Cisco Network

Cisco Memory Types

 * RAM
 * Running Configuration
 * Flash
 * IOS, vlan.dat
 * ROM
 * Bootstrap Program
 * NVRAM
 * Startup Configuration

Default Console Port Settings

 * 9600 bits/second
 * No hardware flow control
 * 8N1:
 * 8-bit ASCII
 * No parity bits
 * 1 stop bit

Basic

 * 1) enable
 * 2) disable


 * 1) enable
 * 2) configure terminal


 * 1) logging synchronous


 * 1) terminal length 0


 * 1) show history

Reboot the switch or router

 * 1) reload

Show Config

 * 1) show startup-config
 * 2) show running-config
 * 3) show running-config | begin line vty

Copy Config

 * 1) copy running-config startup-config
 * 2) copy startup-config running-config
 * 3) copy tftp running-config
 * 4) copy running-config tftp

Show Commands

 * 1) show version
 * 2) show interfaces status
 * 3) show interface vlan 1
 * 4) show mac address-table
 * 5) show mac address-table dynamic
 * 6) show ip route
 * 7) show ip interface brief
 * 8) show protocols fa0/0
 * 9) show process
 * 10) show cdp

Bye Bye Commands

 * 1) exit
 * 2) end (or [Ctrl] + [Z])
 * 3) quit

Setup hostname
config# hostname
 * 1) enable
 * 2) configure terminal

Setup enable password
config# enable secret
 * 1) enable
 * 2) configure terminal
 * Note:
 * If the enable password is not configured, you can't getting into enable mode via Telnet/SSH.

Setup console password
config# line console 0 config-line# login config-line# password
 * 1) enable
 * 2) configure terminal

Setup vty password
config# line vty 0 15 config-line# login config-line# password
 * 1) enable
 * 2) configure terminal

Password Encryption
config# service password-encryption config# no service password-encryption
 * 1) enable
 * 2) configure terminal

Setup SSH
config# line vty 0 15 config-line# login local config-line# transport input ssh config-line# exit config# username  password config# ip domain-name ktlam.hk config# crypto key generate rsa
 * 1) enable
 * 2) configure terminal

config# interface vlan 1 config-if# ip address  config-if# no shutdown config-if# exit config# ip default-gateway  config# exit

Setup Switch IP with DHCP
config# interface vlan 1 config# ip address dhcp config# no shutdown config# end
 * 1) enable
 * 2) configure terminal
 * 1) show dhcp lease

Configure interface
config# interface FastEthernet 0/1 config-if# shutdown config-if# no shutdown config-if# description hello world config-if# speed 10 config-if# speed 100 config-if# speed 1000 config-if# duplex auto config-if# duplex half config-if# duplex full config-if# exit
 * 1) show interfaces
 * 2) show interfaces status
 * 3) show interfaces fa0/1
 * 4) enable
 * 5) configure terminal

config# interface range FastEthernet 0/11 - 20 config-if# description hello world

Configure Port Security
...
 * 1) show port-security interface fastEthernet 0/1
 * 2) switchport mode access

Configure VLAN
config# vlan 2 config-vlan# name my-vlan config-vlan# exit
 * 1) show vlan brief
 * 2) configure terminal

config# interface fa0/1 config-if# switchport access vlan 2 config-if# exit

Configure Static NAT
inside --- 192.168.1.1 --- [192.168.250 fa0/0  ROUTER  fa0/1  200.0.0.250] --- oustide


 * 1) interface fa0/0
 * 2) ip address 192.168.1.250 255.255.255.0
 * 3) ip nat inside


 * 1) interface fa0/1
 * 2) ip address 200.0.0.250 255.255.255.0
 * 3) ip nat outside


 * 1) ip nat inside source static 192.168.1.1 200.0.0.1


 * 1) show ip nat translations


 * 1) show ip nat statistics

Configure Dynamic NAT
inside --- 192.168.1.1 --- [192.168.250 fa0/0  ROUTER  fa0/1  200.0.0.250] --- oustide


 * 1) interface fa0/0
 * 2) ip address 192.168.1.250 255.255.255.0
 * 3) ip nat inside


 * 1) interface fa0/1
 * 2) ip address 200.0.0.250 255.255.255.0
 * 3) ip nat outside


 * 1) access-list 1 permit 192.168.1.1
 * 2) access-list 1 permit 192.168.1.2
 * 3) access-list 1 permit 192.168.1.3


 * 1) ip nat pool mylist 200.0.0.1 200.0.0.3 netmask 255.255.255.0

or (specify overload to use PAT) or
 * 1) ip nat inside source list 1 pool mylist
 * 1) ip nat inside source list 1 pool mylist overload
 * 1) ip nat inside source list 1 interface fa0/1 overload


 * 1) debug ip nat


 * 1) clear ip nat translation *

Other Commands

 * 1) no debug all
 * 2) undebug all
 * 3) terminal monitor
 * 4) setup


 * 1) history size
 * 2) terminal history size

Remove switch configuration

 * 1) erase startup-config
 * 2) delete flash:vlan.dat

Cisco 3750X

 * 1) show switch detail

Cisco ASA 5520

 * 1) terminal pager lines 15
 * 2) show route
 * 3) show ip
 * 4) show failover state


 * References:
 * CLI Configuration (Version 8.4)

Terms

 * vty = virtual terminal