Cisco Command List (Clear Configuration and Recover Password)

100% Pass Cisco, PMP, CISA, CISM, AWS Practice test on SALE! Get Now

Home/

Blog/

SPOTO 2024-11-29 15:20:06

Table of Contents

Cisco Command Set – Routing Protocols and Troubleshooting

Cisco: To clear the configuration, use: erase startup-config (which deletes the contents of NVRAM), then reboot the router with: reload.

Huawei: To clear the configuration, use: reset saved-configuration, then reboot the router with: reboot.

Cisco Router and Switch Password Recovery:

Selective Routing Advertisement:

For example, in RIP configuration, configure the S0 interface to only receive but not send RIP advertisements.

Router(config)#router rip
Router(config-router)#passive-interface serial 0

About Keyboard Shortcuts:

Ctrl+B (backward): Move the cursor one character to the left.
Ctrl+F (forward): Move the cursor one character to the right.
Ctrl+A (A stands for "beginning"): Move the cursor to the beginning of the command.
Ctrl+E (end): Move the cursor to the end of the command.
Esc+B (backward): Move the cursor one word to the left.
Esc+F (forward): Move the cursor one word to the right.
Ctrl+Z: Exit privileged mode at once (Router#).

About Modes:

User Mode (User Execution Mode): The initial mode when connecting to a router, characterized by the ">" prompt. In this mode, you can only view the configuration and status of the router but cannot make changes. To configure the router, you must enter Privileged Mode.
Privileged Mode (Privilege Execution Mode): To enter this mode, use the command enable. If a password is set, you will need to enter the correct password. This mode is characterized by the "#" prompt.
Global Configuration Mode: From Privileged Mode, you can enter this mode by using the command configure terminal. In this mode, you can make global configurations.
Specific Configuration Modes: These include router interface configuration mode, router sub-interface configuration mode, routing protocol configuration mode, line configuration mode, and more.

Mode Transitions:

After connecting to the router, you first enter User Mode, which is characterized by the ">" symbol. In this mode, you can only view the router's configuration and status, but you cannot configure it.
To make configurations, you must enter Privileged Mode. Use the command enable to enter, and if a password is set, it must be entered correctly.
In Privileged Mode, the prompt will change to "#".
To enter Global Configuration Mode from Privileged Mode, use the command configure terminal.

Commands to Enter Specific Configuration Modes from Global Configuration Mode:

Privileged Mode → Router Interface Configuration Mode:
- For serial interface: interface serial ??
- For Ethernet interface: interface ethernet ??
Privileged Mode → Router Sub-interface Configuration Mode: subinterface
Privileged Mode → Routing Protocol Configuration Mode: router rip
Privileged Mode → Line Configuration Mode: line vty ??

Commands and Usage in Different Modes:

User Mode (Router>):

show ping, telnet, connect: These commands are used the same way as in Privileged Mode.

Privileged Mode (Router#):

show users: View all users connected to the router.
show hosts: View the IP-to-name mapping table.
show arp: View the ARP (Address Resolution Protocol) table.
show protocol: View the router's protocol status.
show version: View the version of the IOS and memory information.
show flash: View the flash memory usage.
show clock: View the current time of the router.
show history: View the last ten commands entered.
show ip interface brief: View the IP settings and status of router interfaces.
show interfaces: View the status of all router interfaces.
show interfaces [specific interface]: View the status of a specific router interface.
show running-config: View the configuration file in RAM.
show startup-config: View the configuration file in NVRAM.
show cdp: View CDP information.
show cdp entry ??: View information about a specific neighboring router.
show cdp neighbors: View all neighboring routers.
show cdp neighbors detail: View detailed information about all neighboring routers.
show cdp traffic: View information about CDP packets.
show cdp ?? (port number): View CDP information for a specific port.
show session: View the status of the original router during a remote login session.
clear cdp counters: Clear CDP counters.
clear cdp table: Clear the CDP information.
copy running-config startup-config: Copy the configuration file in RAM to NVRAM.
copy startup-config running-config: Copy the configuration file in NVRAM to RAM.
copy tftp running-config: Copy the configuration file from a TFTP server to RAM.
copy running-config tftp: Copy the configuration file from RAM to a TFTP server.
ping ?? (hostname or IP): Test the connectivity between the router and a remote router.
telnet ?? (hostname or IP): Log in to a remote router (requires login password).
connect ?? (hostname or IP): Similar to telnet for remote login.
traceroute ?? (hostname or IP): Trace the route to a destination router.

