Router commands

5,655 views

Published on

Published in: Technology, Business
  • Be the first to comment

Router commands

  1. 1. Cisco Router Commands introduced during CNAP Semesters 2, 3, 4 forCCNA Certification Examination Updated 02-20-2001 by Leon Schram leon.schram@risd.org Berkner High School Richardson Independent School District Richland College Dallas County Community College Cisco Router & Switch Commands Page 1
  2. 2. This reference manual is compiled by Leon Schram from information provided by the CiscoNetworking Academy Program curriculum and the Sybex CCNA Study Guide.CCNA (Cisco Certified Network Associate) Study Guide,Second Edition by Todd LammlePublished 2000 by Sybex ISBN: 0-7821-2647-2This reference guide may be freely copied and distributed by Cisco instructors to studentsenrolled in any Cisco Networking Academy Program.Do not be surprised if various commands are repeated in different sections. This router reference guidehas tried to place commands in the same sequence as they are introduced during your CNAP course. Atthe same time the commands are grouped in some logical manner, which means that some commandswill belong to multiple groups. Cisco Router & Switch Commands Page 2
  3. 3. Semester 2 Router Lab TopologyStarting with Semester 2 the CNAP refers to a Router Lab Topology. This lab topology, which is shown on thenext page, is used for Semester 2 lab sessions, the semester 2 lab final, and will also be used for some labpractices during Semester 3 and Semester 4 lab exercises.You will note that a switch is part of the lab topology. Switch commands, and switch configuration will not beintroduced until semester 3. However, the switch needs to be attached to the Ethernet-1 port of the Lab-A routerfor proper port configuration.Please note that the configuration of router ports, both serial and ethernet, can be done with a single stand alonerouter. Testing router configurations, especially port configurations, is onlu possible is the port is attached tosome device. For serial ports this means that the port is attached to another port via a serial cable. For theEthernet ports this means that the port is connected to either a hub or a switch. Cisco Router & Switch Commands Page 3
  4. 4. Cisco Router & Switch Commands Page 4
  5. 5. Physical Router Connections01. Take the console (rollover) cable, usually flat, and connect the cable with the RJ45 plug into the console port of the router. Take the other end of the console cable and plug it into the serial adapter. Attach the serial adapter to one of the serial (com) ports of the computer. This com port needs to be the same port as the one specified in the hyper terminal properties. (Explained later)02. Attach a transceiver to the Attachment Unit Interface (AUI) Ethernet port on the router. Slide the AUI to the right when attaching or removing the transceiver. Slide the AUI to the left to lock the transceiver in place.03. Connect a cat-5 cable to the transceiver and a hub or a switch. The hub needs to be turned on for the Ethernet port to have line protocol up, meaning it can communicate.04. If a serial connection is made attach the female part of the DCE cable to the male part of the DTE cable. In many cases these two cables are already connected. A serial connection is made three times for Lab-A to Lab-B, Lab-B to Lab-C and Lab C to Lab-D.05. Attach the DCE end of the serial cable to the Serial-0 port on one router.06. Attach the DTE end of the serial cable to the Serial-1 port on the other connecting router.07. Connect Lab-D and Lab-E with Cat-5 cable using Ethernet ports and a hub. Cisco Router & Switch Commands Page 5
  6. 6. Creating a Cisco Router ConnectionKeywords Hyper TerminalFirst make or check the physical connection between a Connect console cable RJ45 plug to serial adapter and attachworkstation and a Cisco Router. serial adapter to com1 serial workstation port. Connect the other RJ45 plug to the con port of the router. Note: Cisco 2500 will also work with aux port.Bootup work station and go to Hyper Terminal folder Click <Start-Programs-Accessories-HyperTerminal>Execute HyperTerminal program Click <Hypertrm.exe>Connection Description window Name: Cisco Router (or other appropriate icon name)Select connection name and a connection icon Icon: Accept default icon or pick desired icon Click OKPhone Number window Connect using: Direct to Com1 (do not use dial up)Enter indicated settings: Bits per second: 9600You are not creating a phone dial-up connection Data bits: 8 Parity: none Flow control: Hardware Click OKSave the new connection: Click <File-Save>It is recommended to drag the router icon to the desktop forconvenient future router access.Start a router session: Click <HyperTerminal>Execute HyperTerminal: Click <File-Open> and select Router iconConnect to the router Press <Enter> You should see user-exec prompt like Router> Cisco Router & Switch Commands Page 6
  7. 7. Logging into the RouterKeywords <enable> help <?> <^Z> <exit>Correct, initial, router connection should provide user-exec Router>mode prompt. The user-exec mode provides minimal routercommand access, which is mostly of the “read-only” variety.Router configurations cannot be changed in user mode.To display a list of available user-exec commands: Router> ?To enter privileged-exec mode: Router> enableThe privileged-exec mode provides maximum router Password: class (password is not displayed)command access. A password prompt may not be seen the Router#first time that a router is activated. You must provide thepassword for future logins.To display a list of available privileged-exec commands: Router# ?To enter global configuration mode: Router# config t(t is short for terminal) Router(config)#Return to privileged mode with <Ctrl-Z>: Router(config)#^Z Router#You can also return to privileged mode with exit: Router(config)# exit Router#Return the router to user-exec mode: Router#disableNote: Cisco routers automatically disconnect after an inactive time period. It will be necessary to repeat the login. If a user-exec prompt does not appear, try pressing the <Enter> key. Cisco Router & Switch Commands Page 7
