Home | Articles | About | Contact | Forum |
Thursday, June 27, 2019

Lunarpages.com Web Hosting

Mailing List

By Joining the mailing list you will be notified of site updates.

Show Your Support For
This Site By Donating:

Audience: Self Learners - Experts
Last Updated: 6/6/2011 1:53:18 PM
**All times are EST**

Cisco IOS Cheat Sheet

By Erik Rodriguez

These commands are used on all Cisco devices running the Cisco IOS. If you are unfamiliar with Cisco devices please see: Routers, Using the Cisco IOS.




Config# terminal editing - allows for enhanced editing commands

Config# terminal monitor - shows output on telnet session

Config# terminal ip netmask-format hexadecimal|bit-count|decimal - changes the format of subnet masks


Config# hostname ROUTER_NAME


Config# banner motd # TYPE MESSAGE HERE # - # can be substituted for any character, must start and finish the message


Config# description THIS IS THE SOUTH ROUTER - can be entered at the Config-if level


Config# clock timezone Central -6
# clock set hh:mm:ss dd month yyyy
- Example: clock set 14:35:00 25 August 2003


Config# config-register 0x2100 - ROM Monitor Mode

Config# config-register 0x2101 - ROM boot

Config# config-register 0x2102 - Boot from NVRAM


Config# boot system tftp FILENAME SERVER_IP - Example: boot system tftp 2600_ios.bin

Config# boot system ROM

Config# boot system flash - Then - Config# reload


Config# cdp run - Turns CDP on

Config# cdp holdtime 180 - Sets the time that a device remains. Default is 180

Config# cdp timer 30 - Sets the update timer.The default is 60

Config# int Ethernet 0

Config-if# cdp enable - Enables cdp on the interface

Config-if# no cdp enable - Disables CDP on the interface

Config# no cdp run - Turns CDP off


Config# ip host ROUTER_NAME INT_Address - Example: ip host lab-a

Config# ip host RTR_NAME INT_ADD1 INT_ADD2 INT_ADD3 - Example: ip host lab-a - (for e0, s0, s1)


Config# ip domain-lookup - Tell router to lookup domain names

Config# ip name-server - Location of DNS server

Config# ip domain-name cisco.com - Domain to append to end of names


# clear interface Ethernet 0 - Clears counters on the specified interface

# clear counters - Clears all interface counters

# clear cdp counters - Clears CDP counters

Config# ip route Net_Add SN_Mask Next_Hop_Add - Example: ip route

Config# ip route Next_Hop_Add - Default route

Config# ip default-network Net_Add - Gateway LAN network


Config# ip routing - Enabled by default

Config# router rip

Config# router igrp 100

Config# interface Ethernet 0

Config-if# ip address

Config-if# no shutdown


Config# ipx routing

Config# interface Ethernet 0

Config# ipx maximum-paths 2 - Maximum equal metric paths used

Config-if# ipx network 222 encapsulation sap - Also Novell-Ether, SNAP, ARPA on Ethernet. Encapsulation HDLC on serial

Config-if# no shutdown

IP Standard


IP Extended


IPX Standard


IPX Extended


IPX SAP Filters



Config# access-list 10 permit - allow all src ips on network

Config# access-list 10 permit host - specifies a specific host

Config# access-list 10 permit any - allows any address

Config# int Ethernet 0

Config-if# ip access-group 10 in - also available: out


Config# access-list 101 permit tcp eq telnet
    -protocols: tcp, udp, icmp, ip (no sockets then), among others
    -source then destination address
    -eq, gt, lt for comparison
    -sockets can be numeric or name (23 or telnet, 21 or ftp, etc)

Config# access-list 101 deny tcp any host eq www

Config# access-list 101 permit ip any any

Config# interface Ethernet 0

Config-if# ip access-group 101 out


Config# access-list 801 permit 233 AA3 - source network/host then destination network/host

Config# access-list 801 permit -1 -1 - -1 is the same as any with network/host addresses

Config# interface Ethernet 0

Config-if# ipx access-group 801 out


Config# access-list 901 permit sap 4AA all 4BB all
    - Permit protocol src_add socket dest_add socket
    -all includes all sockets, or can use socket numbers