Commands in Global Configuration Mode:

hostname ?? (name): Change the router's hostname.
enable password ??: Change the password for entering Privileged Mode.
enable secret ??: Change the secret password for entering Privileged Mode (this password is encrypted).
clock set hour:minute:second day month year: Set the router's time.
ip host ?? (name) ?? (IP address): Add a hostname-to-IP address mapping.
service password-encryption: Enable encryption for all passwords (the enable secret password is already encrypted).
cdp run: Enable CDP (Cisco Discovery Protocol) on all interfaces.
cdp timer: Set the CDP advertisement timer.
cdp holdtime: Set the CDP hold time.
end: Exit from Global Configuration Mode to User Mode.
exit: Exit one level at a time (use multiple exit commands to progressively step out).

Commands in Interface Configuration Mode:

ip address ?? (IP address): Set the IP address for the interface.
no shutdown: Enable the interface (bring it up).
shutdown: Disable the interface (bring it down).
clock rate ??: Set the clock rate for the DCE (Data Circuit-Terminating Equipment) side (DTE does not need this).
cdp enable: Enable CDP (Cisco Discovery Protocol) on the interface.

Commands in Line Configuration Mode:

line vty 0 4
password ??
login: Enable login for the virtual terminal lines using the configured password.

Most Common Cisco Command Categories:

1. Switch Configuration Commands:

Mode Transition Commands:

User Mode → Privileged Mode: Use the command enable.
Privileged Mode → Global Configuration Mode: Use the command config t.
Global Configuration Mode → Interface Mode: Use the command interface [interface type] [interface number].
Global Configuration Mode → Line Configuration Mode: Use the command line [interface type] [interface number].

Note:

User Mode: Used to view initialization information.
Privileged Mode: Used to view all information, debug, and save configuration information.
Global Configuration Mode: Used to configure overall settings for the router or switch, affecting all interfaces.
Interface Mode: Used to configure settings for a specific interface.
Line Configuration Mode: Used to configure control settings for the router's interfaces.

Configuration Commands:

show running-config: Display all configurations.
show version: Display version number and register values.
shutdown: Disable the interface.
no shutdown: Enable the interface.
ip address [IP address]: Configure an IP address for the interface.
secondary [IP address]: Configure a secondary IP address for the interface.
show interface [interface type] [interface number]: View the interface status and configuration.
show controllers [interface]: Check if the interface has a DCE cable connected.
show history: View the history of commands entered.
show terminal: View terminal settings, including terminal buffer size.
hostname [hostname]: Configure the router or switch hostname.
config memory: Modify the startup configuration saved in NVRAM.
exec-timeout 0 0: Set the console session timeout to zero (no timeout).
service password-encryption: Encrypt all passwords manually.
enable password [password]: Configure a plaintext password for Privileged Mode.
enable secret [password]: Configure a secret (encrypted) password for Privileged Mode.
line vty 0 4/15: Enter the configuration mode for telnet lines.
password [password]: Configure a password for telnet access.
line aux 0: Enter the configuration mode for the AUX (Auxiliary) port.
password [password]: Configure a password for the AUX port.
line con 0: Enter the configuration mode for the console port.
password [password]: Configure a password for the console port.
bandwidth [number]: Configure the bandwidth for an interface.
no ip address: Remove the configured IP address from the interface.
show startup-config: View the configuration in NVRAM (startup configuration file).
show running-config: View the current configuration in RAM.
copy running-config startup-config: Save the current configuration to the startup configuration file, so that it is used next time the router starts up.
write: Save the current configuration to NVRAM (startup configuration file).
erase startup-config: Clear the configuration stored in NVRAM, essentially clearing the startup configuration file.
show ip interface brief: View the essential information of all interfaces.
banner motd # [message] #: Configure the router or switch message-of-the-day (MOTD) banner.
description [message]: Add a description to an interface.
vlan database: Enter VLAN database mode.
vlan [vlan number] [name]: Create a VLAN and assign a name to it.
switchport access vlan [vlan number]: Assign a VLAN to an interface (access mode).
interface vlan [vlan number]: Enter VLAN interface configuration mode.
ip address [IP address]: Configure an IP address for a VLAN interface.
vtp [service/client/transparent]: Configure the VTP (VLAN Trunking Protocol) mode for the switch.
vtp domain [domain name]: Configure the VTP domain for the switch.
vtp password [password]: Configure the VTP password for the switch.
switchport mode trunk: Enable trunking mode on the interface.
no vlan [vlan number]: Delete a VLAN.
show spanning-tree vlan [vlan number]: View the spanning tree status for a specific VLAN.

