Cisco IOS Quick Reference Cheat Sheet 2.1
Cisco IOS Quick Reference Cheat Sheet 2.1
Uploaded by
Rohit DaryananiCopyright:
Available Formats
Cisco IOS Quick Reference Cheat Sheet 2.1
Cisco IOS Quick Reference Cheat Sheet 2.1
Uploaded by
Rohit DaryananiCopyright
Available Formats
Share this document
Did you find this document useful?
Is this content inappropriate?
Copyright:
Available Formats
Cisco IOS Quick Reference Cheat Sheet 2.1
Cisco IOS Quick Reference Cheat Sheet 2.1
Uploaded by
Rohit DaryananiCopyright:
Available Formats
Cisco IOS Quick Reference Cheat Sheet 2.
1
CISCO IOS QUICK REFERENCE CHEAT SHEET 2.1 ..............1 ROUTER MODES ...................................................................... 1 QUICK START .......................................................................... 1 RESTRICT ACCESS TO ROUTER .................................................... 1 PERFORM PASSWORD ENCRYPTION SERVICE................................. 1 SETUP SSH AND DISABLE TELNET ............................................... 1 DOING THE DO COMMAND ........................................................ 1 CONFIGURATIONS: VIEW, SAVE, ERASE ....................................... 1 SDM BASIC SETUP FOR HTTP, HTTPS ........................................... 1 CONFIGURE AN INTERFACE ........................................................ 2 CONNECTIVITY ......................................................................... 2 TELNET ................................................................................... 2 DEFAULT AND STATIC ROUTES.................................................... 2 DHCP SERVER ........................................................................ 2 NAT / PAT ............................................................................ 2 PRIVILEGE LEVEL ACCOUNT ........................................................2 SWITCH: BASICS .......................................................................2 SWITCH: PORT SECURITY ...........................................................2 SWITCH: VLAN ........................................................................3 SWITCH: CONFIGURE PORT AS A TRUNK PORT ...............................3 SWITCH: VTP (VERSION 1) ........................................................3 INTER-VLAN ROUTING .............................................................3 RIP ........................................................................................3 BGP.......................................................................................3 EIGRP....................................................................................3 OSPF: ....................................................................................3 ACCESS LIST: ............................................................................4 SEND LOGGING TO SYSLOG SERVER...............................................4 SET CLOCK...............................................................................4
Router Modes
R> (User-mode prompt) R# (Privileged-mode prompt) R(config)# (Global configuration mode) R(config-if)# (Interface mode) R(config-subif)# (Sub interface mode) R(config-line)# (Line mode) R(config-router)# (Router configuration mode)
Perform Password Encryption Service
R(config)# service password-encryption
Setup SSH and Disable Telnet
R(config)# ip domain-name [R1.MrCambron.com] R(config)# crypto key generate rsa general-keys modulus [1024] R(config)# ip ssh time-out [180] R(config)# ip ssh authentication-retries [2] R(config)# line vty 0 4 R(config-line)# transport input ssh
Quick Start
R> enable R# config terminal R(config)# hostname [Router1] R(config)# exit R# R# ? (Help with commands)
Doing the do Command
(No need to be in R#) R(config)# do show run R(config)# do show int fa0/0 R(config)# do ping [172.16.0.1]
Configurations: View, Save, Erase
R# show running-config R# show startup-config R# copy run start (Copies run as startup-config) R# write R# erase start R# reload (Reboots the router)
Restrict Access to Router
Privileged-mode
R(config)# enable password [password] (Plain Text) R(config)# enable secret [password] (Hashed)
User-mode
(Select a line) R(config)# line console 0 R(config)# line vty 0 4 R(config)# line aux 0 R(config)# password [password] R(config)# login R(config)# exec-timeout [10] [0] (M, S) Cisco IOS Quick Reference Cheat Sheet 2.1
