by SHOW COMMANDS – CISCO ROUTERS (some command relevant to Cisco switches too)
Show version – software version, config files, boot images, config register, basic config of router
Show ipx interface – status, ipx rip and sap received/sent, ipx access-lists
Show ipx route – ipx routing table
Show ipx servers – server list (name, port, hops, type of service)
Show ipx traffic – number/type of packets, RIP and SAP packets
Show protocol – ipx addresses of an interface, IP addresses and routing protocol
Show ip protocol – routing update times, networks active on, neighbour routers, administrative distances, AS number
Show access-lists – shows standard and extended access-lists on all interfaces
Show access-list 101
Show ip interface – IP addresses, masks, MTU, access-lists, split horizon, ICMP, CDP status, NAT statistics, LMI info, DLCIs
Show interface serial 0 – shows bandwidth, MTU, keepalives
Show ip route – ip routing table
Show cdp neighbor – deviceID, local intf, holdtime, capability, platform, remote portID
Show cdp entry * – IP address of neighbour, protocol info, platform, capability, portID, holdtime, same info as show version, neighbour device ID, local interface
Show cdp neighbor detail – same as above also IP address, version info
Show cdp traffic – info on traffic and errors
Show cdp interface – encapsulation, timer, holdtime for each intf
Show controllers serial 0 – shows DTE/DCE connections, buffer size, collisions, mac address
Show host(s) – shows hostname to IP resolution of hosts
Show session(s) – shows connections to a remote device
Show users – shows connections to your router, port and time connected
Show frame-relay lmi – lmi errors and lmi type
Show frame-relay pvc – all configured PVC’s, DLCI numbers, status of connections, No. of BECN/FECN
Show frame-relay pvc 16
Show frame-relay map – ip to dlci mappings
Show run – display router config (RAM), configured PVCs, ACLs.
SHOW COMMANDS – 1900 SWITCH
Show mac-address-table
Show run
Show ip – like ipconfig
Show port system – shows switching method
Show vtp
Show trunk A allowed-vlans – shows which VLANS allowed on trunk link
Show vlan-membership
Show vlan 2
Show vlan – verify VLAN config
Show history – shows last 10 commands entered by default
Show terminal – shows terminal config + history buffer size
GENERAL ROUTER COMMANDS
Banner exec – for activation or incoming vty
Banner incoming – displayed on reverse telnet sessions
Banner login – displayed on all connected terminals. Displayed before MOTD banner but before login prompts
Bfe – manual emergency mode setting
Clear counters – clears counters on all interfaces
Clear frame-relay-inarp – clears dynamic mappings
Clear line 1 – clears vty 1 connection to a remote router
Clock set 10.30.10 28 may 2002
Config-register 0x2102 – changes config register
Copy flash tftp
Copy tftp flash – copies IOS image from tftp server default directory to router flash
Disable – to get back to user mode from privileged
Disconnect 1 – clears a connection to a remote router
Enable – to get into privileged mode
Enable last-resort – define enable action if no tacas servers respond
Enable use-tacas – tells the router to authenticate passwords through a tacas server
Encapsulation isl 3 – encapsulates ISL frame-tagging for VLAN 3 on an interface
Exec timeout 0 1 – sets console timeout to 1 second
Exec-timeout 0 0 – sets exec timeout to never timeout
Exec-timeout 1 0 – set exec timeout to 1 minute
Ip domain-lookup – enables DNS (use no form to stop this)
Ip domain-name nikmakris.com – appends domain name to hostname (required for DNS)
Ip host nik 172.17.1.63 – adds to host table (up to 8 ip addr)
Ip name-server – sets ip address(es) of DNS servers
Lock – locks the terminal
Logging synchronous – stops console messages overwriting commands
Logout – to logout of the router
Media-type 100BaseX – sets media type
Mrinfo – request neigbour and version information from a multicast router
No login – sets line, vty ports not to prompt for login info
Passive-inteface s0 – disables routing updates on interface (Global command) – they are not sent out this interface but they are still received.