Router Configuration Commands:

ip route [non-direct network] [subnet mask] [next-hop address]: Configure static/default route.
show ip route: View the routing table.
show protocols: Display all passive routing protocols and which protocols are configured on each interface.
show ip protocols: Display routing protocols configured on the router and provide information about timers used in the routing protocols.
router rip: Activate the RIP (Routing Information Protocol).
network [directly connected network]: Advertise a directly connected network in RIP.
interface loopback 0: Activate the loopback interface.
passive-interface [interface type] [interface number]: Configure an interface to be passive (used for protocols like RIP).
debug ip [protocol]: Dynamically view routing update information for a specific protocol.
undebug all: Disable all debugging output.
router eigrp [AS number]: Activate the EIGRP (Enhanced Interior Gateway Routing Protocol).
network [network] [subnet mask]: Advertise a directly connected network in EIGRP.
show ip eigrp neighbors: View the EIGRP neighbor table.
show ip eigrp topology: View the EIGRP topology table.
show ip eigrp traffic: View the number of packets sent by EIGRP.
router ospf [process ID]: Activate the OSPF (Open Shortest Path First) protocol.
network [directly connected network] area [area number]: Advertise a directly connected network in OSPF.
show ip ospf: Display OSPF process ID and Router ID.
encapsulation [encapsulation format]: Change the encapsulation format of the interface.
no ip domain-lookup: Disable domain name lookup on the router.
ip routing: Enable routing functionality on a Layer 3 switch.
show users: View online users on the switch.
clear line [line number]: Clear a specific line on the switch.

Layer 3 Switch Configuration Commands:

Configure a group of Layer 2 ports:
- configure terminal: Enter configuration mode.
- interface range {port-range}: Enter range configuration mode to configure multiple ports.
Configure Layer 3 ports:
- configure terminal: Enter configuration mode.
- interface {fastethernet | gigabitethernet} interface-id | vlan vlan-id | port-channel port-channel-number: Enter port configuration mode for specific interfaces or VLANs.
- no switchport: Convert the physical port to a Layer 3 port.
- ip address [ip_address] [subnet_mask]: Configure IP address and subnet mask for the Layer 3 port.
- no shutdown: Activate the port.
Example:
```
Switch(config)# interface gigabitethernet0/2
Switch(config-if)# no switchport
Switch(config-if)# ip address 192.20.135.21 255.255.255.0
Switch(config-if)# no shutdown
```
Configure VLAN:
- configure terminal: Enter configuration mode.
- vlan [vlan-id]: Enter VLAN configuration mode, and specify a VLAN ID (new or existing).
- name [vlan-name]: Optionally assign a name to the VLAN (default name is VLAN followed by the VLAN number).
- mtu [mtu-size]: Optionally change the MTU (Maximum Transmission Unit) size.
Example:
```
Switch# configure terminal
Switch(config)# vlan 20
Switch(config-vlan)# name test20
Switch(config-vlan)# end
```
Alternatively:
```
Switch# vlan database
Switch(vlan)# vlan 20 name test20
Switch(vlan)# exit
```
Assign ports to a VLAN:
- configure terminal: Enter configuration mode.
- interface [interface-id]: Enter the interface to which you want to assign the VLAN.
- switchport mode access: Define the port as a Layer 2 access port.
- switchport access vlan [vlan-id]: Assign the interface to a VLAN.
Example:
```
Switch# configure terminal
Switch(config)# interface fastethernet0/1
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 2
Switch(config-if)# end
```

VLAN Trunk Configuration Commands

Enter Configuration Mode:
- configure terminal: Enter global configuration mode.
Configure Trunk Port:
- interface interface-id: Enter the port configuration mode (e.g., FastEthernet0/4).
- switchport trunk encapsulation {isl | dot1q | negotiate}: Configure Trunk encapsulation type (ISL, 802.1Q, or negotiate).
- switchport mode {dynamic {auto | desirable} | trunk}: Configure port trunk mode.
- switchport access vlan vlan-id: Optionally, specify the default VLAN if the port is not in trunk mode.
- switchport trunk native vlan vlan-id: Configure the Native VLAN for 802.1Q.
Example:
```
Switch(config)# interface fastethernet0/4
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport trunk encapsulation dot1q
Switch(config-if)# end
```
Define Allowed VLANs on Trunk:
- switchport trunk allowed vlan {add | all | except | remove} vlan-list: Configure the allowed VLANs on the trunk port.
- no switchport trunk allowed vlan: Remove VLAN restrictions and allow all VLANs.
Example:
```
Switch(config)# interface fastethernet0/1
Switch(config-if)# switchport trunk allowed vlan remove 2
Switch(config-if)# end
```
Configure Native VLAN for 802.1Q:
- switchport trunk native vlan vlan-id: Configure the Native VLAN for 802.1Q trunks.
- no switchport trunk native vlan: Restore to the default Native VLAN.
Example:
```
Switch(config)# interface fastethernet0/2
Switch(config-if)# switchport trunk native vlan 10
Switch(config-if)# end
```

Configure Load Balancing based on Port Priorities:

spanning-tree vlan vlan-id port-priority priority: Configure port priority for specific VLANs.

