THE SCHOOL OF CISCO NETWORKING (SCN): CISCO IOS BASIC ROUTER COMMANDS REFERENCE:
Contact No:   ### / ###/ ###
Welcome To The IT Knowledge Base Sharing Freeway "Study With The Zero Fees / Zero Money" Web - If We Believe, That If We Have Knowledge, Let Others Light Their Candles With It. - Our Motivation Has Brought Us Together To Offer Our Helping Hands To The Needy Ones Please. "Student Expectations And Satisfaction Is Always Our Highest Priority")
'Love All, Serve All, Help Ever Hurt Never'

Please Welcome To The "Zero Fees And Zero Money SCN Community Study Page"

We Like To Share Our Stuff With Everyone And Hope You Will Find Something Useful Here. Enjoy Our Collection And Come Back Again And Again, We'll Do Our Best To Make It Always Interesting For You. All Our Stuff Always Available May Be 100% Totally Freely. Use Only For Non-Commercial Purposes Only!

THE SCHOOL OF CISCO NETWORKING (SCN) Is A IT Support Community – Based, Non - Profit Volunteer Organizations, Offering Our Assistance And Support To Developmental Our Services Dedicated To All.

Because Large Section Of Our Students In This World, Especially In Villages, Who Are Under Privileged Expecting For Equal Opportunity In Terms Of Money And Education. We Feel The Sufferings Of Talented Students Losing Their Opportunity To Shine Because Of Their Poor Financial Status. So We Thought That Professional Education Will Be Providing Them Freely.

Our Web Site Is To Give An Easy Way To Understand Each And Every Student Who Are Going To Start CISCO Lab Practice Without Any Doubts And Our ARTICLES STUFF Are Always 100% Totally Free For Everyone, Which Is Belongings To THE SCHOOL OF CISCO NETWORKING (SCN).

Also This Guide Provides Technical Guidance Intended To Help All Network Students, Network Administrators And Security Officers Improve Of Their Demonstrated Ability To Achieve Specific objectives Within Set Timeframes.

Hands - On Experience Is An Invaluable Part Of Preparing For The Lab Exam And Never Pass Up An Opportunity To Configure Or Troubleshoot A Router ( If You Have Access To Lab Facilities, Take Full Advantage Of Them) There Is No Replacement For The Experience You Can Gain From Working In A Lab, Where You Can Configure Whatever You Want To Configure And Introduce Whatever Problems You Want To Introduce, Without Risk Of Disrupting A Production Network.

For Better View Of Our Web Page - Please Use Any Latest Web Browser, Such As (Mozilla Firefox, Google Chrome, Opera, Safari, Internet Explorer, Torch, Maxthon, Sea Monkey, Avant Browser, Deepnet Explorer, And Etc ), Because Some Elements Or Scripts Are Not Work In The Old Web Browser (It Might Not Be Displayed Properly Or Are Not Appearing properly!). Thank You For Your Time And Best Of Luck!

Your Sincerely – Premakumar Thevathasan.
"Our Motivation Has Brought Us Together To Offer Our Helping Hands To The Needy Once Please,Thank You."

CISCO IOS BASIC ROUTER COMMANDS REFERENCE:

CISCO IOS BASIC ROUTER COMMANDS REFERENCE:

Dear Web User:

For Better View Of This Web Page, Please Use Any Latest Web Browser, Because Some Elements Are Not Work In The Old Web Browser (It Might Not Be Displayed Properly Or Are Not Appearing properly!).

Plz Note:

Some Topics That You Might Want To Pursue On Your Own That We Did Not Cover In This Article Are Listed Here. This Page Discusses “CISCO IOS BASIC ROUTER COMMANDS REFERENCE”, And Also We Request To The Students, Please Go Through All The Articles That Are We Posted In This Web Site And Also Identify All The CISCO IOS Commands In The Lab Practice Before Going To Access This Page. Experience Is The Sequence Of Hands-On LABs. Thank You!