SDM Basic Setup for http, https
R(config)# int fa0/0 R(config-if)# ip address [10.10.10.1] [255.255.255.248] R(config-if)# no shutdown R(config)# ip http server R(config)# ip http secure-server R(config)# ip http authentication local 1 of 4
R(config)# username [cisco] privilege 15 password 0 [cisco] R(config)# line console 0 R(config-line)# login local R(config)# line vty 0 4 R(config-line)# privilege level 15 R(config-line)# login local R(config-line)# transport input ssh
NAT
R(config)# ip nat inside source static [10.10.10.2 209.165.200.224] R(config)# int [fa0/0] (Inside interface) R(config-if)# ip nat inside R(config)# int [serial0/0] (Outside interface) R(config-if)# ip nat outside
Dynamic NAT
R(config)# access-list 1 permit 172.17.0.0 0.0.0.255 R(config)# ip nat pool pub-addr 209.165.202.131 209.165.202.140 R(config)# ip nate inside source list 1 pool pud-addr R(config)# int fa0/0 R(config)# ip address 172.17.0.1 255.255.255.0 R(config)# ip nat inside R(config)# int ser0/0/0 R(config)# ip address 209.165.202.1 255.255.255.0 R(config)# ip nat outside
Configure an Interface
R(config)# interface [fa0/0] R(config-if)# description [Sales VLAN] R(config-if)# ip address [192.168.1.10 255.255.255.0] R(config-if)# no shutdown R(config-if)# clock rate [64000] (only for Serial DCE) PPP Encapsulation (Phases: LCP, Authentication, NCP) R(config-if)# encapsulation ppp
PPP Authentication Using chap
R(config)# hostname RA RA(config)# username RB password cisco RA(config-if)# ppp authentication chap
PAT
R(config)# access-list 1 permit 172.17.0.0 0.0.0.255 R(config)# ip nat inside source list 1 int ser0/0/0 overload R(config)# int fa0/0 (inside) R(config)# ip nat inside R(config)# int ser0/0/0 (outside) R(config)# ip nat outside R# show ip nat translations (Verify NAT translation)
Troubleshooting and Viewing Information
R# show controllers serial 0/0/0 (layer 1 and layer 2 info) R# show ip interface brief R# show interface (View LCP is open) R# debug ppp negotiations (PPP packets during startup phase) R# debug ppp packet (real-time PPP packet flow)
Privilege Level Account
R(config)# username [admin] privilege 15 password 0 [cisco]
Connectivity
R# ping [172.16.0.1] R# traceroute [172.16.0.1] R# telnet [172.16.0.1] R# show interface [fa0/0] R# show ip interface [fa0/0] (layer 3)
Switch: Basics
S# erase start S# delete vlan.dat S# reload S# show run S# show ip interface
Telnet
R> telnet 172.16.0.1 R1# terminal monitor (Displays console messages) R1# terminal no monitor
Switch: Port Security
S(config)# interface fa0/18 (use this or next line) S(config)# interface range fa0/1 - 24 S(config-if)# switch port-security
Default and Static Routes
R(config)# ip route [0.0.0.0 0.0.0.0 172.17.0.2] R(config)# ip route [172.18.0.0 255.255.0.0] [172.17.0.2] R# show ip route
Port Security Options
S(config-if)# switchport port-security mac-address [MAC: MAC_Address | Sticky: (Last Source MAC)] S(config-if)# switchport port-security maximum [Max# MAC allowed] S(config-if)# Switchport port-security violation [shutdown | restrict | protect]
DHCP Server
R(config)# ip dhcp pool [Pool_Name] R(dhcp-config)# network [172.16.0.0 255.255.0.0] R(dhcp-config)# dns-server [172.16.0.1 172.16.0.2] R(dhcp-config)# default-router [172.16.0.1] R(config)# ip dhcp excluded-address [172.16.0.1 172.16.1.99]
Disable Port Security
S(config)# interface fa0/18 S(config-if)# no switchport port-security
NAT / PAT
Cisco IOS Quick Reference Cheat Sheet 2.1
Troubleshoot and View Status of Port Security
2 of 4
S# show port-security address S# show port-security interface [fa0/1] S# show mac-address-table
R# debug ip route
RIP: Misc Commands
R(config-router)# no auto-summary R(config-router)# passive-interface [fa0/0] R# show ip rip database
Switch: VLAN
S(config)# vlan [vlan_number] S(config-vlan)# name[vlan_name]
RIP: Troubleshoot
R# show ip route R# show ip protocol R# show running-config R# show interfaces R# show ip interface R# show ip route R# debug ip rip
Assign Ports to a VLAN
S(config)# interface fa0/1 S(config-if)# switchport access vlan [vlan_number]
Remove a VLAN
S(config)# no vlan [vlan_number] S(config)# interface fa0/1 S(config-if)# no switchport access vlan [vlan_number]
Verify VLAN
S# show vlan ?
