Cisco Basic Commands

Cisco Basic Commands

·

7 min read

CommandDescription
enableMoves a user from user exec mode into Privileged EXEC mode. Privileged exec mode is indicated by the # symbol in the command prompt.
configure terminalLogs the user into Global Configuration mode
interface fastethernet/numberEnters interface configuration mode for the specified fast ethernet interface
Basic Configuration Commands List
reloadReboots the Cisco switch or router
hostname nameSets a host name to the current Cisco network device
copy from-location to-locationCopies files from one file location to another
copy running-config startup-configReplaces the startup config with the active config when the Cisco network device initializes
copy startup-config running-configMerges the startup config with the currently active config in RAM
write erase
erase startup-configDeletes the startup config
ip address ip-address maskAssigns the specified IP address and subnet mask
shutdown
no shutdownShuts the interface down (shutdown) or brings it up (no shutdown)
ip default-gateway ip_addressSets the default gateway on the Cisco device
show running-configDisplays the current configuration of the device
show startup-configDisplays the saved configuration stored in the device's NVRAM, which will be loaded when the device starts up
description stringAssigns the specified description to an interface
show running-config interface interface slot/numberDisplays the running configuration for the specified interface
show ip interface [type number]Displays the status of a network interface as well as a detailed listing of its IP configurations and related characteristics.
ip name-server serverip-1 serverip-2Sets the IP address of or more DNS servers that the device can use to resolve hostnames to IP addresses.
Troubleshooting Cisco Commands List
ping *{hostnamesystem-address} [source source-address]*
speed *{10100
duplex *{autofull
cdp run
no cdp runEnables or disables Cisco Discovery Protocol (CDP) for the device
show mac address-tableDisplays the MAC address table
show cdpShows whether CDP is enabled globally
show cdp neighbors*[detail]*Lists summary (or detailed) information about each neighbor connected to the device
show interfacesDisplays detailed information about interface status, settings and counters
show interface statusDisplays the interface line status
show interfaces switchportDisplays many configuration settings and current operational status, including VLAN trunking details
show interfaces trunkLists information about the currently operational trunks and the VLANs supported by those trunks
show vlan
show vlan briefLists each VLAN and all interfaces assigned to that VLAN but does not include trunks
show vtp statusLists the current VLAN Trunk Protocol (VTP) status, including the current mode
Routing and VLAN Commands
show ip routeDisplays the current state of the IP routing of all known routes that are either statically configured or learned dynamically through a routing protocol
ip route *network-number network-mask {ip-addressinterface}*
router ripEnables a Routing Information Protocol (RIP) routing process, which places you in router configuration mode
network ip-addressAssociates a network with a RIP routing process
version 2Configures the software to receive and send only RIP version 2 packets
no auto-summaryDisables automatic summarization
default-information originateGenerates a default route into RIP
passive-interface interfaceSets the specified interface to passive RIP mode, which means RIP routing updates are accepted by, but not sent out of, the interface
show ip rip databaseDisplays the contents of the RIP routing database
ip nat *[insideoutside]*
ip nat inside source *{list{access-list-numberaccess-list-name}} interface type number[overload]*
ip nat inside source static local-ip global-ipEstablishes a static translation between an inside local address and an inside global address
vlanCreates a VLAN and enters VLAN configuration mode for further definitions
switchport access vlanSets the VLAN that the interface belongs to.
switchport trunk encapsulation dot1qSpecifies 802.1Q encapsulation on the trunk link.
switchport accessConfigures a specific Ethernet port on a switch to operate in access mode to accommodate an end device such as a computer, server or printer. The port must then be assigned to a single VLAN.
vlan vlan-id [name vlan-name]Configures a specific VLAN name (1 to 32 characters)
switchport mode *{ accesstrunk }*
switchport trunk {encapsulation { dot1q }Sets the trunk characteristics when the interface is in trunking mode. In this mode, the switch supports simultaneous tagged and untagged traffic on a port.
encapsulation dot1q vlan-idDefines the matching criteria to map 802.1Q frames ingress on an interface to the appropriate service instance
show spanning-treeProvides detailed information about the Spanning Tree protocol for all VLANs
DHCP Commands
ip address dhcpAcquires an IP address on an interface via DHCP
ip dhcp pool nameUsed to configure a DHCP address pool on a DHCP server and enter DHCP pool configuration mode
domain-name domainSpecifies the domain name for a DHCP client
network network-number [mask]Configures the network number and mask for a DHCP address pool primary or secondary subnet on a Cisco IOS DHCP server
ip dhcp excluded-address ip-address [last-ip-address]Specifies IP addresses that a DHCP server should not assign to DHCP clients
ip helper-address addressEnables forwarding of UDP broadcasts, including BOOTP, received on an interface
default-router address[address2 ... address8]Specifies the default routers for a DHCP client
Security Commands
password pass-valueLists the password that is required if the login command (with no other parameters) is configured
username name password pass-valueDefines one of possibly multiple user names and associated passwords used for user authentication. It is used when the login local line configuration command has been used
enable password pass-valueDefines the password required when using the enable command
enable secret pass-valueSets the password required for any user to enter enable mode
service password-encryptionDirects the Cisco IOS software to encrypt the passwords, CHAP secrets and similar data saved in its configuration file
ip domain-name nameConfigures a DNS domain name
crypto key generate rsaCreates and stores (in a hidden location in flash memory) the keys that are required by SSH
transport input *{telnetssh}*
access-list *access-list-number {denypermit} source [source-wildcard] [log]*
access-classRestricts incoming and outgoing connections between a particular VTY (into a basic Cisco device) and the addresses in an access list
ip access-list *{standardextended} {access-list-name
permit source [source-wildcard]Allows a packet to pass a named IP ACL. To remove a permit condition from an ACL, use the “no” form of this command.
deny source [source-wildcard]Used to set conditions in a named IP ACL that will deny packets. To remove a deny condition from an ACL, use the “no” form of this command.
ntp peer <ip-address>Configures the software clock to synchronize a peer or to be synchronized by a peer
switchport port-securityEnables port security on the interface
switchport port-security maximum maximumSets the maximum number of secure MAC addresses on the port
switchport port-security mac-address *{mac-addr{sticky [mac-addr]}}*
switchport port-security violation *{shutdownrestrict
show port security [interface interface-id]Displays information about security options configured on the interface
Monitoring and Logging Commands
logging ip addressConfigures the IP address of the host that will receive the system logging (syslog) messages
logging trap levelUsed to limit messages that are logged to the syslog servers based on severity. Specify the number or name of the desired severity level at which messages should be logged
show loggingDisplays the state of system logging (syslog) and the contents of the standard system logging buffer
terminal monitorSends a copy of all syslog messages, including debug messages, to the Telnet or SSH user who issues this command