Router/Switch Configuration Commands List
| Commands/Keystroke | Description | |
|---|---|---|
| Press the key Tab | Completes a partial command name entry. | |
| Press the key Backspace | Erases the character to the left of the cursor. | |
| Press the key Ctrl+D | Erases the character at the cursor. | |
| Press the key Ctrl+K | Erases all characters from the cursor to the end of the command line. | |
| Press the key Esc+D | Erases all characters from the cursor to the end of the word. | |
| Press the key Ctrl+U or Ctrl+X | Erases all characters from the cursor back to the beginning of the command line. | |
| Press the key Ctrl+W | Erases the word to the left of the cursor. | |
| Press the key Ctrl+A | Moves the cursor to the beginning of the line. | |
| Press the key Left Arrow or Ctrl+B | Moves the cursor one character to the left. | |
| Press the key Esc+B | Moves the cursor back one word to the left. | |
| Press the key Esc+F | Moves the cursor forward one word to the right. | |
| Press the key Right Arrow or Ctrl+F | Moves the cursor one character to the right. | |
| Press the key Ctrl+E | Moves the cursor to the end of command line. | |
| Press the key Up Arrow or Ctrl+P | Recalls the previous command in the history buffer, beginning with the most recent command. | |
| Press the key Down Arrow or Ctrl+N | Goes to the next line in the the history buffer. | |
| Press the key Ctrl+R or Ctrl+I or Ctrl+L | Redisplays the system prompt and command line after a console message is received. | |
| Press the key Enter | Displays the next line. | |
| Press the key Space Bar | Displays the next screen. | |
| Any other key * | Ends the display string, returning to previous prompt. * Except "y", which answers "yes" and acts like the Space bar | |
| Press the key Ctrl+C | When in any configuration mode, ends the configuration mode and returns to privileged EXEC mode. When in setup mode, aborts back to the command prompt. | |
| Press the key Ctrl+Z | When in any configuration mode, ends the configuration mode and returns to privileged EXEC mode. | |
| Press the key Ctrl+Shift+6 | All-purpose break sequence used to abort DNS lookups, traceroutes, pings, etc. | |
On Switch: Switch# delete flash:vlan.dat Switch# erase startup-config Switch# reload On Router: Router# erase startup-config Router# reload | Delete/erase the startup configuration for the Router/Switch. | |
Switch/Router> show clock | Display the current clock settings | |
Switch/Router# clock set 15:08:00 Oct 26 2022 | Configure the clock | |
C:UsersWindows10> ipconfig /all | Verify PC settings and connectivity | |
C:UsersWindows10> ping 192.168.1.5 | Test the connectivity to PC with IP address 192.168.1.5. | |
Switch/Router(config)# hostname Brand | Assign or change a device name to Brand | Assign a device name to each switch router |
Router/Switch(config)# no ip domain-lookup | Prevent/disable unwanted DNS lookups. | |
Switch/Router(config)# enable secret class | Assign class as the privileged EXEC password Note: The enable secret password overrides the enable password. If both are configured on the switch, you must enter the enable secret password to enter privileged EXEC mode. | |
Switch/Router(config)# line console 0 Switch/Router(config)# logging synchronous Switch/Router(config-line)# password c1sc0 Switch/Router(config-line)# login | Console port access should also be restricted with a password. Use c1sc0 as the console login password in this activity. The default configuration is to allow all console connections with no password needed. To prevent console messages from interrupting commands, use the logging synchronous option. | |
Switch/Router(config)# line vty 0 15 Switch/Router(config-line)# password c1sc0 Switch/Router(config-line)# login | Configure the virtual terminal (vty) lines for the switch to allow Telnet access. If you do not configure a vty password, you will not be able to use Telnet to access the switch. | |
Router/Switch(config)# service password-encryption | Encrypt the plaintext passwords | Encrypt all clear-text passwords |
Switch(config)# interface vlan 1 Switch(config-if)# ip address 192.168.1.1 255.255.255.0 Switch(config-if)# no shutdown | Configure and enable management interface (SVI) on Switch | |
Switch(config)# interface vlan 1 Switch(config-if)# ipv6 address 2001:db8:acad:1::b/64 Switch(config-if)# ipv6 address fe80::b link-local Switch(config-if)# end | Assign IPv6 addresses to the management interface (SVI) on Switch | |
Switch# show ipv6 interface vlan1 | Verify that the IPv6 addresses are properly assigned to the management interface. | |
