CISCO IOS REVISION COMMANDS
If you find this page useful check out my other revision
pages:
For other useful CCNA study guides, CCNA practice exams and
technical training, see my certification
and networking links page.
SHOW COMMANDS - CISCO ROUTERS
Show version - software version, config files,
boot images, config register, basic config of router
Show ipx
interface - status, ipx rip and sap received/sent, ipx
access-lists
Show ipx route - ipx routing table
Show ipx
servers - server list (name, port, hops, type of service)
Show
ipx traffic - number/type of packets, RIP and SAP packets
Show
protocol - ipx addresses of an interface, IP addresses and routing
protocol
Show ip protocol - routing update times, networks active
on, neighbour routers, administrative distances, AS number
Show
access-lists - shows standard and extended access-lists on all
interfaces
Show access-list 101
Show ip interface - IP
addresses, masks, MTU, access-lists, split horizon, ICMP, CDP
status, NAT statistics, LMI info, DLCIs
Show interface serial 0 -
shows bandwidth, MTU, keepalives
Show ip route - ip routing
table
Show cdp neighbor - deviceID, local intf, holdtime,
capability, platform, remote portID
Show cdp entry * - IP
address of neighbour, protocol info, platform, capability, portID,
holdtime, same info as show version, neighbour device ID, local
interface
Show cdp neighbor detail - same as above also IP
address, version info
Show cdp traffic - info on traffic and
errors
Show cdp interface - encapsulation, timer, holdtime for
each intf
Show controllers serial 0 - shows DTE/DCE connections,
buffer size, collisions, mac address
Show host(s) - shows
hostname to IP resolution of hosts
Show session(s) - shows
connections to a remote device
Show users - shows connections to
your router, port and time connected
Show frame-relay lmi - lmi
errors and lmi type
Show frame-relay pvc - all configured PVC's,
DLCI numbers, status of connections, No. of BECN/FECN
Show
frame-relay pvc 16
Show frame-relay map - ip to dlci
mappings
Show run - display router config (RAM), configured PVCs,
ACLs.
SHOW COMMANDS - 1900 SWITCH
Show mac-address-table
Show run
Show ip -
like ipconfig
Show port system - shows switching method
Show
vtp
Show trunk A allowed-vlans - shows which VLANS allowed on
trunk link
Show vlan-membership
Show vlan 2
Show vlan -
verify VLAN config
Show history - shows last 10 commands entered
by default
Show terminal - shows terminal config + history buffer
size
GENERAL ROUTER COMMANDS
Banner exec - for activation or incoming
vty
Banner incoming - displayed on reverse telnet
sessions
Banner login - displayed on all connected terminals.
Displayed before MOTD banner but before login prompts
Bfe -
manual emergency mode setting
Clear counters - clears counters on
all interfaces
Clear frame-relay-inarp - clears dynamic
mappings
Clear line 1 - clears vty 1 connection to a remote
router
Clock set 10.30.10 28 may 2002
Config-register 0x2102 -
changes config register
Copy flash tftp
Copy tftp flash -
copies IOS image from tftp server default directory to router
flash
Disable - to get back to user mode from
privileged
Disconnect 1 - clears a connection to a remote
router
Enable - to get into privileged mode
Enable last-resort
- define enable action if no tacas servers respond
Enable
use-tacas - tells the router to authenticate passwords through a
tacas server
Encapsulation isl 3 - encapsulates ISL frame-tagging
for VLAN 3 on an interface
Exec timeout 0 1 - sets console
timeout to 1 second
Exec-timeout 0 0 - sets exec timeout to never
timeout
Exec-timeout 1 0 - set exec timeout to 1 minute
Ip
domain-lookup - enables DNS (use no form to stop this)
Ip
domain-name nikmakris.com - appends domain name to hostname
(required for DNS)
Ip host nik 172.17.1.63 - adds to host table
(up to 8 ip addr)
Ip name-server - sets ip address(es) of DNS
servers
Lock - locks the terminal
Logging synchronous - stops
console messages overwriting commands
Logout - to logout of the
router
Media-type 100BaseX - sets media type
Mrinfo - request
neigbour and version information from a multicast router
No login
- sets line, vty ports not to prompt for login
info
Passive-inteface s0 - disables routing updates on interface
(Global command) - they are not sent out this interface but they are
still received.