Example:

Switch(config)# interface fastethernet0/1
Switch(config-if)# spanning-tree vlan 8 port-priority 10
Switch(config-if)# spanning-tree vlan 9 port-priority 10
Switch(config-if)# end

Verify and Save Configuration:
- show vlan: Verify VLAN configuration.
- show running-config: View current configuration.
- copy running-config startup-config: Save configuration.

Load Balancing by Configuring STP Path Cost

Trunk1 carries VLANs 8-10, Trunk2 carries VLANs 2-4

Enter Switch 1 configuration mode:
```
configure terminal
```
Enter interface FastEthernet 0/1:
```
interface fastethernet 0/1
```

Configure trunk encapsulation:

switchport trunk encapsulation {isl | dot1q | negotiate}

Set the port mode to trunk (default is ISL encapsulation):
```
switchport mode trunk
```
Exit the interface configuration mode:
```
exit
```

Repeat steps 2-4 for interface FastEthernet 0/2:

interface fastethernet 0/2

switchport trunk encapsulation {isl | dot1q | negotiate}

switchport mode trunk

exit

Verify the running configuration:
```
show running-config
```
Verify the VLANs learned by Switch 1:
```
show vlan
```
Enter configuration mode again:
```
configure terminal
```
Enter interface FastEthernet 0/1 again:
```
interface fastethernet 0/1
```
Set the spanning-tree path cost for VLAN 2:
```
spanning-tree vlan 2 cost 30
```
Set the spanning-tree path cost for VLAN 3:
```
spanning-tree vlan 3 cost 30
```
Set the spanning-tree path cost for VLAN 4:
```
spanning-tree vlan 4 cost 30
```
Exit configuration mode:
```
end
```
Repeat steps 9-14 for interface FastEthernet 0/2 to configure spanning-tree path cost for VLANs 8, 9, and 10.
Save the configuration:
```
copy running-config startup-config
```

Cisco Command Set – Routing Protocols and Troubleshooting

ip route Command

The ip route command is used to configure static routes:

Router(config)# ip route <network address or subnet> [subnet mask] <next hop IP address | exit address from local router> [administrative distance 0-255, default is 1]

Note: Static address configuration

ip default-network Command

The ip default-network command is used to define a default network, typically with a dynamic routing protocol:

Router(config)# ip default-network <destination network>

Note: Used with routing protocols to configure a default route based on one of the dynamic route numbers.

Router(config)# ip route 0.0.0.0 0.0.0.0 <next hop IP address | exit address from local router>

Note: Only used on the exit router when there is a single public IP address.

Interior Routing Protocols

Use the router and network commands to enable routing protocols:

Router(config)# router <routing protocol: rip | igrp | eigrp | ospf | is-is etc.> [AS number]

Router(config-router)# network <directly connected network that will use the routing protocol>

Router(config-router)# network <another directly connected network that will use the routing protocol>

Routing Information Protocol (RIP)

Router(config)# router rip

Router(config-router)# network <directly connected network with RIP>

Router# show ip protocols

Router# show ip route

Router# debug ip rip

Interior Gateway Routing Protocol (IGRP)

Router(config)# router igrp <AS number>

Router(config-router)# network <directly connected network with IGRP>

Router# show ip interface

Router# show ip protocols

Router# show ip route

Router# debug ip rip

ip route Command

The ip route command is used to configure static routes:

Router(config)# ip route <network address or subnet> [subnet mask] <next hop IP address | exit address from local router> [administrative distance 0-255, default is 1]

Note: Static address configuration

ip default-network Command

The ip default-network command is used to define a default network, typically with a dynamic routing protocol:

Router(config)# ip default-network <destination network>

Note: Used with routing protocols to configure a default route based on one of the dynamic route numbers.

Router(config)# ip route 0.0.0.0 0.0.0.0 <next hop IP address | exit address from local router>

Note: Only used on the exit router when there is a single public IP address.

Interior Routing Protocols

Use the router and network commands to enable routing protocols:

Router(config)# router <routing protocol: rip | igrp | eigrp | ospf | is-is etc.> [AS number]

Router(config-router)# network <directly connected network that will use the routing protocol>

Router(config-router)# network <another directly connected network that will use the routing protocol>

Routing Information Protocol (RIP)

Router(config)# router rip

Router(config-router)# network <directly connected network with RIP>

Router# show ip protocols

Router# show ip route

Router# debug ip rip

Interior Gateway Routing Protocol (IGRP)

Router(config)# router igrp <AS number>

Router(config-router)# network <directly connected network with IGRP>

Router# show ip interface

Router# show ip protocols

Router# show ip route

Router# debug ip rip

Cisco Router and Switch Password Recovery:

Selective Routing Advertisement:

For example, in RIP configuration, configure the S0 interface to only receive but not send RIP advertisements.

