Cisco IOS Command List: Router/Switch configuration commands

Router/Switch Configuration Commands List

Cisco IOS Command List: Router/Switch configuration commands 1

Commands/KeystrokeDescription
Press the key TabCompletes a partial command name entry.
Press the key BackspaceErases the character to the left of the cursor.
Press the key Ctrl+DErases the character at the cursor.
Press the key Ctrl+KErases all characters from the cursor to the end of the command line.
Press the key Esc+DErases all characters from the cursor to the end of the word.
Press the key Ctrl+U or Ctrl+XErases all characters from the cursor back to the beginning of the command line.
Press the key Ctrl+WErases the word to the left of the cursor.
Press the key Ctrl+AMoves the cursor to the beginning of the line.
Press the key Left Arrow or Ctrl+BMoves the cursor one character to the left.
Press the key Esc+BMoves the cursor back one word to the left.
Press the key Esc+FMoves the cursor forward one word to the right.
Press the key Right Arrow or Ctrl+FMoves the cursor one character to the right.
Press the key Ctrl+EMoves the cursor to the end of command line.
Press the key Up Arrow or Ctrl+PRecalls the previous command in the history buffer, beginning with the most recent command.
Press the key Down Arrow or Ctrl+NGoes to the next line in the the history buffer.
Press the key Ctrl+R or Ctrl+I or Ctrl+LRedisplays the system prompt and command line after a console message is received.
Press the key EnterDisplays the next line.
Press the key Space BarDisplays the next screen.
Any other key *Ends the display string, returning to previous prompt. * Except "y", which answers "yes" and acts like the Space bar
Press the key Ctrl+CWhen in any configuration mode, ends the configuration mode and returns to privileged EXEC mode. When in setup mode, aborts back to the command prompt.
Press the key Ctrl+ZWhen in any configuration mode, ends the configuration mode and returns to privileged EXEC mode.
Press the key Ctrl+Shift+6All-purpose break sequence used to abort DNS lookups, traceroutes, pings, etc.
On Switch:
Switch# delete flash:vlan.dat
Switch# erase startup-config
Switch# reload

