Cisco Commands

Experts in Networking


087 0 35 0 4 000 tra ining@nca t. co.uk www .ncat.co.uk


Dev ice Configura tion

Descri ption Co mmand s
Confi gure device syst em
name

Switch(config)#hostname sw1

Set s the encrypted enabl e
passw ord

Switch(config)#enable secret cisco
Set s the unencrypt ed enable
passw ord

Switch(config)#enable password cisco
Enable passw ord encrypt ion
on all clear text passw ord
within t he conf igurati on f ile

Switch(config)#service password-encryption
Confi gure a Message Of The
Banner, with an endi ng
character of $

Switch(config)#banner motd $
Assi gn I P address to vlan Switch(config)#int vlan 1
Switch(config-if)#ip addr 172.22.1.11
255.255.255.0

Assi gn D ef ault gatew ay, not e
the mode

Switch(config)#ip default-gateway 10.1.1.1
Sel ect one interf ace


Switch(config)#int fa0/1

Sel ect a range of interfaces
(ver sion dependant)

Switch(config)#int range fa0/1 – 12

Set the interface descr iption

Switch(config-if)#description
Add vl an using conf ig mode switch(config)#vlan 11
switch(config-vlan)#name test

Confi gure Interface f a0/1 @
speed 100 Mbps and f ull
dupl ex

Switch(config-if)#speed 100
Switch(config-if)#duplex full
Assi gn i nt erf ace to vlan

switch(config-if)#switchport access vlan 11
Enable Port Securi ty. Switch(config-if)#switchport mode access
Switch(config-if)#switchport port-security
Switch(config-if)#switchport port-security
mac-address sticky

Disabl e I nt erf ace Switch(config-if)shutdown

Enable Interface

Switch(config-if)no shutdown

Experts in Networking


087 0 35 0 4 000 tra ining@nca t. co.uk www .ncat.co.uk
Confi gures 5 Telnet sessions
each w ith a passw ord of
‘cisco’

Switch(config)#line vty 0 4
Switch(config-line)#login
Switch(config-line)#password cisco
Enable and def ine console
passw ord of ‘ cisco’
Switch(config)#line con 0
Switch(config-line)#login
Switch(config-line)#password cisco

Synchronise con sol e
messages ( keep w hat you
have t ypi ng on the screen)

Switch(config-line)#logging synchronous
Set the ti mezone and
automati cally adj ust


Switch(config)#clock timezone gmt 0
Switch(config)#clock summer-time gmt
recurring
Set s the sw itch priorit y f or
the vl an. This combined w ith
the sw itch mac address
creates the sw itch BID

Switch(config)#spanning-tree vlan 1 priority
4096
Enables portf ast


Switch(config)#int fa0/1
Switch(config-if)#spanning-tree portfast
Enables RSTP. Other
options ar e, PVS T and MST

Switch(config)#spanning-tree mode rapid-pvst
Creates a vlan. Note this
now done i n config mode
not vl an dat abase. A lso note
the ‘int vl an’ command does
NOT create vlans


Switch(config)#vlan 2
Switch(config-vlan)#name sales
Assi gn an interf ace to vlan 2

Switch(config-if)#switchport access vlan 2
Uncondit ionall y f orces an
interf ace i nt o t runking. Ot her
options ar e access and
dynamic

Switch(config-if)#switchport mode trunk
Manuall y assign a sw itch to
a V TP domain. A sw it ch will
automati cally become part of
a V TP domain if it’s currently
in the ‘nul l’ domain and
receives a V TP frame

Switch(config)#vtp domain lab
Change s the VTP mode f r om
the def ault ‘ server’ mode t o
client mode. I n client mode
no changes can be made

Switch(config)#vtp mode client
Enable the http ser ver t o
SDM can be used

Router(config)#ip http server

Experts in Networking


087 0 35 0 4 000 tra ining@nca t. co.uk www .ncat.co.uk
Def ines a username and
passw ord. The l ist can be
used f or many things f rom
PPP authenti cation to user
access

Router(config)#username sue password cisco
Def ines a l ocal host file. Like
/et c/ hosts i n unix

Router(config)#ip host mypc 10.1.1.3
Disabl es DN S l ookup. U sef ul
w hen a command as been
mi ss typed

