/cisco/ Thread

>>59253082
Completely forgot this command after "configure terminal"

S1 (config)# service password-encryption

Of course if you want to verify the configurations you would use this command

S1# show running-config

and to see what's in the non-volatile RAM (NVRAM), you'd need to do something like

S1$ dir nvram:

>>59253167
wow OP, congrats on Mod 1.

How about some VRFs, route-maps, eBGP and QOS?

>>59253167

Whoops, that S1$ was supposed to be S1# on the prompt.

At any rate, let's move on to Router configuration.

Router> enable
Router# configure terminal
Router (config)# hostname R1
R1 (config)# line console 0
R1 (config-line)# password cisco
R1 (config-line)# login
R1# exit
R1> enable
R1# configure terminal
R1 (config)# enable secret class
R1 (config)# service password-encryption
R1 (config)# banner motd "Welcome to the 4chan /cisco/ thread Router."
R1 (config)# interface gigabitethernet 0/0
R1 (config-if)# ip address 192.168.0.1 255.255.255.0
R1 (config-if)# description "LAN connection to S1"
R1 (config-if)# no shutdown
R1 (config-if)# end
R1# ping 192.168.10.10
R1# show interfaces
R1# show interface serial 0/0/0
R1# show interface gigabitethethernet 0/0
R1# show ip interface brief
R1# show ip route
R1# copy running-config startup-config
R1# reload

>>59253167
There's also alot more that goes into configuring a switch.

>Spanning Tree
S1(config)# spanning-tree mode rpvst
S1(config)#spanning-tree vlan 1 priority 0
S1(config)#spanning-tree portfast default
S1(config)#spanning-tree portfast bpduguard default

>Giving ports access and securing them
>Best practice, don't use VLAN1, but since you used it, heres an example.

S1(config)#int range g1/0/1-48
S1(config-if-range)#desc <== USER ACCESS PORT ==>
S1(config-if-range)#switchport mode access
S1(config-if-range)#switchport port-security
S1(config-if-range)#switchport port-security max 1
S1(config-if-range)#switchport port-security mac sticky
S1(config-if-range)#switchport port-security violation shutdown

>Also setup DHCP.

S1(config)#ip dhcp excluded-addresses 192.168.1.253
S1(config)#ip dhcp pool VLAN-1
S1(dhcp-config)#network 192.168.1.0 255.255.255.0
S1(dhcp-config)#default-router 192.168.1.253
S1(dhcp-config)#dns-server 8.8.8.8 8.8.8.4

File: 1477022859283.jpg (52KB, 641x960px) Image search: [Google]

52KB, 641x960px

>>59253082
That's all that goes into a switch? Hahahaha

>>59253386
OP if you were using different VLAN, you would have to

S1(config-if-range)#switchport access vlan <vlan-#>

File: 1477278919646.jpg (55KB, 600x418px) Image search: [Google]

55KB, 600x418px

>>59253399
you

Lol, learned that shit before I was old enough to be on this site

>>59253399
>he doesn't manually configure his switch from a CLI.
what are you, consumer faggot?

>>59253219
OP at best has achieved CCNA,
>>59253460
I live in Putty as a sysadmin you spanner.

>>59253219
Not OP but we use VRFs on our N9K cores at work, an engineer more skilled than my current self set them up, can you help me understand exactly what a VRF is or does? Best I can understand it's like a context but what exactly does that mean? All I know is that a context, when talking about like ASA, is just basically a virtual instance of the firewall...
>>59253399
There isn't much we set either, we do set QoS values for VOIP traffic though and prioritize that. Nothing else really special other than bpduguard and port security max of like 2 I think. And obviously set the proper VLAN assuming it's trunked down from the core. (We use collapsed core not true 3 layer, we aren't big enough)

>>59253475
Is that all there is for CCNA? I don't even have my CCENT, just a 2 year degree and everyone says CCNA is really hard even. I want to go up to CCIE but I don't know where to even start.

