View
51
Download
1
Category
Tags:
Preview:
Citation preview
Cisco commands Soofia Saleem ep: 094963
Command: Enable
Use: Switches to the privileged level command set.
Syntax: Router>enable
Example
In the below example you switch from unprivileged mode to privileged mode.
Router>Router>enableRouter#
Command: Configure Terminal
Use: To enter global configuration mode, use the configure terminal command in privileged EXEC mode.
Syntax: Router>configure terminal
Example
In this example, the user switches to global configuration mode by entering in the configure terminal command.
Router>Router>configure terminalRouter#
Command: Exit
Use: Logs you out of your session if you are in unprivileged execmode.
Syntax: Router>exit
Example
In the below example, a user switches from unprivileged mode to privileged mode.
Router>exit
Command: Hostname
Use: Sets the hostname of the router.
Syntax: Router(config)#hostname <WORD>
Example
In the below example the hostname command is used to change the router name.
R1(config)#hostname TESTTEST(config)#hostname R1R1(config)#
Command: Inteface
Use: Selects an interface on the router to enter into configuration mode.
Syntax: Router(config)#interface FastEthernet <0-6>
Example
Since there are many different interface options we have added an interface section with some of the more useful commandsfor a CCNA candidate.
This example shows how to use the interface command to enter config mode for FastEthernet 0/0
R3(config)#interface fa0/0R3(config-if)#
Command: Username
Use: Creates a new user on the router.
Syntax: Router(config)#username <WORD> password <WORD>
Example
In the following example a new user is created on the router. This user is then used when logging in via a telnet session from R2.
R1(config)#username Test password cisco
Command: Enable Secret
Use: Sets an encrypted password for enable mode on the router.
Syntax: Router(config)#enable password <WORD>
Example
In this example the enable password is set on R1.
R1(config)#enable secret ciscoR1(config)#
Next, we verify the encrypted enable password using the show run command.
R1(config)#do show run | i enableenable secret 5 $1$DFaG$gio1KhCTVIYNSZHNM2KhH0
Command: IP address
Use: This command is used to set IP addresses on an interface.
Syntax: R1(config)#ip address <IP address> <subnet mask> <secondary>
Options <IP address> IP address for the interface<subnet mask> IP address for the interface
<secondary>Sets the IP address as a secondary IP address, you can have many secondary IP addresses on an interface if required. Though some routing protocols do not function properly with secondary addresses.
Example
In this example, we set the ip address of int fa0/0 on R2.
R2(config)#int fa0/0R2(config-if)#ip add 10.1.1.2 255.255.255.0R2(config-if)#do sh ip int briefInterface IP-Address OK? Method Status ProtocolFastEthernet0/0 10.1.1.2 YES NVRAM up up
Next, to test it out, we do a quick ping to the new ip address. R2(config-if)#ip add 11.22.33.44 255.255.255.240 secondary
R2(config-if)#do ping 11.22.33.44
Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 11.22.33.44, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 msR2(config-if)#
Command: shutdown
Use: This command will administratively disable an interface. Alternatively, you can enable the interface by negating the command using no shutdown.
Syntax: Router(config-if)#shutdownORRouter(config-if)#no shutdown
Example
In the below example, we shutdown R1's Fa0/0 interface and then enable the interface again.
R1(config)#int fa0/0R1(config-if)#shutdownR1(config-if)#*Mar 1 19:17:34.339: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 10.1.1.2 (FastEthernet0/0) is down: interface down
R1(config-if)#*Mar 1 19:17:36.315: %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to administratively down*Mar 1 19:17:37.315: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down
R1(config-if)#do show ip int brInterface IP-Address OK? Method Status ProtocolFastEthernet0/0 10.1.1.1 YES NVRAM administratively down down
R1(config-if)#no shutR1(config-if)#*Mar 1 19:17:53.111: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 10.1.1.2 (FastEthernet0/0) is up: new adjacencyR1(config-if)#*Mar 1 19:17:53.411: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up*Mar 1 19:17:54.411: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
R1(config-if)#do show ip int brInterface IP-Address OK? Method Status ProtocolFastEthernet0/0 10.1.1.1 YES NVRAM up up
Command: Enable Password
Use: Sets a non-encrypted password for enable mode on the router.
Syntax: Router(config)#enable password <WORD>
Example
In this example the enable password is set on R1.
R1(config)#enable password ciscoR1(config)#
Next the enable password is verified using the show run command.
R1(config)#do show run | i enableenable password cisco
Command: Show IP Interface Brief
Use: This command displays a brief summary of the interfaces on a device. Its useful for quickly checking the status of the device.
