Scribd
Upload
32 views13 pages

CommandReference NET125 ITNv7

Uploaded by

fallj366
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
32 views13 pages

CommandReference NET125 ITNv7

Uploaded by

fallj366
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 13

Command Reference Guide for IOS

Commands

NET125
Intro to Networks
V7
9 January 2020

CommandReference-NET125-ITNv7.docx Page 1 of 13
Configuration Commands by Module
Module 2 Configuring the Network Operating System

Navigating the Cisco IOS


Switch> User EXEC mode
Switch> enable Promote to EXEC mode
Switch# Privileged EXEC mode
Switch# configure terminal Promote to Global Config mode
Switch(config)# Global config mode
Switch(config)# interface Fastethernet 0/0
Switch(config-if)# Interface config mode
Switch(config-if)# line console 0
Switch(config-line)# Line config mode (console)
Switch(config-line)# line vty 0 15
Switch(config-line)# Line config mode (vty lines)

Exiting modes
Switch(config-if)# exit Move up one mode to Global
Switch(config)# exit Move up one mode Privilege Exec
Switch# exit Move up one mode to User exec
Switch>

Switch (config-if)# end Straight to Privilege Exec mode


Switch#

Switch(config-line)# ctrl-z Straight to Privilege Exec mode


Switch#

Switch> enable Go to Privilege Exec mode


Switch# disable Return to User Exec mode

Interrupting a Running Process


CTRL-SHIFT-6 Aborts current running process

Configuring a Hostname
Switch> enable
Switch# configure terminal
Switch(config)# hostname SW1 Sets the hostname to SW1
CommandReference-NET125-ITNv7.docx Page 2 of 13
SW1(config)# no hostname Resets the hostname back to default
Switch(config)#
Adding Descriptions to Interfaces
Router> enable
Router# configure terminal
Router(config)# interface fastethernet 0/0
Router(config-if)# description Link to SW1 LAN

Verification Commands
Router# show ip interface brief Displays status of all interfaces
Router# show interfaces Displays statistics for all interfaces
Router# show interface fastethernet 0/0 Displays statistics for specified interface
Router# show startup-config Displays saved config in NVRAM
Router# show running-config Displays current running config in RAM
Router# show version Displays operating system data

Configure a Privilege Exec Password


Router> enable
Router# configure terminal
Router(config)# enable secret class Sets Privilege Exec encrypted password
the word “secret” means encrypt
Router(config)# enable password class Sets Privilege Exec encrypted password
the word “password” means plain text
Router(config)# end
Router> enable
Password: enable now prompts for password
Router#

Sets a Console line Password


Router(config)# line console 0
Router(config-line)# password cisco Sets console line password to cisco
Router(config)# login Requires user to type the password upon login

Sets VTY Line Password


Router(config)# line vty 0 4
Router(config-line)# password cisco Sets vty password to cisco for Telnet login
Router(config-line)# login Requires user to type the password upon login

Encrypts all Passwords in Running-config


Switch# configure terminal
CommandReference-NET125-ITNv7.docx Page 3 of 13
Switch(config)# service password-encryption Encrypts all passwords that are not currently
encrypted to include future passwords
automatically
Configure a Message of the Day (MOTD or Banner)
Switch# configure terminal
Switch(config)# banner motd #Unauthorized Access Prohibited!#

Save The Running-Config to NVRAM


Switch(config)# end
Switch# copy running-config startup-config Saves running-config to NVRAM, which turns
into the startup-config

Reload the Startup Config


Switch(config)# end
Switch# reload Restarts the IOS and loads the startup-config

Resets the IOS to Factory Default by deleting custom configs


Switch(config)# end
Switch# delete vlan.dat Deletes data in the vlan.dat file (if necessary)
Switch# erase startup-config Erases the startup-config from NVRAM
Switch# reload Restarts IOS to load default configurations

Configure a Switch Virtual Interface or SVI


S1# configure terminal
S1(config)# interface vlan 1
S1(config-if)# ip address 192.1681.1 255.255.255.0 Assigns an IP address to the vlan 1 interface
S1(config-if)# no shutdown Enables the virtual interface