All day I wait for Cisco threads like this.

>>59253475
>putty
install gentoo

>>59253482
Maybe you can look in to TACACS next and LDAP from AD, that's always helpful when logging. Like I said I care for a large site of a multinational company and spend most of my time in Putty now because we're expanding like fuck and there's access switches popping up all over the shop but my next big project is a hyper converged SAN.

File: 4L_SQO5kIe1.jpg (1MB, 3088x2320px) Image search: [Google]

1MB, 3088x2320px

>>59253082

Lol i bet you're going to BdeB

>woah look guys I'm halfway through CCNA 1 and I can configure switches better make a thread on /g/

>>59253509
Judging by your posts you definitely have the exp for CCNA, if anything the exam terminology catches many out but you seem fine with config.. if not a little naïve lol, a lot can be done on them.

>copy run start

>>59253386
Nice.

This is new stuff for me. I just wish when Cisco devloped IOS, they would have borrowed more commands from Linux, Unix, or DOS. I mean, there a TON of old DOS commands.

https://ss64.com/nt/

>>59253566
I'm
>>59253482
>>59253509
those.
Hm. Yes, I went through my 2 years of community college fast (actually 3 years but I co-oped for a year of that) I'm at almost 4 years of exp. in the field at this point, and am the "cisco guy" at work. Also the phone guy which I learned about 95% of all I know about VOIP from work, we only barely touched on it at school. I want to work somewhere bigger, though, I hate being "the x guy". It's just intimidating and hard to find the motivation to kick myself in the ass and get moving. The CCIE we had in to help us configure everything is pretty smart, I admire his skill set.
>>59253542
I already configured a switch to talk back to a Windows NPS for username authentication. So instead of logging in with a local username and password, I'm logging in with my AD credentials.

Only thing that's stopping me from deploying this is that I can't find a way to either not use an enable secret (go straight into enable mode) or use AD credentials' password for the enable secret. Which I understand shouldn't be possible since it's a separate phrase. SSH needs the enable secret if I'm not mistaken but I don't want to give this out to co-ops, but they would like the co-ops to be able to log in and do some troubleshooting and now they are not allowed due to all the production devices running local credentials. Any idea how to resolve this as otherwise I have a working RADIUS login config.

>>59253475

Heck, most of the answers to the CCNA exams are online.

http://www.ccna5.net/

>>59253610
IOS was made before Linux existed....

VRFs are a really a simple concept. Image it simply as a separate instance of the routing table.

You have your global routing table, which is what you see changes in when you configure an interface with defaults.

VRFs create a separate routing table, only interfaces which are told they are part of the VRF would show up in that VRFs routing table. When an interface is part of a VRF, it will no longer take part in the global routing table.

This means that it will not be routing using that table, so all of the routes in the global table are invisible to it. It only sees the routes in it's table.

It's a really simple concept, here's a quick demo on a really simple Front-Door VRF.

R1(config)#ip vrf BASIC-VRF
R1(config)#router rip
R1(config-router)#address-family ipv4 vrf BASIC-VRF
R1(config-router-af)#version 2
R1(config-router-af)#no auto
R1(config-router-af)#network 10.0.0.0
R1(config)#interface g0/0
R1(config-if)#ip vrf forwarding BASIC-VRF
R1(config-if)#ip add 10.10.1.1 255.255.255.0

The cool thing is, using VRFs i could have multiple interfaces with the same IP address with no issue since they are in there own routing tables.

To show the routing table we just created

R1#show ip route vrf BASIC-VRF

Other useful stuff
R1#show ip protocols
R1#ping vrf BASIC-VRF <destination-address>

I did CCNA based college classes. It was pretty fun but I never got any certs.

I thought it was hard too... but I suck at programming too.