Syntax: Router#show ip interface brief
Example
In the below example we use show ip interface brief to quickly see how interfaces are configured on R1.
R1#show ip interface briefInterface IP-Address OK? Method Status ProtocolFastEthernet0/0 10.1.1.1 YES NVRAM up up Serial1/0 10.4.4.1 YES manual up up Serial1/1 unassigned YES unset administratively down down Serial1/2 unassigned YES unset administratively down down Serial1/3 unassigned YES unset administratively down down Loopback0 1.1.1.1 YES NVRAM up up Loopback1 11.11.11.11 YES NVRAM up up Loopback11 1.2.2.2 YES NVRAM up up Loopback12 1.3.3.3 YES NVRAM up up Loopback22 111.111.111.111 YES NVRAM up up
Command: Service Password-Encryption
Use: Allows you to encrypt all passwords on your router so they can not be easily guessed from your running-config. This command uses a very weak encryption because the router has to be very quickly decode the passwords for its operation.It is meant to prevent someone from looking over your shoulder and seeing the password, that is all.
Syntax: R2(config)#service password-encryption
Example
Now we will encrypt the password with service password-encryption
R2(config)#service password-encryption R2(config)#do sh run | sec vty line vty 0 4password 7 060506324F41logintransport input telnet ssh
Command: Copy Running-config Startup-config
Use: This command lets you save your running configuration to the router's startup configuration (NVRAM) so it will survive a reload.
Syntax :Router#copy running-config startup-config
Example
In the below example R1's startup configuration is saved.
R1#copy run startDestination filename [startup-config]? Building configuration...
[OK]R1#
Command: Show Spanning-Tree
Use: Displays the spanning tree configuration on the switch.
Syntax: Switch#show spanning-tree
Example
In this example, the spanning tree configuration for VLAN 1 is displayed on SW3.
SW3#show spanning-tree vlan 1
VLAN0001Spanning tree enabled protocol ieeeRoot ID Priority 32769Address 0018.b973.fc80Cost 19Port 25 (FastEthernet0/23)Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)Address 0019.060c.9400Hello Time 2 sec Max Age 20 sec Forward Delay 15 secAging Time 300
Interface Role Sts Cost Prio.Nbr Type---------------- ---- --- --------- -------- --------------------------------Fa0/10 Desg FWD 19 128.12 P2p Fa0/11 Desg FWD 19 128.13 P2p Fa0/12 Desg FWD 19 128.14 P2p Fa0/13 Desg FWD 19 128.15 P2p Fa0/19 Altn BLK 19 128.21 P2p Fa0/20 Altn BLK 19 128.22 P2p Fa0/23 Root FWD 19 128.25 P2p
Interface Role Sts Cost Prio.Nbr Type---------------- ---- --- --------- -------- --------------------------------
Fa0/24 Altn BLK 19 128.26 P2p
SW3#
Command: Spanning-Tree VLAN Root Primary
Use: This command sets the switch to become root for a given VLAN. It works by lowering the priority of the switch until it becomes root. Once the switch is root, it will not prevent any other switch from becoming root.
Syntax :Swith(cconfig)#spanning-tree vlan <vlan range> root primary
Example
In the below example we will configure SW1 to become the root for VLAN 10. Currently, we see that SW1 is not root for vlan 10. Notice the priority is currently 32768
SW1(config)#do show spanning vlan 10
VLAN0010Spanning tree enabled protocol ieeeRoot ID Priority 24586Address 0019.0606.b600Cost 19Port 23 (FastEthernet0/23)Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32778 (priority 32768 sys-id-ext 10)Address 0012.00cb.6c80Hello Time 2 sec Max Age 20 sec Forward Delay 15 secAging Time 15
Interface Role Sts Cost Prio.Nbr Type---------------- ---- --- --------- -------- --------------------------------Fa0/1 Desg FWD 19 128.1 P2p Fa0/2 Desg FWD 19 128.2 P2p Fa0/4 Desg FWD 19 128.4 P2p Fa0/5 Desg FWD 19 128.5 P2p Fa0/8 Desg FWD 19 128.8 P2p Fa0/9 Desg FWD 19 128.9 P2p Fa0/10 Desg FWD 19 128.10 P2p
Interface Role Sts Cost Prio.Nbr Type---------------- ---- --- --------- -------- --------------------------------
Fa0/19 Desg FWD 19 128.19 P2p
Fa0/20 Desg FWD 19 128.20 P2p Fa0/21 Desg FWD 19 128.21 P2p Fa0/22 Desg FWD 19 128.22 P2p Fa0/23 Root FWD 19 128.23 P2p Fa0/24 Altn BLK 19 128.24 P2p
Now we will configure SW1 to become root for Vlan 10.