FOR MORE REFERENCES:

◙ - ➤  For More Reference - > KEYBOARD SHORTCUTS (MICROSOFT WINDOWS):

◙ - ➤  For More Reference - > KEYBOARD SHORTCUTS REFERENCE FOR CISCO IOS;

◙ - ➤  For More Reference - > BASIC COLLECTION OF NETWORKING CONCEPTS:

◙ - ➤  For More Reference - > THE CISCO ROUTER BOOT SEQUENCE:

◙ - ➤  For More Reference - > HOW TO CONFIGURE ROUTER TELNET, CONSOLE AND AUX PORT PASSWORDS :

◙ - ➤  For More Reference- > RIP CONFIGURATION EXAMPLES:

◙ - ➤  For More Reference - > STATIC ROUTES Vs DYNAMIC ROUTES:

◙ - ➤  For More Reference - > BASIC NETWORKING QUESTIONS AND ANSWER:

◙ - ➤  For More Reference- > IP ROUTING QUESTIONS AND ANSWERS:

◙ - ➤  For More Reference - > USEFUL NETWORKING DOS COMMAND REFERENCE:

◙ - ➤  For More Reference - > LIST OF SHOW COMMAND REFERENCES:

◙ - ➤  For More Reference - > LIST OF IPv6 COMMAND REFERENCES:

◙ - ➤  For More Reference - > INITIAL CONFIGURATION REFERENCES OF CISCO ROUTERS AND SWITCHES:


CISCO IOS BASIC ROUTER COMMANDS

Basics
Enter Privileged Exec Mode enable
Leave Privileged Exec Mode and go back to User Mode disable
Log out of the router, end the console session,same as exit command exit
Log out of the router, end the console session, same as logout command logout
Setup a basic configuration by answering questions setup
Show the current configuration stored in RAM show running-config
Show the startup configuration stored in NVRAM show startup-config
Display IOS version (configuration register value is also displayed) show version
Show IOS files stored in flash and available free space show flash
Save the current configuration into NVRAM copy running-config startup-config
Use the startup configuration stored in NVRAM copy startup-config running-config
Load a saved configuration from a TFTP server into NVRAM copy tftp running-config
Upgrade the IOS stored in flash from an image stored on a TFTP server copy tftp flash
Create a backup of router IOS and store it in a file on a TFTP server copy flash tftp
Instruct the router to boot from a specific IOS image stored in flash boot system flash [filename]
Instruct the router to boot from a specific IOS image stored on a TFTP server boot system tftp [filename]
Enter Global Configuration Mode config terminal
Set a Message-of-the-day banner to be displayed before the user logs in to the router banner motd # message #
Set a login message to be displayed before the user logs in to the router banner login # message #
Set a banner to be displayed after the user logs in to the router banner exec # message #
(incoming is displayed with a reverse telnet connection, exec with all others) banner incoming # message #
Give the router a hostname (default is router) hostname [name]
Disable DNS lookups (enabled by default) no ip domain-lookup
Specify DNS servers for for hostname and address resolution ip name-server server-ip1 [server-ip2...server-ip6]
Disable the HTTP server (enabled by default) no ip http server
Change the size of the history buffer (default is 10 commands) terminal history size 20
Passwords
Set a password for Privileged Exec Mode enable password [password]
Set an encrypted password for Privileged Exec Mode enable secret [password]
Set password TELNET access line vty 0 4
login
password [passwords]
Set a password for Console Port access line console 0
login
password [passwords]
Interface configuration
Configure the interface Ethernet 0 interface e 0
Configure the first Serial interface interface s 0
Configure the second Token Ring interface interface t 1
Enable an interface no shutdown
Disable an interface shutdown
Set the clock rate on a DCE (make a router a DCE) clock rate 56000
Set the bandwidth bandwidth 64
Display the status of an interface show interface serial 1
Display DTE/DCE state show controller serial 1
Set keepalive period keepalive 10
IP
Disable IP routing (IP routing is enabled by default) no ip routing
Display IP routing table show ip route
Configure an interface with an IP address ip address 192.168.1.12 255.255.255.0
Enable RIP router rip
     network [network-address1]
     network [network-address2…]
Enable Split Horizon on an interface ip split-horizon
Enable RIP Triggered updates (only send updates when routing table has changed instead of every 30 seconds) ip rip triggered
Disable automatic route summarization no auto-summary
Enable IGRP router igrp [as-number]
     network [network-address1]
     network [network-address2…]
PPP
Enable PPP on an interface encapsulation ppp
Set PPP authentication method to PAP ppp authentication PAP
Set PPP authentication method to CHAP ppp authentication CHAP
Set PPP authentication method to first try PAP and then CHAP ppp authentication PAP CHAP
Set PPP authentication method to first try CHAP and then PAP ppp authentication CHAP PAP
Configure CHAP username to use to connect (default is hostname) ppp chap hostname [username]
Configure CHAP password to use to connect (default is enable password) ppp chap password [password]
Configure PAP username to use to connect (default is hostname) ppp pap sent-username [username] [password]
Create a username to use for connecting routers to log in username [username] password [password]
Enable PPP compression on an interface ppp compress [predictor | stac]
Enable Multilink PPP on an interface ppp multilink
Display information about the multilink bundle show ppp multilink
Frame Relay
Enable Frame-Relay on an interface and set the encapsulation type (use ietf when not all the routers are Cisco) encapsulation frame-relay [cisco | ietf]
Manually specify the LMI type (auto-detected on IOS 11.2+ routers) frame-relay lmi type [ansi | cisco | q9331]
Set the bandwidth for the frame relay interface (in kilobits) bandwidth 64
Manually specify the address to DLCI mappings (when Inverse Arp is unavailable) example: frame-relay map ip 10.10.10.10 100 broadcast frame-relay map protocol protocol-address dlci [broadcast] [ietf | cisco]
Manually specify DLCI (when LMI is not available) frame-relay local-dlci [number]
Display traffic statistics about permanent virtual circuits (PVCs) show frame relay pvc
Display statistics about Local Management Interface (LMI) show frame relay lmi
Display the current static and dynamic map entries show frame relay map
ISDN
Set the ISDN switch type isdn switch-type
Configure interface BRI 1 interface bri 1
Specify the SPID number for the B1 channel isdn spid1 spid-number
Specify the SPID number for the B2 channel isdn spid2 spid-number
Display information about the D Channel B channels of ISDN BRI interface 0 show interfaces bri 0
Display information about the ISDN BRI interface 0 show controllers bri 0
CDP
Display directly connected neighbors show cdp neighbor
Display detailed information about directly connected neighbors show cdp neighbor detail
Disable CDP for the whole router no cdp run
Disable CDP for a particular interface no cdp enable
Set the period between sending CDP information (in seconds) cdp timer 90
Specify the amount of time the receiving device should hold a packet (in seconds) cdp holdtime 180
Clear the information about neighbors in the CDP table  clear cdp table
Access Control Lists
IP Standard Access Lists (Range 1 to 99)
Objective: Configure interface ethernet 0 to deny inbound packets originated from subnet 192.168.1.0 255.255.255.0
1. Deny the subnet access-list 1 deny 192.168.1.0 0.0.0.255
2. Permit all others (because of the implicit deny all in Step 1.) access-list 1 permit any
3. Bind the access list to the interface ethernet 0 interface ethernet 0
ip access group 1 in
IP Extended Access Lists (Range 100 to 199)
Objective: Configure interface ethernet 0 to deny subnet 192.168.1.0 from surfing the web
1. Deny the subnet access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 80
2. Permit all others access-list 100 permit ip any any
3. Bind the access list to the interface ethernet 0 interface ethernet 0
ip access group 100 out
Objective: Configure interface serial 1 to deny host 192.168.1.222 from telnetting to any host on the subnet 172.16.8.1 255.255.0.0
1. Deny the subnet access-list 101 deny tcp host 192.168.1.222 172.16.8.1 0.0.255.255 eq 23
2. Permit all others access-list 101 permit ip any any
3. Bind the access list to the interface serial 1 interface serial 1
ip access group 101 out
Key Sequences
Recall the previous command from the history buffer CTRL-P or Up arrow key
Recall the next command in the history buffer CTRL-N or Down arrow key
Auto-complete commands TAB
End configuration mode CTRL-Z
Move the cursor back one character. Ctrl-B or Left Arrow key
Move the cursor forward one character. Ctrl-F or Right Arrow key
Move the cursor to the start of the command line. Ctrl-A
Move the cursor to the end of the command line. Ctrl-E

THE BASIC COMMANDS FOR CONFIGURING A ROUTER

CONFIGURING THE ROUTER:

  Show Running-Config - > Details The Running Configuration File (RAM)
  Show Startup-Config - > Displays The Configuration Stored In NVRAM Setup - Will Start The The Automatic Setup; The Same As When You First Boot The Router.
  Config T - > Use To Execute Configuration Commands From The Terminal
  Config Mem - > Executes Configuration Commands Stored In NVRAM;
  Copies Startup-Config To Running-Config Config Net - > Used To Retrieve Configuration Info From A TFTP Server
  Copy Running-Config Startup-Config - > Copies Saved Config In Running Config (RAM) To NVRAM Or "Write Memory" For IOS Under Ver.11
  Copy Startup-Config Running-Config - > Copies From Non-Volatile (NVRAM) To Current Running Config (RAM)
  Boot System Flash - > Tells Router Which IOS File In Flash To Boot From Boot System Tftp - Tells Router Which IOS File On The TFTP Server To Boot From
  Boot System Rom - > Tell Router To Boot From ROM At Next Boot
  Copy Flash Tftp - > Copies Flash To TFTP Server
  Copy Tftp Flash - > Restores Flash From TFTP Server
  Copy Run Tftp - > Copies The Current Running-Config To TFTP Server
  Copy TFTP Run - > Restores The Running-Config From TFTP Server

GENERAL COMMANDS FOR CONFIGURING THE ROUTER (These Are The Basic Level Commands And Most Commonly Used):

  No Shutdown - > (Enables The Interface)
  Reload - > Restarts The Router
  Show Version - > Cisco IOS Version, Uptime Of Router, How The Router Started, Where System Was Loaded From, The Interfaces The POST Found, And The Configuration Register.
  Show Clock - > Shows Date And Time On Router
  Show History - > Shows The History Of Your Commands
  Show Debug - > Shows All Debugging That Is Currently Enabled
  No Debug All - > Turns Off All Debugging
  Show Users - > Shows Users Connected To Router
  Show Protocols - > Shows Which Protocols Are Configured
  Banner Motd # Your Customized Message Here # - > Set/Change Banner
  Hostname - Use To Configure The Hostname Of The Router Clear Counters - > Clear Interface Counters.

PRIVILEGED MODE COMMANDS OF A ROUTER (Learn How To Work In The Privileged Mode Of A Router):

  Enable - > Get To Privileged Mode
  Disable - > Get To User Mode
  Enable Password - > Sets Privileged Mode Password Enable Secret - > Sets Encrypted Privileged Mode Password Setting Passwords On Router Here You Will Be Able To Learn How To Set The Password On A Router.

  Enable Secret - > Set Encrypted Password For Privileged Access
  Enable Password - > Set Password For Privileged Access (Used When There Is No Enable Secret And When Using Older Software) Setting The Password For Console Access:

(Config)#Line Console 0
(Config-Line)#Login
(Config-Line)#Password

Set Password For Virtual Terminal (TELNET) Access (Password Must Be Set To Access Router Through Telnet):

(Config)#Line Vty 0 4
(Config-Line)#Login
(Config-Line)#Password

Set Password For Auxiliary (Modem) Access:

(Config)#Line Aux 0
(Config-Line)#Login
(Config-Line)#Password

◙ - ➤  For More Reference - > HOW TO CONFIGURE ROUTER TELNET, CONSOLE AND AUX PORT PASSWORDS :

ROUTER PROCESSES & STATISTICS (By These Command You Can See The Statistics And Different Processes Of The Router):

  Show Processes - > Shows Active Processes Running On Router
  Show Process CPU - > Shows CPU Statistics
  Show Mem - > Shows Memory Statistics
  Show Flash - > Describes The Flash Memory And Displays The Size Of Files And The Amount Of Free Flash Memory
  Show Buffers - > Displays Statistics For Router Buffer Pools; Shows The Size Of The Small, Middle, Big, Very Big, Large And Huge Buffers
  Show Stacks - > Shows Reason For Last Reboot, Monitors The Stack Use Of Processes And Interrupts Routines

IP COMMANDS(List Of The IP Commands Configure IP On An Interface):

Int Serial 0
IP Address 157.89.1.3 255.255.0.0
Int Eth 0
IP Address 2008.1.1.4 255.255.255.0

OTHER IP COMMANDS:

  Show IP Route - > View IP Routing Table
  IP Route [Administrative_Distance] - > Configure A Static IP Route
  IP Route 0.0.0.0 0.0.0.0 - > Sets Default Gateway
  IP Classless - > Use With Static Routing To Allow Packets Destined For Unrecognized Subnets To Use The Best Possible Route
  Show ARP - > View ARP Cache; Shows MAC Address Of Connected Routers
  IP Address 2.2.2.2 255.255.255.0 Secondary - > Configure A 2nd IP Address On An Interface.
  Show IP Protocol - > Show IP Protocol