Router(config)#router rip
Router(config-router)#passive-interface serial 0

About Keyboard Shortcuts:

Ctrl+B (backward): Move the cursor one character to the left.
Ctrl+F (forward): Move the cursor one character to the right.
Ctrl+A (A stands for "beginning"): Move the cursor to the beginning of the command.
Ctrl+E (end): Move the cursor to the end of the command.
Esc+B (backward): Move the cursor one word to the left.
Esc+F (forward): Move the cursor one word to the right.
Ctrl+Z: Exit privileged mode at once (Router#).

About Modes:

User Mode (User Execution Mode): The initial mode when connecting to a router, characterized by the ">" prompt. In this mode, you can only view the configuration and status of the router but cannot make changes. To configure the router, you must enter Privileged Mode.
Privileged Mode (Privilege Execution Mode): To enter this mode, use the command enable. If a password is set, you will need to enter the correct password. This mode is characterized by the "#" prompt.
Global Configuration Mode: From Privileged Mode, you can enter this mode by using the command configure terminal. In this mode, you can make global configurations.
Specific Configuration Modes: These include router interface configuration mode, router sub-interface configuration mode, routing protocol configuration mode, line configuration mode, and more.

Mode Transitions:

After connecting to the router, you first enter User Mode, which is characterized by the ">" symbol. In this mode, you can only view the router's configuration and status, but you cannot configure it.
To make configurations, you must enter Privileged Mode. Use the command enable to enter, and if a password is set, it must be entered correctly.
In Privileged Mode, the prompt will change to "#".
To enter Global Configuration Mode from Privileged Mode, use the command configure terminal.

Commands to Enter Specific Configuration Modes from Global Configuration Mode:

Privileged Mode → Router Interface Configuration Mode:
- For serial interface: interface serial ??
- For Ethernet interface: interface ethernet ??
Privileged Mode → Router Sub-interface Configuration Mode: subinterface
Privileged Mode → Routing Protocol Configuration Mode: router rip
Privileged Mode → Line Configuration Mode: line vty ??

Commands and Usage in Different Modes:

User Mode (Router>):

show ping, telnet, connect: These commands are used the same way as in Privileged Mode.

Privileged Mode (Router#):

show users: View all users connected to the router.
show hosts: View the IP-to-name mapping table.
show arp: View the ARP (Address Resolution Protocol) table.
show protocol: View the router's protocol status.
show version: View the version of the IOS and memory information.
show flash: View the flash memory usage.
show clock: View the current time of the router.
show history: View the last ten commands entered.
show ip interface brief: View the IP settings and status of router interfaces.
show interfaces: View the status of all router interfaces.
show interfaces [specific interface]: View the status of a specific router interface.
show running-config: View the configuration file in RAM.
show startup-config: View the configuration file in NVRAM.
show cdp: View CDP information.
show cdp entry ??: View information about a specific neighboring router.
show cdp neighbors: View all neighboring routers.
show cdp neighbors detail: View detailed information about all neighboring routers.
show cdp traffic: View information about CDP packets.
show cdp ?? (port number): View CDP information for a specific port.
show session: View the status of the original router during a remote login session.
clear cdp counters: Clear CDP counters.
clear cdp table: Clear the CDP information.
copy running-config startup-config: Copy the configuration file in RAM to NVRAM.
copy startup-config running-config: Copy the configuration file in NVRAM to RAM.
copy tftp running-config: Copy the configuration file from a TFTP server to RAM.
copy running-config tftp: Copy the configuration file from RAM to a TFTP server.
ping ?? (hostname or IP): Test the connectivity between the router and a remote router.
telnet ?? (hostname or IP): Log in to a remote router (requires login password).
connect ?? (hostname or IP): Similar to telnet for remote login.
traceroute ?? (hostname or IP): Trace the route to a destination router.

Commands in Global Configuration Mode:

hostname ?? (name): Change the router's hostname.
enable password ??: Change the password for entering Privileged Mode.
enable secret ??: Change the secret password for entering Privileged Mode (this password is encrypted).
clock set hour:minute:second day month year: Set the router's time.
ip host ?? (name) ?? (IP address): Add a hostname-to-IP address mapping.
service password-encryption: Enable encryption for all passwords (the enable secret password is already encrypted).
cdp run: Enable CDP (Cisco Discovery Protocol) on all interfaces.
cdp timer: Set the CDP advertisement timer.
cdp holdtime: Set the CDP hold time.
end: Exit from Global Configuration Mode to User Mode.
exit: Exit one level at a time (use multiple exit commands to progressively step out).