Disable Domain Name (DNS) Lookup


S1(config)# no ip domain-lookup
Set Clock Time and Date
S1# clock set 14:30:15 28 January 2020 Sets clock to 2:30pm 15 secs 28 January 2020

Do not Logout if Idle


S1(config)# line console 0
S1(config-line)# exec-timeout 0 0 Set logout to 0 minutes and 0 seconds

Sets Console Message Logging to Synchronous


S1(config)# line console 0
S1(config-line)# logging synchronous Console message will not interfere with
Commands
CommandReference-NET125-ITNv7.docx Page 4 of 13
Switch Configuration Example
Switch> enable
Switch# configure Terminal
Switch(config)# hostname SW1
SW1(config)# interface f0/0
SW1(config-if)# description Link to PC1
SW1(config-if)# exit
SW1(config)# enable secret class
SW1(config)# service password-encryption
SW1(config)# no ip domain-lookup
SW1(config)# banner motd #Unauthorized Access Prohibited!#
SW1(config)# line console 0
SW1(config-line)# exec-timeout 0 0
SW1(config-line)# logging synchronous
SW1(config-line)# password cisco
SW1(config-line)# login
SW1(config-line)# line vty 0 15
SW1(config-line)# exec-timeout 0 0
SW1(config-line)# logging synchronous
SW1(config-line)# password cisco
SW1(config-line)# login
SW1(config-line)# exit
SW1(config)# interface vlan 1
SW1(config-if)# description VLAN 1 management
SW1(config-if)# ip address 192.168.1.11 255.255.255.0
SW1(config-if)# no shutdown
SW1(config-if)# exit
SW1(config)# ip default-gateway 192.168.1.1
SW1(config-if)# end
SW1# copy running-config startup-config

ARP and MAC related Commands


SW1# show ip arp Displays the ARP table on the switch
SW1# show arp Displays layer 2 or 3 address mapping
SW1# show mac-address-table Displays the switch MAC address table
SW1# clear mac address-table dynamic Clears all dynamic collected MAC addresses

Display ARP Table, IP addresses and MAC Addresses on a PC


PC:/> arp -a Displays PCs ARP table
PC:/> arp – d Removes MAC data from ARP table
CommandReference-NET125-ITNv7.docx Page 5 of 13
PC:/> ipconfig Displays basic interface data like IP addressing
PC:/> ipconfig /all Displays all interface data on PC

CommandReference-NET125-ITNv7.docx Page 6 of 13
Chapter 6: Network Layer

Display Host Routing Table on a Windows PC


C:\> netstat -r
C:\> route print

Display Routing Table on a Router


Router# show ip route Displays routing table

Display IOS Information


Router# show version

Basic Router Configuration


Router> enable
Router# configure terminal
Router(config)# hostname R1
R1(config)# no ip domain-lookup
R1(config)# banner motd #Unauthorized Access Prohibited!#
R1(config)# enable secret class
R1(config)# service password-encryption
R1(config)# line console 0
R1(config-line)# exec-timeout 0 0
R1(config-line)# logging synchronous
R1(config-line)# password cisco
R1(config-line)# login
R1(config-line)# line vty 0 15
R1(config-line)# exec-timeout 0 0
R1(config-line)# logging synchronous
R1(config-line)# password cisco
R1(config-line)# login
R1(config-line)# exit
R1(config)# interface vlan 1
R1(config-if)# description SW1 LAN
R1(config-if)# ip address 192.168.1.11 255.255.255.0
R1(config-if)# no shutdown
R1(config-if)# end
R1# copy running-config startup-config

Configuring a Router’s LAN interface

CommandReference-NET125-ITNv7.docx Page 7 of 13
R1(config)# interface gigabitethernet 0/0 Accessing interface G0/0
R1(config-if)# description Link to LAN-10 Optional configuration
R1(config-if)# ip address 192.168.1.1 255.255.255.0 Assigning an IP address to interface
R1(config-if)# no shutdown Enabling the interface

