Copies the current router configuration to Nvram for use at next boot up. Copy startup-config running-config. Sets the router configuration back to its startup configuration. Displays basic router and IOS info. Displays information on each router interface. Displays current routing table. Displays each access control list. Turns on ip routing. Turns off ip routing. Adds a static route.
Removes a static route. Configure terminal. Moves user from privileged mode to global configuration mode. Moves user from global configuration mode to interface configuration mode. Logs off the router. Returns user to privileged mode. Returns user to global configuration mode. Sets ip address of an interface. Turns on routing information protocol. Turns off routing information protocol. Turn on rip broadcasts for certain networks and therefore interfaces.
IOS basic commands
Set at enable secret password. Turns off cisco discovery protocol and therefore duplex warnings. Displays rip traffic. Turns off display of rip traffic. Enter virtual terminal line configuration mode. Set a virtual terminal password telnet password. Add a line to a standard access list granting or denying access from an ip or network. Add a line to an extended access list granting or denying access to or from a particular ip or network for a particular protocol on a particular port.
HOST can be substituted for 0. Removes an access-list. Enables an access list either inbound or outbound on an interface. De-associates an access-list with an interface. Redirects DHCP broadcast packets to a specific host. Ip domain-lookup.
Enables DNS client on router. Disables DNS client on router. This prevents the name resolution attempts that occur if you mistype an IOS command. Configure DNS server for rounter.Since these kinds of posts are useful as a reference for many people, I have decided to create also a Cisco Router Commands Cheat Sheet with the most useful and the most frequently used Command Line Interface CLI configuration commands for Cisco Routers.
Cisco IOS routers are probably the most complete, versatile and feature-rich networking devices. There are whole books written about Cisco router configurations and commands. However, the list below I believe summarizes the most important ones so its a good starting point for a networking professional.
Although there is a wide range of Cisco router models, the commands below will work on most devices running IOS with no problems. Make sure to download the cheat sheet in PDF format for future reference by subscribing above. For static route, default is 1].
Version 1 is default]. All routers should be in the same AS to build a neighbor relationship. Shows feasible successors]. MyRouter config router ospf 10 MyRouter config-router area 0 authentication. Password will be sent in clear text].
Introduction to Cisco IOS CLI (Command-Line Interface)
MyRouter config router ospf 10 MyRouter config-router area 0 authentication message-digest. This value must be the same on neighboring routers. MyRouter config access-list deny tcp MyRouter config access-list 1 permit Very useful for providing internet access to internal private addresses].
Thank you. Brilliant blogs and info however similarly to Ken I do not subscribe to the social media you require to get a PDF of the Cisco Router Command and other cheatsheets. I have 2 of you ebooks on the Asa firewall, wondering how can I get the Router and switch cheat sheet talked about on your blog???. Will you be creating another ebook for that model or basically all the same applies?
From the Asa tutorial and guides you already have. I would like to get pdf copy of your cheat sheets and have your permission to pass on to students at my college. Although the college uses Cisco Press, students are constantly asking for supplemental publications. I will see if I could get deskcopy from your publisher to let students preview before they decide to buy.
I will send you the cheat sheets on your email in a while. You can certainly pass on the PDF files to your students. Hi — Thank you for the great site.
You will receive an email with a link to confirm your registration. Then you will receive a second email with a link to download the PDFs.The hostname command is used to configure the device hostname.
Because this command changes a device configuration, it must be entered in the global configuration mode. After typing the command, the prompt will change and display the new hostname. Here is an example that shows you how to change a hostname of a device. First, enter the global configuration mode by typing the enable command in the user EXEC mode and the configuration terminal command in the privileged EXEC mode.
Once inside the global configuration mode, type the command hostname R1. Notice how the prompt was changed to reflect the configured value. By default, all interfaces on a Cisco router are turned off. To enable an interface, the no shutdown command is used. You first need to enter the submode of the interface that you want to configure.
You may notice that the promt has changed to reflect the mode you are currently in.
Once inside the interface mode, you can enable an interface by typing the no shutdown command. The ip address interface mode command is used to assign an IP address to an interface. For example, if we want to assign an IP address of What if you had made a mistake and written the ip address Well, you can remove the wrong IP address by typing the same command, but this time with the no keyword in front of it, in our case no ip address. You can remove any command from your IOS configuration by using the no keyword in front of the command.
Each Cisco IOS device has the built-in authentication features. There are three basic ways to configure authentication on a device:. This will force a user to type the password when trying to access the device through the console port.
The first command defines a range of virtual terminal sessions that you would like to configure. A virtual session can be a telnet or SSH session. Cisco devices usually supports 16 concurrent VTY sessions. So, this command usually looks like this: line vty 0 The login command allows a remote access to a device. It is required in order for telnet to work. Both of the commands above accomplish the same thing, but with one major difference.
This presents a security risk because an attacker could easily find out passwords. The global configuration service password-encryption command encrypts all passwords configured. It is important to note that this type of password encryption is not consider especially secure, since the algorithm used can be easily cracked.
Cisco recommends using this command only with additional security measures. You can display a banner on a Cisco device. A banner is usually shown before the login prompt. It is usually some text that appears on the screen when a user connect to the device e. This banner, if configured, is shown before the login prompt to every user that is trying to establish a session with the device.
The following global configuration command is used to configure a MOTD banner:. A delimiting character is a character of your choice. Its purpose is to signify the start and end of a text that will appear in the banner.This user interface allows you to directly and simply execute Cisco IOS commands, whether using a router console or terminal, or using remote access methods. Topics covered include an introduction to Cisco IOS command modes, navigation and editing features, help features, and command history features.
