Show Running Configuration File
>show running-config
Show Startup Configuration File (NVRAM)
>show startup-config
Show Flash Memory Information
>show flash
Show Command History
>show history
Copy Changes from Running Config to the Startup Config
#copy running-config startup-config
Show Version (Platform Type / OS Revision / Last Boot / Memory / Interfaces /Conf Register)
>show version
Show Devices Clock (Time/Date)
>show clock
Show Users Connected to Device
>show users
Set password exec & non-exec (console / aux / telnet)
>enable #configure terminal #enable password EnablePass1 #line console 0 #login #password ConsolePass1 #exit #line aux 0 #login #password AuxPass1 #exit #line vty 0 4 #login #password TelnetPass1 #exit
Set Secret Password (recommended method)
>enable #configure terminal #enable secret EnableSecret1 #exit
Set a Warning Banner For Login Prompt
>enable #configure terminal #banner motd & #banner line1 #banner line2 & #exit
Set hostname
>enable #configure terminal #hostname router1 #prompt router01 #exit
Save Running Config to Startup Config
#copy running-configuration startup-configuration
Save Running Config to a Remote TFTP Server
#copy running-configuration tftp <enter IP> <enter filename>
Save Config From Remote TFTP Server to the Running Config
#copy tftp running-configuration <enter IP> <enter filename>
Erase NVRAM
#erase nvram
Show Summary of All Interfaces (IP & Status)
>show ip interface brief
Show Detailed Interface Information (All Interfaces)
>show interfaces
Show Detailed Interface Information (Single Interface)
>show interfaces serial 0
Show Detailed Interface Protocol Information (Single Interface)
>show ip interface serial 0
Show Status of Interface Layer 3 Protocols
>show protocols
Show Information About IP Routing Protocols
>show ip protocols
Show IP Routes (Interfaces that are routing)
>show ip route
Show Cached Hosts List
>show hosts
Set description for an interface
>enable #configure terminal #interface serial 0 #description this is the serial0 link to router2 #exit
Configure an IP for an interface
#configure terminal #interface Ethernet 0 #ip address 10.1.1.251 255.255.255.0 #exit
Enable an Interface
#configure terminal #interface Ethernet 0 #no shutdown #exit
Disable an Interface (Administratively Down)
#configure terminal #interface Serial 1 #shutdown #exit
Set Serial Interface Clock Rate (DCE Cable – Data Circuit-Terminating Equipment)
R1#configure terminal R1#interface serial 0 R1#clock rate 56000 R1#no shut R2#configure terminal R2#interface serial 0 R2#no shut
Set Serial Interface Bandwidth and Clock Rate
#configure terminal #interface serial 0 #bandwidth 64 #clock rate 64000 #exit
Create a Loopback Interface and Set the IP Address and Mask
R1#configure terminal R1#interface loopback 0 R1#ip address 10.1.100.1 255.255.255.0 R1#no shut
Show CDP General Information
>show cdp
Show CDP Interface Information
>show cdp interface
Show CDP Neighbors
>show cdp neighbors
Show CDP Neighbors Detail
>show cdp neighbors detail
Show Specific CDP Entry Details
>show cdp entry R4
Set / Adjust the Time between CDP Updates
#configure terminal (config)#cdp timer 45
Set / Adjust the CDP Information Hold Time
#configure terminal (config)#cdp holdtime 60
Disable CDP on the Entire Router
#configure terminal (config)#no cdp run
Enable CDP on the Entire Router
#configure terminal (config)#cdp run
Disable CDP on an Interface
#configure terminal (config)#interface Ethernet 0 (config-if)#no cdp run
Enable CDP on an Interface
#configure terminal (config)#interface Ethernet 0 (config-if)#cdp run
Show ARP Table
