Skip to content

Cisco IOS CLI

Jump to bottom
Davood Dorostkar edited this page Nov 20, 2022 · 1 revision

Connection

  1. connect the switch to the computer

  2. open a terminal over serial port (with putty)

Initialization

enable

Basic CLI

Hit enter several times to proceed to command line.

if command line shows a lot of data with -more- sign, press enter to proceed line by line, or space to proceed page by page, or Q to ignore extra data.

Simple commands:

show clock

show version

Show available commands:

show ?

Add ? to show extra arguments of the command:

show clock ?

You can shorten the commands, until it does not conflict with another command:

show clock detail
sh clo de // OK
sh cl de // ambiguous

To get out of any config mode:

exit // takes back one level

or

CTRL + Z // takes back all the way to the global exec level

set login banner text:

banner login #
enter some text
#

show the current configuration data in volatile memory:

show running-config

show saved config in non-volatile memory:

show startup-config

save the running config:

copy running-config startup-config

or

copy run start

show list of files/folders in the memory:

dir

VLAN

check for available VLANs:

show vlan

Create a VLAN:

config
vlan database // enter vlan database mode
vlan <ID>
end

Global configuration mode

configure t

Inside each type of configuration modes, you have not access to global commands, unless you add a do keyword

config terminal
do show clock

Set host name

hostname NameForSwitch

Set IP

enter created VLAN in interface mode:

int vlan <CREATED ID>

assign static IP address to the switch:

ip address 192.168.71.3 255.255.255.0

to show the settings:

do show int vlan1

then you can ping the switch from outside

Interfaces

show available interfaces on the switch:

show ip interface brief

to configure an interface:

interface gigabit 0/1 // each interface you want to config

add description to the interface:

description SOME TEXT

set IP address to the interface:

ip address 192.168.0.1 255.255.255.0

to shut the interface down:

shutdown

to bring the interface up and running:

no shutdown

Virtual terminal (SSH) setup

check for number of VTYs:

line vty 0 ?

set password for SSH:

line vty 0 15
password PASSWORD
login
exit

Optional

line vty 0 15
transport input ssh
login local
exit

ip domain-name someaddress.com
crypto key generate rsa // give 2048 bits
ip ssh version 2

Set password for other ports

line con 0  // for console port
password PASSWORD
login
exit

line aux 0  // for auxillary port
password PASSWORD
login
exit

Security

set an encrypted password for enable mode:

enable secret PASSWORD

encrypt the rest of passwords:

run service password-encryption

then you can encrypt each password using method 5:

password PASSWORD 5 encrypted-secret

make a user with certain access level (15 is the highest):

username ADMIN privilege 15 secret PASS

PoE

show power inline

additional ref

documentation

Clone this wiki locally