Router(config)#no ip domain-lookup
Set s the logi cal (not
physi cal) bandw idth of
interf ace. This i s used by
routi ng protocols, SNMP
queuing etc

Router(config)#int s0
Router(config-if)#bandwidth
Set s the physi cal clock

Router(config-if)#clock rate 64000
Set the seri al i nt erf ace W AN
encapsul ati on. Other opti ons
are P PP or f rame-rel ay

Router(config-if)#encapsulation hdlc
Aut hentication on P PP is
optional . This command
enable chap on the interf ace.
Other option PA P

Router(config-if)#ppp authentication chap
Def ines t he type of LMI
being used. If left un-
configur ed the corr ect LMI
type should be automatically
detect ed

Router(config-if)#frame-relay lmi-type cisco
Def ines a stati c route.
Renumber stati c routes have
an admi n di st ance of 1.
Theref ore w ill over ri de any
dynamic routi ng.

Router(config)#ip route 50.0.0.0 255.0.0.0
10.1.2.1
Enables RIP versi on 1 on all
LOCA L interf aces w hich
have a 10. x. x. x addre ss

Enables RIP versi on 2
Router(config)#router rip
Router(config-router)#network 10.0.0.0


Router(config-router)#version 2
Enable the router to pr ovide
a D HCP service.
Router(config)#ip dhcp pool MYPOOL
Router(dhcp-config)#network 10.1.1.0
255.255.255.0
Router(dhcp-config)#default-router 10.1.1.1
Router(dhcp-config)#exit
Router(config)#ip dhcp excluded-address
10.1.1.1 10.1.1.99
Change s the config register
w hich cont rol s w hat the
Router(config)#config-register 0x2102

Experts in Networking


087 0 35 0 4 000 tra ining@nca t. co.uk www .ncat.co.uk
router does w hen t he router
boot s

Creates a logical sub
interf ace bel ow the physical
interf ace

Enables 802.1q t runking on
the i nt erf ace

Def ine the i p address

Router(config)#int fa0/0.1



Router(config-subif)#encapsulation dot1Q 1


Router(config-subif)#ip address 10.1.1.1
255.255.255.0
Enable OSP F on any l ocal
interf ace w hich start with t he
ip address 10.1. x. x. Note the
inverted mask

Router(config-)#router ospf 1
Router(config-router)#network 10.1.0.0
0.0.255.255 area 0
EIGRP can be confi gured i n
a si milar w ay t o RIP or the
mask opti on coul d be used

Router(config)#router eigrp 1
Router(config-router)#network 172.16.0.0
Or
Router(config-router)#network 172.16.2.0
0.0.0.255
Def ines a standard ACL.
Standard ACL use number
1-99

Router(config)#access-list 1 permit
172.16.1.1

Def ines an Extended ACL.
The first address i s the
source I P address
Router(config)#access-list 101 deny tcp host
172.16.1.1 host 172.16.2.1 eq telnet
Router(config)#access-list 101 permit ip any
any

Use t he group command t o
att ach an A CL to an
interf ace.
is used under an i nt erf ace if
the A CL is t o fil ter tr aff ic

Router(config)#interface fa0/0
Router(config-if)#ip access-group 1 out

An exampl e using named
ACL in stead of numbers
Router(config)#ip access-list extended
my_list
Router(config-ext-nacl)# deny tcp host
172.16.1.1 host 172.16.2.1 eq ftp
Router(config-ext-nacl)# permit ip any any

Attachi ng a named ACL t o
an interf ace
Router(config)#int fa0/0
Router(config-if)#ip access-group my_list in

Confi guring a static N AT to
al low a ser ver t o be access
vi a the I nt ernet, using the IP
addr ess on interf ace s0/0/ 1

Router(config)#ip nat inside source static
10.1.1.2 interface s0/0/1
Def ining interf ace w hi ch NA T
takes pl ace betw een

Router(config)#int fa0/0.1
Router(config-if)#ip nat inside

Enables RIP ng Router(config)#ipv6 unicast-routing
ROuter(config)#ipv6 router rip ccna

Experts in Networking


087 0 35 0 4 000 tra ining@nca t. co.uk www .ncat.co.uk
Router(config)#int s0/0/0
Router(config-if)#ipv6 rip ccna enable



Pri vile ge Comm ands

Descri ption Co mmand s
Manuall y star ts the set up
di al og w hich is automatically
invoked w hen the devi ce
st art s w it h no confi g

Switch#setup
Displays t he conf ig held i n
DRAM. Which i s lost if not
copy run start command is
not used

Switch#show running-config
Displays t he NV RAM ( None
volati le) confi g.