Config# access-list 901 permit any any all any all
    -Permits any protocol with any address on any socket to go anywhere

Config# interface Ethernet 0

Config-if# ipx access-group 901 in


Config# access-list 1000 permit 4aa 3 - 3 is the service type

Config# access-list 1000 permit 4aa 0 - service type of 0 matches all services

Config# interface Ethernet 0

Config-if# ipx input-sap-filter 1000 - filter applied to incoming packets

Config-if# ipx output-sap-filter 1000 - filter applied to outgoing packets


Config# ip access-list standard LISTNAME
    -can be ip or ipx, standard or extended
    -followed by the permit or deny list

Config# permit any

Config-if# ip access-group LISTNAME in
    -use the list name instead of a list number
    -allows for a larger amount of access-lists


Config-if# encapsulation ppp

Config-if# ppp authentication chap pap
    -order in which they will be used
    -only attempted with the authentification listed
    -if one fails, then connection is terminated

Config-if# exit

Config# username Lab-b password 123456
    -username is the router that will be connecting to this one
    -only specified routers can connect

Config-if# ppp chap hostname ROUTER

Config-if# ppp chap password 123456
    -if this is set on all routers, then any of them can connect to any other
    -set same on all for easy configuration


Config# isdn switch-type basic-5ess - determined by telecom

Config# interface serial 0

Config-if# isdn spid1 2705554564 - isdn phonenumber of line 1

Config-if# isdn spid2 2705554565 - isdn phonenumber of line 2

Config-if# encapsulation PPP - or HDLC, LAPD

DDR - 4 Steps to setting up ISDN with DDR

  1. Configure switch type
    Config# isdn switch-type basic-5ess - can be done at interface config
  2. Configure static routes
    Config# ip route - sends traffic destined for to
    Config# ip route bri0 - specifies how to get to network (through bri0)
  3. Configure Interface
    Config-if# ip address
    Config-if# no shutdown
    Config-if# encapsulation ppp
    Config-if# dialer-group 1 - applies dialer-list to this interface
    Config-if# dialer map ip name Lab-b 5551212
        connect to lab-b at 5551212 with ip if there is interesting traffic
        can also use dialer string 5551212 instead if there is only one router to connect to
  4. Specify interesting traffic
    Config# dialer-list 1 ip permit any
    Config# dialer-list 1 ip list 101 - use the access-list 101 as the dialer list
  5. Other Options
    Config-if# hold-queue 75 - queue 75 packets before dialing
    Config-if# dialer load-threshold 125 either
        -load needed before second line is brought up
        -125 is any number 1-255, where % load is x/255 (ie 125/255 is about 50%)
        -can check by in, out, or either
    Config-if# dialer idle-timeout 180
        -determines how long to stay idle before terminating the session
        -default is 120


Config# interface serial 0

Config-if# encapsulation frame-relay - cisco by default, can change to ietf

Config-if# frame-relay lmi-type cisco - cisco by default, also ansi, q933a

Config-if# bandwidth 56

Config-if# interface serial 0.100 point-to-point - subinterface

Config-if# ip address

Config-if# frame-relay interface-dlci 100
    -maps the dlci to the interface
    -can add BROADCAST and/or IETF at the end

Config-if# interface serial 1.100 multipoint

Config-if# no inverse-arp - turns IARP off; good to do

Config-if# frame-relay map ip 48 ietf broadcast
    -maps an IP to a dlci (48 in this case)
    -required if IARP is turned off
    -ietf and broadcast are optional