SW1(config)#spanning vlan 10 root primary
We can see that SW1 is now root for Vlan 10. Notice the priority is now 24576.
SW1(config)#do show spanning vlan 10
VLAN0010Spanning tree enabled protocol ieeeRoot ID Priority 24586Address 0012.00cb.6c80This bridge is the rootHello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 24586 (priority 24576 sys-id-ext 10)Address 0012.00cb.6c80Hello Time 2 sec Max Age 20 sec Forward Delay 15 secAging Time 300
Interface Role Sts Cost Prio.Nbr Type---------------- ---- --- --------- -------- --------------------------------Fa0/1 Desg FWD 19 128.1 P2p Fa0/2 Desg FWD 19 128.2 P2p Fa0/4 Desg FWD 19 128.4 P2p Fa0/5 Desg FWD 19 128.5 P2p Fa0/8 Desg FWD 19 128.8 P2p Fa0/9 Desg FWD 19 128.9 P2p Fa0/10 Desg FWD 19 128.10 P2p Fa0/19 Desg FWD 19 128.19 P2p
Interface Role Sts Cost Prio.Nbr Type---------------- ---- --- --------- -------- --------------------------------
Fa0/20 Desg FWD 19 128.20 P2p Fa0/21 Desg FWD 19 128.21 P2p Fa0/22 Desg FWD 19 128.22 P2p Fa0/23 Desg FWD 19 128.23 P2p
Fa0/24 Desg FWD 19 128.24 P2p
Command: Spanning-Tree Portfast
Use :This command essentially disables spanning-tree on an interface and brings it immediately into the forwarding state. Only use this command on access ports
Syntax: Switch(config-if)#spanning-tree portfast
Example
Now we will configure portfast on Fa0/2.
SW1(config)#int fa0/2SW1(config-if)#spanning portfast%Warning: portfast should only be enabled on ports connected to a singlehost. Connecting hubs, concentrators, switches, bridges, etc... to thisinterface when portfast is enabled, can cause temporary bridging loops.Use with CAUTION
%Portfast has been configured on FastEthernet0/2 but will onlyhave effect when the interface is in a non-trunking mode.
Command: Show Vlan
Use: Displays the current VLAN configuration on the switch.
Syntax: Switch#show vlan
Example
Here, the VLAN configuration is displayed for SW3.
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8Fa0/9, Fa0/10, Fa0/11, Fa0/12Fa0/13, Fa0/14, Fa0/15, Fa0/16Fa0/17, Fa0/18, Fa0/21, Fa0/22Fa0/23, Fa0/24, Gi0/1, Gi0/210 VLAN0010 active 11 VLAN0011 active 12 VLAN0012 active 13 VLAN0013 active 14 VLAN0014 active 15 VLAN0015 active 16 VLAN0016 active 17 VLAN0017 active 18 VLAN0018 active 19 VLAN0019 active 20 VLAN0020 active 55 VLAN0055 active 99 VLAN0099 active 555 VLAN0555 active 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup
Command: Show Interface-Trunk
Use: Displays the trunk information on the switch.
Syntax: Switch#show interface trunk
Example
Here's the output of show interface trunk for SW3.
SW3#show interface trunk
Port Mode Encapsulation Status Native vlanFa0/19 auto n-802.1q trunking 1Fa0/20 auto n-802.1q trunking 1Fa0/21 auto n-802.1q trunking 1Fa0/22 auto n-802.1q trunking 1
Port Vlans allowed on trunkFa0/19 1-4094Fa0/20 1-4094Fa0/21 1-4094Fa0/22 1-4094
Port Vlans allowed and active in management domainFa0/19 1,10-20,55,99,555Fa0/20 1,10-20,55,99,555Fa0/21 1,10-20,55,99,555
Fa0/22 1,10-20,55,99,555
Port Vlans in spanning tree forwarding state and not prunedFa0/19 noneFa0/20 noneFa0/21 1,10-11
Port Vlans in spanning tree forwarding state and not prunedFa0/22 none
Command: Vlan
Use: This is the legacy way to configure VLANs on a switch. While this mode is being depreciated, you will still encounter it on older switches or routers with switch modules. On newer IOS releases, VLANs are configured in configure mode.
Syntax: Switch(vlan)#vlan <number>ORSwitch(vlan)#vlan <number> name <vlan_name>
Example
2950-XL#vlan database2950-XL(vlan)#vlan 55 name MANAGEMENTVLAN 55 added:Name: MANAGEMENT
2950-XL(vlan)#exitAPPLY completed.Exiting....