I dont know many who know about Cisco stuff. Feel like a lot just do programming and dont do any networking stuff

>enable instead of en
>configure terminal instead of conf t
>hostname S1 instead of host S1
>line console instead of line con
>password cisco instead of pass cisco
>banner motd instead of ban motd
>using " as a delimiter instead of #
>interface vlan1 instead of int vlan 1
>no shutdown instead of no shut
>copy running-config startup-config instead of copy run start
>reload instead of rel

Wtf OP it's like you don't even care about your keystrokes. You could have saved like 30 seconds of your life right there.

>>59253743
Lmao

>>59253610
You should get into that as you take Mods 2, 3 & 4 of CCNA, although I know they've changed alot and you actually learn QoS and eBGP in CCNA now, which I learned when I first started my CCNP, which I'm almost done with.

Hopefully you can get a job somewhere where you work with CCIEs, I've learned alot of cool tricks and commands from them. Be very wary though, if you're not a fan of show and debug commands, CCNP TSHOOT can be a bitch.

>S1# copy running-config startup-config
not
>S1# write mem

??!???

>>59253776
>S1#copy run start
not
>S1#del flash:

>>59253776
>>59253790
>S1# copy run start
not
>smashing the switch with a hammer

>>59253876

copy run sta

is what I use. It is the shortest form of

copy running-config startup-config

>>59253951
wr mem is the shortest form

>>59253743
right? I always try to use shorthand

en
conf t
int fa0/1
desc Printer 3rd Floor 3215 (or something)
sw mo acc
sw acc vlan (printer VLAN)
no shut

etc etc
sw mo tru
sw tru enc dot1q
sw tru all vlan add (list of vlans)

sh run
sh run | in dhcp

Actually my most used commands are:
ping (known address unknown port)
sh arp | in (that IP address)
sh mac add | in (that mac address or a fragment of it)
conf t
int (that interface)
shut
no shut

etc etc
wooo i know shorthand the interpreter does very well.
>>59253755
I learned the pipe command from our CCIE, there's
| include (something}
! filters output to include only lines that include a literal of what you typed
| section (something)
! filters output to a section of what you typed, for example section DHCP would show all DHCP config.
then exclude, begin, and a few others but I mostly use include, begin, section, and exclude.

IOS is a breddy cool thing. Wanna learn more about NXOS cause that looks even cooler.

>>59253876
not
>wr er
>rel
>y

>>59253972
actually it takes wr me

but write memory is deprecated (though still works on IOS but not sure about NXOS, think our CCIE had to setup an equivalence for us just for fun)

>>59253755
Thanks, Anon.

I'm actually trying to cram several chapters today because of finals this week because my community college has an accelerated version of CCNA that pushes two years of CCNA into one year. The really suck part is that it is evening classes, but the instructor is cool.

It's important I pass Mod 1 and Mod 2 before summer so I can take a security class this summer that is only offered once ever other year.

I've got a lot of stuff on my plate, although I wish we did more Packet Tracer exercises than reading.

I feel like I need to go back on a couple of chapters and clear my head on ARP and EIGRPsdfssdnlaweg and RIP

https://www.netacad.com/about-networking-academy/packet-tracer/

Another good site for CCNA study would probably be
http://www.computernetworkingnotes.com/cisco/ccna-study-guide/

>>59254054
Yeah we don't use "write memory"

We use "copy run sta"

>>59254097
Get into GNS3 if you plan on continuing, there's alot of features that are removed in packet tracer.

If you also plan on getting your CCIE get Cisco's VIRL or build a lab, up to you which one you do, they both cost money.

VIRL is $199 right now. Labs can cost 2k depending on what you get.
>>59254054
Just create an alias for it.

"alias exec wrmem copy running-config startup-config"
>>59254027
Piping is very useful, that was the first thing our CCNA instructor taught us. Along with the hotkeys to jump to start of line (Crtl-A) and end of line (Crtl-E)

>>59253082
>everything in default vlan

What the fuck am I reading?

>>59253386
Don't forget setting up VTP if you're a lazy fuck/actually work in a large network. I mean unless you like having to type the same 10 vlans on 50 switches instead of 1.

