Wednesday, 28 August 2013

IOS COMMANDS

Privileged Mode:-
  • enable - get to privileged mode
  • disable  - get to user mode
  • enable password <password_here> - sets privileged mode password
  • enable secret <password_here>  - sets encrypted privileged mode password

Setting Passwords:-
  • enable secret <password_here> - set encrypted password for privileged access
  • enable password <password_here> - set password for privileged access (used when there is no enable secret and when using older software)

Set password for console access:-
  • (config)#line console 0
  • (config-line)#login
  • (config-line)#password <password_here>

Set password for virtual terminal (telnet) access (password must be set to access router through telnet):-
  • (config)#line vty 0 4
  • (config-line)#login
  • (config-line)#password <password_here>

Set password for auxiliary (modem) access:-
  • (config)#line aux 0
  • (config-line)#login
  • (config-line)#password <password_here>

Configuring the Router:-
  • sh running-config - details the running configuration file (RAM)
  • sh startup-config - displays the configuration stored in NVRAM
  • setup - Will start the the automatic setup; the same as when you first boot the router
  • config t  - use to execute configuration commands from the terminal
  • config mem - executes configuration commands stored in NVRAM; copies startup-config to running-config
  • config net - used to retrieve configuration info from a TFTP server
  • copy running-config startup-config  - copies saved config in running config (RAM) to NVRAM or "write memory" for IOS under ver.11
  • copy startup-config running-config  - copies from non-volatile (NVRAM) to current running config (RAM)
  • boot system flash <filename_here> - tells router which IOS file in flash to boot from
  • boot system tftp - tells router which IOS file on the tftp server to boot from
  • boot system rom  - tell router to boot from ROM at next boot
  • copy flash tftp - Copies flash to tftp server
  • copy tftp flash  - Restores flash from tftp server
  • copy run tftp  - Copies the current running-config to tftp server
  • copy tftp run - Restores the running-config from tftp server

General Commands:-
  • no shutdown - (enables the interface)
  • reload - restarts the router
  • sh ver - Cisco IOS version, uptime of router, how the router started, where system was loaded from, the interfaces the POST found, and the configuration register
  • sh clock  - shows date and time on router
  • sh history - shows the history of your commands
  • sh debug  - shows all debugging that is currently enabled
  • no debug all - turns off all debugging
  • sh users - shows users connected to router
  • sh protocols - shows which protocols are configured
  • banner motd # Your_message # - Set/change banner
  • hostname <router_name_here>  - use to configure the hostname of the router
  • clear counters  - clear interface counters

Processes & Statistics:-
  • sh processes  - shows active processes running on router
  • sh process cpu - shows cpu statistics
  • sh mem  - shows memory statistics
  • sh flash - describes the flash memory and displays the size of files and the amount of free flash memory
  • sh buffers - displays statistics for router buffer pools; shows the size of the Small, Middle, Big, Very Big, Large and Huge Buffers
  • sh stacks - shows reason for last reboot, monitors the stack use of processes and interrupts routines

CDP Commands (Cisco Discovery Protocol uses layer 2 multicast over a SNAP-capable link to send data):-
  • sh cdp neighbor  - shows directly connected neighbors
  • sh cdp int - shows which interfaces are running CDP
  • sh cdp int eth 0/0 - show CDP info for specific interface
  • sh cdp entry <cdp_neighbor_here> - shows CDP neighbor detail
  • cdp timer 120 - change how often CDP info is sent (default cdp timer is 60)
  • cp holdtime 240  - how long to wait before removing a CDP neighbor (default CDP holdtime is 180)
  • sh cdp run - shows if CDP turned on
  • no cdp run  - turns off CDP for entire router (global config)
  • no cdp enable - turns off CDP on specific interface

Miscellaneous Commands:-
  • sh controller t1  - shows status of T1 lines
  • sh controller serial 1 - use to determine if DCE or DTE device
  • (config-if)#clock rate 6400 - set clock on DCE (bits per second)
  • (config-if)#bandwidth 64 - set bandwidth (kilobits)

