Tools

All Tools
Network utilities & calculators
Subnet Calculator
Calculate network information from ...
VLSM Calculator
Design efficient subnet allocations...
IP Address Planner
Visual IP allocation planning with ...

Learn

Learning Paths
Structured courses
Guides
How-to documentation
References
Quick cheatsheets

Configuration Templates

Pre-built, production-ready configuration snippets for all major network vendors.

Vendor

Category

OSPF Single Area

Basic OSPF configuration for single area networks

Cisco
RoutingOSPFEnterprise
router ospf 1
 router-id 1.1.1.1
 network 10.0.0.0 0.0.0.255 area 0
 network 192.168.0.0 0.0.0.255 area 0
 passive-interface default
 no passive-interface GigabitEthernet0/0

VTP Configuration

VLAN Trunking Protocol setup

Cisco
SwitchingVLANCampus
vtp mode server
vtp domain NETWORK
vtp password MySecurePass
vlan 10,20,30
!
interface GigabitEthernet0/24
 switchport mode trunk
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan all

BGP Dual ISP

BGP configuration for multi-ISP failover

Cisco
BGPMulti-ISPHA
router bgp 65001
 bgp router-id 1.1.1.1
 neighbor 203.0.113.1 remote-as 65100
 neighbor 203.0.113.1 description ISP-A
 neighbor 203.0.113.5 remote-as 65101
 neighbor 203.0.113.5 description ISP-B
 !
 address-family ipv4
  redistribute static
  neighbor 203.0.113.1 activate
  neighbor 203.0.113.5 activate
 exit-address-family

Firewall Policy

Basic Fortinet firewall policy

Fortinet
FirewallPolicyFortinet
config firewall policy
    edit 1
        set name "Allow-Internal-Web"
        set srcintf "port1"
        set dstintf "port2"
        set srcaddr "all"
        set dstaddr "all"
        set service "HTTP" "HTTPS"
        set action accept
        set schedule "always"
        set logtraffic all
    next
end

IPsec VPN Phase 1

IPsec VPN IKE phase 1 configuration

Fortinet
VPNIPsecBranch
config vpn ipsec phase1-interface
    edit "to-branch"
        set interface "wan1"
        set ike-version 2
        set keylife 28800
        set peertype any
        set proposal aes256-sha256
        set remote-gw 203.0.113.10
        set psksecret "MySecureKey123!"
    next
end

Security Zone

Palo Alto Networks security zone configuration

Palo Alto
SecurityZonesPalo Alto
set zone trust network layer3 ethernet1/1
set zone untrust network layer3 ethernet1/2
set zone dmz network layer3 ethernet1/3

set network virtual-router default routing-table ip static-route 0.0.0.0/0 nexthop ip-address 203.0.113.1

set rulebase security rules "Allow-Web" from trust to untrust
set rulebase security rules "Allow-Web" source any
set rulebase security rules "Allow-Web" destination any
set rulebase security rules "Allow-Web" action allow

VLAN Interface

Arista VLAN and interface configuration

Arista
SwitchingVLANArista
vlan 10
   name Engineering
!
vlan 20
   name Sales
!
interface Vlan10
   ip address 10.10.1.1/24
!
interface Vlan20
   ip address 10.20.1.1/24
!
interface Ethernet1/1
   description "Access Port Engineering"
   switchport access vlan 10

BGP EVPN

BGP EVPN for data center overlay

Arista
BGPEVPNData Center
router bgp 65001
   neighbor SPINE peer group
   neighbor SPINE remote-as 65000
   neighbor SPINE update-source Loopback0
   neighbor 192.168.255.1 peer group SPINE
   !
   address-family evpn
      neighbor SPINE activate
   !
   address-family ipv4
      neighbor SPINE activate