Network Enhancers - "Delivering Beyond Boundaries" Headline Animator

Sunday, August 19, 2012

Collection Of Cisco Commands Used For Configuration


Below is collection of Cisco commands that are often used in configuration. It covers 90% of CCNA commands.

Basic commands

enable - Priviliged exec mode
conf t - Enters global configuration
hostname - Renames router to
exit - Back once
end - Back to #

banner motd * - Editing banner, end with *
enable secret - Set enable password to

int x - Configure interface x
ip add IP MS - Set IP and MaSk for interface
no sh - Starts interface (w/ sh close int)
clock rate - Clock rate n for serial ports
bandwidth - Set bandwidth n in kilobit

line console x - Configure line x
line vty x - Configue vty x
password x - Password x for line
login - Logs in for password

service password-encryption - Encrypts password
no ip domain-lookup - No ip domain lookup
ip default-gateway - Default gateway (when no routing)
ip default-network - Default network (when there is routing)
ip route - Default route address to 0, from/to (x=ip or int)
ip route - Static route from/to ip or interface
ip route - is the value for administrative distance
logging trap debugging - Shows all console messages

copy run start - Copies running config to startup
erase startup - Erases startup config
delete flash: - Delete from flash memory

Basic sh/debug commands

sh history - Shows history
sh run/start - Shows running/start config
sh int - Shows interfaces
sh arp - Shows arp
sh ip ro - Shows ip routes
sh prot - Shows protocols
sh users - Shows users

sh ip route
sh protocols
sh interface

debug ip rip/eigrp/ospf

SSH and user

ip domain name
crypto generate rsa

line vty 0 4
no transport input
transport input ssh

username privilege secret - Creates xy user with privelege(0-15) password

DHCP commands

ip dhcp pool x - Makes a dhcp pool with name x and enters
network ip ms - Gives IP and mask for dhcp pool
ip dhcp excluded-add ip ip - Excluded addresses (ex.
dns-server ip - DNS server for dhcp
domain-name x - Configures x domain name
default-router ip - The default router address (switch)
lease n - Lease time (n) for dhcp clients


1. Create vlans (vlan 10) and assign vlan to port
1. Create trunk link
2. Create subint (int fa0/0.10)
3. Set encapsulation dot1q and IP address
4. Make dhcp pool
5. In pool set "default route"
6. Request dhcp

Note --> default route = int ip address


1-99: standard
100-199: extended
2000-2699: extended

access-list 1 permit - Permits on acl 1
access-list 101 permit - Permits on acl 101
ip access-list - ACL using a name and (config-ext-nacl)#

access-list established
access-list 1 permit tcp any eq 80 established

lt = less than
gt = greater than
neq = not equal
eq = equal
range = range of ports

ip access-group - Sets ACL on interface

NAT/PAT commands

Static NAT
ip nat inside - On interface, inside int
ip nat outside - On interface, outside int
ip nat inside source static - Global NAT config
ip nat outside source static - Global NAT config

Dynamic PAT
ip nat pool netmask - Makes a pool from to
ip nat source list pool - Uses an ACL on pool as NAT

Port Translation
ip nat source list interface overload - Configues PAT using ACL

sh ip nat translations
sh ip nat statistics

Switch Port security commands

switchport mode access - Turns on access mode
switchport port-security - Enables port security
switchport port-security mac - Enables port security statically
switchport port-security maximum n - Sets maximum number of secure addresses to n
switchport port-security mac-address sticky - Enables sticky learning for MAC


sh dtp interface - To determine current settings

spanning-tree vlan 1-4094 priority
spanning-tree vlan 1-4094 root primary
spanning-tree vlan 1-4094 root secondary

CDP commands

cdp run - Enables CDP
no cdp run - Disables CDP
cdp enable - Enable CDP for interface
no cdp enable - Disable CDP for interface
sh cdp x - Shows CDP (x=entry/interface/neighbor)

router rip - Router rip config
version - Sets version
network - Sets given ips for RIP
default-information originate - Advertise static routes

Secure RIP

ip rip auth mode md5 - Use md5 for rip
ip rip auth key-chain - Use key chain for md5 (key chain needed!)


router eigrp - Router EIGRP config with AS number
network - Sets network info for share
no auto-summary - Disables auto-summary
IOS filename on the server
tftpdnld - download


  1. I like your blog post. Keep on writing this type of great stuff. I'll make sure to follow up on your blog in the future.
    ISDN Configuration

    1. Hi Sandy, Thanks for liking the blog. Sure we are adding more and more intresting stuff to this blog cutting accross all the network technolgies, vendors and services. KIndly subscribe so that you can always be connected to the blog.

      You can also visit my other blog - where all the articles here cuts accross all the domains not just networking.


My Blog List

Networking Domain Jobs