Router Verification of Configurations


Router# show ip route Displays the IPv4 routing table
Router# show ipv6 route Displays the IPv6 routing table
Router# show ip interface brief Displays status of all interfaces
Router# show interfaces Displays statistics for all interfaces
Router# show interface fastethernet 0/0 Displays statistics for specified interface
Router# show startup-config Displays saved config in NVRAM
Router# show running-config Displays current running config in RAM
Router# show version Displays operating system data

Display Default Bandwidth data on a Serial Interface


R1# show ip interface s0/0/0 Display includes default bandwidth

CommandReference-NET125-ITNv7.docx Page 8 of 13
Chapter 7: IP Addressing

Configure IPv6 Addresses on A Router

R1(config)# ipv6 unicast-routing


R1(config)# interface gigabitethernet 0/0
R1(config-if)# ipv6 address 2001:db8:acad:1:1/64
R1(config-if)# no shutdown
R1(config-if)# exit

R1(config)# ipv6 unicast-routing


R1(config)# interface gigabitethernet 0/1
R1(config-if)# ipv6 address 2001:db8:acad:2:1/64
R1(config-if)# no shutdown
R1(config-if)# exit

R1(config)# ipv6 unicast-routing


R1(config)# interface serial 0/0/0
R1(config-if)# ipv6 address 2001:db8:acad:3:1/64
R1(config-if)# no shutdown
R1(config-if)# exit

Configure Link-Local Addresses


R1(config)# interface gigabitethernet 0/0
R1(config-if)# ipv6 address fe80::1 link-local
R1(config-if)# exit

R1(config)# interface gigabitethernet 0/1


R1(config-if)# ipv6 address fe80::1 link-local
R1(config-if)# exit

CommandReference-NET125-ITNv7.docx Page 9 of 13
R1(config)# interface serial 0/0
R1(config-if)# ipv6 address fe80::1 link-local
R1(config-if)# exit

Enable IPv6 Routing


R1(config)# ipv6 unicast-routing

Enable Support for IPv6 on A Switch


S1(config)# sdm prefer dual-ipv4-and-ipv6 default
S1(config)# end
S1# copy running-config startup-config
S1# reload

Various Show Commands for IPv6


R1# show interface gigabitethernet 0/0 Displays detailed interface data
R1# show ipv6 interface brief Displays minimal interface data
R1# show ipv6 route Displays IPv6 routing table data

IPv6 Addresses (Subset)


::/128 Unspecified address
::1/128 Loopback
ff02::1 All node multicast group
ff02::2 All-router multicast group
2000::/3 Currently assignable IPv6 global unicast addresses
2001:db8::/32 Reserved for documentation and examples
fc00::/7 to fdff::/7 Unique local (not routable)

Chapter 11: Build a Small Network

Password Security Practices


CommandReference-NET125-ITNv7.docx Page 10 of 13
R1(config)# service password-encryption Encrypts all plain text passwords to include future
R1(config)# security password min-length 12 Minimum password length is now 12 characters

R1(config)# login block-for 180 attempts 3 within 60 After 3 failed attempts within 60 seconds, login is
blocked for 180 seconds
Router(config)# line console 0
Router(config-line)# exec-timeout 0 0 Close console session if idle for 0 mins 0 secs
Router(config-line)# exec-timeout 10 Close console session if idle for 10 mins 0 secs
Router(config)# line vty 0 5
Router(config-line)# exec-timeout 0 0 Disconnect session if idle for 0 mins 0 secs
Router(config-line)# exec-timeout 5 30 Disconnect session if idle for 5 mins 30 secs

Configure Username in Local Database


R1(config)# username admin privilege 15 secret Admin12345 Create username admin with encrypted password
of Admin12345 with an administrative level of 15
for SSH connection