Ping ipx 40.0000.0c8d.5c9d
Service
password-encryption - encrypts passwords (Global
command)
Terminal monitor - needed to view debug commands from
telnet session
Terminal history size 50 - sets command history to
50 lines
Tftp-server system <image name> - Make router a
tftp server
CONFIGURE COMMANDS
Interface Ethernet 2/0/1 - type slot / port
adapter / port number (interface) for VIP cards
Config terminal -
configures RAM
Config network (config net) - changes a config on
a tftp host
Config memory - configure NVRAM
Ip address
172.17.1.63 255.255.255.0 secondary - adds a secondary subnet
address to an interface
Clock rate 56000 - sets clock rate to
56kbps for DCE interfaces
ACCESS LISTS (ACL)
Access-enable - creates a temporary access-list
entry
Access-template - creates a temporary access-list
entry
Access-profile - apply user profile to
interface
Access-list 1 permit 0.0.0.0 255.255.255.255 - same
as next line
Access-list 1 permit any - permits any
host
Access-list 1 permit 172.30.16.29 0.0.0.0 - same as next
line
Access-list 1 permit host 172.30.16.29 - permits host
172.30.16.29
No access list 1 - deletes access list 1
Ip
access-group 1 out (out is default)
Access-list 101 deny tcp
172.16.4.0 0.0.0.255 any eq telnet
Access-list 101 permit ip any
any established (TCP connection)
Router(Config)#ip access-list
standard nik
Router(Config std-nacl)#deny any log (log - logs
packets)
No ip access-group in - won't delete inbound lists
if you leave the in off the end of the command
FRAME RELAY
Router(Config)#int
s0
Router(Config-if)#encapsulation frame-relay cisco
(default)
Router(Config-if)#exit
Router(Config)#int s0.16
point-to-point
Router(Config-if)#no
inverse-arp
Router(Config-if)#ip address 172.17.1.63
255.255.255.0
Router(Config-if)#bandwidth 64 - sets bandwidth to
64kbps (Only used by routing
protocols)
Router(Config-if)#frame-relay map ip 172.16.30.17 16
ietf broadcast - broadcast tells the router to send broadcasts out
this intf
IGRP CONFIGURATION
Router(Config)#router igrp
50
Router(Config-router)#timers basic 15 45 0
60
Router(Config-router)#variance 1-128 (controls load balancing
between best and worse
metrics)
Router(Config-router)#traffic-share
balanced/min
Balanced - share inversely
proportional to metrics
Min - use routers
that have only min costs
Router(Config-router)#network
128.6.0.0
Router(Config-router)#no metric
holddown
Router(Config-router)#metric maximum-hop 50
IPX RIP CONFIGURATION
Router(Config)#ipx routing - enables IPX routing,
RIP and SAP
Router(Config)#ipx maximum-paths 2 - enables equal
cost load balancing over 2 paths
Router(Config)#ipx
per-host-load-share - ensures all packets to 1 destination are sent
over same line
Router(Config)#int e0
Router(Config-if)#ipx
network 10 encapsulation sap secondary - assigns ipx network 10 to a
secondary interface on Ethernet 0 with encapsulation
Ethernet_802.2
Router(Config-if)#ipx delay 6 - sets tick metric
for IPX RIP (LAN = 1, WAN = 6 default)
Router(Config-if)#exit
CISCO ISDN CONFIGURATION
Router(Config)#interface bri
0
Router(Config-if)#ip address 172.17.1.63
255.255.255.0
Router(Config-if)#no
shutdown
Router(Config-if)#dialer-group
1
Router(Config-if)#dialer map ip 172.16.60.2 name 8042
8350661
(Next router ip - hostname of next route (auth) - number
to dial)
Router(Config-if)#dialer load-threshold 2 either - makes
both interfaces come up immediately
Router(Config-if)#dialer
load-threshold 255 either - only brings up 2nd B-channel if first is
100% loaded
Router(Config-if)#hold-queue 75 in - holds 75 packets
in the queue during connection
Router(Config-if)#dialer
idle-timeout 300 - sets idle time out (120
default)
Router(Config-if)#encapsulation
ppp
Router(Config-if)#exit
Router(Config)#dialer-list 1 list
110
Router(Config)#access-list 110 permit tcp any any eq
smtp
Router(Config)#access-list 110 permit tcp any any eq telnet
STATIC/DEFAULT ROUTES
Ip route 0.0.0.0 0.0.0.0 172.16.20.1 = default
route
Ip default-network 172.16.1.0
Ip route 172.17.1.63
255.255.255.0 serial 1 1 permanent - keeps static route even if
router cannot communicate with it, administration distance 1
CISCO DISCOVERY PROTOCOL (CDP) COMMANDS
Cdp timer 90
Cdp holdtime 240
Cdp enable (no
cdp enable)
1900 SWITCH CONFIGURATION
#config t
(Config)#enable password level 1
nikolas - usermode password
(Config)#enable password level 15
makris - enable password
(Config)#enable secret nik2 - precedes
the enable p/w
(Config)#hostname nik
(Config)#vtp pruning
enable - enables pruning on whole switch
(Config)#delete vtp -
deletes VTP database
(Config)#vtp server
(client/transparent)
(Config)#vtp domain nikolas
(Config)#vtp
password cisco
(Config)#ip address 172.17.1.63
255.255.255.0
(Config)#ip default-gateway
172.17.1.50
(Config)#switching-mode store-and-forward
(fragment-free)
(Config)#vlan 2 name sales
(Config)#vlan 3
name marketing
(Config)#int Ethernet 0/1 - slot 0/port
1
(Config-if)#vlan-membership static 2
(Config-if)#description
Finance_VLAN
(Config-if)#port secure max-mac-count 1 - allows
only one mac address per port
(Config-if)#exit
(Config)#int
f0/26
(Config-if)#trunk on - enables trunking of all VLANS not
just VLAN 1
(Config-if)#no trunk-vlan 3 - stops trunking vlan
3
(Config-if)#duplex full - sets to full duplex (auto sense
default)
(Config-if)#exit
(Config)#copy
tftp://192.168.0.120/cat1900EN_9_00.bin opcode - download into flash
memory
(Config)#copy nvram
tftp://192.168.0.120/cat1900EN
(Config)#copy
tftp://192.168.0.120/cat1900EN nvram
(Config)#delete nvram -
deletes config
(Config)#delete vtp - deletes VTP
database
(Config)#clear mac-address-table [dynamic]
CISCO DEBUG COMMANDS
Debug ipx routing activity - info on RIP
updates
Debug ipx sap - info on sap updates
Debug ip igrp
events - what's being rec'd sent, route type (int/ext,system),
source, dest
Debug ip igrp transactions - shows contents of
routing updates
Debug ip rip - source/contents of updates,
network, metrics
Debug frame-relay lmi - enables verification of
connection
Debug ppp authentication
UNDEBUG ALL
| 
.gif){kind=small}