On Router:
Router# erase startup-config
Router# reload
Delete/erase the startup configuration for the Router/Switch.
Switch/Router> show clock
Display the current clock settings
Switch/Router# clock set 15:08:00 Oct 26 2022
Configure the clock
C:UsersWindows10> ipconfig /all
Verify PC settings and connectivity
C:UsersWindows10> ping 192.168.1.5
Test the connectivity to PC with IP address 192.168.1.5.
Switch/Router(config)# hostname Brand
Assign or change a device name to BrandAssign a device name to each switch router
Router/Switch(config)# no ip domain-lookup
Prevent/disable unwanted DNS lookups.
Switch/Router(config)# enable secret class
Assign class as the privileged EXEC password Note: The enable secret password overrides the enable password. If both are configured on the switch, you must enter the enable secret password to enter privileged EXEC mode.
Switch/Router(config)# line console 0
Switch/Router(config)# logging synchronous
Switch/Router(config-line)# password c1sc0
Switch/Router(config-line)# login
Console port access should also be restricted with a password. Use c1sc0 as the console login password in this activity. The default configuration is to allow all console connections with no password needed. To prevent console messages from interrupting commands, use the logging synchronous option.
Switch/Router(config)# line vty 0 15
Switch/Router(config-line)# password c1sc0
Switch/Router(config-line)# login
Configure the virtual terminal (vty) lines for the switch to allow Telnet access. If you do not configure a vty password, you will not be able to use Telnet to access the switch.
Router/Switch(config)# service password-encryption
Encrypt the plaintext passwordsEncrypt all clear-text passwords
Switch(config)# interface vlan 1
Switch(config-if)# ip address 192.168.1.1 255.255.255.0
Switch(config-if)# no shutdown
Configure and enable management interface (SVI) on Switch
Switch(config)# interface vlan 1
Switch(config-if)# ipv6 address 2001:db8:acad:1::b/64
Switch(config-if)# ipv6 address fe80::b link-local
Switch(config-if)# end
Assign IPv6 addresses to the management interface (SVI) on Switch
Switch# show ipv6 interface vlan1
Verify that the IPv6 addresses are properly assigned to the management interface.
Switch(config)# ip default-gateway 192.168.1.1
Switch(config-if)# exit
Configure the default gateway for the switch.
Switch/Router(config)# banner motd #Authorized Users Only!#
Create a banner that warns anyone accessing the device that unauthorized access is prohibited.
Router/Switch(config)# exit
Router/Switch# copy running-config startup-config
or
Router/Switch# wr
Save the running configuration to the startup configuration file on non-volatile random access memory (NVRAM).
Router/Switch# show running-config
Display the current configuration.
Switch# show version
Display the IOS version and other useful switch information.
Router/Switch# show ip interface brief
Display the status of the connected interfaces on the switch/router. Verify that the interfaces are configured with the correct IP address and active.
Switch(config)# enable password c1$c0
Set the enable password to c1$c0. This password protects access to privileged mode.
Router/Switch> enable
Enter privileged EXEC modeenable privileged EXEC mode
Router/Switch# configure terminal
Enter configuration mode.
Router# show startup-config
Display the current contents of NVRAM.
Router# copy startup-config flash
Save the startup configuration file to flash
Router# show interfaces
Displays statistics for all interfaces on the device. However, this command will only display the IPv4 addressing information.
R1#show interfaces serial 0/0/0
Displays the information about the Serial 0/0/0 interface only
Router#show ip interface
Displays the IPv4 statistics for all interfaces on a router.
Router# show ipv6 interface brief
Displays the IPv6 interface information
Router#show ip route
Displays the contents of the IP routing tables stored in RAM.
Router# show ipv6 route
Displays the contents of the IPv6 routing tables stored in RAM.
Router(config)# interface gigabitethernet 0/0
Router(config-if)# ip address 192.168.10.1 255.255.255.0
Router(config-if)# no shutdown
Configure IPv4 address and activate the GigabitEthernet 0/0 interface on Router
Router(config)# interface gigabitethernet 0/0
Router(config-if)# ipv6 address 2001:db8:a::1/64
Router(config-if)# ipv6 address FE80::1 link-local
Router(config-if)# no shutdown
Configure IPv6 address and activate the GigabitEthernet 0/0 interface on Router
Router(config)# ipv6 unicast-routing
Enable the router to forward IPv6 packets
Router(config)# interface g0/0/1
Router(config-if)# description Connected to F0/5 on Switch-1
Configure an interface description for each interface indicating which device is connected to it.
Router(config)# security password min-length 10
Configure the system to require a minimum 10 character passwordSet the minimum password length to 10
Router/Switch(config)# ip domain-name CCNA.com
Set the domain name to CCNA.com (case-sensitive for scoring in PT).
Router/Switch(config)# username SSHadmin secret 55Hadm!n2020
Configure the username SSHadmin with an encrypted password of 55Hadm!n2020
Router/Switch(config)# crypto key generate rsa
How many bits in the modulus [512]: 1024
Generate 1024-bit RSA keys.
Router(config)# login block-for 180 attempts 4 within 120
Block anyone for 3 minutes if 4 failed login attempts occur within 2 minuteBlock anyone for 3 minutes who fails to log in after 4 attempts within a 2-minute period
Router/Switch(config)# line vty 0 15
Router/Switch(config-line)# transport input ssh
Router/Switch(config-line)# login local
Configure all VTY lines for SSH access and use the local user profiles for authentication. Router/Switch to accept only SSH connections from remote locationsTelnet was disabled with the transport input ssh command
Router/Switch(config)# line vty 0 15
Router/Switch(config-line)# exec-timeout 6 0
Set the EXEC mode timeout to 6 minutes on the VTY lines (disconnected after 6 minutes of inactivity)
Router/Switch(config)# line console 0
Router/Switch(config-line)# exec-timeout 6 0
Set the EXEC mode timeout to 6 minutes on the console line (disconnected after 6 minutes of inactivity)
C:UsersWindowsPC > SSH -l jonny 172.16.1.1
Access the command prompt on the desktop of PCA to establish an SSH connection to Router. (Make sure you have IP configured for PCA)
Switch(config)# interface range F0/2-24, G0/2
Switch(config-if-range)# shutdown
Disable all unused switch ports.
show ip arp
Command could be used on a Cisco router to view its ARP table
C:UsersWindowsPC> arp -a
On a Windows PC, the arp –a command is used to display the ARP table
Switch# show interface vlan1
Examine the characteristics of the SVI for VLAN 1
show ip interface vlan1
Examine the IP properties of the SVI VLAN 1
Switch#show interfaces f0/1
Examine the default properties of the FastEthernet0/1 interface
Switch# show vlan
Examine the default VLAN settings of the switch.
Switch(config)# vlan 99
Switch(config-vlan)# exit