IP Commands:-
Configure IP on an interface:
  • int serial 0
  • ip address 157.89.1.3 255.255.0.0
  • int eth 0
  • ip address 2008.1.1.4 255.255.255.0

Other IP Commands:
  • sh ip route  - view ip routing table
  • ip route <remote_network> <mask> <default_gateway> [administrative_distance] - configure a static IP route
  • ip route 0.0.0.0 0.0.0.0 <gateway_of_last_resort> - sets default gateway
  • ip classless - use with static routing to allow packets destined for unrecognized subnets to use the best possible route
  • sh arp - view arp cache; shows MAC address of connected routers
  • ip address 2.2.2.2 255.255.255.0 secondary - configure a 2nd ip address on an interface
  • sh ip protocol

IPX Commands:-
 Enable IPX on router:
  • ipx routing

Configure IPX + IPX-RIP on an int:
  • int ser 0
  • ipx network 4A

Other Commands:
  • sh ipx route  - shows IPX routing table
  • sh ipx int e0 - shows ipx address on int
  • sh ipx servers - shows SAP table
  • sh ipx traffic - view traffic statistics
  • debug ipx routing activity - debugs IPS RIP packets
  • debug ipx sap - debugs SAP packets

Routing Protocols:-
Configure RIP:
  • router rip
  • network 157.89.0.0
  • network 208.1.1.0

Other RIP Commands:
  • debug ip rip - view RIP debugging info

Configure IGRP:
  • router IGRP 200
  • network 157.89.0.0
  • network 208.1.1.0

Other IGRP Commands:
  • debug ip igrp events - view IGRP debugging info
  • debug ip igrp transactions - view IGRP debugging info

Access Lists:-
  • sh ip int ser 0 -  use to view which IP access lists are applies to which int
  • sh ipx int ser 0 -  use to view which IPX access lists are applies to which int
  • sh appletalk int ser 0 -  use to view which AppleTalk access lists are applies to which int

View access lists:
  • sh access-lists
  • sh ip access-lists
  • sh ipx access-lists
  • sh appletalk access-lists

 Apply standard IP access list to int eth 0:
  • access-list 1 deny 200.1.1.0 0.0.0.255
  • access-list 1 permit any
  • int eth 0
  • ip access-group 1 in

 Apply Extended IP access list to int eth 0:
  • access-list 100 deny tcp host 1.1.1.1 host 2.2.2.2 eq 23
  • access-list 100 deny tcp 3.3.3.0 0.0.0.255 any eq 80
  • int eth 0
  • ip access-group 100 out

 Apply Standard IPX access list to int eth 0:
  • access-list 800 deny 7a 8000
  • access-list 800 permit -1
  • int eth 0
  • ipx access-group 800 out

 Apply Standard IPX access list to int eth 0:
  • access-list 900 deny sap any 3378 -1
  • access-list 900 permit sap any all -1
  • int eth 0
  • ipx access-group 900 out


PPP Configuration:-
  • encapsulation ppp
  • ppp authentication <chap_or_pap_here>
  • ppp chap hostname <routername_here>
  • ppp pap sent-username <username_here>
  • sh int ser 0 - use to view encapsulation on the interface

Frame-Relay Configuration:-
  • encapsulation frame-relay ietf - use IETF when setting up a frame-relay network between a Cisco router and a non-Cisco router
  • frame-relay lmi-type ansi - LMI types are Cisco, ANSI, Q933A; Cisco is the default; LMI type is auto-sensed in IOS v11.2 and up
  • frame-relay map ip 3.3.3.3 100 broadcast - if inverse ARP won't work, map Other IP to Your DLCI # (local)
  • keepalive 10 - use to set keepalive
  • sh int ser 0 - use to show DLCI, LMI, and encapsulation info
  • sh frame-relay pvc - shows the configured DLCI's; shows PVC traffic stats
  • sh frame-relay map - shows route maps
  • sh frame-relay lmi - shows LMI info

Keyboard Shortcuts:-
  • CTRL-P - show previous command
  • CTRL-N - show next command
  • SHIFT-CTRL-6  - Break
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)