Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1105
Views
5
Helpful
4
Replies

Question on differences in commands

Go to solution
CSCO11733516
Level 1
Level 1

‎08-29-2012 07:54 AM - edited ‎02-21-2020 04:43 AM

Hey Guys-

I just had some questions pertaining to the differences between commands that appear to be performing the same function.  Can you let me know if one command is more preferred over the other and what the difference is.  I'd really appreciate it as it I'm currently practicing some INE labs and I see that the commands change from lab to lab.  Thanks ahead of time!

1.  When writing a static NAT for 1 specific host - does it matter if I include the /32 subnet?

EX:     static (inside,outside) 1.1.1.1 2.2.2.2     VS     static (inside,outside) 1.1.1.1 2.2.2.2 netmask 255.255.255.255

2.  When I am configuring a router as CA server and it is required to "export" the key, does it matter my method of exporting the key?  If so, in what method would call for which solution?

EX:  crypto key export rsa ciscox pem URL nvram: 3des cisco     VS     crypto key export rsa ciscox pem terminal 3des cisco

3.  If I have to mark a packet with a DSCP value of X, does it matter if I use the "set dscp" VS "set ip dscp"?  If so, what's the difference?

EX:

policy-map X

class X

set dscp X

VS

policy-map X

class X

set ip dscp X 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Karsten Iwen
VIP
VIP
In response to CSCO11733516

‎08-29-2012 08:09 AM 

I guess pertaining to 2, if i was speaking in terms of from a cisco router to another cisco router - would terminal be acceptable?

yes the "crypto key import" command can take the input from a url and also from the terminal. In that case terminal wil be much easier.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Karsten Iwen
VIP
VIP

‎08-29-2012 08:04 AM 

1.  When writing a static NAT for 1 specific host - does it matter if I include the /32 subnet?
EX:     static (inside,outside) 1.1.1.1 2.2.2.2     VS     static (inside,outside) 1.1.1.1 2.2.2.2 netmask 255.255.255.255

the result will be the same. It you don't include the netmask in that command /32 is taken. You can configure it without and with a "sh run static" you see it with netmask.

2.  When I am configuring a router as CA server and it is required to "export" the key, does it matter my method of exporting the key?  If so, in what method would call for which solution?
EX:  crypto key export rsa ciscox pem URL nvram: 3des cisco     VS     crypto key export rsa ciscox pem terminal 3des cisco

That depends o how you want to process the keys afterwards. If you have a system where you can paste the key then putting the key onto the terminal might be more comfortable. If you need the key as a file then storing it on the router and copying the key to the destination might be easier.

3.  If I have to mark a packet with a DSCP value of X, does it matter if I use the "set dscp" VS "set ip dscp"?  If so, what's the difference?

The first sets the DSCP für ipv4 and ipv6 packets, the other only for ipv4.

happy studying ...

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Go to solution
CSCO11733516
Level 1
Level 1
In response to Karsten Iwen

‎08-29-2012 08:05 AM

karsten - kudos dude.  i appreciate your help bigtime!

I guess pertaining to 2, if i was speaking in terms of from a cisco router to another cisco router - would terminal be acceptable?

0 Helpful

Go to solution
Karsten Iwen
VIP
VIP
In response to CSCO11733516

‎08-29-2012 08:09 AM 

I guess pertaining to 2, if i was speaking in terms of from a cisco router to another cisco router - would terminal be acceptable?

yes the "crypto key import" command can take the input from a url and also from the terminal. In that case terminal wil be much easier.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

0 Helpful

Go to solution
CSCO11733516
Level 1
Level 1
In response to Karsten Iwen

‎08-29-2012 08:28 AM

Thanks!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card