CDP COMMANDS (CISCO DISCOVERY PROTOCOL USES LAYER 2 MULTICAST OVER A SNAP-CAPABLE LINK TO SEND DATA):

  Show CDP Neighbor - > Shows Directly Connected Neighbors
  Show CDP Int - > Shows Which Interfaces Are Running CDP
  Show CDP Int Eth 0/0 - > Show CDP Info For Specific Interface
  Show CDP Entry - > Shows CDP Neighbor Detail
  CDP Timer 120 - > Change How Often CDP Info Is Sent (Default CDP Timer Is 60)
  CDP Holdtime 240 - > How Long To Wait Before Removing A CDP Neighbor (Default CDP Holdtime Is 180)
  Show CDP Run - > Shows If CDP Turned On
  No CDP Run - > Turns Off CDP For Entire Router (Global Config)
  No CDP Enable - > Turns Off CDP On Specific Interface

IPX COMMANDS:

  IPX Routing - > Enable IPX On Router.

Configure IPX + IPX-RIP On An Int:

Int Ser 0
IPX Network 4A

OTHER COMMANDS:

  Show IPX Route - > Shows IPX Routing Table
  Show IPX Int E0 - > Shows Ipx Address On Int
  Show IPX Servers - > Shows SAP Table
  Show IPX Traffic - > View Traffic Statistics
  Debug IPX Routing Activity - >Debugs IPS RIP Packets
  Debug IPX Sap - > Debugs SAP Packets

ROUTING PROTOCOLS COMMANDS (RIP, IGPR And OSPF Are The Routing Protocols And Here Is A List Of The Commands For The Working On The Routing Protocols):

CONFIGURE RIP:

Router RIP
Network 157.89.0.0
Network 208.1.1.0

OTHER RIP COMMANDS:

  Debug IP RIP - > View RIP Debugging Info

◙ - ➤  For More Reference- > RIP CONFIGURATION EXAMPLES:

CONFIGURE IGRP:

Router IGRP 200
Network 157.89.0.0
Network 208.1.1.0

OTHER IGRP COMMANDS:

  Debug IP IGRP Events - > View IGRP Debugging Info
  Debug IP IGRP Transactions - >View IGRP Debugging Info

ACCESS LISTS (List Of The Access List Command Of A Router):

  Show IP Int Ser 0 - > Use To View Which IP Access Lists Are Applies To Which Int
  Show IPX Int Ser 0 - > Use To View Which IPX Access Lists Are Applies To Which Int
  Show Appletalk Int Ser 0 - > Use To View Which Appletalk Access Lists Are Applies To Which Int

VIEW ACCESS LISTS:

  Show Access-Lists
  Show IP Access-Lists
  Show IPX Access-Lists
  Show Appletalk Access-Lists

APPLY STANDARD IP ACCESS LIST TO INT ETH 0:

Access-List 1 Deny 200.1.1.0 0.0.0.255
Access-List 1 Permit Any
Int Eth 0
IP Access-Group 1 In

APPLY EXTENDED IP ACCESS LIST TO INT ETH 0:

Access-List 100 Deny TCP Host 1.1.1.1 Host 2.2.2.2 Eq 23
Access-List 100 Deny TCP 3.3.3.0 0.0.0.255 Any Eq 80
Int Eth 0
IP Access-Group 100 Out

APPLY STANDARD IPX ACCESS LIST TO INT ETH 0:

Access-List 800 Deny 7a 8000
Access-List 800 Permit -1
Int Eth 0
IPX Access-Group 800 Out

APPLY STANDARD IPX ACCESS LIST TO INT ETH 0:

Access-List 900 Deny Sap Any 3378 -1
Access-List 900 Permit Sap Any All -1
Int Eth 0
IPX Access-Group 900 Out

WAN CONFIGURATIONS COMMANDS(Networking Over WAN Is The Main Functionality Of A Router. The Most Common Use Of A Router Is For The WAN Connectivity - List Of The Commands For The Different Methods Of The WAN Connectivity):

PPP CONFIGURATION (Point To Point Protocol Is A Method For The WAN Connectivity And You Will Find Here Some Commands Of PPP):