  8. 8. Using Clock and Getting Cisco Router Command HelpKeywords <clock> <set> <show> <?>The ? can be used to display a list of available options after apartial router command entry.To set the clock and only knowing the clock command: Router# clock ?Router responds with: set Set the time and dateEnter the next step and ask for more help: Router# clock set ?Router responds with: hh:mm:ss Current Time (hh:mm:ss)Now enter new time: Router# clock set 10:29:30Router responds with: % Incomplete commandAsk for additional help: Router# clock set 10:29:30 ?Router responds with: <1-31> Day of the month MONTH Month of the yearAdd day and month information and ask for more help: Router# clock set 10:29:30 10 October ?Router responds with: <1993-2035> YearEnter the complete clock command: Router# clock set 10:29:30 10 October 1999To display date and time information: Router# show clock 10:30:01.543 UTC Sun Oct 10 1999 Cisco Router & Switch Commands Page 8
  9. 9. Cisco Router Editing CommandsKeywords <show> <terminal> <editing> <history> <size>Move to the beginning of the command line: <Ctrl-A>Move to the end of the command line: <Ctrl-E>Move forward one character: Right-Arrow or <Ctrl-F>Move backward one character: Left-Arrow or <Ctrl-B>Repeat the entire (last) previous command: Up-Arrow or <Ctrl-P>Most recent command recall: Down-Arrow or <Ctrl-N>Move backward one word: <Esc-B>Move forward one word: <Esc-F>Show history of commands in the buffer: Router> show historySet the history buffer size (up to 256): Router> terminal history sizeDisable advanced editing features: Router> no terminal editingEnable advanced editing features: Router> terminal editingCompleting a partial command with <tab> key: Router# show run <tab>Router responds with: Router# show running-configTyping a partial, but recognizable, command Router# sho clo Cisco Router & Switch Commands Page 9
  10. 10. Configuration Modes and PromptsKeywords <config> <interface> <subinterface> <line> <router> <ipx>User EXEC mode for limited examination of the router Router>Privileged EXEC mode for detailed examination of the router, Router#debugging, debugging, file manipulation and remote accessAll router configurations start by changing to the globalconfiguration mode. Router# config t Router(config)#This example changes to the configuration-interface mode Router(config)# int e0for the e0 interface of the router: Router(config-if)# Router(config)# int e0.100Note: Router(config-subif)#The remainder of the example include a variety of Cisco Router(config)# router riprouter configuration modes. Router(config-router)#You will not know the meaning of many of these Router(config)# line vty 0 4commands. Right now that does not matter. The main Router(config-line)#point is that many commands do not work because theyare not entered from the correct configuration mode. Router(config)# ipx router rip Router(config-ipx-router)# Router(config)# map-list Qwerty Router(config-map-list)# Router(config)# map-map Secure 10 Router(config-rout-map)# Cisco Router & Switch Commands Page 10
  11. 11. RXBOOT mode used to recover from lost passwords oraccidental flash erasureSETUP mode prompted dialog to enter router configurationRouter Status CommandsKeywords <show> <version> <processes> <mem> <stacks> <flash> <run> <start> <int>Displays system configuration, software version, file names Router#show versionand the boot image:Displays information about the active processes: Router#show processesDisplays the configured protocols: Router#show protocolsMonitors stack use, interrupt routines, and last system reboot: Router#show stacksDisplays buffer statistics: Router#show bufferDisplays flash memory information: Router#show flashDisplays the active configuration file in RAM: Router#show running-config (usually just show run)This is one of the most useful router commands Router#show startup-config (usually just show start)Displays the startup (backup) configuration file in NVRAM: Router#show interfacesDisplays statistics for all router interfaces:Note: All command examples are shown in the privilegedmode. Many of the show commands are also available in theuser mode. Cisco Router & Switch Commands Page 11
  12. 12. Semester 2 Router Lab Topology E0: 192.5.5.1 E1: 205.7.5.1Lab-A S0: 201.100.11.1 (DCE) SM: 255.255.255.0 Networks: 192.5.5.0 205.7.5.0 201.100.11.0 E0: 219.17.100.1 S0: 199.6.13.1 (DCE)Lab-B S1: 201.100.11.2 SM: 255.255.255.0 Networks: 219.17.100.0 199.6.13.0 201.100.11.0 E0: 223.8.151.1 S0: 204.204.7.1Lab-C S1: 199.6.13.2 SM: 255.255.255.0 Networks: 223.8.151.0 204.204.7.0 199.6.13.0 E0: 210.93.105.1 S0: Not configuredLab-D S1: 204.204.7.2 SM: 255.255.255.0 Networks: 210.93.105.0 204.204.7.0 E0: 210.93.105.2 S0: / S1 Not configuredLab-E SM: 255.255.255.0 Networks: 210.93.105.0 Cisco Router & Switch Commands Page 12
  13. 13. Cisco Discovery ProtocolKeywords <cdp> <interface> <neighbors> <detail> <entry> <enable> <traffic>Show packets and holdtime: Router#show cdpShows information about the router’s interface status, such as Router#show cdp interfaceCDP timers, packets and encapsulation: Router#show cdp neighborsDisplays information about directly connected routers, such asdevice identifiers, address lists, port idenmtifiers and version: Router#show cdp neighbors detailDisplays additional detailed information about directyconnected routers, including their ip addresses: Router#show cdp entry *Displays the same information as the show cdp neighborsdetail command: Router#show cdp entry LAB-BDisplays information for a specified neighbor: Router#config tEnabling CDP on a specified interface, which begins CDP’s Router(config)#int s0dynamic discovery and starts the exchange of CDP frames: Router(config-if)#cdp enableDisplays the amount of packets sent and received among Router#show cdp trafficrouter neighbors: Cisco Router & Switch Commands Page 13
  14. 14. Router TestingKeywords <telnet> <exit> <disconnect> <return> <sessions> <users> <ping> <trace> <ip route> <clear> <counters>Starting a virtual terminal session with an IP address: Router#telnet 172.16.50.1Starting a virtual terminal session with a host name: Router#telnet Lab-AFinish a telnet session connected to LAB-A router: Lab-A#exitReturn to original router without terminating telnet session: Lab-A#<Ctrl><Shift><6>Resume earlier telnet session: Lab-A#returnDisplays open telnet sessions: Router#show sessionsDisplays routers connected by telnet: Router#show usersTest end-to-end connectivity using ip address: Router#ping 172.16.50.1Test end-to-end connectivity host name: Router#ping LAB-ATest each step from source to destination: Router#trace 172.16.50.1Abort continuous trace attempts: <Ctrl><Shift><6>Check if a router has a routing table: Router#show ip routeCheck if a specific interafce is operational and display Router#show intyerfaces s1statistics since the last time counter were cleared:To reset counters which helps to get a current router picture: Router#clear counters Cisco Router & Switch Commands Page 14