Switch(config)# ip default-gateway 192.168.1.1 Switch(config-if)# exit | Configure the default gateway for the switch. | |
Switch/Router(config)# banner motd #Authorized Users Only!# | Create a banner that warns anyone accessing the device that unauthorized access is prohibited. | |
Router/Switch(config)# exit Router/Switch# copy running-config startup-config or Router/Switch# wr | Save the running configuration to the startup configuration file on non-volatile random access memory (NVRAM). | |
Router/Switch# show running-config | Display the current configuration. | |
Switch# show version | Display the IOS version and other useful switch information. | |
Router/Switch# show ip interface brief | Display the status of the connected interfaces on the switch/router. Verify that the interfaces are configured with the correct IP address and active. | |
Switch(config)# enable password c1$c0 | Set the enable password to c1$c0. This password protects access to privileged mode. | |
Router/Switch> enable | Enter privileged EXEC mode | enable privileged EXEC mode |
Router/Switch# config terminal | Enter configuration mode. | |
Router# show startup-config | Display the current contents of NVRAM. | |
Router# copy startup-config flash | Save the startup configuration file to flash | |
Router# show interfaces | Displays statistics for all interfaces on the device. However, this command will only display the IPv4 addressing information. | |
R1#show interfaces serial 0/0/0 | Displays the information about the Serial 0/0/0 interface only | |
Router#show ip interface | Displays the IPv4 statistics for all interfaces on a router. | |
Router# show ipv6 interface brief | Displays the IPv6 interface information | |
Router#show ip route | Displays the contents of the IP routing tables stored in RAM. | |
Router# show ipv6 route | Displays the contents of the IPv6 routing tables stored in RAM. | |
Router(config)# interface gigabitethernet 0/0 Router(config-if)# ip address 192.168.10.1 255.255.255.0 Router(config-if)# no shutdown | Configure IPv4 address and activate the GigabitEthernet 0/0 interface on Router | |
Router(config)# interface gigabitethernet 0/0 Router(config-if)# ipv6 address 2001:db8:a::1/64 Router(config-if)# ipv6 address FE80::1 link-local Router(config-if)# no shutdown | Configure IPv6 address and activate the GigabitEthernet 0/0 interface on Router | |
Router(config)# ipv6 unicast-routing | Enable the router to forward IPv6 packets | |
Router(config)# interface g0/0/1 Router(config-if)# description Connected to F0/5 on Switch-1 | Configure an interface description for each interface indicating which device is connected to it. | |
Router(config)# security password min-length 10 | Configure the system to require a minimum 10 character password | Set the minimum password length to 10 |
Router/Switch(config)# ip domain-name CCNA.com | Set the domain name to CCNA.com (case-sensitive for scoring in PT). | |
Router/Switch(config)# username SSHadmin secret 55Hadm!n2020 | Configure the username SSHadmin with an encrypted password of 55Hadm!n2020 | |
Router/Switch(config)# crypto key generate rsa How many bits in the modulus [512]: 1024 | Generate 1024-bit RSA keys. | |
Router(config)# login block-for 180 attempts 4 within 120 | Block anyone for 3 minutes if 4 failed login attempts occur within 2 minute | Block anyone for 3 minutes who fails to log in after 4 attempts within a 2-minute period |
Router/Switch(config)# line vty 0 15 Router/Switch(config-line)# transport input ssh Router/Switch(config-line)# login local | Configure all VTY lines for SSH access and use the local user profiles for authentication. Router/Switch to accept only SSH connections from remote locations | Telnet was disabled with the transport input ssh command |
Router/Switch(config)# line vty 0 15 Router/Switch(config-line)# exec-timeout 6 0 | Set the EXEC mode timeout to 6 minutes on the VTY lines (disconnected after 6 minutes of inactivity) | |
Router/Switch(config)# line console 0 Router/Switch(config-line)# exec-timeout 6 0 | Set the EXEC mode timeout to 6 minutes on the console line (disconnected after 6 minutes of inactivity) | |
C:UsersWindowsPC > SSH -l jonny 172.16.1.1 | Access the command prompt on the desktop of PCA to establish an SSH connection to Router. (Make sure you have IP configured for PCA) | |
Switch(config)# interface range F0/2-24, G0/2 Switch(config-if-range)# shutdown | Disable all unused switch ports. | |
show ip arp | Command could be used on a Cisco router to view its ARP table | |