  Encapsulation PPP Authentication
  PPP Chap Hostname
  PPP PAP Sent-Username
  Show Int Ser 0 - > Use To View Encapsulation On The Interface

FRAME-RELAY CONFIGURATION (One Of The Methods For The WAN Connectivity Is The Frame Relay. Find Here Some Basic Commands For The WAN Connectivity Through Frame Relay):

 Encapsulation Frame-Relay Ietf - Use IETF When Setting Up A Frame-Relay Network Between A Ciscorouter And A Non-Cisco Router
 Frame-Relay Lmi-Type Ansi - LMI Types Are Cisco, ANSI, Q933A; Cisco Is The Default; LMI Type Is Auto-Sensed In IOS V11.2 And Up
 Frame-Relay Map IP 3.3.3.3 100 Broadcast - If Inverse ARP Won't Work, Map Other IP To Your DLCI # (Local)

 Keep Alive 10 - > Use To Set Keep Alive
 Show Int Ser 0 - > Use To Show DLCI, LMI, And Encapsulation Info
 Show Frame-Relay PVC - > Shows The Configured DLCI's; Shows PVC Traffic Stats
 Show Frame-Relay Map - Shows Route Mapssh Frame-Relay Lmi - > Shows LMI Info

MISCELLANEOUS COMMANDS:

  Show Controller T1 - > Shows Status Of T1 Lines
  Show Controller Serial 1 - > Use To Determine If DCE Or DTE Device

◙ - ➤  For More Reference - > DTE Vs DCE:

  (Config-If)#Clock Rate 6400 - > Set Clock On DCE (Bits Per Second)
  (Config-If)#Bandwidth 64 - > Set Bandwidth (Kilobits)

◙ - ➤  For More Reference - > LIST OF SHOW COMMAND REFERENCES:

PASSWORDS FOR CISCO ROUTERS AND SWITCHES

THE PASSWORDS INTRODUCED HERE ARE:

◙ - ➤ CONSOLE PASSWORD - > Limits Device Access Using The Console Connection
◙ - ➤ ENABLE PASSWORD - > Limits Access To The Privileged EXEC Mode
◙ - ➤ ENABLE SECRET PASSWORD - > Encrypted, Limits Access To The Privileged EXEC Mode
◙ - ➤ VTY PASSWORD - > Limits Device Access Using Telnet

REQUIRE THAT A MINIMUM OF 10 CHARACTERS BE USED FOR ALL PASSWORDS:

◙ - ➤ Router1(Config)# Security Passwords Min-Length 10 - > Besides Setting A Minimum Length, List Other Ways To Strengthen Passwords.
◙ - ➤ Router1(Config)#Enable Secret Cisco123456 - > Assign Cisco123456 As The Privileged EXEC Encrypted Password.

CONSOLE PASSWORD:

The Console Port Of A Cisco IOS Device Has Special Privileges. The Console Port Of Network Devices Must Be Secured, At A Bare Minimum, By Requiring The User To Supply A Strong Password. This Reduces The Chance Of Unauthorized Personnel Physically Plugging A Cable Into The Device And Gaining Device Access.

THE FOLLOWING COMMANDS ARE USED IN GLOBAL CONFIGURATION MODE TO SET A PASSWORD FOR THE CONSOLE LINE:

Switch(Config)#Line Console 0
Switch(Config-Line)#Password Password
Switch(Config-Line)#Login

From Global Configuration Mode, The Command Line Console 0 Is Used To Enter Line Configuration Mode For The Console. The Zero Is Used To Represent The First (And In Most Cases Only) Console Interface For A Router.

The Second Command, Password Password Specifies A Password On A Line.

The Login Command Configures The Router To Require Authentication Upon Login. When Login Is Enabled And A Password Set, There Will Be A Prompt To Enter A Password.

Once These Three Commands Are Executed, A Password Prompt Will Appear Each Time A User Attempts To Gain Access To The Console Port.

ASSIGN CISCOCONPASS AS THE CONSOLE PASSWORD, ESTABLISH A TIMEOUT,ENABLE LOGIN, AND ADD THE LOGGING SYNCHRONOUS COMMAND ( The Logging Synchronous Command Synchronizes Debug And Cisco IOS Software Output And Prevents These Messages From Interrupting Your Keyboard Input):

Router1(Config)# Line Con 0
Router1(Config-Line)# Password Ciscoconpass
Router1(Config-Line)# Exec-Timeout 5 0
Router1(Config-Line)# Login
Router1(Config-Line)# Logging Synchronous
Router1(Config-Line)# Exit
Router1(Config)#

ENABLE AND ENABLE SECRET PASSWORDS:

To Provide Additional Security, Use The Enable Password Command Or The Enable Secret Command. Either Of These Commands Can Be Used To Establish Authentication Before Accessing Privileged EXEC (Enable) Mode.

