[[cisco:pastebin]]
Trace:
Show page
AdminRecent ChangesSitemap

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
cisco:pastebin [2009/03/11 18:13]
a how to block VTP 		cisco:pastebin [2014/05/17 13:18] (current)
79.24.101.124 [Slow ADSL with 12.4 IOS version?!]
Line 1: Line 1:
 +====== Cisco random pastebin :) ======
 +
 +===== See open ports =====
 +
    R1# show control-plane host open-ports    R1# show control-plane host open-ports
    Active internet connections (servers and established)    Active internet connections (servers and established)
Line 14: Line 18:
     * This show command does not display non-TCP/UDP servers (OSPF, EIGRP, RSVP) or even some UDP-based services (RIP).     * This show command does not display non-TCP/UDP servers (OSPF, EIGRP, RSVP) or even some UDP-based services (RIP).
  
 +===== Policy QoS =====
  
 ---- ----
Line 46: Line 51:
  
  
-==== Alias ====+===== Alias =====
  
 To display IP addresses assigned to router's interfaces (excluding interfaces with no IP address) use ''show ip interface brief | exclude unassigned'' command. To display IP addresses assigned to router's interfaces (excluding interfaces with no IP address) use ''show ip interface brief | exclude unassigned'' command.
Line 70: Line 75:
 </code> </code>
  
 +and some more
  
-==== A basic script for handling ACLs of your Cisco Catalyst ====+<code> 
 +alias exec siib sh ip int brief 
 +alias exec srint sh run int 
 +alias exec srb sh run | begin 
 +alias exec srs sh run | sec 
 +alias exec sri sh run | incl 
 +alias exec sia sh ip access-list 
 +</code> 
 + 
 +<code> 
 +alias configure ping do ping 
 +alias configure sh do sh 
 +alias configure siib do siib 
 +alias configure srint do srint 
 +alias configure srb do srb 
 +alias configure sri do sri 
 +alias configure sia do sia 
 + 
 +alias interface ping do ping 
 +alias interface sh do sh 
 +alias interface siib do siib 
 +alias interface srint do srint 
 +alias interface srb do srb 
 +alias interface sri do sri 
 +alias interface sia do sia 
 + 
 +alias subinterface ping do ping 
 +alias subinterface sh do sh 
 +alias subinterface siib do siib 
 +alias subinterface srint do srint 
 +alias subinterface srb do srb 
 +alias subinterface sri do sri 
 + 
 +alias subinterface sia do sia 
 +</code> 
 + 
 +<code> 
 +alias exec s show run 
 +alias exec c config t 
 +alias exec srs show run | section 
 +alias exec srb show run | begin 
 +alias exec si show run interface 
 +alias exec sri show run | include 
 +alias exec siib show ip interface brief | exclude admin 
 +alias exec sib show ip bgp 
 +alias exec sir show ip route 
 +alias exec sirp show ip route vrf PURPLE 
 +alias exec sibp show ip bgp vpnv4 vrf PURPLE 
 +alias exec pp ping vrf PURPLE 
 +alias exec zp show policy-map type inspect zone-pair 
 +alias exec sci show crypto ipsec 
 +alias exec sck show crypto isakmp 
 +alias exec cci clear crypto sa 
 +alias exec cck clear crypto isakmp 
 +alias exec sio show ip ospf 
 +alias exec sie show ip eigrp 
 +</code> 
 + 
 +===== A basic script for handling ACLs of your Cisco Catalyst =====
 A handy script //( [[http://tuttodebian.blogspot.com/|taken from this site]] )// to keep the ACLs of our Cisco Catalyst 3560 in separate files, so as be able to edit them without connecting to the device and finally update them on the switch by using a perl script like this: A handy script //( [[http://tuttodebian.blogspot.com/|taken from this site]] )// to keep the ACLs of our Cisco Catalyst 3560 in separate files, so as be able to edit them without connecting to the device and finally update them on the switch by using a perl script like this:
  
Line 134: Line 198:
  