>>59254318
Very true, VTP is useful but I've also seen it cause lots of issues when admins forget to change a client switch from server mode.

>>59253082
fuck off OP

I don't want to lose my 100k/yr job

>>59254376
Yeah, if the rest of the world finds out how easy our jobs are we'll be screwed

File: 1475157201510.jpg (494KB, 1024x768px) Image search: [Google]

494KB, 1024x768px

Anyone actually work in networking here? Junior NetEng here at a small ISP

>>59253610
Cisco devices weren't even meant for manual configuration back in the 80s, they were supposed to pull the config (and firmware) from a tftp server.
Then they quickly threw a shitty CLI together at the last second

>>59253655
That's not the proper CCNA, but the Netacad CCNA exams.

>>59253743
>>59254027
Until you try to "sh"ow something on the interface config mode of the uplink that carries your ssh session.
Don't shoot from your hip. Take your time, think about your commands, especially on Cisco-style CLIs which put the new config immediatly into action instead of using committing. You're not saving much time, you might even waste a lot of time and money with outages related to quick-shooting.

>>59254027
You'd have a blast with Junos' CLI
Try it out here
http://www.sharontools.com/online-lab/


>>59254318
Remember to password-protect your VTP domain, else a new switch with a higher revision number enters and all your vlans are gone

>>59254376
SDN will take your job anyway

>>59254469
This is why I'm switching over to security.

>>59254318
VTP is not recommended for use and you should have software that can deploy configuration across all your switches with so why even bother with VTP?

>>59253704
>2017
>rip
I know you are just using it as an example but come on nigga

>manually entering "switchport access vlan" onto a port

With 802.1x switchport authentication and a RADIUS server you can automatically assign VLANs to ports and use MAC bypass for things like printers and have much more visibility as to what port is plugged into where.

>>59253082
A switch needs no configuration to work and you forgot the vty lines :)

how much can you expect to make with a fresh CCNA cert?

>>59253386
>>59253482
BPDUGuard is dumb because now you have to go in there and do things after users whine

If you use BPDUFilter in global mode the switch won't send BPDUs until it receives one, then it will start doing spanning tree on the port. Look it up, this is the 99% solution.

>>59253743
If you test for them they don't let you abbreviate

I got myself one ADSL cisco router 877w

I have managed to create wifi by MANY trial and error, what fucking cert/book manages that shit, i have looked through some WIFUND cert book and i didn't find jack shit in it

>>59254943
I found a how-to guide in less than 10 seconds of googling

>>59255012
i found 20 how-to guides, all of them different

>>59255012
also, i don't want how-to guide, i want specific book that teaches how to set adsl+wifi

adsl (or pppoe) is covered slightly in ccna, but wifi using cli i didn't find anywhere

>>59255098
If you want to learn about ADSL then go buy a book about WAN technologies
If you want to learn about WiFi go buy a book about WiFi

If you want to implement both on a Cisco router then use what you learned in those two books, apply your knowledge and go through the command listing on Cisco's website for reference. If you need someone to hold your hand you can google it.

Its like three lines of config unless you are doing wack shit, then its slightly more commands which you should know about if you understand the technologies. You don't need a book for that, you need reference material which is easily available online.

>>59254908
Genrally in the command exercises, they don't allow abbreviations. You can abbreviate in the packet tracers though.

>>59255216
I personally want to learn more about WiFi stuff too. I would especially like to figure out how to set up Wireshark to look at packets over wireless connections.

Out of curiosity, could Software Defined Radio (SDR) be used as a means to do packet sniffing for Wifi? I though I saw something on Hak5 about this topic.

>>59255414
It would be easier to run a Wi-Fi adapter in monitor /promiscuous mode.

Theoretically you could use an SDR but there is no software available to do all the encapsulation etc. You'd just see a raw layer 1 capture of the data.