  15. 15. Commands related to Router Startup and ConfigurationsKeywords <run> <run> <reload> <setup> <write> <erase> <term>Display running configuration in RAM: Router#show running-config (or show run)Cisco IOS 10.3 and earlier: Router#write termDisplay startup (backup) configuration in NVRAM: Router#show startup-config (or show start)Cisco IOS 10.3 and earlier: Router#show configErase the startup configuration in NVRAM: Router#erase start-up config (or erase start)Cisco IOS 10.3 or earlier: Router#write eraseRestart the entire startup process with start-up configuration: Router#reloadEnter router-prompted running configuration sequence: Router#setupCopy the running configuration to the startup configuration: Router#copy run startCisco IOS 10.3 or earlier: Router#write memCopy the startup configuration to the running configuration: Router#copy start runCisco IOS 10.3 or earlier: Router#config memNote: the setup command can be used only for creating aminimal router configuration. Many configurations cannot beentered or altered with setup Cisco Router & Switch Commands Page 15
  16. 16. Setting Cisco Router PasswordsKeywords <config> <enable> <secret> <password> <line> <vty> <aux> <con> <login> <service> <password-encryption>Setting the privileged password: Router# config tUsed for non-encrypted privileged mode and older IOS Router(config)# enable password ciscoAll password settings must be done in global configurationSetting the privileged-exec mode password: Router(config)# enable secret classSetting the virtual terminal password: Router(config)# line vty 0 4This password is used for telnet sessions into your router. Router(config-line)# loginline vty 0 4 specifies that up to 5 telnet sessions are allowed: Router(config-line)# password ciscoSetting the auxiliary password: Router(config)# line aux 0This password is used to control access to the router through Router(config-line)# loginthe aux port via a modem for remote console connections. Router(config-line)# password ciscoSetting the console password: Router(config)# line con 0This password controls access to the router through the Router(config-line)# loginstandard con router port Router(config-line)# password ciscoManually encrypting all password configurations that follow: Router(config)#service password-encryption Cisco Router & Switch Commands Page 16
  17. 17. Hostnames and Login BannersKeywords <hostname> <banner> <motd>Changing the router’s hostname from current Router to the Router#config tnew name Lab-A: Router(config)#hostname Lab-ANote: Casual changing of host names can cause problems.You will see in later router commands that host names areused in various router configurations that are stored for futureuse. The ability to do something like Telnet may not bepossible anymore when host names are arbitrarily changed.You can add a banner that will be displayed with login. Router#config tThe motd commands stands for message of the day. Router(config)#banner motd #Start with the command with a delimiting charcter, like # Enter TEXT message: End with the chracter # Have a nice day#Both end and <Ctrl-Z> return to the priviliged mode: Router(config)#end Router# Router(config)#^Z Router# Cisco Router & Switch Commands Page 17
  18. 18. Bootstrap optionsKeywords <boot system> <flash> <tftp>Loading Cisco IOS from flash memory (this is default) with a Router#config tspecified file name: Router(config)#boot system flash gsnew-imageLoading Cisco IOS from TFTP server with a specified file Router(config)#boot system tftp test.exe 172.16.13.111name and TFTP server ip address:Loading Cisco IOS from ROM, which is only a subset of the Router(config)#boot system romcompletye IOS: Cisco Router & Switch Commands Page 18
  19. 19. Working with a TFTP serverKeywords <flash> <copy> <tftp>Determining memory available in flash, as well as IOS file Router#show flashname that is stored in flash: 4096K bytes of flash memory sized on embedded flash File name/status 0 mater/California//i11/bin/gs7-j-mz.112-0.11 [deleted]Upload copying the system image from flash to a tftp server: Router#copy flash tftp IP address of remote host [255.255.255.255]? 172.16.13.111 filename to write on tftp host? c4500-iDownloading a new image from a tftp server to flash: Router#copy tftp flash IP address of remote hosts [255.255.255.255]? 172.16.13.111 Name of tftp filename to copy into flash []? c4500-aj-mUpload running configuration to a tftp server: Router#copy run tftpUpload startup configuration to a tftp server: Router#copy start tftpDownload running configuration from a tftp server: Router#copy tftp runDownload startup configuration from a tftp server: Router#copy tftp start Cisco Router & Switch Commands Page 19
  20. 20. Recovering a router from lost passwordKeywords Hyper TerminalRestart the router Turn off router for a short period of time and turn it back onInterrupt the bootup sequence: Press the <Ctrl> <Break> keysRead the configuration register’s original value: >o (Little letter o not zero)Record this value for later, like 0x2102Change the configuration register and tell the router to ignore >o/r 0x2142the startup config in NVRAM:Initialize and reboot the router: >iType n not to enter initial configurationPress <Enter> to see Router> promptEnter privileged mode: Router>enableRestore original startup configuration: Router#copy start runYou will not be able to see the secret password.Reset the secret password.Change to the original configuration register: Router#config t Router(config)#config-register 0x2102Save new configuration: Router#copy run startRestart the computer with the new startup configuration: Router#reloadCheck the new configuration: Router#show runCheck if configuration register is set to original settings: Routershow version Cisco Router & Switch Commands Page 20