>show arp
Clear ARP Table
#clear arp
Telnet to another Device
>telnet 10.1.1.2 password: ****
Show Sessions
>show sessions
Disconnect from a session
>disconnect 1
Setup to Allow Telnet Logins
#conf term (config)#line vty 0 4 (config-line)#login (config-line)#password Pass1
Add an Entry to the Hosts Table
#conf term (config)#ip host California 192.168.10.1
Show IP Routes (S = Static)
>show ip route
Add a Static Route
#conf term #ip route 10.1.1.0 255.255.255.0 192.168.10.1
Remove a Static Route
#conf term #no ip route 10.1.1.0 255.255.255.0 192.168.10.1
Show IP Routes (S = Static * = Default Candidate)
>show ip route
Add a Default Route
#conf term #ip route 0.0.0.0 0.0.0.0 192.168.10.1
Remove a Default Route
#conf term #no ip route 0.0.0.0 0.0.0.0 192.168.10.1
Uses UDP port 520
Show IP Routes (R = RIP)
>show ip route
Show Information About IP Routing Protocols
>show ip protocols
Enable RIP
#conf term #router rip
Disable RIP
#conf term #no router rip
Add a Network for RIP Advertisements/Receives (Delay <30secs) #conf term
#router rip #network 10.0.0.0
Remove a Network from RIP Advertisements/Receives
#conf term #router rip #no network 10.0.0.0
Turn on RIP Debugging
#debug ip rip
Turn off RIP Debugging
#no debug ip rip
Clear and Re-Create IP Routing Table
#clear ip route *
Show IP Routes (I = IGRP)
>show ip route
Show Information About IP Routing Protocols
>show ip protocols
Enable IGRP
#conf term #router igrp 100
Add Networks Directly Connected to Router for IGRP Routing
#conf term #router igrp 100 #network 10.0.0.0
Remove Networks Directly Connected to Router for IGRP Routing
#conf term #router igrp 100 #no network 10.0.0.0
Show IP Routes (D = EIGRP)
>show ip route
Show Information About IP Routing Protocols
>show ip protocols
Show EIGRP Neighbours
>show ip eigrp neighbours
Show EIGRP Traffic, Shows EIGRP Packet Types Sent and Recieved
>show ip eigrp traffic
Enable EGRP 100
#conf term #router eigrp 100
Add Networks Directly Connected to Router for EIGRP Routing
#conf term #router eigrp 100 #network 10.0.0.0
Remove Networks Directly Connected to Router for EIGRP Routing
#conf term #router eigrp 100 #no network 10.0.0.0
Show Routing Table (O = OSPF)
>show ip route
Show Routing Protocol Information
>show ip protocols
Show the OSPF Database
>show ip ospf database
Show OSPF Neighbours
>show ip ospf neighbour
Show Interfaces Running OSPF – Detailed Information
>show ip ospf interface
Configure OSPF Routing and Set the Process Number
R1#conf term R1(config)#router ospf 100 R2#conf term R2(config)#router ospf 100 R3#conf term R3(config)#router ospf 100
Configure Networks that the Router is Connected to
R1#conf term R1(config)#router ospf 100 R1(config-router)#network 10.1.20.0 0.0.0.255 area 0 R1(config-router)#network 192.16.1.0 0.0.255.255 area 0 R2#conf term R2(config)#router ospf 100 R2(config-router)#network 10.1.20.0 0.0.0.255 area 0 R3#conf term R3(config)#router ospf 100 R3(config-router)#network 192.16.1.0 0.0.255.255 area 0
Set the Enable Secret on R1
R1#conf term R1#enable secret secretPassR1
Create a User on R1 with Same Password as R2’s Enable Secret
R1#username R2 password secretPassR2
Set an IP and Enable the Serial Interface on R1
R1#interface serial 0 R1#ip address 10.1.0.1 255.255.255.0 R1#no shutdown
Set Encapsulation for the Serial Interface to PPP on R1
R1#encapsulation ppp
Set PPP Authentication to CHAP for the Serial Interface on R1
R1#ppp authentication chap
Set the Enable Secret on R2
R2#conf term R2#enable secret secretPassR2
Create a User on R2 with Same Password as R1’s Enable Secret
R1#username R1 password secretPassR1
