthernet 0/0/0\n```\n\n##### Change OSPF from Broadcast to Point-to-Point\n\n```\nconf t\ninterface GigabitEthernet 0/0/0\nip ospf network point-to-point\n```\n\n##### Loopback and P2P Networks\n\nLoobacks can be used to simulate real LAN networks\n\n```\nconf t\ninterface Loopback 0\nip ospf network point-to-point\n```\n\n```\nshow ip route | include 10.10.1\n```\n\n#### Multiaccess OSPF Networks\n\n##### Configure OSPF Priority\n\n```\nconf t\nint g0/0/1\nip ospf priority 255\nend\n```\n\nWhere `255` can be values from `0` to `255` with higher numbers making the router to be elected `DR`.\n\n#### Modifying Single Area OSPF\n\n##### Adjusting Reference Bandwidth\n\n```\nRouter# router ospf 10\nRouter(config-router) auto-cost reference bandwidth 1000\n```\n\n_Where 1000 is the speed of the link in Mpbs_\nCommon Values: 10, 100, 1000\n\n##### Manually Set OSPF Link Cost\n\n```\nconf t\nint g0/0/1\nip ospf cost 25\ninterface l0\nip ospf cost 15\nend\n```\n\n##### Show OSPF Hello Packet Intervals\n\n```\nshow ip ospf int g0/0/1\n```\n\n##### Set OSPF Hello Packet Intervals\n\n```\nRouter(config-if)# ip ospf hello-interval \u003cseconds\u003e\n```\n\n```\nconf t\nint g0/0/1\nip ospf hello-interval 30\nend\n```\n\nNote: dead-interval automatically gets set as `hello-interval * 4`\n\n\n##### Set OSPF Dead Interval\n\n#### OSPF Default Routes\n\n##### Propogate Default Route\n\n```\nconf t\nip route 0.0.0.0 0.0.0.0 loopback 1\nrouter ospf 10\ndefault-information originate\n```\n\n##### Verify Propogated Default Route\n\n```\nshow ip route | begin Gateway\n```\n\n#### Verify Single-Area OSPF\n\n##### Verify OSPF Neighbors\n\n```\nshow ip ospf neighbor\n```\n\n##### Verify OSPF Protocols\n\n```\nshow ip protocols\n```\n\n##### Verify OSPF Process Info\n\n```\nshow ip ospf\n```\n\n##### Verify OSPF Interface Setting\n\n```\nshow ip ospf int g0/0/1\nshow ip ospf int brief\n```\n\nWhere `g0/0/1` is the interface you was to see OSPF information on.\n\n```\nconf t\nint g0/0/1\nip ospf dead-interval 100\nend\n```\n\n## How To's\n\n### FTP Server Usage\n\n1. Clone the repo: \n\n    ```\n    git clone https://github.com/grplyler/cisco-utils\n    ```\n    \n2. Install python requirements (for ftp server):\n\n    ```\n    pip install -r requirements.txt\n    ```\n    \n3. Run python ftp_server.py\n\n    ```\n    python3 ftp_server.py\n    ```\n    \n4. Pull a script onto a network device (WARNING: Backup to avoid any losses)\n\n    ```\n    Switch#\u003e copy ftp://192.168.1.10/sw_base.txt running-config\n    ```\n    \n    *Replace 192.168.1.10 with the IP of the computer connected to the switch or router.*\n\n### Install Packet Tracer on Fedora Workstation\n\n(Credit for this howto goes to `philpinch` from the [Fedora Forums](https://ask.fedoraproject.org/t/how-to-install-new-cisco-packet-tracer-7-3-on-fedora-31-workstation/6047))\n\n**1. Log into the Fedora GNOME Desktop**\n\nRemove old version of PacketTracer (if necessary):\n```\nrm -rf /opt/pt\nrm -rf /usr/share/applications/cisco-pt7.desktop\nrm -rf /usr/share/applications/cisco-ptsa7.desktop\nrm -rf /usr/share/icons/hicolor/48x48/apps/pt7.png\n```\n\n**2. Download from the netacad web site the PacketTracer_730_amd64.deb package.**\n\nOpen a terminal :\n\n```\nmkdir -p tmp/pt730\n```\n\ncopy the PacketTracer_730_amd64.deb package to tmp/pt730\n\n\n**4. We’re going to extract the deb file in this folder:**\n```\ncd tmp/pt730\nar -xv PacketTracer_730_amd64.deb\nmkdir control\ntar -C control -Jxf control.tar.xz\nmkdir data\ntar -C data -Jxf data.tar.xz\n```\n\n**5. Copy PacketTracer files to install it:**\n```\ncd data\ncp -r usr /\ncp -r opt /\n```\n\n**6. Configure Gnome Environment:**\n```\nsudo xdg-desktop-menu install /usr/share/applications/cisco-pt7.desktop\nsudo xdg-desktop-menu install /usr/share/applications/cisco-ptsa7.desktop\nsudo update-mime-database /usr/share/mime\nsudo gtk-update-icon-cache --force --ignore-theme-index /usr/share/icons/gnome\nsudo xdg-mime default