Command: Show Vlan Brief
Use: Shows a basic summary of the VLAN information on the switch.
Syntax: Switch#show vlan brief
Example
Here is the show vlan brief output for SW3.
SW3#show vlan brief
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8Fa0/9, Fa0/10, Fa0/11, Fa0/12Fa0/13, Fa0/14, Fa0/15, Fa0/16Fa0/17, Fa0/18, Fa0/23, Fa0/24Gi0/1, Gi0/210 VLAN0010 active 11 VLAN0011 active 12 VLAN0012 active 13 VLAN0013 active 14 VLAN0014 active 15 VLAN0015 active 16 VLAN0016 active 17 VLAN0017 active 18 VLAN0018 active 19 VLAN0019 active 20 VLAN0020 active 55 VLAN0055 active 99 VLAN0099 active 555 VLAN0555 active
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup
Command: Switchport Access Vlan
Use: Sets the VLAN that the interface belongs to.
Syntax: Switch(config-if)#switchport access vlan <vlan # >
Example
In this example, port fa0/2 on SW3 is set to VLAN 10. Here is the VLAN information on SW3 before the changes. Notice that all interfaces belongto VLAN 1.
SW3#show vlan brief
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4, Fa0/5Fa0/6, Fa0/7, Fa0/8, Fa0/9Fa0/10, Fa0/11, Fa0/12, Fa0/13Fa0/14, Fa0/15, Fa0/16, Fa0/17Fa0/18, Fa0/19, Fa0/20, Fa0/23Fa0/24, Gi0/1, Gi0/210 VLAN0010 active
11 VLAN0011 active 12 VLAN0012 active 13 VLAN0013 active 14 VLAN0014 active 15 VLAN0015 active 16 VLAN0016 active 17 VLAN0017 active 18 VLAN0018 active 19 VLAN0019 active 20 VLAN0020 active 99 VLAN0099 active 555 VLAN0555 active 1002 fddi-default act/unsup
Next, int fa0/2 is configured for VLAN 10.
SW3#conf tEnter configuration commands, one per line. End with CNTL/Z.SW3(config)#int fa0/2SW3(config-if)#switchport access vlan 10
Finally, the VLAN information for SW3 is displayed with fa0/2 assigned to VLAN 10.
SW3(config-if)#do show vlan brief
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/3, Fa0/4, Fa0/5Fa0/6, Fa0/7, Fa0/8, Fa0/9Fa0/10, Fa0/11, Fa0/12, Fa0/13Fa0/14, Fa0/15, Fa0/16, Fa0/17Fa0/18, Fa0/19, Fa0/20, Fa0/23Fa0/24, Gi0/1, Gi0/210 VLAN0010 active Fa0/211 VLAN0011 active 12 VLAN0012 active 13 VLAN0013 active 14 VLAN0014 active 15 VLAN0015 active 16 VLAN0016 active 17 VLAN0017 active 18 VLAN0018 active 19 VLAN0019 active 20 VLAN0020 active 99 VLAN0099 active 555 VLAN0555 active 1002 fddi-default act/unsup
Command: VTP Mode Server
Use: VTP Mode Server allows the switch to make changes to the VLAN database as well as propagate changes to other switches. This is the default mode for VTP
Syntax: Switch(config)#vtp mode server
Example
In the below example we will confirm that the switch is a VTP server and we will add a VLAN to it.
SW1(config)#vtp mode serverDevice mode already VTP SERVER.
SW1(config)#vlan 555SW1(config-vlan)#exit
Command: VTP Mode Client
Use: VTP client mode doesn't allow you to create any VLANs. all VLANs must be learned from a server switch. This prevents the switch from accidently propogating VLANs throughout the network. Another use is to prevent an older switch from wiping out a server's VLAN database due to it having a higher revision number.
Syntax: Switch(config)#vtp mode client
Example
In the below example we will set SW1 to be a VTP client, then add a VLAN. Notice the switch rejected the command.
SW1(config)#vtp mode clientSetting device to VTP CLIENT mode.SW1(config)#vlan 542%VTP VLAN configuration not allowed when device is in CLIENT mode.SW1(config)#
Command: VTP Mode Transparent
Use: VTP transparent mode allows the switch to modify its VLAN databasem but will not propagate changes from a server.Additionally, VTP transparent mode allows the switch to configure extended range VLANS (1006-4094).
Syntax: Switch(config)#vtp mode transparent
Example
In the below example we will configure the switch to be in VTP transparent mode and we will add a VLAN.
SW1(config)#vtp mode transparentSetting device to VTP TRANSPARENT mode.
SW1(config)#vlan 555SW1(config-vlan)#exit
Recommended