BGP
R(config)# router bgp [100-AS number] R(config-router)# neighbor [10.10.10.10] remote-as [100] R(config-router)# network [172.19.0.0]
Switch: Configure port as a Trunk Port
S(config)# interface fa0/1 S(config-if)# switchport mode truck S(config-if)# switchport trunk encapsulation [dot1q | ISL | negotiate]
EIGRP
R(config)# router eigrp [AS_Number] (AS must match) R(config-router)# network [172.16.0.0] R(config-router)# network [172.19.0.0]
Configure a Port to Detect Trunk Link
S(config-if)# switchport mode dynamic [desireable | auto]
EIGRP - Passive Interface
R(config-router)# passive-interface serial0/1
Configure native VLAN on a Trunk Port
S(config-if)# dot1q native vlan [vlan_id]
EIGRP - Key Creation
R(config)# key chain [name_of_chain] R(config-keychain)# key 1 R(config-keychain-key)# key-string [san_fran] R(config)# interface [serial0/0/1] R(config-if)# ip authentication mode eigrp [AS_num] md5 R(config-if)# ip authentication key-chain eigrp [100 AS_R1]
Configure a Port back to an access port
S(config-if)# no switchport mode trunk (or next line) S(config-if)# switchport mode access Switch: VTP (Version 1) S(config)# vtp domain [vtp_domain] S(config)# vtp mode [server | client | transparent] S(config)# vtp password [password] S# show vtp [status | password | counters] S# show vlan brief
EIGRP - Manual Summarization
R(config-router)# no auto-summarization R(config-if)# ip summary-address eigrp 1 172.17.0.0 255.255.255.0
Configure VTP Server and add VLANs
S# vlan database S(vlan)# ?
Inter-VLAN Routing
R(config)# interface fa0/1 R(config-if)# no ip address R(config-if)# no shutdown R(config)# interface fa0/1.10 R(config-subif)# encapsulation dot1q10 R(config-subif)# ip address 192.168.10.1 255.255.255.0
EIGRP - Information and Troubleshoot
R# show ip eigrp topology (Examine topology tables) R# show ip eigrp traffic (Examine statistics) R# show ip route (Examine routing tables) R# debug ip eigrp (Observe routing activity) R# debug ip route (Observe routing activity)
OSPF:
Enable and Advertise Networks
R(config)# router ospf [process_id] (1-65535) R(config-router)# network 192.168.10.0 0.0.0.3 area [0] R(config-router)# area [0] authentication message-digest
RIP
R(config)# router rip R(config-router)# version 2 R(config-router)# network [192.168.4.0] R# show ip route Cisco IOS Quick Reference Cheat Sheet 2.1
3 of 4
R(config-if)# ip address 10.0.1.1 255.255.255.0 R(config-if)# ip ospf message-digest-key 10 md5 [area_password] R# show ip ospf ? R# debug ip ospf ?
Named
R(config)# access-list [standard|extended] SALES-ONLY R(config-ext-nacl)# permit 192.168.20.0 0.0.0.255 R(config-ext-nacl)# permit host 192.168.10.3 R(config-ext-nacl)# deny any
Tuning Priority
R(config-if)# ip ospf priority [1-255]
Assign ACL to an Interface
R(config-if)# ip access-group [100] [in|out]
Tune Router ID, Loopback Address, Int Address
R(config-router)# router-id 10.1.1.1 (Router ID) R(config-if)# ip address 10.1.1.1 255.255.255.255 (Loopback Address) R(config-if)# ip address 192.168.1.0 255.255.255.0 (Interface Address) (After changing int priority or router ID use next line) R# clear ip ospf process
Assign ACL to vty
R(config-line)# access-class 1 in
Default ACL Match Tracking
R# show access-list [1|100|name] (how many matches)
ACL Console Logging
R(config)# no access-list 100 R(config)# access-list 100 permit ip host 192.168.1.2 0.0.0.255 any log R(config)# access-list 100 deny ip any any log R# no logging console (turns off)
Tune Reference Bandwidth
R(config-router)# auto-cost reference-bandwidth [10000] (Mbit)
Configure Interface Cost Value
R(config)# ip ospf cost
Configuring an ACL with NAT
R1(config)# int fa0/0 R1(config-if)# ip address 192.168.1.1 R1(config-if)# ip access-group 10 in R1(config-if)# ip nat inside R1(config)# int Ser0/0/0 R1(config-if)# ip address 209.165.201.1 R1(config-if)# ip nat outside R(config)# ip nat inside source list 1 int ser0/0/0 overload R(config)# access-list 10 permit 192.168.1.0 0.0.0.255
Propagating a Default Router
R(config)# ip router 0.0.0.0 0.0.0.0 serial0/0/0 R(config-router)# default0information originate
Configuring OSPF Summarization
R# area 0 range 192.168.0.0 255.255.252.0
Verify and Troubleshoot
R# show ip protocols R# show ip ospf ? R# show ip route R# debug ip ospf ?