Additional user interfaces include Setup mode used for first-time startupthe Cisco Web Browser, and user menus configured by a system administrator. Your software release may not support all the features documented in this module.IP Addresses and Subnetting
For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www. An account on Cisco. Each command mode has its own set of commands available for the configuration, maintenance, and monitoring of router and network operations. The commands available to you at any given time depend on the mode you are in. Entering a question mark?
The use of specific commands allows you to navigate from one command mode to another.
The standard order that a user would access the modes is as follows: user EXEC mode; privileged EXEC mode; global configuration mode; specific configuration modes; configuration submodes; and configuration subsubmodes. This level of access is reserved for tasks that do not change the configuration of the router, such as determining the router status. Normally, you must enter a password to enter privileged EXEC mode.
Most EXEC mode commands are one-time commands, such as show or more commands, which show the current configuration status, and clear commands, which clear counters or interfaces. EXEC mode commands are not saved across reboots of the router. From privileged EXEC mode, you can enter global configuration mode. In this mode, you can enter commands that configure general system characteristics. You also can use global configuration mode to enter specific configuration modes.
Configuration modes, including global configuration mode, allow you to make changes to the running configuration. If you later save the configuration, these commands are stored across router reboots. From global configuration mode you can enter a variety of protocol-specific or feature-specific configuration modes.
The CLI hierarchy requires that you enter these specific configuration modes only through global configuration mode. As an example, this chapter describes interface configuration modea commonly used configuration mode. From configuration modes, you can enter configuration submodes. Configuration submodes are used for the configuration of specific features within the scope of a given configuration mode. As an example, this chapter describes the subinterface configuration modea submode of the interface configuration mode.
ROM monitor mode is a separate mode used when the router cannot boot properly. If your system router, switch, or access server does not find a valid system image to load when it is booting, the system will enter ROM monitor mode.
You also can get a list of the arguments and keywords available for any command with the context-sensitive help feature. To get help specific to a command mode, a command name, a keyword, or an argument, use any of the following commands:. When context-sensitive help is used, the space or lack of a space before the question mark? To obtain a list of commands that begin with a particular character sequence, type in those characters followed immediately by the question mark?The basic CLI commands for all of them are the same, which simplifies Cisco device management.
Go Up. Cisco Commands Cheat Sheet. The access port is set to access unconditionally and operates as a non-trunking, single VLAN interface that sends and receives non-encapsulated non-tagged frames.
An access port can be assigned to only one VLAN. The trunk port sends and receives encapsulated tagged frames that identify the VLAN of origination.
A trunk is a point-to-point link between two switches or between a switch and a router. In this mode, the switch supports simultaneous tagged and untagged traffic on a port. Both values can be specified in a single command to allow both Telnet and SSH access default settings.
Specify the number or name of the desired severity level at which messages should be logged. Previous Best Practice. Next Best Practice. User Termination Best Practices. Privileged Account Management Best Practices.
Cisco IOS Router Basic Configuration
We typically use this the first time we configure the switch. Telnet and SSH are both options for remote access. On the switch, you will find one or two physical connectors for the console. Take a look at the picture below:. On the left side of this Catalyst switch, you see the light blue RJ45 port and a micro-USB port on the left of it. Older switches only have the RJ45 port, newer switches and other devices often have both options.
We use this connection to connect the switch to a serial port on your computer with the following cable:. This cable is called a Cisco console cable and you will need a serial port on your computer. This cable emulates a serial port and has a USB connection.
Once you have connected your computer to the switch, we can start a terminal application to access the CLI.
There are many terminal emulator applications. If you are new to this, the best one to start with is Putty. Once you have downloaded it, you will see the main screen:. The default speed is baud rate. Above you can see that on my computer, I have to use COM4. Change the COM port and click on Open to start the console:. Now is a good time to power on your switch or in case it is already powered on, pull the plug so it can reload. When the switch boots, you will see a lot of stuff on the console.
First, it will initialize the flash memory:. Initializing the flash memory is required since it contains the IOS image Operating System of the switch. Its next step is to load the IOS image from the flash memory:. You are then presented with some legal information and information about the switch:.
This tells us the version of the IOS image. IOS is now up and running, it also initializes the flash memory:. You might be wondering what a switch has to do with cryptography. This allows encrypted remote access.In this lesson, you will learn how to create a basic configuration for a Cisco IOS router. Most networking vendors, including Cisco have different router models.
If you are new to networking, you will probably start with some of the smaller routers. Cisco has the integrated services routers which are routers but these devices also offer some other services like wireless or Voice over IP. These routers are not the newest models but are still very popular and used often in home labs. These WIC slots can be used to add certain cards. For example, DSL modems, serial interfaces, wireless access points and so on. First we will connect our blue Cisco console cable to our router and start Putty so that we can connect to the router:.
Make sure to check this number in the Windows device manager. Once you are connected to the console port and switch on the power, you will see something like this:. This is a bit similar to the BIOS of a computer.
It allows the router to perform some basic functions like loading the IOS operating system, which occurs next:.
Above we can see that this is a Cisco router which has 2 FastEthernet interfaces and 2 Serial interfaces. It also tells us how much RAM this router has and how big the compact flash memory is.
It might take a few minutes for the router to reload. Routers have an IP address on each interface that they have. We also have a serial interface. As explained in the introduction to WANs lessona serial interface might require a clock rate.
If you connect two routers back-to-back with serial links then the DCE side requires a clock rate. An alternative command that gives you a similar result is the show protocols command:. This router now has two active interfaces with IP addresses.