  21. 21. Configuring router portsKeywords <description> <int> <ip address> <no> <shutdown> >clock rate>Enter specific port interface Ethernet 0: Lab-A(config)#int e0Provide optional comment for router port: Lab-A(config-if)#description E0 link to Sales LANEnter ip address for e0 followed by subnet mask: Lab-A(config-if)#ip address 192.5.5.1 255.255.255.0Activate e0 port from default down to up: Lab-A(config-if)#no shutdownChange to port interface Ethernet 1: Lab-A(config-if)#int e1Provide optional comment for router port: Lab-A(config-if)#description E1 link to switchEnter ip address for e1 followed by subnet mask: Lab-A(config-if)#ip address 205.7.5.1 255.255.255.0Activate e1 port from default down to up: Lab-A(config-if)#no shutdownChange to port interface Serial 0: Lab-A(config-if)#int s0Provide optional comment for router port: Lab-A(config-if)#description S0 WAN link (DCE) to Lab-BEnter ip address for s0 followed by subnet mask: Lab-A(config-if)#ip address 201.100.11.1 255.255.255.0Enter clockrate for DCE serial interface: Lab-A(config-if)#clock rate 56000Activate s0 port from default down to up: Lab-A(config-if)#no shutdownRemoving an ip address: Lab-A(config-if)#no ip addressChange an interface from up to down: Lab-A(config-if)#shutdown Cisco Router & Switch Commands Page 21
  22. 22. Working with ARP tablesKeywords Hyper TerminalDisplay the ARP table: Router#show arpThis will show the IP address address, MAC address and theinterfaceClear the ARP table: Router#clear arp Cisco Router & Switch Commands Page 22
  23. 23. Host Name to address mapping and Name server configurationKeywords <ip host> <hosts> <domain> <lookup> <name-server>Set up host name, address mapping on Lab-A router: Lab-A(config)#ip host Lab-A 205.7.5.1 201.100.11.1 192.5.5.1 Lab-A(config)#ip host Lab-B 219.17.100.1 201.100.11.2 199.6.13.1 Lab-A(config)#ip host Lab-C 199.6.13.2 223.8.151.1 204.204.7.1 Lab-A(config)#Ip host Lab-D 204.204.7.2 210.93.105.1 Lab-A(config)#ip host Lab-E 210.93.105.2 Lab-B(config)#ip host Lab-A 205.7.5.1 201.100.11.1 192.5.5.1Set up host name, address mapping on Lab-B router: Lab-B(config)#ip host Lab-B 219.17.100.1 201.100.11.2 199.6.13.1 Lab-B(config)#ip host Lab-C 199.6.13.2 223.8.151.1 204.204.7.1 Lab-B(config)#Ip host Lab-D 204.204.7.2 210.93.105.1 Lab-B(config)#ip host Lab-E 210.93.105.2Note: you can enter a maximum of eight addressesDisplay the list of host name, address mappings: Lab-A#show hosts Or Lab-A#show run (will also include mappings)Remove mapping for router Lab-B on router Lab-A: Lab-A(config)#no ip host Lab-BTurn on ip domain lookup (turned on by default): Router(config)#ip domain-lookupSet the IP address of the DNS server: Router(config)#ip name-server 192.168.0.70Append the domain name to the hostname: Router(config)#ip domain-name schnook.com Cisco Router & Switch Commands Page 23
  24. 24. Configuring Routing Information Protocol (RIP)Keywords Hyper TerminalAdd RIP to update routing tables dynamically: Router(config)#router ripNetwork 172.16.0.0 is being advertised by the router: Router(config-router)#network 172.16.0.0Network 221.50.32.0 is being advertised by the router: Router(config-router)#network 21.50.32.0View contents of routing tables: Router#show ip route:View contents of RIP routes only: Router#show ip route ripHolding back routing updates through a specified interface: Router(config-router)#passive-interface serial 0To make RIP broadcast on non-broadcast networks: Router(config-router)#neighbor 172.18.3.10View RIP information about routing timers and network Router#show ip protocolinformation associated with the entire router:Remove RIP routing: Router(config)#no router ripDisplay routing updates as they happen: Router#debug ip ripRemove debugging: Router#no debug ip ripRemove all debugging: Router#undebug all Cisco Router & Switch Commands Page 24
  25. 25. Configuring static routesKeywords <ip route> <show ip route>Set static route to 172.16.30.0 with subnet mask Router(config)#ip route 172.16.30.0 255.255.255.0 172.16.20.2255.255.255.0 via gateway 172.16.20.2Set static route to 172.16.50.0 with subnet mask Router(config)#ip route 172.16.50.0 255.255.255.0 172.16.20.2255.255.255.0 via gateway 172.16.20.2Set static route to 172.16.40.0 with subnet mask Router(config)#ip route 172.16.40.0 255.255.255.0 e0 10255.255.255.0 via interface e0 with administrativedistance 10:View static route information: Router#show runRemoving a static route: Router(config)#no ip route 172.16.50.0 255.255.255.0 172.16.20.2Note: It is not possible to state: no ip route toremove a static route. It is an incompletecommand. The entire set of ip addresses needs tobe provided. Keep in mind that there can bemultiple static routes. Cisco Router & Switch Commands Page 25
  26. 26. Configuring default routingKeywords <ip route> <ip classless>Default route to 172.16.49.1 with subnet mask 0.0.0.0 via Router(config)#ip route 0.0.0.0 0.0.0.0 172.16.49.1gateway 0.0.0.0:Default is like a static route with wild cards.Default is used if the router does not know how to move apacket.Sometimes default routing fails to forward to appriate subnets. Router(config)#ip route 0.0.0.0 0.0.0.0 172.16.49.2Specifying ip classless will forward packets to the best route Router(config)#ip classlessaccording to default specifications. Normally classless isused with IP unless RIP is used for erouting:Remove default route: Router(config)#no ip route 0.0.0.0 0.0.0.0 172.16.49.2Alternative default routing commands: Router(config)#router rip Router(config-router)#router rip Router(config-router)#network 172.16.0.0 Router(config-router)#network 192.168.17.0 Router(config-router)#ip default network 192.168.17.0 Cisco Router & Switch Commands Page 26
  27. 27. Cisco Router & Switch Commands Introduced During CNAP Semester 3 Used For Semester 3 Lab ExamStudents are responsible for knowing all routing commands that were introduced during semester 2in addition to the new routing and switching commands introduced during semester 3.Semester 3 introduced switch commands. Switches can be configured with menu driven selections orcommand line interface (CLI) commands. The CCNA exam tests switch CLI commands for the 1900switch only, which is what will be presented in this reference guide. New Topics for the CCNA 640-507 Exam Cisco Router & Switch Commands Page 27