Switch(config)# interface range gig1/0/1-24
Switch(config-if-range)# switchport access vlan 99
Switch(config-if-range)# exit
Create the new VLAN 99 on the switch and assign all user ports to VLAN 99
Switch# show vlan brief
Verify that the VLANs are assigned to the correct interfacesview the list of VLANs Displays all VLANs configured
Switch# show interface vlan 99
Verify the management VLAN 99 settings.
C:>telnet 10.10.10.2
Login using TelnetUse Command Prompt (CMD) on PC Windows to telnet to Switch or Router with IP address 10.10.10.2
Switch#(config)# vlan 10
Switch#(config-vlan)# name Staff
Create and name VLANs on Switch
Switch(config)# interface f0/11
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 10
Assign PC port to the VLAN on Switch
Related labs: 3.6.2;
Assign VLANs to the active ports on Switch
Switch(config-vlan)#vlan 150
Switch(config-vlan)#name VOICE
Switch(config)# interface f0/11
Switch(config-if)# mls qos trust cos
Switch(config-if)# switchport voice vlan 150
Assign the VOICE VLAN to FastEthernet 0/11 on Switch
Switch(config)# interface range g0/1 - 2
Switch(config-if)# switchport mode trunk

Switch(config-if)# switchport trunk native vlan 99
Configure G0/1 and G0/2 interfaces on Switch for trunking and use VLAN 99 as the native VLAN for G0/1 and G0/2 interfaces on Switch.
Switch# show interface trunk
Verify trunking is enabled on Switch
Switch# show interface g0/1 switchport
Verify that the native VLAN is now 99
Switch(config)# no vlan 30
Switch(config)# interface f0/24
Switch(config-if)# no switchport access vlan
Switch(config-if)# end
Remove VLAN 30 from the VLAN database. Assume VLAN 30 has been added to the F0/24 interface. When you delete a VLAN, any ports assigned to that VLAN become inactive
Switch(config)# interface vlan 1
Switch(config-if)# no ip address
Remove the management IP address on VLAN 1

boot system

Unprivileged Commands

enable lock ping
telnet traceroute resume
disconnect ssh exit

Privileged Commands

configure terminal debug setup
copy running-config startup-config erase startup-config write
clock set clear reload
write terminal undebug all copy tftp startup-config
copy running-config tftp copy tftp running-config copy startup-config running-config
terminal monitor copy startup-config tftp

Configure Commands

ip domain-lookup no hostname
config-register clock timezone alias exec
logging console do default interface
interface router username
ip classless ip subnet-zero ip default-gateway
ip dhcp pool enable secret ip domain-name
ip host ip http server ip name-server
ip route access-list (standard) access-list (extended)
ip access-list service password-encryption interface loopback
end logging buffered banner motd
router rip router eigrp <As> router ospf <process id>
ip nat pool ip nat inside source list ip nat inside source static
ip dhcp excluded-address enable password

Interface Commands

ip address clock rate encapsulation
bandwidth description duplex
no shutdown / shutdown encapsulation dot1q keepalive
ip access-group ip bandwidth-percent (EIGRP) ip directed-broadcast
ip helper-address (DHCP) ip mtu ip ospf #
ip ospf cost ip ospf priority ip ospf network broadcast
ip ospf network nonbroadcast ip ospf network point-to-point ip ospf network point-to-multipoint
ip ospf hello-interval ip ospf dead-interval cdp enable
ip rip send ip rip receive speed
mac-address ip split-horizon (RIP) ip split-horizon eigrp <As>
encapsulation ppp ppp authentication chap ppp chap hostname
ppp chap password ppp pap sent-username encapsulation frame-relay
frame-relay interface-dlci frame-relay map ip frame-relay inverse-arp
ip nat inside ip nat outside ip nat enable
ip address dhcp ppp authentication pap delay

