Cisco路由器配置命令全攻略
配置标准ACL:
router(config)# access-list Access-List-Number [ permit deny ] source [ source-mask ]
<-- Access-List-Number 范围:
1~99标准ACL;100~199扩展ACL;800~899标准IPX ACL;
900~999扩展IPX ACL;1000~1099 IPX SAP ACL;600~699Apple Talk ACL-->
router(config)# interface Type Port
router(config-if)# ip access-group Access-List-Number [ in out ]
router(config-if)# ^z
配置扩展ACL:
router(config)# access-list Access-List-Number [ permit deny ] [ Protocol Protocol-Number ] source source-wildcard [ Source-Port ] destination destination-wildcard [ Destination-Port ] [ established ]
router(config)# interface Type Port
router(config-if)# ip access-group Access-List-Number [ in out ]
router(config-if)# ^z
配置命名ACL:
router(config)# ip access-list [ standard extended ] ACL-Name
router(config [ std- ext- ] nacl)# [ permit deny ] [ IP-Access-List-Test-Conditions ]
router(config [ std- ext- ] nacl)# no [ permit deny ] [ IP-Access-List-Test-Conditions ]
router(config [ std- ext- ] nacl)# ^z
router(config)# interface Type Port
router(config-if)# ip access-group [ACL-Name 1~199 ] [ in out ]
router(config-if)# ^z
配置DCE时钟:
router# show controllers Type Port <--确定DCE接口-->
router(confin-if)# clock rate 64000 <--进入DCE接口设置时钟速率-->
router(config-if)# ^z
配置PPP协议:
router(config)# username Name passWord Set-Password-Here <--验证方建立数据库-->
router(config)# interface Type Port
router(config-if)# encapsulation ppp <--启动PPP协议-->
router(config-if)# ppp outhentication [ chap chap pap pap chap pap ] <--选择PPP认证-->
router(config-if)# ppp pap sent-username Name password Password <--发送验证信息-->
router(config-if)# ^z
PAP单向认证配置实例:
验证方:
router-server(config)# username ClIEnt passWord 12345 <--验证方建立数据库-->
router-server(config)# interface serial 0
router-server(config-if)# encapsulation ppp
router-server(config-if)# ppp authentication pap <--选择使用PAP实现PPP认证-->
router-server(config-if)# ^z
被验证方:
router-client(config-if)# encapsulation ppp
router-client(config-if)# ppp pap sent-username Client password 12345 <--发送验证信息-->
router-client(config-if)# ^z
PAP双向认证配置实例:
路由器 A:
routerA(config)# username B password 12345
routerA(config)# interface serial 0
routerA(config-if)# encapsulation ppp
routerA(config-if)# ppp authentication pap
routerA(config-if)# ppp pap sent-username A password 54321
routerA(config-if)# ^z
路由器 B:
routerB(config)# username A password 54321
routerB(config)# interface serial 1
routerB(config-if)# encapsulation ppp
routerB(config-if)# ppp authentication pap
routerB(config-if)# ppp pap sent-username B password 12345
routerB(config-if)# ^z