Commands in Interface Configuration Mode:

ip address ?? (IP address): Set the IP address for the interface.
no shutdown: Enable the interface (bring it up).
shutdown: Disable the interface (bring it down).
clock rate ??: Set the clock rate for the DCE (Data Circuit-Terminating Equipment) side (DTE does not need this).
cdp enable: Enable CDP (Cisco Discovery Protocol) on the interface.

Commands in Line Configuration Mode:

line vty 0 4
password ??
login: Enable login for the virtual terminal lines using the configured password.

Most Common Cisco Command Categories:

1. Switch Configuration Commands:

Mode Transition Commands:

User Mode → Privileged Mode: Use the command enable.
Privileged Mode → Global Configuration Mode: Use the command config t.
Global Configuration Mode → Interface Mode: Use the command interface [interface type] [interface number].
Global Configuration Mode → Line Configuration Mode: Use the command line [interface type] [interface number].

Note:

User Mode: Used to view initialization information.
Privileged Mode: Used to view all information, debug, and save configuration information.
Global Configuration Mode: Used to configure overall settings for the router or switch, affecting all interfaces.
Interface Mode: Used to configure settings for a specific interface.
Line Configuration Mode: Used to configure control settings for the router's interfaces.

Configuration Commands:

show running-config: Display all configurations.
show version: Display version number and register values.
shutdown: Disable the interface.
no shutdown: Enable the interface.
ip address [IP address]: Configure an IP address for the interface.
secondary [IP address]: Configure a secondary IP address for the interface.
show interface [interface type] [interface number]: View the interface status and configuration.
show controllers [interface]: Check if the interface has a DCE cable connected.
show history: View the history of commands entered.
show terminal: View terminal settings, including terminal buffer size.
hostname [hostname]: Configure the router or switch hostname.
config memory: Modify the startup configuration saved in NVRAM.
exec-timeout 0 0: Set the console session timeout to zero (no timeout).
service password-encryption: Encrypt all passwords manually.
enable password [password]: Configure a plaintext password for Privileged Mode.
enable secret [password]: Configure a secret (encrypted) password for Privileged Mode.
line vty 0 4/15: Enter the configuration mode for telnet lines.
password [password]: Configure a password for telnet access.
line aux 0: Enter the configuration mode for the AUX (Auxiliary) port.
password [password]: Configure a password for the AUX port.
line con 0: Enter the configuration mode for the console port.
password [password]: Configure a password for the console port.
bandwidth [number]: Configure the bandwidth for an interface.
no ip address: Remove the configured IP address from the interface.
show startup-config: View the configuration in NVRAM (startup configuration file).
show running-config: View the current configuration in RAM.
copy running-config startup-config: Save the current configuration to the startup configuration file, so that it is used next time the router starts up.
write: Save the current configuration to NVRAM (startup configuration file).
erase startup-config: Clear the configuration stored in NVRAM, essentially clearing the startup configuration file.
show ip interface brief: View the essential information of all interfaces.
banner motd # [message] #: Configure the router or switch message-of-the-day (MOTD) banner.
description [message]: Add a description to an interface.
vlan database: Enter VLAN database mode.
vlan [vlan number] [name]: Create a VLAN and assign a name to it.
switchport access vlan [vlan number]: Assign a VLAN to an interface (access mode).
interface vlan [vlan number]: Enter VLAN interface configuration mode.
ip address [IP address]: Configure an IP address for a VLAN interface.
vtp [service/client/transparent]: Configure the VTP (VLAN Trunking Protocol) mode for the switch.
vtp domain [domain name]: Configure the VTP domain for the switch.
vtp password [password]: Configure the VTP password for the switch.
switchport mode trunk: Enable trunking mode on the interface.
no vlan [vlan number]: Delete a VLAN.
show spanning-tree vlan [vlan number]: View the spanning tree status for a specific VLAN.