Set an IP and Enable the Serial Interface on R2
R2#interface serial 0 R2#ip address 10.1.0.2 255.255.255.0 R2#no shutdown
Set Encapsulation for the Serial Interface to PPP on R2
R2#encapsulation ppp
Set PPP Authentication to CHAP for the Serial Interface on R2
R2#ppp authentication chap
Show Serial Interface Details including Encapsulation Type
>show interfaces serial 0
Set an IP and Enable the Serial Interface on R1
R1#conf term R1#interface serial 0 R1#ip address 10.1.0.1 255.255.255.0 R1#no shutdown
Set Encapsulation for the Serial Interface to PPP on R1
R1#encapsulation ppp
Set an IP and Enable the Serial Interface on R2
R2#conf term R2#interface serial 0 R2#ip address 10.1.0.2 255.255.255.0 R2#no shutdown
Set Encapsulation for the Serial Interface to PPP on R2
R2#encapsulation ppp
Show Serial Interface Details including Encapsulation Type
>show interfaces serial 0
Show ISDN Status (Check Layer1 = Active, Layer2 = Multi-Frame Established)
>show isdn status
Show ISDN Interface Information
>show interface bri 0
Specify the ISDN Switch Type
#conf term #isdn switch-type basic-ni
Set the SPID for the Interface
#interface bri 0 #isdn spid1 32177820010100
Set the Dialler String on the Interface to Establish Layer 3
#interface bri 0 #dialer string 7782002
Setup a Dialer-list to Permit All IP Traffic
#dialer-list 1 protocol ip permit
Show ISDN Status (Check Layer1 = Active, Layer2 = Multi-Frame Established)
>show isdn status
Configure ISDN BRI-BRI using Legacy DDR
R1(config)#isdn switch-type basic-ni R1(config)#dialer-list 1 protocol ip permit R1(config)#username R2 password cisco R1(config)#interface bri0 R1(config-if)#encapsulation ppp R1(config-if)#ip address 200.10.1.1 255.255.255.0 R1(config-if)#isdn spid1 32177820010100 R1(config-if)#dialer-group 1 R1(config-if)#dialer map ip 200.10.1.2 name R2 broadcast 7782001 R1(config-if)#ppp authentication chap R1(config-if)#no shut R2(config)#isdn switch-type basic-ni R2(config)#dialer-list 1 protocol ip permit R2(config)#username R1 password cisco R2(config)#interface bri0 R2(config-if)#encapsulation ppp R2(config-if)#ip address 200.10.1.1 255.255.255.0 R2(config-if)#isdn spid1 32177820020100 R2(config-if)#dialer-group 1 R2(config-if)#dialer map ip 200.10.1.1 name R1 broadcast 7782002 R2(config-if)#ppp authentication chap R2(config-if)#no shut
Show ISDN Status (Check Layer1 = Active, Layer2 = Multi-Frame Established)
>show isdn status
Configure ISDN BRI-BRI using Dialer Profiles
R1(config)#isdn switch-type basic-ni R1(config)#dialer-list 1 protocol ip permit R1(config)#username R2 password cisco R1(config)#int bri0 R1(config-if)#encap ppp R1(config-if)#ppp authentication chap R1(config-if)#isdn spid1 32177820010100 R1(config-if)#dialer pool-member 1 R1(config-if)#no shut R1(config-if)#int dialer 1 R1(config-if)#no shut R1(config-if)#ip address 200.10.1.1 255.255.255.0 R1(config-if)#encap ppp R1(config-if)#dialer-group 1 R1(config-if)#dialer pool 1 R1(config-if)#dialer remote-name R2 R1(config-if)#dilaer string 7782001 R1(config-if)#ppp authentication chap R2(config)#isdn switch-type basic-ni R2(config)#dialer-list 1 protocol ip permit R2(config)#username R1 password cisco R2(config)#int bri0 R2(config-if)#encap ppp R2(config-if)#ppp authentication chap R2(config-if)#isdn spid1 32177820020100 R2(config-if)#dialer pool-member 1 R2(config-if)#no shut R2(config-if)#int dialer 1 R2(config-if)#no shut R2(config-if)#ip address 200.10.1.2 255.255.255.0 R2(config-if)#encap ppp R2(config-if)#dialer-group 1 R2(config-if)#dialer pool 1 R2(config-if)#dialer remote-name R1 R2(config-if)#dilaer string 7782002 R2(config-if)#ppp authentication chap
