09 November 2009

Finding the right Cisco commands can be relatively painful due to the number of versions and sophistication of most use cases. As far as I can tell, the simplest configurations are the least documented. This lists some of the the key commands I use.

Cheat Sheet

# ssh router-ip // Connect to the router
// SDM command-line:
# ? // view cli options
# show access-lists // view current config
# show ip nat translations // view current port forwarding.
# configure // Go into configure mode
# ip nat inside source static tcp 10.10.10.2 110 xx.xx.xx.xx 110 // Forward a port
// Another level deep - managing an access list...
# no ip nat inside source static tcp 10.10.10.2 110 xx.xx.xx.xx 110 // delete the nat rule
# ip access-list extended 101 // manage config for access-list 101.
# 105 permit tcp host xx.xx.xx.xx host xx.xx.xx.xx eq 110 // Where xx = IP address and 105 = line number to insert
# 120 permit tcp any host 76.79.26.82 eq ftp # 130 permit tcp any host 76.79.26.82 eq ftp-data # no 120 // Delete rule 120 // Use ctrl-c to return to the main prompt
# copy running-config startup-config // Commit the changes
 

References

Cisco IOS ACL - use line numbers
http://www.petri.co.il/csc_edit_cisco_ios_acl_using_line_numbers.htm

 

Technologies:


blog comments powered by Disqus