  28. 28. • Configure the Catalyst 1900 Switch CLI (Command Line Interface)• Configure the Catalyst 1900 Switch hostname and passwords• Configure the Catalyst 1900 Switch security• Configure Virtual LANs• Configure ISL Routing NOTE The Catalyst 1900 Switch, upgraded with the Enterprise Edition IOS, can be configured using both menu selection options and Command Line Interface (CLI). CLI commands are very similar to routing commands. You can also use the same type of abbreviations that you used with the router commands, like ena for enable. The CCNA 640-507 Exam 2.0 will test only CLI commands for the testing objectives listed on this page.Creating a Cisco Catalyst 1900 Switch ConnectionKeywords Hyper Terminal Cisco Router & Switch Commands Page 28
  29. 29. First make or check the physical connection between a Connect console cable RJ45 plug to serial adapter and attachworkstation and a Cisco 1900 Switch. serial adapter to com1 serial workstation port. Connect the other RJ45 plug to the con port of the router. Note: Some switches require a null-modem cable that has a serial connector on each end.Bootup work station and go to Hyper Terminal folderExecute HyperTerminal program Click <Start-Programs-Accessories-HyperTerminal> Click <Hypertrm.exe>Connection Description windowSelect connection name and a connection icon Name: Cisco Router (or other appropriate icon name) Icon: Accept default icon or pick desired icon Click OKPhone Number windowEnter indicated settings: Connect using: Direct to Com1 (do not use dial up)You are not creating a phone dial-up connection Bits per second: 9600 Data bits: 8 Parity: none Stop bits: 1 Flow control: NoneSave the new connection: Click OK Click <File-Save>It is recommended to drag the switch icon to the desktop forconvenient future switch access.Start a switch session: Click <HyperTerminal>Execute HyperTerminal: Click <File-Open> and select Switch iconConnect to the router Press <Enter> You should see CATALYST 1900 Management ConsoleSetting Catalyst 1900 Switch passwordsKeywords <enable> <config> <password> <level> <secret> <show run> Cisco Router & Switch Commands Page 29
  30. 30. Execute hyper terminal and initiate a Switch session: 1 user(s) now active on Management Console User Interface Menu [M] Menus [K] Command Line [I] IP ConfigurationChange from Menu Selection mode to the CLI: Enter Selection: K(Command Line Interface) CLI session with the switch is open. To end the CLI session, enter [Exit]. >Enter privileged mode: >enable(If this is the first time a password is not required)Enter global configuration mode: #config tSet the user mode password: (config)#enable password level 1 ciscoSet the enable (privileged) mode password: (config)#enable password level 15 class(non encrypted)Set the secret enable (privileged) mode password: (config)#enable secret class(encrypted) #show runView the passwords in the switch configuration:(note that the user and enable passwords are visible) Cisco Router & Switch Commands Page 30
  31. 31. Important Catalyst 1900 Switch password notes: Passwords must be between 4 and 8 characters. The enable and secret passwords can be the same. There is no password recovery for a 1900 switch.Setting a Catalyst 1900 Switch Host Name and IP InformationKeywords <hostname> <show ip> <ip address> <ip default-gateway> Cisco Router & Switch Commands Page 31
  32. 32. Go to privileged mode: >enableGo to global configuration mode: #config tSet the host name for the switch: (config)#hostname Switch-A Switch-A(config)#Note: The hostname on a switch, as well on a router, isonly locally significant. This means that it does not haveany function on the network or name resolutionwhatsoever. However, it is helpful to set a hostname on aswitch so that you can identify the switch whenconnecting to it.Display the default ip address and gateway: Switch-A#show ip IP Address: 0.0.0.0 Subnet Mask: 0.0.0.0 Default Gateway: 0.0.0.0Note there will be additional information displayed like VLANManagement, Domain name and other details.Setting ip address on the switch: Switch-A(config)#ip address 172.16.10.16 255.255.255.0Setting the default gateway on the switch: Switch-A(config)#ip default-gateway 172.16.10.1Note: On a switch you set ip information so that the switch Switch-A#show ipcan be accessed via Telnet or if the switch needs to be IP Address: 172.16.10.16configured with different VLANs Subnet Mask: 255.255.255.0 Default Gateway: 172.16.10.0Configuring Switch InterfacesKeywords <int> <0/1-27> <ethernet> <fast> <description> <show> Cisco Router & Switch Commands Page 32
  33. 33. Note: Configuring switch interfaces is a combination of aslot number/port number. The 1900 switch only has oneslot, which will always be 0.Configuring 10BaseT interfaces: Switch-A(config)#int ethernet 0/1Or use abbreviation: Switch-A(config)#int e0/1Configuring 100Mbps interfaces: Switch-A(config)#int fast 0/26Or use abbreviation: Switch-A(config)#int f0/26(fast ethernet ports are only 26 and 27 even if the switch hasa total of 14 ports)Setting a port description: Switch-A(config-if)#description Marketing_VLAN(Note that the description must be one word)View interface information: Switch-A#show int e0/1 Ethernet 0/1 is Suspended-no-linkbeatThe main intention is to show the description of the port. Hardware is Built-in 10Base-TYou will also see additional information that you will not Address is 0001.96DF.78C1Understand right now. MTU 1500 bytes, BW 10000 Kbits 802.1d STP State: Forwarding Forward Transitions: 1Keep in mind that switch configuration is only introduced Port Monitoring : DisabledAt the CCNA level, and is not fully investigated until the Unknown unicast flooding: EnabledCCNP program. Unregistered multicast flooding: Enabled Description: MARKETING VLAN Duplex setting: Half duplex Back pressure: Disabled Cisco Router & Switch Commands Page 33