>>59254943
>I have managed to create wifi by MANY trial and error, what fucking cert/book manages that shit, i have looked through some WIFUND cert book and i didn't find jack shit in it

Just get an actual Aironet and setup a vWLC. The GUI is actually half decent.

>>59255414
>I would especially like to figure out how to set up Wireshark to look at packets over wireless connections.
That is just setting up a SPAN port on the switch

>>59255538

So how would I convert that data to a higher layer? At least to a transport layer. Higher would be better.

>>59253482
Here's a geeky use of VRFs: http://beaglenetworks.net/post/42707829171/star-wars-traceroute

>>59254481
>giving a serious reply to an obviously ironic post

Did the "30 seconds of your life" part not tip you off?

Wait. Thera are still people on /g/ that aren't basement dwellers and actually have respectable jobs in networking?

>>59257784
Scary isn't it

>>59253560
Keep reading, you will learn more :)

>>59253509
I'm going for my CCNA now. It is really hard, not because of the detail of content, but because of how much there is. It's really interesting and I'd definitely recommend.

>>59257784
My day job is a web dev.
This cisco class what do in the evening.

>>59258049
We should have these kind of threads more often.
I'm currently enrolled in a Cisco class too and this is actually pretty motivating.

File: leo smug.jpg (31KB, 328x258px) Image search: [Google]

31KB, 328x258px

>>Use wr mem all the time at work ON ACTUAL SWITCHES and it works FINE

>>Use wr mem on the CCNA lab portion and it's incorrect because they want you to write the entire fucking thing out

LET'S MAKE THE CCNA A CLUSTERFUCK TO PASS SO WE JUST SELL OUR MORE EXPENSIVE MERAKI SHIT SINCE ITS ALL GUI AND COMPANIES DON'T WANT TO PAY A GUY WITH A CCNA WHAT HE'S ACTUALLY WORTH

I'm onto you, Cisco

>>59258169

Is wr mem just a replacement for copy run start?

>>59258169
>>>Use wr mem all the time at work ON ACTUAL SWITCHES and it works FINE
Why do you even write "mem" instead of just "wr"?

I have my second attempt of CCENT on Friday. Best ways for some last minute cramming?

>>59253743
This, in real life situations you always have to setup your devices as fast as possible to outspeed hackers who want to penetrate them!

>>59254263
Some Men Just Want to Watch the World Burn

File: ANGERY.gif (479KB, 434x444px) Image search: [Google]

479KB, 434x444px

>>My company buys all these expensive Meraki switches and cameras and firewalls from our vendor

>>It's my responsibility to manage them and do the setup so I see there's a CMNA certification for Meraki so naturally I want to take the certification class which is ONLY offered by Cisco themselves to their vendors. This is the actual certification class not that bullshit one that's available to the general public where they send you a free AP afterwards

>>Call up our vendor that we have given literally hundreds of thousands of dollars to asking if they can sign me up for the class

>>"Sorry you are the end-user and not our employee so we can't sign you up because that's breaching the trust we have with Cisco as a vendor"

Guess which vendor's contract isn't getting renewed?

>>59258313
That may explain why the CCNA Mod 1 course uses VLAN1 and why Cisco Systems CEO Chuck Robbins wants to MAGA.

>>59258232
Habit from when I was taught. WR works just fine and is the shortest, but wr mem is still a hell of a lot shorter than copy run start but if you use wr or wr mem on the cert lab it doesn't recognize the command

>>59253655
They're all online.

>>59253743
>copy run start instead of just "wr"
you are just as cancer as op.

>>59254481
I do network support in a company that installs networks in hotels. It's pretty basic

>>59254585
Why not both?

File: 1452321780065.jpg (211KB, 664x701px) Image search: [Google]

211KB, 664x701px

>>59253082
Packet tracer is a shit for making you login every time

Networking and information security student here.

Good thread. Lots of good information.

File: CCNA-Logo.jpg (45KB, 550x378px) Image search: [Google]

45KB, 550x378px

Studying for the ccna, do people get jobs with just the ccent? I'm in a soul sucking unrelated field and would like to jump ship as soon as I can.