Show ISDN Status (Check Layer1 = Active, Layer2 = Multi-Frame Established)
>show isdn status
Configure ISDN PRI using Dialer Profiles
R1(config)#isdn switch-type basic-ni R1(config)#dialer-list 1 protocol ip permit R1(config)#username R2 password cisco R1(config)#interface bri0 R1(config-if)#encap ppp R1(config-if)#ppp authentication chap R1(config-if)#isdn spid1 32177820010100 R1(config-if)#dialer pool-member 1 R1(config-if)#no shut R1(config-if)#int dialer 2 R1(config-if)#no shut R1(config-if)#ip add 201.10.1.1 255.255.255.0 R1(config-if)#encap ppp R1(config-if)#dialer-group 1 R1(config-if)#dialer pool 1 R1(config-if)#dialer remote-name R2 R1(config-if)#dialer string 7782001 R1(config-if)#ppp authentication chap R2(config)#isdn switch-type primary-5ess R2(config)#dialer-list 1 protocol ip permit R2(config)#username R1 password cisco R2(config)#controller tl 0/0 R2(config-contoller)#framing esf R2(config-contoller)#linecode b8zs R2(config-contoller)#pri-group timeslots 1-24 R2(config-contoller)#exit R2(config)#interface serial0/0:23 R2(config-if)#encapsulation ppp R2(config-if)#ppp authentication chap R2(config-if)#dialer pool-member 2 R2(config-if)#no shut R2(config-if)#interface dialer 2 R2(config-if)#ip add 201.10.1.2 255.255.255.0 R2(config-if)#encaps ppp R2(config-if)#dialer-group 1 R2(config-if)#dialer pool 2 R2(config-if)#dialer remote-name R1 R2(config-if)#dialer string 7782002 R2(config-if)#ppp authentication chap R2(config-if)#no shut
Show IPX Interface Information
>show ipx interface
Show IPX Interface Information Brief
>show ipx interface brief
Show IPX Traffic
>show ipx traffic
Enable IPX Routing on Both Routers
#conf term #ipx routing
Assign an IPX Network to the Ethernet Interfaces on the Routers
#interface Ethernet 0 (config-if)#ipx network AAA (config-if)#no shut
Show Global Frame-Relay Traffic Statistics
>show frame-relay traffic
Show Frame-Relay LMI (Local Management Interface) Traffic
>show frame-relay lmi
Show Frame-Relay Mappings of DLCI (Layer 2) to the IP Address (Layer 3)
>show frame-relay map
Show Frame-Relay PVC (Permanent Virtual Circuit) Mappings between Router and the Frame-Relay Switch
>show frame-relay pvc
Set the Interfaces Encapsulation to Frame-Relay on Both Routers
#interface serial 0 #encapsulation frame-relay #no shut
Set the Frame-Relay Interface DLCI (Data Link Connection Identifer) for the Connection
R1(config-if)#frame-relay interface-dlci 102 R2(config-if)#frame-relay interface-dlci 202
Create Sub Interface and IP for Each Connection and Set DLCI on Connections
R1(config-if)#interface serial 0.100 point-to-point R1(config-subif)#frame-relay interface-dlci 102 R1(config-subif)#ip address 172.16.1.1 255.255.255.0 R1(config-if)#interface serial 0.200 point-to-point R1(config-subif)#frame-relay interface-dlci 103 R1(config-subif)#ip address 172.16.1.2 255.255.255.0 R2(config-if)#interface serial 0.100 point-to-point R2(config-subif)#frame-relay interface-dlci 201 R2(config-subif)#ip address 172.16.2.1 255.255.255.0 R3(config-if)#interface serial 0.100 point-to-point R3(config-subif)#frame-relay interface-dlci 301 R3(config-subif)#ip address 172.16.2.1 255.255.255.0
Set the LMI (Local Management Interface) Type
#conf term (config)#int serial1 (config-if)#frame-relay lmi-type ansi
Set Frame Relay Map IP
#conf term (config)#int serial1 (config-if)#frame-relay map ip 10.50.1.1 105 broadcast
Show Access Lists
>show access-lists >show access-lists 1 >show access-lists 99
View Access Lists Applied to an Interface