  34. 34. Configuring the Port DuplexKeywords <int> <0/1-27> <fast> <duplex> <auto> <full> <full-flow-control> <half>Change to Ethernet port 0/1 Switch-A(config)#int e0/1Configuring the port duplex mode for an ethernet port: Switch-A(config-if)#duplex ?Options are: auto Enable auto duplex configuration auto full Force full duplex configuration full full-flow-control Force full duplex with with flow control full-flow-control half Force half duplex operation halfConfigure port for half-duplex mode: Switch-A(config-if)#duplex half(default for 10BaseT ports)Attempt to configure ports for auto or full-flow-control. Even Switch-A(config-if)#duplex autothough the question mark specified these options they will only Error: Invalid configuration for this interfacework with fast ethernet ports. Switch-A(config-if)#duplex full-flow-control Error: Invalid configuration for this interfaceChange to Fast Ethernet port 0/26: Switch-A(config-if)#int f0/26Configure port for auto-negotiation mode: Switch-A(config-if)#duplex auto(default for fast ethernet ports)Change to second Fast Ethernet port 0/27: Switch-A(config-if)#int f0/27Configure for full-flow-control to prevent buffer overflow: Switch-A(config-if)#duplex full-flow-control Cisco Router & Switch Commands Page 34
  35. 35. Verifying IP ConnectivityKeywords <ping> <telnet>Test connectivity to an ip address with ping: Switch-A#ping 172.50.100.25 Sending 5, 100-byte ICMP Echos to 172.50.100.25, time out is 2 seconds: !!!!! Success rate is 100 percent (5/5)Test connectivity to an ip address with telnet: Switch-A#telnet 172.50.100.25 ^Note it is not possible to telnet from a switch, like you have % Invalid input detected at ‘^’ marker.done with a router. However, it is possible to telnet into aswitch from a router. Cisco Router & Switch Commands Page 35
  36. 36. Erasing Switch ConfigurationKeywords <delete> <nvram> <vtp>Erase the configuration in NVRAM: Switch-A#delete nvramNote that the switch has no commands to save the runningconfiguration to the startup configuration. This is doneautomatically.Do not assume that this command can be used to recoverfrom lost-password problems. Erasing the configuration inNVRAM erases existing passwords, but this command in onlyavailable in priviliged mode where it is possible to change thepassword.Reset the VTP (VLAN Trunk Protocol) configuration to its witch-A#delete vtpdefault values: Cisco Router & Switch Commands Page 36
  37. 37. Managing the MAC Address TableKeywords <mac-address-table> <permanent> <restricted> <static> <show> <version>Display the switch MAC address table: Switch-A#show mac-address-table Number of permanent addresses : 0 Number of restricted static addresses : 0 Number of dynamic addresses : 0Clear all the entries in the mac-address-table: Switch-A#clear mac-address-tableClear specific types of entries: Switch-A#clear mac-address-table ? dynamic Clear 802.1d dynamic address permanent Clear 802.1d permanent address restricted Clear 802.1d restricted static addressClear dynamic mac-address-table entries: Switch-A#clear mac-address-table dynamicConfigure a permanent mac address to port 4 Switch-A(config)#mac-address-table permanent 00A0.2448.60A5 e0/4The mac-address-table had three options: dynamic permanent restrictedRestricting a path for source hardware Switch-A#mac-address-table restricted static 00A0.246E.0FA8 e0/2 e0/5address. In this case port 0/5 is restricted tosending frames only to port 0/2.Display basic information about a switch, like Switch-A#show versionhow long the switch has been running, IOSversion, and base MAC address: Cisco Router & Switch Commands Page 37
  38. 38. Changing the LAN Switch TypeKeywords <int> <0/1-27> <ethernet> <fast> <description> <show> <duplex> <delete> <nvram> <port> <switching-mode> <fragment-free> <store-and-forward>Display the current switching mode: Switch-A#show port system(this is the default switching mode) Switching mode: FragmentFree Use of store and forward for multicast: disabledDisplay the switching-mode options: Switch-A(config)#switching-mode ? fragment-free Fragment Free mode store-and-forward Store-and-Forward modeChange the switching mode to store-and-forward: Switch-A(config)#switching-mode store-and-forwardChange switching mode to fragment-free: Switch-A(config)#switching-mode fragment-free Switching-Mode Warning If you change the LAN switch type, you change it for all ports on the switch.Configuring VLANsKeywords <vlan> <name> <vlan-membership> <static> Cisco Router & Switch Commands Page 38
  39. 39. Note: A switch can be configured for static or dynamic VLAN membership. THE CCNA examobjectives only require static configuration.Check the VLAN number options: Switch-A(config)#vlan ?Number 1 is reserved for the default VLAN. <2-1001> ISL VLAN indexThe Inter-Switch Link routing number identifies the VLAN.Make VLAN 2 Production Switch-A(config)#vlan 2 name ProductionMake VLAN 3 Marketing Switch-A(config)#vlan 3 name MarketingMake VLAN 4 Accounting Switch-A(config)#vlan 4 name Accounting Switch-A(config)#int e0/2Change to port e0/2: Switch-A(config-if)#vlan-membership ?Display the vlan-membership options: dynamic set VLAN membership as dynamic static set VLAN membership as static Switch-A(config-if)#vlan-membership static 2Assign the three VLANs (Production, Marketing andAccounting) to specif ports using the vlan index numbers: Switch-A(config-if)#int eo/4 Switch-A(config-if)#vlan-membership static 3 Switch-A(config-if)#int e0/5 Switch-A(config-if)#vlan-membership static 4 Switch-A#show vlanDisplay all the VLANs assigned to their respective ports: Switch-A#show vlan 2Display VLAN 2 information only: Switch-A#show vlan-membershipDisplay VLAN information along with static or dynamic info: Cisco Router & Switch Commands Page 39
  40. 40. Configuring trunk portsKeywords <trunk> <auto> <desirable> <nonnegotiate> <off> <on> <trunk-allowed>Note that trunking is only available on FastEthernet portsrunning Dynamic Inter-Switch Link (DISL) encapsulation.Configuring trunking with DISL set to AUTO: Switch-A(config)#int f0/26(trunk port if connected device is on or desirable) Switch-A(config-if)#trunk autoConfiguring trunking with DISL set to DESIRABLE: Switch-A(config-if)#trunk desirable(trunk port if connected device is on, desirable or auto)Configuring trunking with DISL set to NONEGOTIATE: Switch-A(config-if)#trunk nonnegotiate(becomes permanent ISL trunk port; will not negotiate withany attached device)Configuring trunking with DISL set to OFF: Switch-A(config-if)#trunk off(interface is disabled from running trunking)Configuring trunking with DISL set to ON: Switch-A(config-if)#trunk on(becomes permanent ISL trunk port; can negotiate with aconnected device to convert to trunk mode)Display the trunk ports: Switch-A#show trunkDisplay trunking on interface 26: Switch-A#show trunk aDisplay trunking on interface 27: Switch-A#show trunk bDisplay allowed VLANs on a trunked port a: Switch-A#show trunk a allowed-vlansClearing a VLAN 5 from being communicated on a trunked line: Switch-A#no trunk-vlan 5 Cisco Router & Switch Commands Page 40