cisco-ptsa7.desktop x-scheme-handler/pttp\nln -sf /opt/pt/packettracer /usr/local/bin/packettracer\n```\n\n### Console Access with `minicom` on Linux\n\n_under construction_\n\n### Configure Serial Port with `stty` on Linux\n\nSet the default configuration with stty to cisco console default, 9600 bps, 8N1, no flow control:\n\n```\nstty -F /dev/ttyUSB0 9600 litout -crtscts\n```\n\nor:\n\n```\nstty -F /dev/ttyUSB0 cs8 -parenb -cstopb -echo raw speed 9600\n\n # What the arguments mean:\n #   cs8:     8 data bits\n #   -parenb: No parity (because of the '-')\n #   -cstopb: 1 stop bit (because of the '-')\n #   -echo: Without this option, Linux will sometimes automatically send back\n #          any received characters, even if you are just reading from the serial\n #          port with a command like 'cat'. Some terminals will print codes\n #          like \"^B\" when receiving back a character like ASCII ETX (hex 03).\n ```\n\n\n\n\n### Console Access with Screen on Linux\n\nFor this you will need a USB console cable. These can be picked up\non amazon for about $9-$12.\n\n1. Connect your the USB console cable from the computers usb port to the cisco RJ-45 console port.\n\n2. Install the `screen` program if you dont already have it.\n\n```\napt install screen\n```\n\n3. Find the USB device.\n\nIf its the first USB serial device you plugged in, it should be `/dev/ttyUSB0`. The second one should be `/dev/ttyUSB1`, etc.\n\nYou can verify with with `ls /dev | grep USB`\n\n4. Run `screen`\n\nYou will need root access.\n\n```\nscreen /dev/ttyUSB0\n```\n\nRunning with a specific baudrate.\n\n```\nscreen /dev/ttyUSB0 9600\nscreen /dev/ttyUSB0 115200\n```\n\nTo exit screen, hit `Ctrl-a`, `Ctrl-d`\n\nIf you have trouble with the connection, e.g. it lags or is funky, cisco serial connections require the following settings by default:\n\n- `9600` baud\n- `8` data bits\n- `no` parity\n- `1` stop bit\n- `no` flow control\n\nTo do that exactly with screen:\n\n```\nscreen /dev/ttyS0 9600,cs8,-parenb,-cstopb,-hupcl\nscreen /dev/ttyS0 19200,cs8,-parenb,-cstopb,-hupcl\nscreen /dev/ttyS0 115200,cs8,-parenb,-cstopb,-hupcl\n```\n\nWith `odd` parity:\n\n```\nscreen /dev/ttyS0 9600,cs8,parenb,parodd,-cstopb,-hupcl\n```\n\nWith `even` parity:\n\n```\nscreen /dev/ttyS0 9600,cs8,parenb,-parodd,-cstopb,-hupcl\n```\n\nSee more details at [http://www.noah.org/wiki/Screen_notes](http://www.noah.org/wiki/Screen_notes)\n\n### Linux File Transfer Over Console (minicom / xmodem)\n\n_Howto comming soon!_\n\n### Windows File Transfer Over Console ( HyperTerminal / xmodem)\n\n_Howto comming soon!_\n\n## Tools\n\n### Subnetting/Calcuation\n\n#### ipcalc (*nix)\n\nDebian/Ubuntu\n\n```\napt install ipcalc\n```\n\nFedora\n\n```\ndnf install ipcalc\n```\n\n```\nyum install ipcalc\n```\n\n#### sipcalc (*nix)\n\nDebian/Ubuntu\n\n```\napt install sipcalc\n```\n\n_or replace `apt` with your package manager_\n\n#### whatmask (*nix)\n\n**Example Usage**\n\n```\n$ whatmask 10.0.1.12/30\n\n------------------------------------------------\n           TCP/IP NETWORK INFORMATION\n------------------------------------------------\nIP Entered = ..................: 10.0.1.12\nCIDR = ........................: /30\nNetmask = .....................: 255.255.255.252\nNetmask (hex) = ...............: 0xfffffffc\nWildcard Bits = ...............: 0.0.0.3\n------------------------------------------------\nNetwork Address = .............: 10.0.1.12\nBroadcast Address = ...........: 10.0.1.15\nUsable IP Addresses = .........: 2\nFirst Usable IP Address = .....: 10.0.1.13\nLast Usable IP Address = ......: 10.0.1.14\n```\n\n**Install**\n\nDebian/Ubuntu\n\n```\napt install whatmask\n```\n\n_or replace `apt` with your package manager_\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgrplyler%2Fcisco-cheatsheet","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgrplyler%2Fcisco-cheatsheet","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgrplyler%2Fcisco-cheatsheet/lists"}