Command syntax
| Convention | Description |
|---|---|
boldface |
Boldface text indicates commands and keywords that you enter literally as shown. |
italics |
Italic text indicates arguments for which you supply values. |
[x] |
Square brackets indicate an optional element (keyword or argument). |
{x} |
Braces indicate a required element (keyword or argument). |
[x { y \| z }] |
Braces and vertical lines within square brackets indicate a required choice within an optional element. Spaces are used to clearly delineate parts of the command. |
Hotkeys and shortcuts
| Keystroke | Description |
|---|---|
Tab |
Completes a partial command name entry. |
Backspace |
Erases the character to the left of the cursor. |
Ctrl+D |
Erases the character at the cursor. |
Ctrl+K |
Erases all characters from the cursor to the end of the command line. |
Esc D |
Erases all characters from the cursor to the end of the word. |
Ctrl+U or Ctrl+X |
Erases all characters from the cursor back to the beginning of the command line. |
Ctrl+W |
Erases the word to the left of the cursor. |
Ctrl+A |
Moves the cursor to the beginning of the line. |
Left Arrow or Ctrl+B |
Moves the cursor one character to the left. |
Esc B |
Moves the cursor back one word to the left. |
Esc F |
Moves the cursor forward one word to the right. |
Right Arrow or Ctrl+F |
Moves the cursor one character to the right. |
Ctrl+E |
Moves the cursor to the end of command line. |
Up Arrow or Ctrl+P |
Recalls the previous command in the history buffer, beginning with the most recent command. |
Down Arrow or Ctrl+N |
Goes to the next line in the history buffer. |
Ctrl+R or Ctrl+I or Ctrl+L |
Redisplays the system prompt and command line after a console message is received. |
Note: While the Delete key typically deletes the character to the right of the prompt, the IOS command structure does not recognize the Delete key.
--More-- mode prompt.
| Keystroke | Description |
|---|---|
Enter |
Displays the next line. |
Space or y |
Displays the next screen. |
| Any other key | Ends the display string, returning to previous prompt. |
Commands used to exit from an operation.
| Keystroke | Description |
|---|---|
Ctrl-C |
When in any configuration mode, ends the configuration mode and returns to privileged EXEC mode. When in setup mode, aborts back to the command prompt. |
Ctrl-Z |
When in any configuration mode, ends the configuration mode and returns to privileged EXEC mode. |
Ctrl-Shift-6 |
All-purpose break sequence used to abort DNS lookups, traceroutes, pings, and to interrupt an IOS process. |
Show
| Command | Used to |
|---|---|
show running-config |
Verify the current configuration and settings. |
show interfaces |
Verify the interface status and see if there are any error messages. |
show ip interface |
Verify the Layer 3 information of an interface. |
show arp |
Verify the list of known hosts on the local Ethernet LANs. |
show ip route |
Verify the Layer 3 routing information. |
show protocols |
Verify which protocols are operational. |
show version |
Verify the memory, interfaces, and licenses of the device. |
Basic configuration
Hostname.
Router(config)# hostname hostname
Secure privileged EXEC mode.
Router(config)# enable secret password
Switch(config)# enable secret class
Secure user EXEC mode over console (serial).
Router(config)# line console 0
Router(config-line)# password password
Router(config-line)# login
Secure remote Telnet / SSH access.
Router(config-line)# line vty 0 4
Router(config-line)# password password
Router(config-line)# login
Router(config-line)# transport input {ssh | telnet | none | all}
Router(config-line)# transport input ssh telnet
Configure SSH.
Switch# show ip ssh
Switch# configure terminal
Switch(config)# ip domain-name cisco.com
Switch(config)# crypto key generate rsa
Switch(config)# username admin secret ccna
Switch(config-line)# line vty 0 15
Switch(config-line)# transport input ssh
Switch(config-line)# login local
Switch(config-line)# exit
Switch(config)# ip ssh version 2
Switch(config)# exit
Secure all passwords in the config file.
Router(config-line)# exit
Router(config)# service password-encryption
Provide legal notification.
Router(config)# banner motd delimiter message delimiter
Router(config)# banner motd # Legal message here #
Router(config)# banner motd #
Enter TEXT message. End with a new line and the # *********************************************** WARNING: Unauthorized access is prohibited! *********************************************** #
Router(config)#
Save the configuration.
Router(config)# copy running-config startup-config
Management IP address for a switch.
Switch# configure terminal
Switch(config)# interface vlan 1
Switch(config-if)# ip address 192.168.1.20 255.255.255.0
Switch(config-if)# no shutdown
Switch(config-if)# exit
Switch(config)# ip default-gateway 192.168.1.1
Connect over serial console
Using picocom. You can find the name of the TTY with journalctl.
picocom -b 115200 /dev/ttyUSB3
Exit with ctrl-a ctrl-x.
Upload a file in ROMMON
Example using an AP.
Requirements:
- TFTP server IP address
192.168.0.2 - IOS image
ap3g2-k9w8-mx.153-3.JD.tar - Serial console connection
The easiest way is to connect the computer to the device via POE inyector.
Create a TFTP server to upload files
Using tftp-hpa.
- Leave the files at
/srv/tftp/ - Start the service
systemctl start tftpd - Allow TFTP through the firewall. TBD
Delete corrupt images
ap: del /force /recursive ap3g2-k9w8-mx.153-3.JD
Upload file
Configure the AP:
ap: set IP_ADDR 192.168.0.3
ap: set NETMASK 255.255.255.0
ap: set DEFAULT_ROUTER 192.168.0.1
ap: tftp_init
ap: ether_init
Download the file from the TFTP server to the AP and extract it to flash.
ap: tar -xtract tftp://192.168.0.2/ap3g2-k9w8-tar.153-3.JD.tar flash:
You can check for connections with tcpdump -ennqi enp2s0 port 69.
And you can check connectivity with arping 192.168.0.3 -I enp2s0.
Remove the variables (optional)
ap: unset IP_ADDR
ap: unset NETMASK
ap: unset DEFAULT_ROUTER
Boot
ap: boot
You can also set the boot image if there are others:
set BOOT flash:ap3g2-k9w8-mx.153-3.JD/ap3g2-k9w8-xx.153-3.JD