Scribd
Upload
10 views21 pages

Core and Switch Configuration Overview

The document contains configuration details for multiple network devices including routers and switches, detailing hostname, interface settings, VLANs, IP addresses, and routing protocols. Each device is configured with specific roles and IP addressing schemes, supporting EIGRP and BGP routing protocols, as well as DHCP and SNMP settings. The configurations are structured to facilitate network management and connectivity across different segments of the network.

Uploaded by

Moham
Copyright
© All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
10 views21 pages

Core and Switch Configuration Overview

The document contains configuration details for multiple network devices including routers and switches, detailing hostname, interface settings, VLANs, IP addresses, and routing protocols. Each device is configured with specific roles and IP addressing schemes, supporting EIGRP and BGP routing protocols, as well as DHCP and SNMP settings. The configurations are structured to facilitate network management and connectivity across different segments of the network.

Uploaded by

Moham
Copyright
© All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

HQ-Core-01

enable

conf t

hostname HQ-Core-01

username admin secret 123

line console 0

login local

line vty 0 4

login local

vtp domain [Link]

int range f1/1 -3

switchport trunk encapsulation dot1q

switchport mode trunk

int port-channel 1

switchport mode trunk

int range f1/14 -15

switchport trunk encapsulation dot1q

switchport mode trunk

channel-group 1 mode on

int f1/10
no switchport

ip address [Link] [Link]

no shut

int f1/11

no switchport

ip address [Link] [Link]

no shut

vlan 10

name HR

vlan 20

name IT

vlan 30

name Servers

vlan 220

name Management

int vlan 10

ip address [Link] [Link]

standby 10 ip [Link]

standby 10 priority 110

standby 10 preempt

int vlan 20

ip address [Link] [Link]

standby 20 ip [Link]

standby 20 priority 110

standby 20 preempt

int vlan 30

ip address [Link] [Link]

standby 30 ip [Link]

standby 30 priority 110

standby 30 preempt

int vlan 220

ip address [Link] [Link]


standby 220 ip [Link]

standby 220 priority 110

standby 220 preempt

spanning-tree mode rapid

spanning-tree vlan 10 root primary

spanning-tree vlan 20 root primary

spanning-tree vlan 30 root primary

spanning-tree vlan 220 root primary

ip routing

router eigrp 1

network [Link] [Link]

network [Link] [Link]

network [Link] [Link]

network [Link] [Link]

network [Link] [Link]

network [Link] [Link]

logging on

end

clock set 10:25:00 5 december 2024

conf t

ntp master

Snmp-server community cisco ro


Snmp-server enable traps (optional)
Snmp-server host [Link] cisco (optional)
end

wr
HQ-Core-02

enable
conf t
hostname HQ-Core-02
username admin secret 123
line console 0
login local
line vty 0 4
login local
vtp domain [Link]
int range f1/1 -3
switchport trunk encapsulation dot1q
switchport mode trunk
int port-channel 1
switchport mode trunk
int range f1/14 -15
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode on
int f1/10
no switchport
ip address [Link] [Link]
no shut
int f1/11
no switchport
ip address [Link] [Link]
no shut
vlan 10
name HR
vlan 20
name IT
vlan 30
name Servers
vlan 220
name Management
int vlan 10
ip address [Link] [Link]
standby 10 ip [Link]
standby 10 priority 105
standby 10 preempt
int vlan 20
ip address [Link] [Link]
standby 20 ip [Link]
standby 20 priority 105
standby 20 preempt
int vlan 30
ip address [Link] [Link]
standby 30 ip [Link]
standby 30 priority 105
standby 30 preempt
int vlan 220
ip address [Link] [Link]
standby 220 ip [Link]
standby 220 priority 105
standby 220 preempt
spanning-tree vlan 10 root secondary
spanning-tree vlan 20 root secondary
spanning-tree vlan 30 root secondary
spanning-tree vlan 220 root secondary
ip routing
router eigrp 1
network [Link] [Link]
network [Link] [Link]
network [Link] [Link]
network [Link] [Link]
network [Link] [Link]
network [Link] [Link]
ntp server [Link]
end
wr
HQ-SW-01