>show ip interface access-list [#(1-99) ] [permit | deny] [source-address | keyword any] [source mask]
Create an Access List to Deny
#conf term (config)#access-list 1 deny host 192.168.20.1 (config)#access-list 1 deny 192.168.20.2 (config)#access-list 1 deny 192.168.20.3 0.0.0.0
Create an Access List to Permit
#conf term (config)#access-list 1 permit any
Delete an Access List
#conf term (config)#no access-list 1 ip access-group [access-list] [in | out]
Add the Access Group to an Interface (in/out)
#conf term (config)#interface ethernet 0 (config-if)#ip access-group 1 in (config-if)#ip access-group 20 out
Remove the Access Group from an Interface (in/out)
#conf term (config)#interface ethernet 0 (config-if)#no ip access-group 1 in
Show Access Lists
>show access-lists >show access-lists 101 (100-199 and 2000-2699)
View Access Lists Applied to an Interface
>show ip interface
Create an Extended Access List
#conf term (config)#access-list 101 deny icmp any any echo (config)#access-list 101 permit tcp 24.17.2.16 0.0.0.15 any eq telnet log (config)#access-list 102 permit tcp 24.17.2.0 0.0.0.15 any log (config)#access-list 103 permit ip host 192.168.1.123 host 192.168.1.12 log
Delete an Extended Access List
#conf term (config)#no access-list 101 permit tcp 24.17.2.16 0.0.0.15 any eq telnet log
Add the Access Group to an Interface (in/out)
ip access-group [access-list] [in | out] #conf term (config)#interface ethernet 0 (config-if)#ip access-group 101 in (config-if)#ip access-group 102 out
Remove the Access Group from an Interface (in/out)
#conf term (config)#interface ethernet 0 (config-if)#no ip access-group 101 in
Show Access Lists
>show access-lists
Create a Named Access List to Deny Ping and Log
#conf term (config)#ip access-list extended deny_icmp_ping (config-ext-acl)#deny icmp host 192.168.1.20 192.168.1.1 0.0.0.0 log (config-ext-acl)#permit ip any any log
Delete a Named Access List
#conf term (config)#no ip access-list extended deny_icmp_ping
Add the Named Access Group to an Interface (in/out)
#conf term (config)#interface FA0/0 (config-if)#ip access-group deny_icmp_ping in
Remove the Named Access Group from an Interface (in/out)
#conf term (config)#interface FA0/0 (config-if)#no ip access-group deny_icmp_ping in
Show IP NAT Translations
>show ip nat translations
Clear IP NAT Translations
#clear ip nat translation *
Show IP NAT Statistics
>show ip nat statistics
Add a Static NAT
#conf term (config)#ip nat inside source static 10.50.1.2 10.70.1.2 (config)#interface ethernet 0 (config-if)#ip nat inside (config-if)#interface serial 0 (config-if)#ip nat outside
Remove a Static NAT
#conf term (config)#no ip nat inside source static 10.50.1.2 10.70.1.2
Add a Many-To-One NAT
#conf term (config)#access-list 11 permit 10.50.1.0 0.0.0.255 (config)#ip nat inside source list 11 interface serial 0 overload (config)#interface ethernet 0 (config-if)#ip nat inside (config-if)#interface serial 0 (config-if)#ip nat outside
Remove a Many-To-One NAT
#conf term (config)#no ip nat inside source static 10.50.1.2 10.70.1.2
Add a Dynamic NAT
#conf term (config)#ip nat pool poolname1 10.50.1.100 10.50.1.150 netmask 255.255.255.0 (config)#ip nat inside source list 2 pool poolname1 (config)#interface ethernet 0 (config-if)#ip nat inside (config-if)#interface serial 0 (config-if)#ip nat outside
Remove a Dynamic NAT
#conf term (config)#no ip nat pool pool1 10.50.1.100 10.50.1.150 netmask 255.255.255.0
Add a PAT
#conf term (config)#ip nat inside source list 2 interface serial 0 overload
Remove a PAT
#conf term (config)#no ip nat inside source list 2 interface serial 0 overload