Switch#show startup-config
Save s the config. Without
thi s command all
changes/conf igurati on w ill be
lost .

Switch#copy running-config startup-config
Save s the running config t o a
TF TP server

Switch#copy running-config tftp
Copies IOS fi les to a TF TP
ser ver

Switch#copy flash tftp
Copies files f rom a TFTP
ser ver the device f lash

Switch#copy tftp flash

Erase t he confi g held i n
NVRA M. If this i s f oll ow ed
with t he reload command all
configur ation is lost

Switch#erase startup-config
Reboots the devi ce

Switch#reload
Abort sequence

<Shift> <Ctrl> 6
Suspend Telnet S ession

<Shift> <Ctrl> 6(then let all keys go, then)x
Show the current sessi ons.
The one w it h a * is your
acti ve sessi on

Switch#show sessions
Forci ble closes a telnet
se ssi on

Switch#disconnect
Set the device local clock.
Note t hi s is not done in
config mode
Switch#clock set 10:00:00 april 2 2008

Experts in Networking


087 0 35 0 4 000 tra ining@nca t. co.uk www .ncat.co.uk
Display the I OS version
al ong wit h other usef ul inf o
e.g sys upti me, confi g
register etc

Switch#show version
Displays t he f ile cont ents of
the f lash

Switch#show flash
Displays t he clock

Switch#show clock
Displays t he users current ly
logged on

Switch#show users
By def ault di spl ays the last
10 commands

Switch#show history
Displays t he A RP cache

Switch#show arp
Displays t he sp anni ng t ree
st at us on vlan 1

Switch#show spanning-tree vlan 1
Li st s al l t he conf igured vlans

Switch#show vlan
Displays V TP inf o such as
VTP mode, V TP domain,
VTP counter.

Switch#sh vtp status
Ping sel ected address

Switch#ping 10.1.1.1
E xtended ping. Must be in
pri vilege mode

Switch#ping
Display the i nt erface status

Switch#show int fa0/1
Displays t he vlan statu s and
the I P address VLAN 1
(of ten t he management vlan)

Switch#show interfaces vlan 1
Displays a l ist of CDP
neighbours

Switch#show cdp neighbors
E xtended i nf ormati on on the
above

Switch#show cdp neighbors details
Display CDP packets as they
arri ve

Switch#debug cdp packets
Display pi ng packets as they
arri ve

Switch#debug icmp packets
Display sw itch MAC
Addresse s table. The se
entri es are learnt f rom t he
source mac address i n the
Ether net f rames

Switch#show mac address-table

Experts in Networking


087 0 35 0 4 000 tra ining@nca t. co.uk www .ncat.co.uk
Displays t he i nt erf ace
oper ati onal status and IP
addr esses f or al l r outer
interf aces

Router#show ip interface brief
Displays all the confi gured
routi ng protocols

Router#show ip protocols
Displays t he I P routei ng
table

Router#show ip route
Displays t he NA T
translati ons

Router#show ip nat translations
Displays t he physical cabl e
D TE /DCE , x.21, V. 35,
RS232 confi gurati on

Router#show controllers s 0
Displays t he end-t o-end
st at us. R ecall that ‘show
interf ace’ does not

Router#show frame-relay pvc
Displays t he t ype of LMI and
the number LMI f rames

Router#show frame-relay lmi
Displays t he f r ame relay
inverse ARP tabl e

Router#show frame-relay map
To be come neighbour s both
the l ocal and remote
interf ace must be correctly
configur ed.

Router#show ip ospf neighbor
If adjacent routers don’t
become nei ghbours. Then
use the command to check
the l ocal r outer i nt erf ace is
configur ed cor rectl y

Router#show ip ospf interface
Same i nf ormati on as the
above OSP F commands but
with E IGRP . Remember that
AS numbers MUS T match

Router#show ip eigrp neighbor
Same i nf ormati on as the
above OSP F commands but
with E IGRP

Router#show ip eigrp interface
IPv6 pi ng. Recall that ::
means all zer o in betw een

Router#ping 2000:1000:500:3::1