enable
conf t
hostname HQ-SW-01
username admin secret 123
line console 0
login local
line vty 0 4
login local
vtp domain [Link]
ip dhcp snooping
int range f1/1 -2
switchport mode trunk
ip dhcp snooping trust
no ip dhcp snooping information option
int range f1/3 -15
switchport mode access
switchport access vlan 10
spanning-tree portfast
switchport port-security
switchport port-security violation shutdown
switchport port-security maximum 2
switchport port-security maximum 1 vlan access
switchport port-security maximum 1 vlan voice
switchport port-security mac-address sticky
ip dhcp snooping limit rate 20
vlan 500
remote-span
monitor session 1 source int f0/1
monitor session 1 destination remote vlan 500
int vlan 220
ip address [Link] [Link]
ip default-g [Link]
int vlan 10
ip address [Link] [Link]
ip dhcp pool 10
network [Link] [Link]
default-router [Link]
end
wr
HQ-SW-02
enable

conf t

hostname HQ-SW-02

username admin secret 123

line console 0

login local

line vty 0 4

login local

vtp domain [Link]

int range f1/1 -2

switchport mode trunk

int range f1/3 -15

switchport mode access

switchport access vlan 20

spanning-tree portfast

vlan 500

remote-span

monitor session 1 source remote vlan 500

monitor session 1 destination int f0/1

int vlan 220

ip address [Link] [Link]

ip default-g [Link]

int vlan 20

ip address [Link] [Link]

ip dhcp pool 20

network [Link] [Link]

default-router [Link]
HQ-SW-03

enable

conf t

hostname HQ-SW-03

username admin secret 123

line console 0

login local

line vty 0 4

login local

vtp domain [Link]

int range f1/1 -2

switchport mode trunk

int range f1/3 -15

switchport mode access

switchport access vlan 30

spanning-tree portfast

int vlan 220

ip address [Link] [Link]

ip default-g [Link]

int vlan 30

ip address [Link] [Link]

ip dhcp pool 30

network [Link] [Link]

default-router [Link]

end

wr
Internet-Router

enable

conf t

hostname Internet-Router

username admin secret 123

line console 0

login local

line vty 0 4

login local

int f0/0

ip address [Link] [Link]

no shut

int f1/0

ip address [Link] [Link]

no shut

int f1/1

ip address [Link] [Link]

no shut

router eigrp 1

network [Link] [Link]

network [Link] [Link]

ip route [Link] [Link] [Link]

end

wr
Main-Router

enable

conf t

hostname Main-Router

username admin secret 123

line console 0

login local

line vty 0 4

login local

int f0/0

ip address [Link] [Link]

no shut

int f1/0

ip address [Link] [Link]

no shut

int f1/1

ip address [Link] [Link]

no shut

int f2/0

ip address [Link] [Link]

no shut

router eigrp 1

network [Link] [Link]

network [Link] [Link]

network [Link] [Link]

network [Link] [Link]

redistribute bgp 100 metric 100 10 255 50 1500

router bgp 100

neighbor [Link] remote-as 1000

redistribute connected

redistribute eigrp 1

interface tunnel 1
tunnel source f1/1

tunnel destination [Link]

ip address [Link] [Link]

crypto isakmp policy 10


encr aes 256
authentication pre-share
group 5
lifetime 3600
crypto isakmp key Pa$$123 address [Link]
crypto ipsec transform-set MYTRANS esp-aes 256 esp-sha-hmac
crypto map MYMAP 10 ipsec-isakmp
set peer [Link]
set transform-set MYTRANS
match address 100
access-list 100 permit gre any any
ip access-list standard Access-RMap-Branch3
permit [Link] [Link]