Troubleshooting and Viewing ACLs
R# show access-lists (Displays all ACLs) R# clear access-list counters R# debug ip packet
Access List:
Standard (Place close to destination)
R(config)# access-list [1-99|1300-1999] remark [To servers] R(config)# access-list 1 [deny|permit] [source] [mask] R(config)# access-list 1 permit any R(config)# no access-list 1 Extended (Place close to source) R(config)# access-list [100-199|2000-2699] remark [to servers] R(config)# access-list 100 [permit|deny] [tcp|ip|ospf] [source] [mask] host [destination] [mask] [eq|gt|lt] [tcp_port] R(config)# access-list 100 permit ip host 192.168.1.10 host 192.168.5.10 R(config)# access-list 100 permit tcp any host 10.10.10.250 eq 80 R(config)# access-list 101 permit tcp any any established R(config)# access-list 123 tcp host 172.16.1.2 any range ftp-data ftp
Send logging to syslog server
R1# clock set 15:22:00 may 17 2007 R1(config)# clock timezone cst -8 R1(config)# service timestampts R1(config)# logging 192.168.1.6 R1(config)# no logging console
Set Clock
R# clock set 18:30:00 sep 17 2008 R# clock timezone EST -8
Cisco IOS Quick Reference Cheat Sheet 2.1
4 of 4
You might also like
- Network Security All-in-one: ASA Firepower WSA Umbrella VPN ISE Layer 2 SecurityFrom EverandNetwork Security All-in-one: ASA Firepower WSA Umbrella VPN ISE Layer 2 SecurityNo ratings yet
- Cisco CCNA Command Guide: An Introductory Guide for CCNA & Computer Networking Beginners: Computer Networking, #3From EverandCisco CCNA Command Guide: An Introductory Guide for CCNA & Computer Networking Beginners: Computer Networking, #34/5 (1)
- Cisco IOS Quick Reference Cheat Sheet 2.1No ratings yetCisco IOS Quick Reference Cheat Sheet 2.14 pages
- Cisco IOS Quick Reference Cheat Sheet 2.0No ratings yetCisco IOS Quick Reference Cheat Sheet 2.09 pages
- Cisco IOS Quick Reference Cheat Sheet 2.1No ratings yetCisco IOS Quick Reference Cheat Sheet 2.15 pages
- Cisco Router Configuration Commands For StudentNo ratings yetCisco Router Configuration Commands For Student11 pages
- Cisco Command Summary: Cisco Router Configuration CommandsNo ratings yetCisco Command Summary: Cisco Router Configuration Commands13 pages
- 8.2.4.5 Lab - Configuring Basic Single-Area OSPFv2No ratings yet8.2.4.5 Lab - Configuring Basic Single-Area OSPFv24 pages
- Comandos - Configuração de Equipamentos Cisco - RouterNo ratings yetComandos - Configuração de Equipamentos Cisco - Router4 pages
- Konfigurasi R1 Masuk Global Konfigurasi (Konfigurasi Hostname, Password Privillage Mode)No ratings yetKonfigurasi R1 Masuk Global Konfigurasi (Konfigurasi Hostname, Password Privillage Mode)4 pages
- Cisco Command Summary: Cisco Router Configuration CommandsNo ratings yetCisco Command Summary: Cisco Router Configuration Commands5 pages
- Configuracion de Un Router Cisco: Autor: Ing. Héctor Umeres ANo ratings yetConfiguracion de Un Router Cisco: Autor: Ing. Héctor Umeres A37 pages
- Using The Commands On The Router: Show Version Show Ip Interface Brief (Or Show Interface)No ratings yetUsing The Commands On The Router: Show Version Show Ip Interface Brief (Or Show Interface)8 pages
- Network with Practical Labs Configuration: Step by Step configuration of Router and Switch configurationFrom EverandNetwork with Practical Labs Configuration: Step by Step configuration of Router and Switch configurationNo ratings yet
- CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting NetworkFrom EverandCISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting NetworkNo ratings yet
- LEARN MPLS FROM SCRATCH PART-B: A Beginners guide to next level of networkingFrom EverandLEARN MPLS FROM SCRATCH PART-B: A Beginners guide to next level of networkingNo ratings yet
- PLC: Programmable Logic Controller – Arktika.: EXPERIMENTAL PRODUCT BASED ON CPLD.From EverandPLC: Programmable Logic Controller – Arktika.: EXPERIMENTAL PRODUCT BASED ON CPLD.No ratings yet
- Multicore DSP: From Algorithms to Real-time Implementation on the TMS320C66x SoCFrom EverandMulticore DSP: From Algorithms to Real-time Implementation on the TMS320C66x SoCNo ratings yet
- Network Security All-in-one: ASA Firepower WSA Umbrella VPN ISE Layer 2 SecurityFrom EverandNetwork Security All-in-one: ASA Firepower WSA Umbrella VPN ISE Layer 2 Security
- Cisco CCNA Command Guide: An Introductory Guide for CCNA & Computer Networking Beginners: Computer Networking, #3From EverandCisco CCNA Command Guide: An Introductory Guide for CCNA & Computer Networking Beginners: Computer Networking, #3
- Cisco Command Summary: Cisco Router Configuration CommandsCisco Command Summary: Cisco Router Configuration Commands
- 8.2.4.5 Lab - Configuring Basic Single-Area OSPFv28.2.4.5 Lab - Configuring Basic Single-Area OSPFv2
- Comandos - Configuração de Equipamentos Cisco - RouterComandos - Configuração de Equipamentos Cisco - Router
- Konfigurasi R1 Masuk Global Konfigurasi (Konfigurasi Hostname, Password Privillage Mode)Konfigurasi R1 Masuk Global Konfigurasi (Konfigurasi Hostname, Password Privillage Mode)
- Cisco Command Summary: Cisco Router Configuration CommandsCisco Command Summary: Cisco Router Configuration Commands
- Configuracion de Un Router Cisco: Autor: Ing. Héctor Umeres AConfiguracion de Un Router Cisco: Autor: Ing. Héctor Umeres A
- Using The Commands On The Router: Show Version Show Ip Interface Brief (Or Show Interface)Using The Commands On The Router: Show Version Show Ip Interface Brief (Or Show Interface)
- Network with Practical Labs Configuration: Step by Step configuration of Router and Switch configurationFrom EverandNetwork with Practical Labs Configuration: Step by Step configuration of Router and Switch configuration
- CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting NetworkFrom EverandCISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
- Network with Practical: ALL PACKET TRACER LABSFrom EverandNetwork with Practical: ALL PACKET TRACER LABS
- First Hop Redundancy Protocol: Network Redundancy ProtocolFrom EverandFirst Hop Redundancy Protocol: Network Redundancy Protocol
- LEARN MPLS FROM SCRATCH PART-B: A Beginners guide to next level of networkingFrom EverandLEARN MPLS FROM SCRATCH PART-B: A Beginners guide to next level of networking
- CCNA Certification Study Guide Volume 2: Exam 200-301 v1.1From EverandCCNA Certification Study Guide Volume 2: Exam 200-301 v1.1
- PLC: Programmable Logic Controller – Arktika.: EXPERIMENTAL PRODUCT BASED ON CPLD.From EverandPLC: Programmable Logic Controller – Arktika.: EXPERIMENTAL PRODUCT BASED ON CPLD.
- Multicore DSP: From Algorithms to Real-time Implementation on the TMS320C66x SoCFrom EverandMulticore DSP: From Algorithms to Real-time Implementation on the TMS320C66x SoC