Cisco | Chia-An Leehttps://calee0219.github.io/tag/cisco/CiscoHugoBlox Kit (https://hugoblox.com)en-us©Mon, 09 Aug 2021 07:48:37 +0800https://calee0219.github.io/media/icon_hu_da05098ef60dc2e7.pngCiscohttps://calee0219.github.io/tag/cisco/Cisco Router 設定https://calee0219.github.io/blog/note_cisco_router/Mon, 09 Aug 2021 07:48:37 +0800https://calee0219.github.io/blog/note_cisco_router/<h3 id="password-recorivy">Password Recorivy</h3> <ol> <li>Power ON, CTRL-break</li> <li>confreg 0x2142</li> <li>reload</li> <li>enable</li> <li>copy startup-config running-config</li> <li>no shutdown: open port</li> <li>change password</li> <li>config-register 0x2102: get back to normal boot</li> </ol> <h2 id="7609">7609</h2> <h3 id="洗掉-config">洗掉 config</h3> <ul> <li>enable</li> <li>write erase</li> <li>reload</li> <li>這時候可能 default reboot 會進入 Romman 狀態,繼續下 boot 會來到正常狀態</li> <li>下 <code>configreg 0x2102</code> (或 <code>configreg 0x2101</code>) 讓開機直接進到正常狀態</li> <li> </li> </ul> <h3 id="reset">Reset</h3> <h2 id="routing">Routing</h2> <h3 id="vrrp">vrrp</h3> <ul> <li>作 gateway 備援使用</li> <li>有三種狀態 <code>初始狀態(Initialize)</code>、<code>主狀態(Master)</code>、<code>備援狀態(Backup)</code></li> <li></li> </ul> <h2 id="nx-os">NX-OS</h2> <h3 id="沒有權限時重設-admin-密碼">沒有權限時,重設 admin 密碼</h3> <p> </p> <ul> <li>開機</li> <li>按 <code>ctrl-C</code> 或 <code>ctrl-R</code></li> <li>進入 <code>loader&gt;</code></li> <li><code>loader&gt; dir</code> 看有哪些 boot file</li> <li><code>boot n3000-xxx</code> 選擇你要 boot 的檔案 (可能選有 kickstart 的)</li> <li>進入 <code>switch(boot)#</code></li> <li><code>conf t</code> -&gt; <code>admin-password</code> -&gt; 輸入 admin 密碼 -&gt; <code>exit</code></li> <li><code>dir bootflash:</code> 列出有的開機檔案</li> <li><code>load bootflash:n3000-xxx</code> 選擇以 xx 檔案開機</li> <li>帳號: admin, 密碼: 剛剛設定的</li> <li>進入系統後,記得要把 kickstart 與 system 指向對的地方</li> <li><code>conf t</code> -&gt; <code>boot kickstart n3000-xxx</code> -&gt; <code>boot system n3000-kickstart-xxx</code></li> <li>如果沒做上面的動作,有可能 <code>reload</code> 後會回到 <code>loader&gt;</code></li> </ul> <h3 id="恢復原廠設定">恢復原廠設定</h3> <ul> <li>enable</li> <li>write erase</li> <li>reload</li> <li>如果 reload 卡在 loader,做上面的動作,並記得指向正確的 system 與 kickstart</li> </ul>Cisco Switch 設定https://calee0219.github.io/blog/note_cisco_switch/Mon, 09 Aug 2021 07:48:37 +0800https://calee0219.github.io/blog/note_cisco_switch/<h2 id="2960">2960</h2> <ul> <li> </li> </ul> <h3 id="document"> </h3> <ul> <li>不知道後面接啥就 &ldquo;?&rdquo; 一下嚕~~</li> <li>Vlan31: 17網段</li> <li>Vlan14: 168網段</li> </ul> <h3 id="刷新">刷新</h3> <p> </p> <ul> <li>開機時長按 mode 鍵,直到燈號快閃</li> <li>flash_init</li> <li>del flash:config.text</li> <li>del flash:vlan.dat</li> <li>boot</li> </ul> <h3 id="console">Console</h3> <ul> <li>connect <ul> <li>Serial -&gt; Serial port(在裝置管理員看的到) -&gt; 9600</li> <li>screen /dev/tty.usbmodem145231 9600</li> </ul> </li> <li>跳過init自己設</li> <li>show version: 看版本 </li> <li>logging synchronous: 避免 log 擋住正在打的訊息</li> </ul> <h3 id="command">Command</h3> <ul> <li>copy running-config startup-config: 存config</li> <li>enable/disable: 可以開始寫入/結束</li> <li>clock set {hh:mm:ss} {day} {month} {year}: 設定時間</li> <li>show running-config</li> </ul> <h3 id="config">Config</h3> <ul> <li>config t: 進入改 config 模式 (下列的指令都要在 config 模式下修改)</li> <li>hostname {myhostname}</li> <li>clock timezone CST 8 (CST 只是名字,沒有意義)</li> <li>no ip http server: 將 HTTP server 關掉</li> <li>no ip http secure-server</li> <li>username {name} password {clear password}: 設定帳號密碼</li> <li>service password-encryption: 密碼加密</li> <li>spanning-tree mode rapid-pvst: 使用 rapid-pvst 網路拓樸</li> <li>service timestamps log datetime localtime year show-timezone: 讓 log 有時間戳記</li> <li>ip name-server {CC 的 nameserver(140.113.235.1)}: 讓 DNS work</li> <li>ip default-gateway {通常網段最後一個}</li> <li>ntp server ntp.cc.cs.nctu.edu.tw: 設ntp server</li> <li>security passwords min-length 8: pw 最短長度</li> </ul> <h4 id="ssh-setting">ssh setting</h4> <ul> <li>ip domain-name {your domain}</li> <li>ip