ip access-list standard Access-RMap-ISP


permit [Link] [Link]
permit [Link] [Link]

route-map RMap permit 10


match ip address Access-RMap-Branch3
set ip next-hop [Link]

route-map RMap permit 20


match ip address Access-RMap-ISP
set ip next-hop [Link]
end
wr
Branch1-Router
enable

conf t
hostname Branch1-Router
username admin secret 123
line console 0
login local
line vty 0 4
login local
int f0/0
ip address [Link] [Link]
no shut
int f1/0
ip address [Link] [Link]
no shut
router eigrp 1
network [Link] [Link]
network [Link] [Link]
redistribute bgp 200 metric 100 10 255 50 1500
router bgp 200
neighbor [Link] remote-as 1000
redistribute connected
redistribute eigrp 1
interface tunnel 1
tunnel source f0/0
tunnel destination [Link]
ip address [Link] [Link]
crypto isakmp policy 10
encr aes 256
authentication pre-share
group 5
lifetime 3600
crypto isakmp key Pa$$123 address [Link]
crypto ipsec transform-set MYTRANS esp-aes 256 esp-sha-hmac
crypto map MYMAP 10 ipsec-isakmp
set peer [Link]
set transform-set MYTRANS
match address 100
access-list 100 permit gre any any
end
wr
Branch1-Core

enable

conf t

hostname Branch1-Core

username admin secret 123

line console 0

login local

line vty 0 4

login local

vtp domain [Link]

int range f1/1 -2

switchport trunk encapsulation dot1q

switchport mode trunk

vlan 40

name HR

vlan 50

name IT

int f1/10

no switchport

ip address [Link] [Link]

no shut

int vlan 40

ip address [Link] [Link]

int vlan 50

ip address [Link] [Link]

ip routing

router eigrp 1

network [Link] [Link]

network [Link] [Link]

network [Link] [Link]

end

wr
Branch1-SW-01

enable

conf t

hostname Branch1-SW-01

username admin secret 123

line console 0

login local

line vty 0 4

login local

vtp domain [Link]

vlan 40

name HR

int f1/1

switchport mode trunk

int range f1/2 -15

switchport mode access

switchport access vlan 40

spanning-tree portfast

end

wr
Branch1-SW-02

enable

conf t

hostname Branch1-SW-02

username admin secret 123

line console 0

login local

line vty 0 4

login local

vtp domain [Link]

vlan 50

name IT

int f1/1

switchport mode trunk

int range f1/2 -15

switchport mode access

switchport access vlan 50

spanning-tree portfast

end

wr

Branch2-Router

enable

conf t

hostname Branch2-Router

username admin secret 123

line console 0

login local

line vty 0 4

login local

ip vrf VRF-1
ip vrf VRF-2
int f0/0.1
encapsulation dot 100
ip vrf forwarding VRF-1
ip address [Link] [Link]
no shut
int f0/0.2
encapsulation dot 200
ip vrf forwarding VRF-2
ip address [Link] [Link]
no shut
int f2/0
ip vrf forwarding VRF-1
ip address [Link] [Link]
no shut
int f1/1
ip vrf forwarding VRF-2
ip address [Link] [Link]
no shut
int f1/0
ip address [Link] [Link]
no shut
ip dhcp pool 60
netw [Link] [Link]
defa [Link]
ip dhcp pool 70
netw [Link] [Link]
defa [Link]
ip dhcp pool 80
netw [Link] [Link]
defa [Link]
router bgp 300
neighbor [Link] remote-as 1000
redistribute connected
ip route vrf VRF-1 [Link] [Link] [Link]
ip route vrf VRF-2 [Link] [Link] [Link]
end
wr
VRF-Router
enable

