Scribd
Upload
212 views

CCNA Command Guide

Uploaded by

amineelghali88
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
212 views

CCNA Command Guide

Uploaded by

amineelghali88
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

CCNA- Portable Command Guide

Requirement Cisco Command

Enter privilege mode Router>enable

Return to user mod Router# disable

Enter the configuration mode Router# configuration terminal

To add hostname for router or switch Router(config)#hostname router_name

To display the motd banner Router(config)#banner motd “type message here”

Password Encryption
Router(config)#line con 0
Set a console password to cisco Router(config-line)#login
Router(config-line)#password cisco
Router(config)#line vty 0 15
Set a telnet password Router(config-line)#login
Router(config-line)#password cisco
Set the enable password to cisco Router(config)#enable password cisco
Set the enable secret password.
This password overrides the enable password Router(config)#enable secret class
and is encrypted within the config file
Configuring a Gigabit Ethernet Interface with IPv4
Moves to gigabitethernet 0/0 interface
Router(config)#interface gigabitethernet 0/0
configuration mode
Optional descriptor of the link is locally
Router(config-if)#description Accounting LAN
significant
Router(config-if)#ip address 192.168.20.1
Assigns address and subnet mask to interface
255.255.255.0
Turns interface on Router(config-if)#no shutdown

Configuring a Gigabit Ethernet Interface with IPv6


 Enables the forwarding of IPv6 unicast
Router (config)#ipv6 unicast-routing
datagrams globally on the router
 Moves to gigabitethernet 0/0 interface
Router(config)#interface gigabitethernet 0/0
configuration mode
Router (config-if)#ipv6 address
 Assigns an IPv6 address to this interface
2001:db8:c003:1104::1/64
 Optional descriptor of the link is locally
Router(config-if)#description Accounting LAN
significant
 Configures a specific link-local IPv6 address Router(configif)#ipv6 address fe80::2 link-local

 Turns interface on Router(config-if)#no shutdown

Basic Security Practices


 Encrypt all passwords in the R(Config)# service password-encryption
configuration file:
A specific amount of time using the command
 This command will block login attempts
R(Config)# login block-for 120 attempts 3 within 60
for 120 seconds if there are three failed
login attempts within 60 seconds

 Security passwords min-length R(Config)# Security passwords min-length 10

R(Config)# Line console 0


 Exec timeout on a router
R(Config-lin)# exec-timeout 10
o For Console line:
R(Config-lin)# exit
R(Config)# Line VTY 0 15
o For VTY line: R(Config-lin)# exec-timeout 10
R(Config-lin)# exit

SSH (A Cisco device to support SSH using four steps)


• Step 1: Configure the IP domain name. R(config) # ip domain-name cisco.com

R(config) # crypto key generate rsa press Enter


• Step 2: Generate one-way secret keys.
1024
• Step 3: Verify or create a local database
entry. R(config) # username Bop privilege 15 Secret Class
• Create a user Bop with a privilege level of
OR
15 using the encrypted password for Class. R(config) # username Bop password Class
OR
• Create a user Bop with password for Class.

R(config) # Line vty 0 4


R(config-line) # login local
• Step 4: Enable VTY inbound SSH sessions
R(config-line) # transport input ssh
R(config-line) # exit
SSH version 2 R(config) # ip ssh version 2

limited to 2 authentication attempts R(config) # ip ssh authentication-retries 2

a 60 second timeout R(config) # ip ssh time-out 60

• To Disable DNS lookup:


• To decrease user delays if no DNS server R(Config)# no ip domain-lookup
is configured.
To save the current configuration from DRAM
Router# Copy running-config startup-config
(running-config) to NVRAM (startup-config)
Router# Copy running-config tftp:
To save the current configuration from DRAM to
Address or name of remote host [ ]? 192.168.1.20
TFTP Server

Configuring a SVI Interface with IPv4 on a Switch


Moves to VLAN interface configuration mode Switch (config)#interface VLAN 1
Switch (config-if)#ip address 192.168.0.1
Assigns address and subnet mask to interface
255.255.255.0
 Configure the default gateway. Switch(config)#ip default-gateway 192.168.0.1
 Common show commands include:
• show running-config
• show interfaces
• show ip interface brief
• show arp
• show ip route
• show protocols
• show version
 When using windows, use the tracert command.
 When performing a trace from a router CLI, use the traceroute command.
 On a Windows computer, the IP address of the default gateway can be viewed by using the ipconfig
command.
• The ipconfig /all command can be used to view the MAC address as well as other important
details regarding the Layer 3 addressing of the device.
• The ipconfig /displaydns command displays all of the cached DNS entries on a Windows
computer system.
 On a Windows computer, the arp -a command lists all devices currently stored in the ARP cache of a
particular host.
 The arp cache can be cleared using the command arp-d
 show cdp neighbors detail
• To disable CDP globally, use the global configuration command no cdp run. To disable CDP on
an interface, use the interface command no cdp enable.
 Use the show ip route command to verify that the default route has been set.

You might also like