Configure and Enable SSH and Telnet on VTY Lines


Router(config)# hostname R1
R1(config)# ip domain-name ccna.com Configure a domain name; mandatory for SSH
R1(config)# crypto key generate rsa modulus 1024 Creates encryption with a key size of 1024 on live
components. See below for Packet Tracer config**
R1(config)# username admin secret cisco Creates a username and encrypted password
R1(config)# line vty 0 5
R1(config-line)# transport input ssh Enables SSH only
or
R1(config-line)# transport input ssh telnet Enables SSH first, telnet second
or
R1(config-line)# transport input telnet ssh Enables Telnet first, SSH second
or
R1(config-line)# transport input telnet Enables Telnet only
or
R1(config-line)# transport input none Default on IOS version 15, no vty line access
R1(config-line)# login local Necessary for SSH to access local database

** R1(config)# crypto key generate rsa Creates encryption with a key size of 1024 for PT
The name for the keys will: ccna.ccna.com
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
A few minutes.
CommandReference-NET125-ITNv7.docx Page 11 of 13
How many bits in the modulus [512]: 1024
% Generating 1024 bit RSA keys, keys will be non-exportable… [OK]

Log in From a Switch Using SSH


S1# ssh -l admin 10.0.0.1 SSH login as admin to the 10.0.0.1 IP interface will
be prompt for password
R1#
R1# CTRL+Shift+6 [release then press] x Returns to S1 w/o closing SSH session
S1#
S1# [Enter] Press Enter at prompt to return to R1
R1#
R1# exit Terminates the SSH session
S1#

Send Log Messages to VTY Connected Terminal


S1# terminal monitor Sends log messages to vty terminal sessions

File System
Router# show file systems Lists available file systems
Router# dir Lists content of current directory (flash is default)
Router# cd nvram: Changes directory to NVRAM file system
Router# pwd Displays name of current directory

Backup Running-config to TFTP


Router# copy running-config tftp Follow prompts to enter IP address of TFTP server

Restore Running-config from TFTP


Router# copy tftp running-config Follow prompts to enter IP address of TFTP server

Backup running-config to USB


R1# show file systems Confirm USB existence
R1# copy running-config usbflash0:/ Will prompt for destination file name
R1# dir usbflash0: Confirm success
R1# more usbflash0: /R1-config Display contents of R1-config in USB

Restore Running-config from USB


Router# copy usbflash0: /R1-config running-config
R1#

CommandReference-NET125-ITNv7.docx Page 12 of 13
Interface Range Command
S1(config)# interface range f0/1-5,f0/7-9,f0/11-24,g0/1-2 Range includes the interface ranges to be included
S1(config-if-range)# shutdown Shutdowns only the included interface ranges

Frequently used Show Commands


Router# show running-config Displays active configured commands
Router# show ip interface brief Displays minimal ipv4 interface data
Router# show ipv6 interface brief Displays minimal ipv6 interface data
Router# show ip interface g0/0 Displays detailed Layer 3 interface data for int g0/0
Router# show interfaces Displays layer 1 & 2 data for all interfaces
Router# show interface g0/0 Displays layer 1 & 2 data for interface g0/0
Router# show arp Displays router’s ARP table
Router# show ip route Displays the router’s IPv4 routing table
Router# show ipv6 route Displays the router’s IPv6 routing table
Router# show protocols Displays configured protocols that are running
Router# show version Displays system version information
Router# show login Displays login status

Debug Information
Router# debug ip icmp Monitors and displays ICMP messages
Router# no debug ip icmp Turns off debug ICMP messages
Router# undebug ip icmp Turns off debug ICMP messages
Router# undebug all Turns off all debug messages
Router# debug all Turns on all debug system diagnostics and messages
Router# no debug all Turns off all debug system diagnostics

Sets Clock Time & Date


Switch# clock set 10:52:30 28 January 2020

Various PC Commands
C:\> ping 10.0.0.1 Pings 10.0.0.1
C:\> ipconfig Displays Layer 3 address and data
C:\> ipconfig /all Displays all interface Layer 2 & 3 data on PC
C:\> nslookup Displays DNS data
C:\> netstat -r Displays PC routing table
C:\> netstat -tuna Displays current open port data
C:\> arp -a Displays PC ARP table
C:\> arp -d Deletes all ARP table data
CommandReference-NET125-ITNv7.docx Page 13 of 13

You might also like