Router Configuration Commands:

ip route [non-direct network] [subnet mask] [next-hop address]: Configure static/default route.
show ip route: View the routing table.
show protocols: Display all passive routing protocols and which protocols are configured on each interface.
show ip protocols: Display routing protocols configured on the router and provide information about timers used in the routing protocols.
router rip: Activate the RIP (Routing Information Protocol).
network [directly connected network]: Advertise a directly connected network in RIP.
interface loopback 0: Activate the loopback interface.
passive-interface [interface type] [interface number]: Configure an interface to be passive (used for protocols like RIP).
debug ip [protocol]: Dynamically view routing update information for a specific protocol.
undebug all: Disable all debugging output.
router eigrp [AS number]: Activate the EIGRP (Enhanced Interior Gateway Routing Protocol).
network [network] [subnet mask]: Advertise a directly connected network in EIGRP.
show ip eigrp neighbors: View the EIGRP neighbor table.
show ip eigrp topology: View the EIGRP topology table.
show ip eigrp traffic: View the number of packets sent by EIGRP.
router ospf [process ID]: Activate the OSPF (Open Shortest Path First) protocol.
network [directly connected network] area [area number]: Advertise a directly connected network in OSPF.
show ip ospf: Display OSPF process ID and Router ID.
encapsulation [encapsulation format]: Change the encapsulation format of the interface.
no ip domain-lookup: Disable domain name lookup on the router.
ip routing: Enable routing functionality on a Layer 3 switch.
show users: View online users on the switch.
clear line [line number]: Clear a specific line on the switch.

Layer 3 Switch Configuration Commands:

Configure a group of Layer 2 ports:
- configure terminal: Enter configuration mode.
- interface range {port-range}: Enter range configuration mode to configure multiple ports.
Configure Layer 3 ports:
- configure terminal: Enter configuration mode.
- interface {fastethernet | gigabitethernet} interface-id | vlan vlan-id | port-channel port-channel-number: Enter port configuration mode for specific interfaces or VLANs.
- no switchport: Convert the physical port to a Layer 3 port.
- ip address [ip_address] [subnet_mask]: Configure IP address and subnet mask for the Layer 3 port.
- no shutdown: Activate the port.
Example:
```
Switch(config)# interface gigabitethernet0/2
Switch(config-if)# no switchport
Switch(config-if)# ip address 192.20.135.21 255.255.255.0
Switch(config-if)# no shutdown
```
Configure VLAN:
- configure terminal: Enter configuration mode.
- vlan [vlan-id]: Enter VLAN configuration mode, and specify a VLAN ID (new or existing).
- name [vlan-name]: Optionally assign a name to the VLAN (default name is VLAN followed by the VLAN number).
- mtu [mtu-size]: Optionally change the MTU (Maximum Transmission Unit) size.
Example:
```
Switch# configure terminal
Switch(config)# vlan 20
Switch(config-vlan)# name test20
Switch(config-vlan)# end
```
Alternatively:
```
Switch# vlan database
Switch(vlan)# vlan 20 name test20
Switch(vlan)# exit
```
Assign ports to a VLAN:
- configure terminal: Enter configuration mode.
- interface [interface-id]: Enter the interface to which you want to assign the VLAN.
- switchport mode access: Define the port as a Layer 2 access port.
- switchport access vlan [vlan-id]: Assign the interface to a VLAN.
Example:
```
Switch# configure terminal
Switch(config)# interface fastethernet0/1
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 2
Switch(config-if)# end
```

VLAN Trunk Configuration Commands

Enter Configuration Mode:
- configure terminal: Enter global configuration mode.
Configure Trunk Port:
- interface interface-id: Enter the port configuration mode (e.g., FastEthernet0/4).
- switchport trunk encapsulation {isl | dot1q | negotiate}: Configure Trunk encapsulation type (ISL, 802.1Q, or negotiate).
- switchport mode {dynamic {auto | desirable} | trunk}: Configure port trunk mode.
- switchport access vlan vlan-id: Optionally, specify the default VLAN if the port is not in trunk mode.
- switchport trunk native vlan vlan-id: Configure the Native VLAN for 802.1Q.
Example:
```
Switch(config)# interface fastethernet0/4
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport trunk encapsulation dot1q
Switch(config-if)# end
```
Define Allowed VLANs on Trunk:
- switchport trunk allowed vlan {add | all | except | remove} vlan-list: Configure the allowed VLANs on the trunk port.
- no switchport trunk allowed vlan: Remove VLAN restrictions and allow all VLANs.
Example:
```
Switch(config)# interface fastethernet0/1
Switch(config-if)# switchport trunk allowed vlan remove 2
Switch(config-if)# end
```
Configure Native VLAN for 802.1Q:
- switchport trunk native vlan vlan-id: Configure the Native VLAN for 802.1Q trunks.
- no switchport trunk native vlan: Restore to the default Native VLAN.
Example:
```
Switch(config)# interface fastethernet0/2
Switch(config-if)# switchport trunk native vlan 10
Switch(config-if)# end
```

Configure Load Balancing based on Port Priorities:

spanning-tree vlan vlan-id port-priority priority: Configure port priority for specific VLANs.