  
-==== Cisco IPIP Tunnels ====+===== Cisco IPIP Tunnels =====
  
 **Linux (192.168.2.1):** **Linux (192.168.2.1):**
Line 150: Line 214:
    tunnel mode ipip    tunnel mode ipip
  
-==== Is there a way  to block VTP from coming in a port ====+===== GRE tunel (Cisco & Juniper) ===== 
 + 
 +   Juniper(M20) ----------------GRE tunnel-----------------------Cisco(7206) 
 + 
 +**Juniper Configuration** 
 +<code> 
 +> show configuration interfaces gr-0/1/0 
 +unit 0 { 
 +    tunnel { 
 +        source 219.93.2.1; 
 +        destination 219.93.2.2; 
 +        key 123456; ## problem 
 +    } 
 +    family inet { 
 +        mtu 1514; 
 +        address 192.168.1.1/30; 
 +    } 
 +
 +</code> 
 + 
 +**Cisco Configuration** 
 +<code> 
 +interface 
 +Tunnel0 
 + ip address 192.168.1.2 255.255.255.252 
 + no ip unreachables 
 + no ip proxy-arp 
 + ip mtu 1514 
 + tunnel source 219.93.2.2 
 + tunnel destination 219.93.2.1 
 + tunnel key 123456 # problem  
 +</code> 
 + 
 +===== Is there a way  to block VTP from coming in a port =====
  
    * make the port an access port    * make the port an access port
Line 160: Line 257:
 (different vtp domains on each side).  (different vtp domains on each side). 
  
-====== Level Headline ======+===== DHCP Configuration for Cisco VOIP Phones ===== 
 +<code> 
 +.... 
 +authoritative; 
 +ddns-update-style none; 
 +option voip-tftp-server code 150 = ip-address; 
 +option voip-tftp-server 192.168.134.192; 
 +</code> 
 + 
 +This should likely work for you as well, just make sure you replace the IP for “voip-tftp-server” with the address to your core phone server.  Hopefully the next time someone hits google looking for “option code 150 cisco phone” the clear answer isn’t so hard to find. 
 + 
 +===== Slow ADSL with 12.4 IOS version?! ===== 
 + 
 +<code> 
 +Ciscozine(config-if)#clock rate aal5 ? 
 +        1000000 
 +        1300000 
 +        1600000 
 +        2000000 
 +        2600000 (default) 
 +        3200000 
 +        4000000 
 +        5300000 
 +        7000000 
 + 
 +  <1000000-7000000>  clock rates in bits per second, 
 +                     choose one from above 
 + 
 +Ciscozine(config-if)#Ciscozine(config-if)#clock rate aal5 ? 
 +        1000000 
 +        1300000 
 +        1600000 
 +        2000000 
 +        2600000 (default) 
 +        3200000 
 +        4000000 
 +        5300000 
 +        7000000 
 + 
 +  <1000000-7000000>  clock rates in bits per second, 
 +                     choose one from above 
 + 
 +Ciscozine(config-if)# 
 +</code> 
 + 
 +In fact, if you don’t define the clock rate command into the atm interface, the IOS set to 2600000 this parameter. To force it, use the command ‘clock rate aal5′; in my case I use the command ‘clock rate aal5 7000000′. 
 + 
 +Below the download speed test guarantee the bandwith improvement. More info on http://www.ciscozine.com/2009/11/05/slow-adsl-with-12-4-ios-version/ 
 + 
 +===== 1:1 NAT (not Cisco NAT) example ===== 
 + 
 +<code> 
 +! WAN interface 
 +interface FastEthernet0/0.457 
 + encapsulation dot1Q 457 
 + ip address 10.66.175.21 255.255.240.0 
 + ip nat outside 
 + ! PPPoE ip tcp adjust-mss 1412 
 +
 +! LAN interface 
 +interface FastEthernet0/
 + ip address 192.168.156.1 255.255.255.0 
 + ip nat inside 
 +
 +! Redirect 0.0.0.0 --> 10.66.175.21 --> 192.168.156.2 
 +ip nat inside source static 192.168.156.2 10.66.175.21 
 +</code> 
 + 
 +<note tip>With this rule ''ip nat inside source static 192.168.156.2 10.66.175.21'' it's done DNAT/SNAT (portforwarding as well as source NAT). **If things are not working as they should you might have b0rken IOS firmware on Cisco router!**</note> 
 + 
 + 
 +==== Cisco NAT ==== 
 + 
 +<code> 
 +ip nat pool NAT 10.252.162.2 10.252.162.2 netmask 255.255.255.252 
 +ip nat inside source list 10 pool NAT overload 
 + 
 + 
 +access-list 10 permit 10.52.4.0 0.0.0.255 
 +</code> 
 +===== NAT Based Upon Source Address ===== 
 + 
 +{{http://evilrouters.net/wp-content/uploads/2010/04/source-address-based-nat.png}} 
 + 
 +See original source: http://evilrouters.net/2010/04/21/nat-based-upon-source-address/ 
 + 
 + 
 + 
 + 
 +====== Foobar ======
  
 <html><pre> <html><pre>
cisco/pastebin.1236791621.txt.gz · Last modified: 2009/05/25 00:34 (external edit)
Show pageOld revisions
Media ManagerBack to top
CC Attribution-Share Alike 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0 ipv6 ready