We feature technical articles across the entire IT spectrum - CCNA networking, security, operating systems, cloud, and programming.

CISCO – Configure a Trunk Port

Below shows the basic minimal configuration for create a Trunk Port. This will allow all VLANs to be sent (still VLAN tagged) out of fast ethernet 0/11. (config)#Int fast0/11(config-if)#switchport mode trunk(config-if)#switchport trunk encapsulation dot1q

Router – DTE / DCE

A DTE (Date Terminating Equipment) cable is the normal cable you should use. Being DTE you should expect the other end to provide clocking.A DCE (Data Communication Equipment) means that this device must provide the clocking on the wire. If your device is the DCE, you must provide clocking using the clock rate command.

What is the Cisco Discovery Protocol (CDP) ?

The Cisco Discovery Protocol (CDP) is a proprietary layer 2 network protocol developed by Cisco Systems that runs on most Cisco equipment and is used to share information about other directly connected Cisco equipment such as the operating system version and IP address. Globally (config)# cdp run(config)# no cdp run Interface To disable, (config-if)# no … Read more

Router – NAT

Use the following commands to dictate which interface should be defined as the inside and outside. (config)access-list 1 permit (config)#ip nat inside source list 1 interface FastEthernet0/0 overload  Show/Debug Commands show ip nat translations debug ip nat no debug all

PIX – Advanced Protocol Handling

When using a “inspect policy map” you need to add it to a “standard policy-map” to allow you to add it to the service policy.For each policy map there would be a class map, the inspect would match the FTP command, and then use the classmap “inspection-default” in the standard policy map. Running Config policy-map … Read more

PIX – VPN – Site 2 Site

Below shows the configuration syntax for configuring a Site to Site VPN on a Cisco PIX firewall. Configuration (config)#isakmp enable outside(config)#isakmp policy 10(config-isakmp-policy)# encryption aes-256(config-isakmp-policy)# hash sha(config-isakmp-policy)# authentication pre-share(config-isakmp-policy)# group 1(config-isakmp-policy)# lifetime 86400(config)#isakmp key shabba address netmask no-xauth(config)#access-list ED permit ip nonat permit ip (inside) … Read more

PIX – VPN – Remote Access

Below shows 2 examples of a Remote Access configuration on version 6.x and 7.x of the Cisco PIX firewall. 6.x (config)#username 123 password 123(config)#isakmp enable outside(config)#ip local pool VPNIP mask policy 1 authentication pre-share(config)#isakmp policy 1 encryption 3des(config)#isakmp policy 1 hash sha(config)#isakmp policy 1 group 2(config)#isakmp policy 1 lifetime 43200 (config)# crypto ipsec … Read more

PIX Protocol Handling

Below are the steps involved in configuring protocol handling, Create the class-map – Tell the class-map which traffic to match Create Policy-map – Assign class-map to policy map. Tell the class-map what to do to the matched traffic Assign policy map globally or to interface Below will inspect http traffic on port 801 using, and … Read more

PIX – Create a Read Only account

Below shows you the commands for creating a read only account on a Cisco PIX firewall. hostname(config)# username client password 123 privilege 5hostname(config)# privilege show level 5 command running-confighostname(config)# privilege show level 5 command startup-confighostname(config)# privilege show level 5 command access-listhostname(config)#aaa authentication ssh console LOCAL

Router – Access-lists

Below shows you a basic access-list configuration. R3>enableR3#configure terminalR3(config)#access-list 56 permit 56 deny 56 permit anyR3(config)#interface serial 0R3(config-if)#ip access-group 56 inR3(config-if)#exitR3(config)#exit