I've been trying to study networking but I can't keep focused and I procrastinate. How do you bros do it? I have downloaded CBT Nuggets videos and bought a book but it's so dry without coursework

>>59259267
I'm going to college. It's fun and the expectations of other people keep me motivated.

>>59259267

I'm probably getting made redundant at the end of May, need my CCNA to get a better job. Have my CCENT in 2.5 weeks.

>>59253509
CCNA isn't super hard. Avoid tunnel vision and learn how to subnet super fast (write down cheat sheets before actually starting the exam) and it'll be a breeze. I'm re-certifying this year.

>>59259445
I was made redundant so I now get my college paid for, truly the best situation.

Plus I got 5 years of working in hotels so I can translate that experience to a new field.

>>59259490

I've already got my degree. I'll be getting a few thousand in severance pay, but I'd like to have something lined up so I can basically get told to fuck off on Friday and roll in to a new job on Monday. That way I can blow that severance pay on stupid shit I probably don't need but want.

>>59259608
Based. I wish I had worked on my degree before going into the workforce but 18 year old me was an idiot. But here I am.

Severance pay is great, I wish I had gotten a package but I'm happy with them classifying me as redundant instead of terming me, that's what's paying for my school. Additionally I got my annual bonus the week before so I guess that's similar to a severance package.

Good plan though anon.

I literally graduate with a Bachelor's in Business with a concentration in Finance this month. God I wish I had gotten something technology related

>>59253082
>using proprietarry literally backdoored hardware on your networks

>>59259763
BSCS. My instructors pressed the idea that JAVA would be the future. (It wasn't.) My folks though I wasted my time since it took me 9 nears to get a job in the industry. Then I got a call last year from someone willing to hire me after all those years of going to job fairs and filling out job applications. I may be autistic, but sure as hell not Chris-Chan retarded. I managed to make enough money to go back to community college, take CCNA. Apparently, my state (Missouri) was willing to offer free education course for going back to school for IT/Help Desk. It should be noted that CCNA is not part of that program. I'm still glad I did CCNA instead of IT/HD especially since it was meant for folks who didn't go to college, get a BSCS, or still fiddle around with JavaScript while waiting for a callback.

Out of curiosity, does anyone have a resource for finding solutions to Packet Tracer exercises.

I wanted to go back to the Skills Integration Challenge (6.5.1.3) and rewrite my notes that I messed up.

>>59253082
bump

>>59260169
PACKET TRACKERS!

https://ccnav6.com/

>>59254481
>password protecting VTP
Changing the domain is going to be more effective. Net admins are the one kings of the one password everywhere assholes

>>59253082
>>59253167
>>59253372
>>59253386
missing logging synchronous
if we are talking about basics.

>>59253386
i don't know a lot about networking
why would you put dhcp on the switch?

>>59262145
>why would you put dhcp on the switch?
because you're a masochist who hates yourself? Or if you're a windows shop, because you dont want to buy CALs for every device which uses DHCP.

If I could go back and undo all the time I wasted learning cisco equipment management, I'd probably convince my younger self to commit suicide.

>>59262145
because you are too cheap/lazy to setup a DHCP server. Also, it is good to keep your DHCP off you "core" infrastructure (if you are trying for cisco best practice standards) and in tiny home situations that tends to be your router
Although it is a good way to get a switch to be chatty if you are trying to track something down.

>>59262178
it is never too late to kill yourself anon

I fucked around with Cisco in packet tracer....

What a cluster fuck. I feel sorry for anyone involved with it.

>>59258273
ccent is basically net+ with show cmds and subnetting. The first part is sub-netting only, so learn that until you can do it in your head.

File: 1488491020777.jpg (203KB, 576x432px) Image search: [Google]

203KB, 576x432px

This is why cisco is shit, ladies.

>Switch> enable
>Switch# configure terminal
This is unnecessary and stupid. There should just be a single level of configuration.

