Breaking News

Cisco Router Configuration Commands

July 22, 2022

 

 Cisco Router Configuration Commands – CLI Cheat Sheet


         In a previous post, I have published a Cisco Switch Commands Cheat Sheet tutorial. Since these kinds of posts are useful as a reference for many people, I have decided to create also a Cisco Router Commands Cheat Sheet with the most useful and the most frequently used Command Line Interface (CLI) configuration commands for Cisco Routers.

        Cisco IOS routers are probably the most complete, versatile and feature-rich networking devices. There are whole books written about Cisco router configurations and commands.

        Therefore it’s not possible to create a cheat sheet with all of the CLI commands of Cisco routers in one blog post. However, the list below I believe summarizes the most important ones so its a good starting point for a networking professional.

 

Cisco Router Configuration Commands

 

Although there is a wide range of Cisco router models, the commands below will work on most devices running IOS with no problems. Make sure to download the cheat sheet in PDF format for future reference (by subscribing above).

Show/Verification Commands


01. Router#show version                                                    

[Displays information about running IOS version, hardware model etc]



02. Router#show flash:                                                                   

[Displays information about Flash memory]



0.3 Router#show ip interface brief                                              

[Displays interface status and IP addresses for all interfaces]


04. Router#show ip protocols                                                        

[Displays configured routing protocols such as RIP,EIGRP, OSPF etc]


05. Router#show ip route                                                                

[Displays the routing table]



06. Router#show cdp neighbors                                                    

[Displays information about directly connected devices]


07. Router#show cdp neighbors detail                                        

[Displays Detailed information about neighboring connected devices]


08. Router#show running-config                                                  

[Displays currently running configuration]



09. Router#show startup-config                                                    

[Displays configuration in NVRAM which will be loaded after reboot]

 

10. Router#show history                                                                  

[Displays all commands in the history buffer]

 

11. Router#show tech-support                                                            

[Send the output of this command to Cisco tech support when you open a support ticket in TAC]

 

Saving and Deleting Configurations

 

01. Router#copy running-config startup-config                      

[Save the running config to NVRAM to be used at next reboot ]

 

02. Router#copy running-config tftp:                                        

[Copy the running config to a TFTPserver for backup]

 

03. Router#copy tftp: running-config                                          

[Load the saved configuration from TFTP server to DRAM]

 

04. Router#erase startup-config                                                

[Delete the startup config from NVRAM

DEVICE NAME

 

01. Router(config)#hostname MyRouter                                      

 [Set hostname for the router]

 

Device Security Commands

 

01. MyRouter(config)#enable secret test1                                  

[Sets encrypted secret password for Privilege exec mode (“enable” mode)]

02. MyRouter(config)# line con 0
      MyRouter(config)# password strongconsolepass
      MyRouter(config)# login

 [Secure the console with a password]


03.  MyRouter(config)# line vty 0 4
       MyRouter(config)# password strongtelnetpass
       MyRouter(config)# login

 [Secure the telnet terminal lines with a password]


04. MyRouter(config)# service password-encryption

[Encrypt all passwords on the device]


Configuring Router Interfaces

 

Serial interfaces
 

01. MyRouter(config)#interface s0/0/0                                            

 [Entering into serial interface s0/0/0 configuration mode]

 

02. MyRouter(config-if)#ip address 10.10.10.1 255.255.255.0  

 [Set ip address and subnet mask on the interface]

 

03. MyRouter(config-if)#clock rate 64000                                      

 [Assign a clock rate]

 

04. MyRouter(config-if)#no shutdown                                                     

 [Turns the interface on]

 

Ethernet Ports

 

 01. MyRouter(config)#int f0/1                                                              

 [Entering into ethernet interface fastethernet0/1 configuration mode]

 

02. MyRouter(config-if)#ip address 192.168.1.1 255.255.255.0    

 [Set ip address and subnet mask on the interface]]

 

03. MyRouter(config-if)#no shutdown                                                         

 [Turns the interface on]

Configure Routing

 Static Routing
 

1st method:

MyRouter(config)#ip route 20.20.20.0 255.255.255.0 10.10.10.2

 [20.20.20.0=Destination Network , 255.255.255.0 = subnet mask of destination network , 10.10.10.2 = next-hop address]


 2nd method:

MyRouter(config)#ip route 20.20.20.0 255.255.255.0 serial 0/0/0

 [Same as above but instead of gateway you specify the exit interface]

 MyRouter(config)#ip route 20.20.20.0 255.255.255.0 10.10.10.2 150

 [Set administrative distance of 150 if needed. For static route, default is 1]

Default routing

 
MyRouter(config)#ip route 0.0.0.0 0.0.0.0 10.10.10.2                    

 [Send all packets destined for a network not in the routing table to 10.10.10.2(next hop)]

OR


MyRouter(config)#ip route 0.0.0.0 0.0.0.0 serial 0/0/0                            

 [Send all packets destined for network not in the routing table out serial 0/0/0 interface]

Dynamic Routing

 
RIP version 1:
01. MyRouter(config)#router rip                                                                  

 [Enable RIP as routing Protocol]