Config-if# frame-relay map ip 54 broadcast



Show access-lists - all access lists on the router

Show cdp - cdp timer and holdtime frequency

Show cdp entry * - same as next

Show cdp neighbors detail - details of neighbor with ip add and ios version

Show cdp neighbors - id, local interface, holdtime, capability, platform portid

Show cdp interface - ints running cdp and their encapsulation

Show cdp traffic - cdp packets sent and received

Show controllers serial 0 - DTE or DCE status

Show dialer - number of times dialer string has been reached, other stats

Show flash - files in flash

Show frame-relay lmi - lmi stats

Show frame-relay map - static and dynamic maps for PVCs

Show frame-relay pvc - pvcs and dlcis

Show history - commands entered

Show hosts - contents of host table

Show int f0/26 - stats of f0/26

Show interface Ethernet 0 - show stats of Ethernet 0

Show ip - ip config of switch

Show ip access-lists - ip access-lists on switch

Show ip interface - ip config of interface

Show ip protocols - routing protocols and timers

Show ip route - Displays IP routing table

Show ipx access-lists - same, only ipx

Show ipx interfaces - RIP and SAP info being sent and received, IPX addresses

Show ipx route - ipx routes in the table

Show ipx servers - SAP table

Show ipx traffic - RIP and SAP info

Show isdn active - number with active status

Show isdn status - shows if SPIDs are valid, if connected

Show mac-address-table - contents of the dynamic table

Show protocols - routed protocols and net_addresses of interfaces

Show running-config - dram config file

Show sessions - connections via telnet to remote device

Show startup-config - nvram config file

Show terminal - shows history size

Show trunk a/b - trunk stat of port 26/27

Show version - ios info, uptime, address of switch

Show vlan - all configured vlans

Show vlan-membership - vlan assignments

Show vtp - vtp configs

For Native IOS - Not CatOS


Config# ip address

Config# ip default-gateway


Config# interface Ethernet 0/5 - fastethernet for 100 Mbps ports

Config-if# duplex full - also, half | auto | full-flow-control


Config# switching-mode store-and-forward - also, fragment-free


Config# mac-address-table permanent aaab.000f.ffef e0/2 - only this mac will work on this port

Config# mac-address-table restricted static aaab.000f.ffef e0/2 e0/3
    -port 3 can only send data out port 2 with that mac
    -very restrictive security

Config-if# port secure max-mac-count 5 - allows only 5 mac addresses mapped to this port


Config# vlan 10 name FINANCE

Config# interface Ethernet 0/3

Config-if# vlan-membership static 10


Config-if# trunk on - also, off | auto | desirable | nonegotiate

Config-if# no trunk-vlan 2
    -removes vlan 2 from the trunk port
    -by default, all vlans are set on a trunk port


Config# delete vtp - should be done prior to adding to a network

Config# vtp server - the default is server, also client and transparent

Config# vtp domain Camp - name doesnt matter, just so all switches use the same

Config# vtp password 1234 - limited security

Config# vtp pruning enable - limits vtp broadcasts to only switches affected

Config# vtp pruning disable


Config# copy tftp:// opcode - opcode for ios upgrade, nvram for startup config


Config# delete nvram

Contact Us

If you found this information useful, click the +1 button

Your E-mail:


Type verification image:
verification image, type it in the box


NOTE: this form DOES NOT e-mail this article, it sends feedback to the author.

Juniper SRX anti-spam filtering config
Windows Server 2008 Clustering Configuration
Windows 2008 R2 Network Load Balancing (NLB)
Extreme Networks: Downloading new software image
Juniper SRX save config to USB drive
Juniper SRX logout sessions
Extreme Networks Syslog Configuration
Command line drive mapping
Neoscale vs. Decru
Data Security vs. Data Protection
Juniper SRX Cluster Configuration
HOWTO - Create VLAN on Extreme Switch
Using a Non-local Colocation Facility
Linux Server Administration
IT Chop Shops
Flow Viewers: SFLOW, NetFLOW, and JFLOW
Exchange 2007 Back Pressure
IPtables open port for specific IP
Politics in IT Departments
HOWTO - Block Dropbox
Cisco IOS Cheat Sheet
Subnet Cheat Sheet
Design a DMZ Network
How DNS works
Firewall Configuration
Juniper SSG Firewalls
Server Management
Configuring VLANs
Runlevels in Linux
Server Clustering
SONET Networks
The Red Hat Network
Server Colocation
Complicated Linux Servers
Dark Fiber
Data Center Network Design
Firewall Types
Colocation Bandwidth

Copyright © 2002-2016 Skullbox.Net All Rights Reserved.
A division of Orlando Tech Works, LLC
By using this site you agree to its Terms and Conditions.
Contact Erik Rodriguez