Example:

Switch(config)# interface fastethernet0/1
Switch(config-if)# spanning-tree vlan 8 port-priority 10
Switch(config-if)# spanning-tree vlan 9 port-priority 10
Switch(config-if)# end

Verify and Save Configuration:
- show vlan: Verify VLAN configuration.
- show running-config: View current configuration.
- copy running-config startup-config: Save configuration.

Load Balancing by Configuring STP Path Cost

Trunk1 carries VLANs 8-10, Trunk2 carries VLANs 2-4

Enter Switch 1 configuration mode:
```
configure terminal
```
Enter interface FastEthernet 0/1:
```
interface fastethernet 0/1
```

Configure trunk encapsulation:

switchport trunk encapsulation {isl | dot1q | negotiate}

Set the port mode to trunk (default is ISL encapsulation):
```
switchport mode trunk
```
Exit the interface configuration mode:
```
exit
```

Repeat steps 2-4 for interface FastEthernet 0/2:

interface fastethernet 0/2

switchport trunk encapsulation {isl | dot1q | negotiate}

switchport mode trunk

exit

Verify the running configuration:
```
show running-config
```
Verify the VLANs learned by Switch 1:
```
show vlan
```
Enter configuration mode again:
```
configure terminal
```
Enter interface FastEthernet 0/1 again:
```
interface fastethernet 0/1
```
Set the spanning-tree path cost for VLAN 2:
```
spanning-tree vlan 2 cost 30
```
Set the spanning-tree path cost for VLAN 3:
```
spanning-tree vlan 3 cost 30
```
Set the spanning-tree path cost for VLAN 4:
```
spanning-tree vlan 4 cost 30
```
Exit configuration mode:
```
end
```
Repeat steps 9-14 for interface FastEthernet 0/2 to configure spanning-tree path cost for VLANs 8, 9, and 10.
Save the configuration:
```
copy running-config startup-config
```

Cisco Command Set – Routing Protocols and Troubleshooting

ip route Command

The ip route command is used to configure static routes:

Router(config)# ip route <network address or subnet> [subnet mask] <next hop IP address | exit address from local router> [administrative distance 0-255, default is 1]

Note: Static address configuration

ip default-network Command

The ip default-network command is used to define a default network, typically with a dynamic routing protocol:

Router(config)# ip default-network <destination network>

Note: Used with routing protocols to configure a default route based on one of the dynamic route numbers.

Router(config)# ip route 0.0.0.0 0.0.0.0 <next hop IP address | exit address from local router>

Note: Only used on the exit router when there is a single public IP address.

Interior Routing Protocols

Use the router and network commands to enable routing protocols:

Router(config)# router <routing protocol: rip | igrp | eigrp | ospf | is-is etc.> [AS number]

Router(config-router)# network <directly connected network that will use the routing protocol>

Router(config-router)# network <another directly connected network that will use the routing protocol>

Routing Information Protocol (RIP)

Router(config)# router rip

Router(config-router)# network <directly connected network with RIP>

Router# show ip protocols

Router# show ip route

Router# debug ip rip

Interior Gateway Routing Protocol (IGRP)

Router(config)# router igrp <AS number>

Router(config-router)# network <directly connected network with IGRP>

Router# show ip interface

Router# show ip protocols

Router# show ip route

Router# debug ip rip

ip route Command

The ip route command is used to configure static routes:

Router(config)# ip route <network address or subnet> [subnet mask] <next hop IP address | exit address from local router> [administrative distance 0-255, default is 1]

Note: Static address configuration

ip default-network Command

The ip default-network command is used to define a default network, typically with a dynamic routing protocol:

Router(config)# ip default-network <destination network>

Note: Used with routing protocols to configure a default route based on one of the dynamic route numbers.

Router(config)# ip route 0.0.0.0 0.0.0.0 <next hop IP address | exit address from local router>

Note: Only used on the exit router when there is a single public IP address.

Interior Routing Protocols

Use the router and network commands to enable routing protocols:

Router(config)# router <routing protocol: rip | igrp | eigrp | ospf | is-is etc.> [AS number]

Router(config-router)# network <directly connected network that will use the routing protocol>

Router(config-router)# network <another directly connected network that will use the routing protocol>

Routing Information Protocol (RIP)

Router(config)# router rip

Router(config-router)# network <directly connected network with RIP>

Router# show ip protocols

Router# show ip route

Router# debug ip rip

Interior Gateway Routing Protocol (IGRP)

Router(config)# router igrp <AS number>

Router(config-router)# network <directly connected network with IGRP>

Router# show ip interface

Router# show ip protocols

Router# show ip route

Router# debug ip rip