C:UsersWindowsPC> arp -a | On a Windows PC, the arp –a command is used to display the ARP table | |
Switch# show interface vlan1 | Examine the characteristics of the SVI for VLAN 1 | |
show ip interface vlan1 | Examine the IP properties of the SVI VLAN 1 | |
Switch#show interfaces f0/1 | Examine the default properties of the FastEthernet0/1 interface | |
Switch# show vlan | Examine the default VLAN settings of the switch. | |
Switch(config)# vlan 99 Switch(config-vlan)# exit Switch(config)# interface range gig1/0/1-24 Switch(config-if-range)# switchport access vlan 99 Switch(config-if-range)# exit | Create the new VLAN 99 on the switch and assign all user ports to VLAN 99 | |
Switch# show vlan brief | Verify that the VLANs are assigned to the correct interfaces | view the list of VLANs Displays all VLANs configured |
Switch# show interface vlan 99 | Verify the management VLAN 99 settings. | |
C:>telnet 10.10.10.2 | Login using Telnet | Use Command Prompt (CMD) on PC Windows to telnet to Switch or Router with IP address 10.10.10.2 |
Switch#(config)# vlan 10 Switch#(config-vlan)# name Staff | Create and name VLANs on Switch | |
Switch(config)# interface f0/11 Switch(config-if)# switchport mode access Switch(config-if)# switchport access vlan 10 | Assign PC port to the VLAN on Switch | Assign VLANs to the active ports on Switch |
Switch(config-vlan)#vlan 150 Switch(config-vlan)#name VOICE Switch(config)# interface f0/11 Switch(config-if)# mls qos trust cos Switch(config-if)# switchport voice vlan 150 | Assign the VOICE VLAN to FastEthernet 0/11 on Switch | |
Switch(config)# interface range g0/1 - 2 Switch(config-if)# switchport mode trunk Switch(config-if)# switchport trunk native vlan 99 | Configure G0/1 and G0/2 interfaces on Switch for trunking and use VLAN 99 as the native VLAN for G0/1 and G0/2 interfaces on Switch. | |
Switch# show interface trunk | Verify trunking is enabled on Switch | |
Switch# show interface g0/1 switchport | Verify that the native VLAN is now 99 | |
Switch(config)# no vlan 30 Switch(config)# interface f0/24 Switch(config-if)# no switchport access vlan Switch(config-if)# end | Remove VLAN 30 from the VLAN database. Assume VLAN 30 has been added to the F0/24 interface. When you delete a VLAN, any ports assigned to that VLAN become inactive | |
Switch(config)# interface vlan 1 Switch(config-if)# no ip address | Remove the management IP address on VLAN 1 |
| boot system |
Unprivileged Commands
| enable | lock | ping |
| telnet | traceroute | resume |
| disconnect | ssh | exit |
Privileged Commands
Configure Commands
Interface Commands
Line console Commands
| logging synchronous | login | history size |
| exec-timeout | length | lockable |
| password | privilege |
Line VTY Commands
| logging synchronous | login | history size |
| exec-timeout | length | lockable |
| password | privilege | access-class |
Show Commands
Router RIP Commands
| version 2 | no auto-summary | network |
| passive-interface | validate-update-source | passive-interface default |
| maximum-paths | distribute-list | offset-list |
| distance | timers | neighbor |
Router EIGRP Commands
| no auto-summary | network | distance |
| distribute-list | eigrp router-id | passive-interface |
| passive-interface default | variance (EIGRP) | offset-list |
| distance eigrp | maximum-paths | neighbor |
Router OSPF Commands
| network | ||
| passive-interface | router-id | passive-interface default |
| maximum-paths | distribute-list | auto-cost reference-bandwidth |
| distance | distance ospf | neighbor |
Debug Commands
| debug ip packet | debug ip packet detail | debug ip routing |
| debug ip eigrp | debug ip ospf adj | debug ip ospf events |
| debug ip ospf packet | debug ip rip |
Clear Commands
| clear ip route * | clear ip ospf process | clear ip eigrp neighbors |
Switch Commands
Privilege Commands
| vlan database | configure |
Vlan Database Commands
| vlan | exit | show |
| vtp domain | vtp pruning | vtp server |
| vtp client | vtp transparent | vtp password |
| apply |
Configure Commands
Interface Commands
Show Commands
| show vlan | show vlan brief | show interface trunk |
| show spanning-tree | show spanning-tree vlan | show vtp status |
| show port-sec | show mac-address-table | show interface |
Special Keys Commands
THANK YOU SO MUCH, THIS WEB SITE IS AMAZING
Do you guys do test-taking on other IT subjects for a price?
Can i have a pdf version of this
I love this site! Kudos to you guys and more power! Just a suggestion, hoping to see bgp commands here to. :)
Best CCNA page I have ran across! Thank you for your efforts!
Thanks.