>S1 (config)# line console
>S1 (config-line)# password cisco
Putting a password on an interface when access should be managed via user account is retarded.

>S1 (config)# enable secret class
Again this should be managed via account. Nice work idiots.

>S1 (config)# service password-encryption
There is no good reason at all for this to even be an option. Passwords should always be encrypted.

>R1 (config)# interface gigabitethernet 0/0
Nobody should ever need to specify "gigabitethernet" or "fastethernet" the port number should be good enough.

>S1(config-if-range)#switchport mode access
>S1(config-if-range)#switchport port-security
>S1(config-if-range)#switchport port-security max 1
>S1(config-if-range)#switchport port-security mac sticky
>S1(config-if-range)#switchport port-security violation shutdown
Why isn't all this shit just one command:
"switchport port-security max 1 mac sticky violation shutdown"
Having to enter four commands for a single function is completely stupid.

I could go on but you Ciscucks would probably start crying. Can't wait for the butthurt, smell ya later.

File: smugchink01.jpg (3KB, 233x216px) Image search: [Google]

3KB, 233x216px

>>59262404
>Can't wait for the butthurt
>took his time to write out a lengthy criticism of cisco on 4chan
>Uses "ciscuck" as an insult as if people here swear loyalty to cisco like they do to Linux

I think the only butthurt one here is you, bud.

>>59262404
>This is unnecessary and stupid. There should just be a single level of configuration.
You do realize that enable is equivalent to sudo?

>Putting a password on an interface when access should be managed via user account is retarded.
You do realize you can configure RADIUS authentication?

>There is no good reason at all for this to even be an option. Passwords should always be encrypted.
backwards compatibility

>Nobody should ever need to specify "gigabitethernet" or "fastethernet" the port number should be good enough.
Thats because on systems with multiple interface types, they share interface numbers. My 3750E has 1 fast ethernet, 48 gig ethernet and 10 gig ethernet.

And then you get to deal with systems which support stacking and line cards. What the fuck happens to your sequential numbering scheme when line cards are swapped.

>Having to enter four commands for a single function is completely stupid.
it is interactively editing a configuration file you retard. its not a program with a argument vector.

>>59262789
>You do realize that enable is equivalent to sudo?
su

File: 1448394494027.jpg (57KB, 700x524px) Image search: [Google]

57KB, 700x524px

>>59262404
>>Switch> enable
>>Switch# configure terminal
>This is unnecessary and stupid. There should just be a single level of configuration.
>>S1 (config)# line console
>>S1 (config-line)# password cisco
>Putting a password on an interface when access should be managed via user account is retarded.

it shows that you haven't ever actually worked with the switches

if you work with user accounts, you're directly in privileged mode

>>S1 (config)# service password-encryption
This is not real encryption, it's mainly for preventing your colleagues hanging out at the printer from seeing your passwords
Some passwords must be reversible in networking, like Radius secrets for example
Passwords that have a 7 infront of them are Type 7 passwords, which is just Vigenère's Chiffre
http://packetlife.net/toolbox/type7/
have fun

>>R1 (config)# interface gigabitethernet 0/0
>Nobody should ever need to specify "gigabitethernet" or "fastethernet" the port number should be good enough.
Some devices have both though

All these fucking people here and not a single one turns on ssh as part of basic configuration. Or even telnet.

Basic telnet I think is (config)# line vty 0 4
Then same as console

>>59262404
What does it fucking matter.
You type up literally a script using one hour of work and then just run that script for 40 years until you retire.

File: Screen Shot 2017-03-05 at 11.45.30 PM.png (86KB, 956x746px) Image search: [Google]

86KB, 956x746px

>>59263002
>complains about something
>not even sure what the command is

File: Screen Shot 2017-03-06 at 12.15.02 AM.png (106KB, 918x770px) Image search: [Google]

106KB, 918x770px

>>59263002
>>59263042
and btw the command is transport input telnet