Line console Commands

logging synchronous login history size
exec-timeout length lockable
password privilege

Line VTY Commands 

logging synchronous login history size
exec-timeout length lockable
password privilege access-class

Show Commands

show access-lists show Running-config show startup-config
show running-config Interface show Clock show controllers
show debug show frame-relay map show frame-relay pvc
show frame-relay lmi show hosts show interfaces
show ip interfaces show ip interface brief show sessions
show tech-support show ip access-lists show ip dhcp binding
show ip dhcp conflicts show ip dhcp pool show dhcp server
show ip eigrp interface show ip eigrp neighbors show ip eigrp topology
show ip ospf interface show ip ospf interface brief show ip ospf neighbor
show ip ospf database show ip route show ip route rip
show ip route eigrp show ip route ospf show ip route connected
show ip nat translations show ip nat statistics show ip protocols
show cdp neighbors show cdp neighbors detail show dhcp lease
Filtering Output *

Router RIP Commands

version 2 no auto-summary network
passive-interface validate-update-source passive-interface default
maximum-paths distribute-list offset-list
distance timers neighbor

Router EIGRP Commands

no auto-summary network distance
distribute-list eigrp router-id passive-interface
passive-interface default variance (EIGRP) offset-list
distance eigrp maximum-paths neighbor

Router OSPF Commands

network
passive-interface router-id passive-interface default
maximum-paths distribute-list auto-cost reference-bandwidth
distance distance ospf neighbor

Debug Commands

debug ip packet debug ip packet detail debug ip routing
debug ip eigrp debug ip ospf adj debug ip ospf events
debug ip ospf packet debug ip rip

Clear Commands

clear ip route * clear ip ospf process clear ip eigrp neighbors

Switch Commands

Privilege Commands

vlan database configure

Vlan Database Commands

vlan exit show
vtp domain vtp pruning vtp server
vtp client vtp transparent vtp password
apply

Configure Commands

vlan interface vlan interface range
vtp mode server vtp mode client vtp mode transparent
vtp domain vtp password spanning-tree backbonefast
vtp pruning spanning-tree portfast ip default-gateway
spanning-tree vlan root primary spanning-tree vlan root secondary spanning-tree vlan priority
spanning-tree uplinkfast

Interface Commands

switchport mode access switchport mode trunk switchport nonegotiate
spanning vlan cost switchport trunk encapsulation dot1q switchport trunk encapsulation isl
switchport trunk native vlan spanning-tree port-priority switchport trunk allowed vlan
switchport access vlan switchport port-security switchport port-security mac-address
spanning-tree vlan port-priority switchport port-security maximum switchport port-security violation
spanning-tree cost spanning-tree guard root
spanning-tree portfast

Show Commands

show vlan show vlan brief show interface trunk
show spanning-tree show spanning-tree vlan show vtp status
show port-sec show mac-address-table show interface

Special Keys Commands

Tab Return (at the –More– prompt) space Bar (at the –More– prompt)
Ctrl-F Esc-B Esc-F
Ctrl-A Ctrl-E Ctrl-D
Esc-D Ctrl-W Ctrl-K
Ctrl-U or Ctrl-X Up Arrow or Ctrl-P Down Arrow or Ctrl-N
Ctrl-Y Ctrl-Z Ctrl-shift-6, x
Subscribe
Notify of
guest

8 Comments
Inline Feedbacks
View all comments
hashashin420
hashashin420
6 days ago

Thank you for this!

Oscar Alzate
Oscar Alzate
2 years ago

THANK YOU SO MUCH, THIS WEB SITE IS AMAZING

Keko
Keko
2 years ago

Do you guys do test-taking on other IT subjects for a price?

sanjaya
sanjaya
3 years ago

Can i have a pdf version of this

Zhiro
Zhiro
18 days ago
Reply to  sanjaya

just use control + p to save the webpage

Networky!
Networky!
4 years ago

I love this site! Kudos to you guys and more power! Just a suggestion, hoping to see bgp commands here to. :)

Shem
Shem
5 years ago

Best CCNA page I have ran across! Thank you for your efforts!

Tahsin Al Mahi
Tahsin Al Mahi
5 years ago

Thanks.