Cheatography
https://cheatography.com
Command line interface practice
This is a draft cheat sheet. It is a work in progress and is not finished yet.
User Levels | Routers & Switches
User Exec |
Router Name> |
Privileged Exec |
Router Name# [where network devices are configured]
|
Global Exec |
Router Name(config)# [configuration impact the entire device]
|
Interface Config |
Router Name(config-if)# [impacts a particular interface]
|
Line Config |
Router Name(config-line) |
Basic Config | Routers & Switches
router> enable | disable |
logs the user into/out of privileged exec |
router# configure terminal |
logs user into global config |
router(config)#> hostname |
re/name current device |
no hostname |
removes name |
router(config)# exit |
backs out one level to a previous levvel |
router> reload |
reboots the device |
router(config)# end |
Drops back to user exec mode
|
Basic Commands | Routers & Switches
|
Router(config)# interface f0/0 int f0/0
|
|
|
|
Router(config)# line console 0 |
|
|
|
Router(config)# interface gigabitethernet 0/0 int g0/0 |
|
Router(config-line)# exit back up one step from any level
|
|
Router(config-line)# end straight to user exec mode
|
Basic Security
|
Securing privileged EXEC |
|
S1(config)# enable secret Cisc0 pw protects the privileged exec line
|
|
Securing console port |
|
S1(config)# line console 0 moves into line configuration mode
|
|
S1(config-line)# passsword Cisc0 sets console access password to "Cisc0"
|
|
S1(config-line)# login turns on the password requirement
|
Securing the Virtual Ports [ssh & telnet]
|
|
S1(config)# line vty 0 15 moves into line configuration mode
|
|
S1(config-line)# Password Cisc0 sets virtual terminal access password to "Cisc0"
|
|
S1(config-line)@ login turns on the password requirement
turns on the password requirement
|
|
Encrypting all Passwords |
|
S1(config)# service password-encryption
|
|
Message of the Day |
|
S1(config)# banner motd # Authorized Access Only *# |
|
S1# copy run start |
adding Pipe Commands
R1# do show run | |
| |
include interface |
| |
exclude interface |
| |
begin hostname |
NOTES
Commands are only case sensitive after the pipe
|
|
Startup-Config regardless of current config; router will start up with this
|
until the current config is saved
|
Hints
R1># no ip domain-lookup |
[turns off auto dns query]
|
R1(config-if)# no ip address |
|
ctl+a |
[cursor moved to the beginning of the line]
|
ctl+e |
[cursor moved to the end of the line]
|
copy run start |
[copys running config to startup config]
|
show run start |
[displays startup config]
|
* ctl+shift+6 |
STOP SEARCH |
ip host switch1 1.1.1.1 |
Assigns the listed ip address [1.1.1.1] to Switch1 |
? |
Open help documentation |
enable secret abc123 |
Enables secret password and sets to abc123 |
vty - virtual telnet line
Remote Access
R2# telnet 10.1.1.1 |
`with PW & access allowed; you will enter the remote router * |
|
|
CONFIGURE SERIAL PORT
|
R1(config)# interface serial 0/0/0 int f0/0 [moves into config for s0/0/0]
|
|
R1(config-if)# ip address 192.168.1.254 255.255.255.0 [sets ip & subnet]
|
|
R1(config-if)# no shut [powers on interface]
|
shut [powers off interface]
|
|
R1(config-if)# copy run start
|
CONFIGURE FAST ETHERNET PORT
|
R1(config)# interface f0/0 int f0/0[moves into config for f0/0]
|
|
R1(config-if)# ip address 192.168.1.254 255.255.255.0 [sets ip & subnet]
|
|
R1(config-if)# no shut [powers on interface]
|
shut [powers off interface]
|
|
R1(config-if)# copy run start
|
Configure VLAN
|
Create and Name VLANs |
|
Switch(config)# vlan 10
|
|
Switch(config-vlan)# name Support names vlan 10, "support"
|
|
Switch(config)# vlan 20 moves into vlan 20 from vlan 10
|
|
Switch(config)# name Development names vlan 20, "development"
|
|
Assign switchport access |
|
Switch(config)# int f0/1
|
|
Switch(config-if)# switchport access vlan 10 ` * |
|
Switch(config)# int f0/2 |
|
Switch(config-if)# switchport access vlan 20 ` * |
Routing Configuration
Gateway of Last Resort |
[restricted to edge [stub] routers only] |
R1(config)# ip route 0.0.0.0 0.0.0.0 s0/0/0 |
| |
Static Route administrative distance = 150
|
R1(config)# ip route 192.168.2.0 255.255.255.0 s0/0/0 150 |
routers only "know" what they are connected too
s* - default static route
c - direct connect
"Advanced" Show Commands
show access-list |
Displays the access-lists located on the device; including every line of the access-list [not which interface the list is list is applied to |
show vlan |
Displays info and status of VLANs [on the device] i.e. VLAN names, numbers, and the interfaces on which each VLAN can be found |
show ip protocols |
Displays info about Layer 3 protocols; RIP, OSPF and EIGRP [high level overview each protocol has its own show command] |
show interface trunk |
Displays all trunk ports on the device; which VLANs are allowed on which trunk, what the native VLAN is. |
Verification Commands
R1# show ip route |
displays routing table |
R1# show ip interface |
R1# show ip interface brief |
displays the interface configurations |
R1# show running-config |
| |
R1# show interface s0/0/0 |
| |
R1# show interface f0/0 |
| |
R1# show interface g0/0 |
R1# show version |
displays IOS info and previous method of restart |
R1# show mac address-table |
dispalys contents of MAC Address Table |
R1# *int g0/0 |
displays the listed interface info |
R1# show clock |
R1# clock set |
09:10:01 11 December 2019
|
** 'Do' - in front of a command will run the command at any level i.e. my device
(config)# do show ip interface brief -OR- my device (config)# do reload
Add a Ne
Managing IOS Files
R1# copy run flash:my config |
copies running config\saves to flash; names it my config
|
R1# erase start |
|
R1# copy flash:my config start |
copies my config and overwrites start up config
|
R1# copy run tftp |
requests a remote host |
add ip address of remote router
|
requests a file name |
add unique file name w/ data
|
R1# more flash:my config |
`allows you to view the config file |
Storage for Operating System
IOS - Flash
startup Config - NVRAM
Running config - RAM
Error Messages
% Invalid input detected at '^' marker |
You are at the wrong level to run command |
% Incomplete command |
[command brings a null response] |
This is not a bad command, there is just no results to display |
Your CLI command fails - are you in the right mode | level
- are you on the right device
Shortcuts
ctl+shift+6 |
stop current activity |
ctl+k |
erases from cursor to end of line |
ctl+x |
erases from cursor to beginning of line |
tab |
completes the command |
Misc
mydevice (config)# sdm pre dual def |
used if switch won't take IPv6 address |
Execute Commands
Build a server w/IP |
ip host Server1 1.1.1.1 |
Rename the router "My Router" |
hostname MyRouter |
|