conf t
hostname VRF-Router
username admin secret 123
line console 0
login local
line vty 0 4
login local
ip vrf VRF-1
ip vrf VRF-2
int f0/0
no shut
int f0/0.1
encapsulation dot 100
ip vrf forwarding VRF-1
ip address [Link] [Link]
no shut
int f0/0.2
encapsulation dot 200
ip vrf forwarding VRF-2
ip address [Link] [Link]
no shut
int f1/1
ip vrf forwarding VRF-1
ip address [Link] [Link]
no shut
int f1/0
ip vrf forwarding VRF-2
ip address [Link] [Link]
no shut
ip dhcp pool 90
netw [Link] [Link]
defa [Link]
ip dhcp pool 100
netw [Link] [Link]
defa [Link]
ip route vrf VRF-1 [Link] [Link] [Link]
ip route vrf VRF-2 [Link] [Link] [Link]
end
wr
Branch3-Router

enable
conf t
hostname Branch3-Router
username admin secret 123
line console 0
login local
line vty 0 4
login local
int f0/0
ip address [Link] [Link]
no shut
int f1/0
ip address [Link] [Link]
no shut
int f1/1
ip address [Link] [Link]
no shut
ip dhcp pool 110
network [Link] [Link]
default-router [Link]
ip prefix-list deny [Link]/24
ip prefix-list deny [Link]/24
ip prefix-list deny [Link]/24
ip prefix-list deny [Link]/24
ip prefix-list permit [Link]/0 le 32
router bgp 400
neighbor [Link] remote-as 1000
redistribute connected
router eigrp 1
network [Link] [Link]
network [Link] [Link]
distribute-list TEST in
end
wr
ISP-Router

enable
conf t
hostname ISP-Router
username admin secret 123
line console 0
login local
line vty 0 4
login local
int f0/0
ip address [Link] [Link]
no shut
int f1/0
ip address [Link] [Link]
no shut
int f1/1
ip address [Link] [Link]
no shut
int f3/0
ip address [Link] [Link]
no shut
ip vrf VRF-1
ip vrf VRF-2
int f2/0
ip address [Link] [Link]
no shut
int f2/0.1
encapsulation dot 100
ip vrf forwarding VRF-1
ip address [Link] [Link]
no shut
int f2/0.2
encapsulation dot 200
ip vrf forwarding VRF-2
ip address [Link] [Link]
no shut
int f2/1.1
ip vrf forwarding VRF-1
encapsulation dot 100
ip address [Link] [Link]
no shut
int f2/1.2
ip vrf forwarding VRF-2
encapsulation dot 200
ip address [Link] [Link]
no shut
ip route vrf VRF-1 [Link] [Link] [Link]
ip route vrf VRF-1 [Link] [Link] [Link]
ip route vrf VRF-2 [Link] [Link] [Link]
ip route vrf VRF-2 [Link] [Link] [Link]
router bgp 1000
neighbor [Link] remote-as 100
neighbor [Link] remote-as 400
neighbor [Link] remote-as 200
neighbor [Link] remote-as 300
end
wr
Trouble Shoot and verifying Routers
Show run
Show cdp neighbor
Show cdp neighbor details
Show ip interfaces brief
Sh run | sec eigrp/ospf/dhcp/bgp/ip route/access-list …
Show ip route
Show ip protocols
sh crypto ipsec sa
sh crypto ipsec policy
sh crypto
sh crypto isakmp sa
sh crypto isakmp policy
sh crypto isakmp peers
sh crypto ipsec transform-set
sh route-map
sh ip bgp summary
sh ip route bgp/eigrp/ospf
sh ip eigrp 1 neighbors
sh ip eigrp 1 interfaces
sh ip eigrp 1 topology
sh ip dhcp binding
sh ip dhcp snooping binding
sh ip dhcp snooping
sh ip route vrf VRF-1
sh vlan-switch
sh standby
sh spanning-tree
sh port-security
sh ip prefix-list
sh interfaces
sh run interface f1/1
sh clock
sh ntp associations

You might also like