Breaking News

Cisco Switch Commands Cheat Sheet (CLI)

July 22, 2022


Cisco Switch Commands Cheat Sheet (CLI)


        Cisco switches can be used as plug-and-play devices out of the box but they also offer an enormous amount of features. Although the main purpose of the switch is to provide inter-connectivity in Layer 2 for the connected devices of the network, there are myriad features and functionalities that can be configured on Cisco Switches.

Cisco Switch Commands Cheat Sheet (CLI)


        In the following Cisco Switch Commands Cheat Sheet, I have tried to include the most important and frequently-used CLI commands that Cisco professionals encounter in real world networks. I know that the list is not exhaustive but I believe that the most useful commands are included. 

Verification Commands

01. TestSwitch#show version

[Displays software and hardware information]

 

02. TestSwitch#show running-config

[Displays currently running configuration in DRAM]

 

03. TestSwitch#show start                                           

[Displays configuration in NVRAM which will be loaded after reboot]

 

04. TestSwitch#show flash:

[Displays Flash memory information]

 

05. TestSwitch#show boot                                            

[Displays boot path and image]

 

06. TestSwitch#show clock                                          

[Displays the system clock]

 

07. TestSwitch#show interfaces                                  

[Displays all interfaces configuration and status of line]

 

08. TestSwitch#show vlan                                              

[Displays vlan number, name, status and ports associated with it]

 

09. TestSwitch#show vtp status                                  

[Displays VTP mode, Number of existing vlans and config revision]

 

10. TestSwitch#show interface status                          

[Displays interface status, vlan, Duplex, Speed and type]

 

11. TestSwitch#show etherchannel                            

[Displays etherchannel information]

 

12. TestSwitch#show cdp neighbors                            

[Displays information of connected devices]

 

13. TestSwitch#show cdp neighbors detail                

[Displays detailed information of connected devices]

 

14. TestSwitch#show mac address-table    

[Displays current MAC address forwarding table and which MAC is learned on each switch port]

 

15. TestSwitch#show spanning-tree                            

[Displays spanning-tree state information, which interfaces are in active or blocking state etc]

Resetting the Switch

 

01. TestSwitch#delete flash:vlan.dat                                

[Deletes vlan database from flash memory so you can start adding new VLANs from scratch]

 

02. TestSwitch#erase startup-config                            

[Delete start-up file from NVRAM]

 

03. TestSwitch#reload                                                    

[Reboot the Switch]

 

Setting Host Names

 

01. TestSwitch#configure tertminal                                                     

[Entering into Global Configuration Mode]

 

02. TestSwitch(config)#hostname MySwitch              

[Enter the hostname of the switch]

03. MySwitch(config)#

 

Setting login credentials

 

01. MySwitch(config)#username admin password csico1234  

[create username and password for logging in to the switch] 

 

02. MySwitch(config)#enable secret test1                                    

[Sets encrypted secret password using MD5 algorithm. This is the enable password that you will be asked to enter when trying to enter into “enable” mode]

 

03.MySwitch(config)#service password-encryption                  

[Encrypt all the passwords using MD5]

 

Console Access

 

01. MySwitch(config)#line con 0                                                      

[Enter into line console mode]

 

02. MySwitch(config-line)#password test3                                  

[Set password on console]

 

03. MySwitch(config-line)#login                                                      

[Enable password checking on console]

 

SSH/Telnet Access to the switch

 

01. MySwitch(config)#line vty 0 4     

[Enters line vty mode for all five virtual ports]

 

02. MySwitch(config-line)#transport input ssh                            

[Enable SSH]

 

03. MySwitch(config-line)#transport input telnet                        

[Enable telnet]

 

04. MySwitch(configiline)#password test3                                  

[Set password]

Setting IP Address 

(To allow remote access to the switch)

 

01. MySwitch(config)#interface vlan1                                          

[Enters vlan1, the native vlan]

 

02. MySwitch(config-if)#ip address 192.168.1.2 255.255.255.0

[Set IP address for management]

 

03. MySwitch(config-if)#exit


04. MySwitch(config)#ip default-gateway 192.168.1.1            

[Exit path for the switch – gateway IP]

 

Interface description

 