Ping ipx 40.0000.0c8d.5c9d
Service password-encryption – encrypts passwords (Global command)
Terminal monitor – needed to view debug commands from telnet session
Terminal history size 50 – sets command history to 50 lines
Tftp-server system – Make router a tftp server
CONFIGURE COMMANDS
Interface Ethernet 2/0/1 – type slot / port adapter / port number (interface) for VIP cards
Config terminal – configures RAM
Config network (config net) – changes a config on a tftp host
Config memory – configure NVRAM
Ip address 172.17.1.63 255.255.255.0 secondary – adds a secondary subnet address to an interface
Clock rate 56000 – sets clock rate to 56kbps for DCE interfaces
ACCESS LISTS (ACL)
Access-enable – creates a temporary access-list entry
Access-template – creates a temporary access-list entry
Access-profile – apply user profile to interface
Access-list 1 permit 0.0.0.0 255.255.255.255 – same as next line
Access-list 1 permit any – permits any host
Access-list 1 permit 172.30.16.29 0.0.0.0 – same as next line
Access-list 1 permit host 172.30.16.29 – permits host 172.30.16.29
No access list 1 – deletes access list 1
Ip access-group 1 out (out is default)
Access-list 101 deny tcp 172.16.4.0 0.0.0.255 any eq telnet
Access-list 101 permit ip any any established (TCP connection)
Router(Config)#ip access-list standard nik
Router(Config std-nacl)#deny any log (log – logs packets)
No ip access-group in – won’t delete inbound lists if you leave the in off the end of the command
FRAME RELAY
Router(Config)#int s0
Router(Config-if)#encapsulation frame-relay cisco (default)
Router(Config-if)#exit
Router(Config)#int s0.16 point-to-point
Router(Config-if)#no inverse-arp
Router(Config-if)#ip address 172.17.1.63 255.255.255.0
Router(Config-if)#bandwidth 64 – sets bandwidth to 64kbps (Only used by routing protocols)
Router(Config-if)#frame-relay map ip 172.16.30.17 16 ietf broadcast – broadcast tells the router to send broadcasts out this intf
IGRP CONFIGURATION
Router(Config)#router igrp 50
Router(Config-router)#timers basic 15 45 0 60
Router(Config-router)#variance 1-128 (controls load balancing between best and worse metrics)
Router(Config-router)#traffic-share balanced/min
Balanced – share inversely proportional to metrics
Min – use routers that have only min costs
Router(Config-router)#network 128.6.0.0
Router(Config-router)#no metric holddown
Router(Config-router)#metric maximum-hop 50
IPX RIP CONFIGURATION
Router(Config)#ipx routing – enables IPX routing, RIP and SAP
Router(Config)#ipx maximum-paths 2 – enables equal cost load balancing over 2 paths
Router(Config)#ipx per-host-load-share – ensures all packets to 1 destination are sent over same line
Router(Config)#int e0
Router(Config-if)#ipx network 10 encapsulation sap secondary – assigns ipx network 10 to a secondary interface on Ethernet 0 with encapsulation Ethernet_802.2
Router(Config-if)#ipx delay 6 – sets tick metric for IPX RIP (LAN = 1, WAN = 6 default)
Router(Config-if)#exit
CISCO ISDN CONFIGURATION
Router(Config)#interface bri 0
Router(Config-if)#ip address 172.17.1.63 255.255.255.0
Router(Config-if)#no shutdown
Router(Config-if)#dialer-group 1
Router(Config-if)#dialer map ip 172.16.60.2 name 8042 8350661
(Next router ip – hostname of next route (auth) – number to dial)
Router(Config-if)#dialer load-threshold 2 either – makes both interfaces come up immediately
Router(Config-if)#dialer load-threshold 255 either – only brings up 2nd B-channel if first is 100% loaded
Router(Config-if)#hold-queue 75 in – holds 75 packets in the queue during connection
Router(Config-if)#dialer idle-timeout 300 – sets idle time out (120 default)
Router(Config-if)#encapsulation ppp
Router(Config-if)#exit
Router(Config)#dialer-list 1 list 110
Router(Config)#access-list 110 permit tcp any any eq smtp
Router(Config)#access-list 110 permit tcp any any eq telnet
STATIC/DEFAULT ROUTES
Ip route 0.0.0.0 0.0.0.0 172.16.20.1 = default route
Ip default-network 172.16.1.0
Ip route 172.17.1.63 255.255.255.0 serial 1 1 permanent – keeps static route even if router cannot communicate with it, administration distance 1
CISCO DISCOVERY PROTOCOL (CDP) COMMANDS
Cdp timer 90
Cdp holdtime 240
Cdp enable (no cdp enable)
1900 SWITCH CONFIGURATION
#config t
(Config)#enable password level 1 nikolas – usermode password
(Config)#enable password level 15 makris – enable password
(Config)#enable secret nik2 – precedes the enable p/w
(Config)#hostname nik
(Config)#vtp pruning enable – enables pruning on whole switch
(Config)#delete vtp – deletes VTP database
(Config)#vtp server (client/transparent)
(Config)#vtp domain nikolas
(Config)#vtp password cisco
(Config)#ip address 172.17.1.63 255.255.255.0
(Config)#ip default-gateway 172.17.1.50
(Config)#switching-mode store-and-forward (fragment-free)
(Config)#vlan 2 name sales
(Config)#vlan 3 name marketing
(Config)#int Ethernet 0/1 – slot 0/port 1
(Config-if)#vlan-membership static 2
(Config-if)#description Finance_VLAN
(Config-if)#port secure max-mac-count 1 – allows only one mac address per port
(Config-if)#exit
(Config)#int f0/26
(Config-if)#trunk on – enables trunking of all VLANS not just VLAN 1
(Config-if)#no trunk-vlan 3 – stops trunking vlan 3
(Config-if)#duplex full – sets to full duplex (auto sense default)
(Config-if)#exit
(Config)#copy tftp://192.168.0.120/cat1900EN_9_00.bin opcode – download into flash memory
(Config)#copy nvram tftp://192.168.0.120/cat1900EN
(Config)#copy tftp://192.168.0.120/cat1900EN nvram
(Config)#delete nvram – deletes config
(Config)#delete vtp – deletes VTP database
(Config)#clear mac-address-table [dynamic]
CISCO DEBUG COMMANDS
Debug ipx routing activity – info on RIP updates
Debug ipx sap – info on sap updates
Debug ip igrp events – what’s being rec’d sent, route type (int/ext,system), source, dest
Debug ip igrp transactions – shows contents of routing updates
Debug ip rip – source/contents of updates, network, metrics
Debug frame-relay lmi – enables verification of connection
Debug ppp authentication
UNDEBUG ALL
Turn of debugging.