  41. 41. Configuring ISL Routing on a RouterKeywords <encapsulation> <isl> <ip address>The example below will support four VLANs on one interface,which requires creating four subinterfaces.Note: Inter-Switch Link (ISL) routing is only available on afast ethernet interface.Configure the first subinterface: Router(config)#int f0/0.1Enable Inter-Switch Link (ISL) encapsulation for VLAN 1 Router(config-subif)#encapsulation isl 1Assign an IP address to the subinterface: Router(config-subif)#ip address 172.16.10.1 255.255.255.0Configure the second subinterface: Router(config)#int f0/0.2Enable Inter-Switch Link (ISL) encapsulation for VLAN 2 Router(config-subif)#encapsulation isl 2Assign an IP address to the subinterface: Router(config-subif)#ip address 172.16.20.1 255.255.255.0Configure the third subinterface: Router(config)#int f0/0.3Enable Inter-Switch Link (ISL) encapsulation for VLAN 3 Router(config-subif)#encapsulation isl 3Assign an IP address to the subinterface: Router(config-subif)#ip address 172.16.30.1 255.255.255.0Configure the fourth subinterface: Router(config)#int f0/0.4Enable Inter-Switch Link (ISL) encapsulation for VLAN 4 Router(config-subif)#encapsulation isl 4Assign an IP address to the subinterface: Router(config-subif)#ip address 172.16.40.1 255.255.255.0Return to global configuration mode: Router(config-subif)#exitEnter interface mode for FastEthernet 0: Router(config)#int f0/0Make FastEthernet interface 0 active: Router(config-if)#no shutdown Cisco Router & Switch Commands Page 41
  42. 42. Configuring Interior Gateway Routing Protocol (IGRP)Keywords <router> <igrp> <network> <ip route> <protocol> <events> <transactions>Activate IGRP routing protocol with AS number 10 (0-65535): Router(config)#router igrp 10Specify attached network addresses: Router(config-router)#network 172.16.0.0 Router(config-router)#network 172.25.0.0Check IGRP routing table information: Router#show ip routeUseful command to see ip addresses for each interface and Router#show protocoldetermine if routing protocol is enabled:Verifying which routing protocol is active: Router#show ip protocolDisplay a summary of IGRP routing information: Router#debug igrp eventsDisplay message requests and broadcasts: Router#debug igrp transactionsTurn off all debugging: Router#un all Cisco Router & Switch Commands Page 42
  43. 43. Configuring IPX routingKeywords <ipx routing> <network> <encapsulation> <secondary>Enable IPX routing: Router(config)#ipx routingChange to interface mode: Router(config)#int e0Add network number: Router(config-if)#ipx network 10To change the IPX frame type to sap (802.2): Router(config-if)#ipx network 10 encapsulation sapConfiguring IPX on a router with three interfaces: Router(config)#ipx routing Router(config)#int e0 Router(config-if)#ipx network 30 Router(config-if)#int s0 Router(config-if)#ipx network 20 Router(config-if)#int s1 Router(config-if)#ipx network 40Configuring multiple IPX frame types using a secondary Router(config)#int e0address: Router(config-if)#ipx network 10a encapsulation sap secondaryConfiguring multiple IPX frame types using Router(config)#int e0.10subinterfaces: Router(config-subif)#ipx network 10a encap sapNote: use the following Cisco keywordsnovell-ether (default) Ethernet_802.3sap Ethernet_802.2arpa Ethernet_IIsnap Ethernet_snap Cisco Router & Switch Commands Page 43
  44. 44. Monitoring IPXKeywords Hyper TerminalDisplay IPX routing table information: Router#show ipx routeDisplay all the IPX servers and SAP table: Router#show ipx serversDisplay summary of IPX packets received and transmitted: Router#show ipx trafficDisplay IPX status for each interface: Router#show ipx interfacedisplay IPX status of e0 interface Router#show ipx int e0Display routed protocols and interface addresses: Router#show protocolEnable load balancing across two equal costs paths: Router#ipx maximum-paths 2Monitor IPX routing updates as it is running: Router#debug ipx routing activity Router#dedub ipx routing eventsDisplay IPX SAP packets that are transmitted and received: Router#debug ipx sap activity Cisco Router & Switch Commands Page 44
  45. 45. Configuring standard IP access listsKeywords <access-list> <deny> <permit> <hosts> <any> <in> <out> <access-group>Deny any packets from host 172.16.30.2 Router(config)#access-list 10 deny host 172.16.30.2Permit access to all other ip addresses: Router(config)#access-list 10 permit anyChange to interface mode: Router(config)#int e0Attach access list 10 to Ethernet 0 outgoing: Router(config-if)#ip access-group 10 outPermit any packets from network 172.16.0.0: Router(config)#access-list 20 permit 172.16.0.0 0.0.255.255Permit any packets from subnet 172.16.4.0: Router(config)#access-list 30 permit 172.16.4.0 0.0.0.255Permit only host 172.16.30.2 using wild card: Router(config)#access-list 40 permit 172.16.30.2 0.0.0.0Deny only host 200.23.45.78: Router(config)#access-list 50 deny host 200.23.45.78Permit all other addresses using wild cards: Router(config)#access-list 50 permit 0.0.0.0 255.255.255.255 same as:Permit all other addresses using any: Router(config)#access-list 50 permit anyPermit only even-numbered hosts of network Router(config)#access-list 60 permit 220.100.50.0 0.0.0.254220.100.50.0:Permit only ip addresses in the range Router(config)#access-list 70 permit 172.16.16.0 0.0.3.255172.16.16.0 through 172.16.19.0:Permit only ip addresses in the range Router(config)#access-list 80 permit 172.16.16.0 0.0.7.255172.16.16.0 through 172.16.23.0:Permit only ip addresses in the range Router(config)#access-list 90 permit 172.16.32.0 0.0.31.255172.16.32.0 through 172.16.63.0: Cisco Router & Switch Commands Page 45
  46. 46. Controlling VTY (Telnet) access and viewing access listsKeywords <line vty 0 4> <access-class>Create a standard access list permitting only 172.16.10.3: Router(config)#access-list 50 permit 172.16.10.3Change to telnet line mode: Router(config)#line vty 0 4Apply the access list to the VTY line: Router(config-line)#access-class 50 inDisplay all the access lists: Router#show access-listDisplay only access list 75: Router#show access-list 75Shows only the IP access lists: Router#show ip access-listShows which interfaces have access lists: Router#show ip interfaceShows the access lists and which interfaces have access lists: Router#show run Cisco Router & Switch Commands Page 46