ssh version 2: 用 version 2 的 ssh server</li> <li>crypto key generate rsa <ul> <li>打自己喜歡的數字</li> </ul> </li> <li>line vty 0 15</li> <li>transport input ssh</li> <li>login local</li> <li>username {name} privilege 15 password {pw}: 直接把權限提到最高 (15)</li> </ul> <h4 id="限制連線-ip-config-t">限制連線 ip (config t)</h4> <ul> <li>access-list 1 permit host {ip}: 在 access-list 1 下設定 access 規則 (只允許某 ip 連入)</li> <li>line vty 0 15: 進入 vty</li> <li>access-class 1 in: 限制只有 access-list 1 下的規則才能連進來(in)</li> </ul> <h4 id="vlan-setting">Vlan setting</h4> <ul> <li>interface Vlan 31</li> <li>ip address {your IP} {your mask}: 將 Vlan 對上 static ip</li> <li>no shutdown: 不要關掉這個 Vlan</li> <li>no interface Vlan{num}: 如果不小心開啟不要的 interface,可以用這個指令把他關掉</li> </ul> <h3 id="網路孔">網路孔</h3> <h4 id="將-port-接到-vlan-上">將 port 接到 Vlan 上</h4> <ul> <li>interface gigabitEthernet 0/1: 進入 no.1 port</li> <li>interface range gigabitEthernet 0/1 - 24: 上面的range版</li> <li>switchport access vlan 31: 將 port 接到 Vlan 31 上</li> <li>shutdown: 如果要那個 port 不能連網,記得要關掉</li> </ul> <h4 id="trunk">trunk</h4> <ul> <li>interface gigabitEthernet 0/48</li> <li>switchport mode trunk</li> <li>switchport access vlan {Vlan id}: 當 trunks 不 works 時,該用那一個 vlan &lt;- 但是如果用 switchport mode trunk,就不會有這個問題 (trunk 死掉就直接死掉)</li> <li>switchport trunk allowed vlan 14,31</li> </ul> <h4 id="描述">描述</h4> <ul> <li>interface gigabiteEthernet 0/1: 進入 port</li> <li>description {要寫的描述}</li> </ul> <h2 id="3750">3750</h2> <h3 id="connect">Connect</h3> <ul> <li>mac <ul> <li>screen /dev/tty.usb&hellip; 9600</li> <li>或者下載 </li> </ul> </li> <li>Windows</li> </ul> <h3 id="reset">Reset</h3> <ul> <li>指令 <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-gdscript3" data-lang="gdscript3"><span class="line"><span class="cl"><span class="o">&gt;</span> <span class="n">en</span> </span></span><span class="line"><span class="cl"><span class="c1"># write earse</span> </span></span><span class="line"><span class="cl"><span class="c1"># reload</span> </span></span><span class="line"><span class="cl"><span class="n">System</span> <span class="n">configuration</span> <span class="n">has</span> <span class="n">been</span> <span class="n">modified</span><span class="o">.</span> <span class="n">Save</span><span class="err">?</span> <span class="p">[</span><span class="n">yes</span><span class="o">/</span><span class="n">no</span><span class="p">]:</span> <span class="n">n</span> </span></span><span class="line"><span class="cl"><span class="n">Proceed</span> <span class="n">with</span> <span class="n">reload</span><span class="err">?</span> <span class="p">[</span><span class="n">confirm</span><span class="p">]</span> <span class="n">y</span> </span></span><span class="line"><span class="cl"><span class="o">...</span> </span></span><span class="line"><span class="cl"><span class="n">Model</span> <span class="n">revision</span> <span class="n">number</span><span class="p">:</span> <span class="mi">02</span> </span></span><span class="line"><span class="cl"><span class="o">...</span> </span></span><span class="line"><span class="cl"><span class="n">Would</span> <span class="n">you</span> <span class="n">like</span> <span class="n">to</span> <span class="n">enter</span> <span class="n">the</span> <span class="n">initial</span> <span class="n">configuration</span> <span class="n">dialog</span><span class="err">?</span> <span class="p">[</span><span class="n">yes</span><span class="o">/</span><span class="n">no</span><span class="p">]:</span> <span class="n">n</span> </span></span></code></pre></div></li> <li>物理</li> </ul> <h3 id="misc">Misc</h3> <ul> <li> <p><code>no ip domain-lookup</code>: 關閉 DNS 查詢功能</p> <ul> <li><strong>預設情況下,Router的DNS查詢是啟用的</strong>。</li> <li>當輸入Cisco IOS無法識別的指令時,Router會把這個指令視為主機名稱,然後向DNS查詢。</li> <li>但是這個無用的查詢是非常耗時的,若沒有需要可以關閉!!</li> </ul> </li> <li> <p><code>switch 1 provision ws-c3750g-24ts</code>: 3750 可以作 stack,這個跟這台 3750 是在 stack 上的哪一台有關</p> </li> <li></li> </ul>