01. MySwitch(config)#interface g0/1

      MySwitch(config-if)#description TO SERVER

Duplex and Speed Settings

 

02. MySwitch(config)#interface g0/1

      MySwitch(config-if)#speed 10                                                

[Force 10Mbps Speed]

 

03. MySwitch(config-if)#speed 100                                              

[Force 100Mbps Speed]

 

04. MySwitch(config-if)#speed auto                                              

[Enable auto speed configuration]

 

05. MySwitch(config-if)#duplex auto                                          

[Enable auto duplex configuration on switch port]

 

06. MySwitch(config-if)#duplex full                                            

[Enable full duplex configuration on switch port]

 

07. MySwitch(config-if)#duplex half                                            

[Enable half duplex configuration on switch port]

 

Setting Web-based interface for configuration (GUI)

 

01. MySwitch(config)#ip http server                                            

[Enable HTTP server]

 

02. MySwitch(config)#ip http port 80  

[Set port number for HTTP]

 

Port-Security

 

01. MySwitch(config)#interface g0/1                                                     

[Enter the interface to set port-security]


02. MySwitch(config-if)#switchport port-security                                

[Enable port security on the interface]


03. MySwitch(config-if)#switchport port-security mac-address sticky

[Interface converts all MAC addresses to sticky secure addresses]


04. MySwitch(config-if)#switchport port-security maximum 1        

[Only one MAC address will be allowed for this port]


05. MySwitch(config-if)#switchport port-security violation shutdown

[Port will shut down if violation occurs]


06. MySwitch(config-if)#exit


07. MySwitch(config)#exit


08. MySwitch#show port-security                                                    

[Verifying Port security]


Save current configuration


01. MySwitch(config)# copy running-config startup-config

PortFast

        “Portfast” bypasses the Spanning Tree states and brings the port up as quickly as possible. Use it only if you connect a regular host (e.g Computer) on the port. Do not use this command when the port is trunk or if you connect other switches on the specific port.


02. MySwitch(config)# interface FastEthernet 0/1


03.MySwitch(config-if)# spanning-tree portfast


Configuring VLANs


01. MySwitch(config)#vlan 20                                                                      

[Create a Layer2 VLAN with id 20]


02. MySwitch(config-vlan)# name testvlan             

[Enter a name for the vlan]


03. MySwitch(config-vlan)#exit


04. MySwitch(config)#exit


05. MySwitch#show vlan brief                                                                      

[Verify the vlan database]


06. Assigning access ports to a vlan


07. MySwitch(config)#interface g0/1


08. MySwitch(config-if)#switchport mode access                                      

[Set the interface in switch access mode]


09. MySwitch(config-if)#switchport access vlan 20                                  

[Assign the port to vlan 20]


10. MySwitch(config-if)#exit

The following commands will select a range of interfaces (from 1 to 24) and add all of them to vlan20


11. MySwitch(config)#interface range gigabitEthernet 0/1-24


12. MySwitch(config-if)#switchport mode access                                    


13. MySwitch(config-if)#switchport access vlan 20                    


14. MySwitch(config-if)#exit


Configuring trunk port


01. MySwitch(config)#interface g0/2


02. MySwitch(config-if)#switchport trunk encapsulation dot1q            

[Configure the port to support 802.1Q Encapsulation (default is negotiate)]


03. MySwitch(config-if)#switchport mode trunk                                      

[Set the interface in permanent trunking mode]


04. MySwitch(config-if)#switchport trunk native vlan 20                        

[Specify native vlan for 802.1q trunks – OPTIONAL]


05. MySwitch(config-if)#switchport trunk allowed vlan 2-5                   

[vlans 2 to 5 are allowed to pass through the trunk]


06. MySwitch(config-if)#switchport trunk allowed vlan add 7    

[add also vlan 7 in the allowed vlans]


07. MySwitch(config-if)#switchport trunk allowed vlan remove 3  

[remove vlan 3 from the allowed vlans in the trunk]


08. MySwitch#show interface g0/2 trunk                                                    

[Verify the trunk ports and associated vlans on the specific interface]




                                   

No comments

Post a Comment

Subscribe to: Post Comments ( Atom )