  47. 47. Access list main number rangesKeywordsIP standard access list 1-99IP extended access list 100-199Appletalk access list 600-699IPX standard access list 800-899IPX extended access list 900-999IPX SAP access list 1000-1099 Cisco Router & Switch Commands Page 47
  48. 48. Configuring extended ip access listsKeywords <access-list> <deny> <permit> <eq> <any> <ftp> <telnet>Deny acces from any source to host Router(config)#access-list 110 deny ip any host 172.16.10.5172.16.10.5Deny access from any ftp and any telnet Router(config)#access-list 120 deny tcp any host 172.16.10.5 eq 21source to host 172.16.10.5 Router(config)#access-list 120 deny tcp any host 172.16.10.5 eq 23 Router(config)#access-list 120 permit ip any anySame access list as above, but using port Router(config)#access-list 120 deny tcp any host 172.16.10.5 eq ftpnames (ftp and telnet) in place of numbers Router(config)#access-list 120 deny tcp any host 172.16.10.5 eq telnet(21 and 23) Router(config)#access-list 120 permit ip any anyPermit access from source network Router(config)#access-list 130 permit ip 150.50.0.0 0.0.255.255150.50.0.0 to destination network 200.1.1.0 200.1.1.0 0.0.0.255 Cisco Router & Switch Commands Page 48
  49. 49. Configuring IPX Access ListsKeywords <access-list> <permit> <deny> <ipx access-group> <in> <out>Standard IPX access list, which permits IPX packets from IPX Router(config)#access-list 810 permit 20 40network 20 out inetrface e0 to IPX network 40 Router(config)#int e0 Router(config-if)#ipx access-group 810 out Cisco Router & Switch Commands Page 49
  50. 50. Cisco Router Commands Introduced During CNAP Semester 4 Used For Semester 4 Lab ExamStudents are responsible for knowing all routing & switching commands that were introducedduring semesters 2 & 3 in addition to the new routing commands introduced during semester 4. Cisco Router & Switch Commands Page 50
  51. 51. Configuring PPPKeywords <encapsulation> <ppp> <chap> <pap>Change to serial 0 router interface: Router(config)#int s0Enable Point-To-Point (PPP) encapsulation: Router(config-if)#encapsulation pppChange to Ethernet 0 router interface: Router(config-if)#int e0Try to enable PPP encapsulation: Router(config-if)#encapsulation ppp ^Note: WAN protocols are enabled at serial ports only and % Invalid input detected at ‘^’ markermust be enabled at both ends of the serial connection.Configure PPP CHAP authentication: Router(config-if)#ppp authentication chap(Challenge Handshake Authentication Protocol)(more secure and encrypted password authentication)Configure PPP PAP authentication: Router(config-if)#ppp authentication pap(Password Authentication Protocol)(less secure unencrypted password authentication)Verify that PPP encapsulation is enabled: Router#show int s0 Serial0 is up, line protocol is upMore information is provided than shown here. Much of the Hardware is HD64570information will not make sense. The keep issue here is to Internet address is 172.16.20.1/24verify that PPP encapsulation is enabled. MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255 Encapsulation PPP, loopback not set, keepalive set (10 sec)Configuring FrameRelayKeywords <encapsulation> <frame-relay> <ietf> <interface-dlci> <lmi-type> Cisco Router & Switch Commands Page 51
  52. 52. Change to serial 0 router interface: Router(config)#int s0Enable Frame Relay encapsulation for Cisco routers: Router(config-if)#encapsulation frame-relayEnable Frame Relay IETF encapsulation for non-cisco routers Router(config-if)#encapsulation frame-relay ietfor one cisco router connected to a non-cisco device:(Internet Engineering Task Force)Permanent virtual circuits (PVCs) like Frame Relay virtualcircuits are identified by Data Link Connection Identifiers(DLCIs). Router(config)#int s0Check available DLCI numbers for interface s0: Router(config-if)#frame-relay interface-dlci ? <16-1007> Define a DLCI as part of the current subinterfaceConfigure DLCI number 16 to the interface: Router(config-if)#frame-relay interface-dlci 16The Local Management Interface (LMI) is a signaling standardresponsible for managing and maintaining status between aCPE router and a frame switch. Beginning with IOS 11.2 theLMI type is auto-sensed. There are three LMI types. Router(config)#int s0Determine the three LMI types: Router(config-if)#frame-relay lmi-type ? cisco ansi q933aSetting the LMI type to q933a: Router(config-if)#frame-relay lmi-type q933a Cisco Router & Switch Commands Page 52
  53. 53. Configuring Subinterfaces for Frame RelayKeywords <int s1.?> <multipoint> <point-to-point>You have multiple virtual circuits on a single serial interface,but each must be treated as a separate interface. This isaccomplished by creating subinterfaces. Router(config)#int s1First set Frame Relay encapsulation to a serial interface: Router(config-if)#encapsulation frame-relayCheck available subinterface numbers: Router(config-if)#int s1.? <0-4294967295>Create subinterface 16 in Serial 1 interface: Router(config-if)#int s1.16 Router(config-subif)#Determine the two types of subinterfaces: Router(config)#int s0.16 ?Multipoint is used when the router is at the center of a star of multipoint Treat as multipoint linkvirtual circuits. point-to-point Treat as point-to-point linkPoint-to-Point is used when a single virtual circuit connectsone router to another. Router(config)#int s0.16 multipointCreate subinterface 16 with multipoint type: Router(config-subif)# Cisco Router & Switch Commands Page 53
  54. 54. Mapping Frame RelayKeywordsIIP devices at the ends of virtual circuits must have their Router(config)#access-list 810 permit 20 40address mapped to Data Link Connection Identifiers (DLCIs). Router(config)#int e0 Router(config-if)#ipx access-group 810 outThere are two mapping approaches: Use the Frame Relay map command Use the inverse-arp functionFrame Relay map command example Router(config)#int s0Enable (default Cisco) Frame Relay encapsulation: Router(config-if)#encapsulation frame-relayCreate subinterface with point-to-point link: Router(config-if)#int s0.16 point-to-pointDisable inverse arp: Router(config-subif)#no inverse arp Router(config-subif)#ip address 172.16.30.1 255.255.255.0Configure ip address and subnet mask for subinterface: Cisco Router & Switch Commands Page 54

×