 02. MyRouter(config-router)#network 10.10.10.0                                    

 [10.10.10.0 is the directly connected network we want to advertise]


RIP version 2:
01. MyRouter(config)#router rip                                                                  

 [Enable RIP as routing Protocol]

 

02.  MyRouter(config-router)#version 2                                                      

 [Enable RIP version 2. Version 1 is default]

 

03.  MyRouter(config-router)#network 10.10.10.0                                    

 [10.10.10.0 is the directly connected network we want to advertise]

 

04. MyRouter(config-router)#no auto-summary                                      

 [Turns off auto-summarization- optional]

 

05. MyRouter(config-router)#auto-summary                                                  

 [Turns on auto summarization – optional]

 RIP Verification Commands

 01. MyRouter#show ip route 

02. MyRouter#show ip rip database

 03. MyRouter#show ip route rip

 

EIGRP

 01. MyRouter(config)#router eigrp 10            

[Enable EIGRP process. 10 is autonomous system (AS) number, AS can be any number b/w 1 and 65535. All routers should be in the same AS to build a neighbor relationship.]

 

02. MyRouter(config-router)#network 172.16.10.0 0.0.0.255  

 [172.16.10.0/24 is the network to advertise]

 

03. MyRouter(config-router)#no auto-summary

 [Turns off the auto-summarization – Optional]

EIGRP verification commands

 

01. MyRouter#show ip eigrp neighbors                

 [Displays neighbor table]

 02. MyRouter#show ip eigrp interfaces                

 [Displays information for each interface running EIGRP]

 03. MyRouter#show ip eigrp topology                  

 [Displays the topology table. Shows feasible successors]

OSPF

 01. MyRouter(config)#router ospf 10                

[Enables OSPF process number 10. Process ID is any number b/w 1-65535. It doesn’t need to be matched with neighbor routers]

 

02. MyRouter(config-router)#network 10.10.10.0 0.0.0.255 area 0

 [Any interface with an address of 10.10.10.x is to be put into AREA 0 and will advertise and receive OSPF routes]

OSPF Authentication
 Simple


01. MyRouter(config)#router ospf 10
      MyRouter(config-router)#area 0 authentication              

 [Enables simple authentication. Password will be sent in clear text]

02. MyRouter(config-router)#exit
      MyRouter(config)#int s0/0/0
      MyRouter(config-if)#ip ospf authentication-key 1234

 [Sets password to 1234 for AREA 0 authentication]

MD5 Encryption


01. MyRouter(config)#router ospf 10
      MyRouter(config-router)#area 0 authentication message-digest

 [Enables MD5 password encryption]

 02. MyRouter(config-router)#exit
       MyRouter(config)#int s0/0/0
       MyRouter(config-if)#ip ospf message-digest-key 10 md5 1234  

[10 is the key id. This value must be the same on neighboring routers. Md5 indicates that MD5 algorithm is  used and 1234 is the password and must be same on the neighboring routers]

OSPF Verification Commands


01.  MyRouter#show ip ospf                                                          

 [Displays basic configured ospf information]


02.  MyRouter#show ip ospf interfaces                                        

 [Displays OSPF interfaces information]


 03. MyRouter#show ip ospf neighbor

 [Displays all ospf neighbors and their states]


04. MyRouter#show ip route ospf

 [Show routes learned by ospf]


 Configure Access Control Lists


01. MyRouter(config)# access-list 101 deny tcp 10.1.1.0 0.0.0.255 any eq 80
      MyRouter(config)# access-list 101 permit ip any any

[Configure an extended ACL to deny access to port 80 for network 10.1.1.0/24 and allow everything else]


02. MyRouter(config)# interface fastEthernet 1/0
      MyRouter(config-if)# ip access-group 101 in

[Apply ACL 101 in the inbound direction on interface fe1/0]

Configure Network Address Translation (NAT)

Dynamic NAT overload (PAT)


01. MyRouter(config)# interface fastEthernet 1/0
      MyRouter(config-if)# ip nat inside

 [Specify which interface will be the inside for NAT, i.e the source IPs of packets coming to this interface will be translated]


02. MyRouter(config)# interface fastEthernet 1/1
      MyRouter(config-if)# ip nat outside

 [Specify which interface will be the outside for NAT, i.e packets going out from this interface will be translated]


03. MyRouter(config)# access-list 1 permit 192.168.1.0 0.0.0.255
      MyRouter(config)# ip nat inside source list 1 interface fastEthernet 1/1 overload

 [Access list 1 specifies that inside source network 192.168.1.0/24 will be translated to the IP address of fastEthernet1/1. Very useful for providing internet access to internal private addresses]

Static NAT

 
01.MyRouter(config)# interface fastEthernet 1/0
     MyRouter(config-if)# ip nat inside


02. MyRouter(config)# interface fastEthernet 1/1
      MyRouter(config-if)# ip nat outside


[Define again the inside and outside NAT interfaces]


03. MyRouter(config)# ip nat inside source static 192.168.1.1 50.1.1.1

[Private IP 192.168.1.1 will be translated statically to Public IP 50.1.1.1 (one-to-one mapping)]




 

No comments

Post a Comment

Subscribe to: Post Comments ( Atom )