Always Use The Enable Secret Command, Not The Older Enable Password Command, If Possible. The Enable Secret Command Provides Greater Security Because The Password Is Encrypted. The Enable Password Command Can Be Used Only If Enable Secret Has Not Yet Been Set.

The Enable Password Command Would Be Used If The Device Uses An Older Copy Of The Cisco IOS Software That Does Not Recognize The Enable Secret Command.

THE FOLLOWING COMMANDS ARE USED TO SET THE PASSWORDS:

◙ - ➤ Router(Config)#Enable Passwordpassword
◙ - ➤ Router(Config)#Enable Secret Password

Note: If No Enable Password Or Enable Secret Password Is Set, The IOS Prevents Privileged EXEC Access From A Telnet Session.

WITHOUT AN ENABLE PASSWORD HAVING BEEN SET, A TELNET SESSION WOULD APPEAR THIS WAY:

Switch>Enable
% No Password Set
Switch>

VTY PASSWORD:

The VTY Lines Allow Access To A Router Via Telnet. By Default, Many Cisco Devices Support Five VTY Lines That Are Numbered 0 To 4. A Password Needs To Be Set For All Available Vty Lines. The Same Password Can Be Set For All Connections. However, It Is Often Desirable That A Unique Password Be Set For One Line To Provide A Fall-Back For Administrative Entry To The Device If The Other Connections Are In Use.

THE FOLLOWING COMMANDS ARE USED TO SET A PASSWORD ON VTY LINES:

Router(Config)#Line Vty 0 4
Router(Config-Line)#Passwordpassword
Router(Config-Line)#Login

By Default, The IOS Includes The Login Command On The VTY Lines. This Prevents Telnet Access To The Device Without First Requiring Authentication. If, By Mistake, The No Login Command Is Set, Which Removes The Requirement For Authentication, Unauthorized Persons Could Connect To The Line Using Telnet. This Would Be A Major Security Risk.

ASSIGN CISCOVTYPASS AS THE VTY PASSWORD ( Establish A Timeout, Enable Login, And Add The Logging Synchronous Command):

Router1(Config)# Line Vty 0 4
Router1(Config-Line)# Password Ciscovtypass
Router1(Config-Line)# Exec-Timeout 5 0
Router1(Config-Line)# Login
Router1(Config-Line)# Logging Synchronous
Router1(Config-Line)# Exit
Router1(Config)#

ENCRYPTING PASSWORD DISPLAY:

Another Useful Command Prevents Passwords From Showing Up As Plain Text When Viewing The Configuration Files. This Is The Service Password-Encryption Command.

This Command Causes The Encryption Of Passwords To Occur When A Password Is Configured. The Service Password-Encryption Command Applies Weak Encryption To All Unencrypted Passwords. This Encryption Does Not Apply To Passwords As They Are Sent Over Media Only In The Configuration. The Purpose Of This Command Is To Keep Unauthorized Individuals From Viewing Passwords In The Configuration File.

If You Execute The Show Running-Config Or Show Startup-Config Command Prior To The Service Password-Encryption Command Being Executed, The Unencrypted Passwords Are Visible In The Configuration Output. The Service Password-Encryption Can Then Be Executed And The Encryption Will Be Applied To The Passwords. Once The Encryption Has Been Applied, Removing The Encryption Service Does Not Reverse The Encryption.

◙ - ➤ Router1(Config)#Service Password-Encryption - > Encrypt The Clear Text Passwords.

◙ - ➤  For More Reference - > HOW TO CONFIGURE ROUTER TELNET, CONSOLE AND AUX PORT PASSWORDS :

CONFIGURE THE ROUTER FOR SSH ACCESS (Enable SSH Connections And Create A User In The Local Database Of The Router):

Router1# Configure Terminal
Router1(Config)# Ip Domain-Name The School Of Cisco Networking (SCN).com
Router1(Config)# Username Admin Privilege 15 Secret Adminpass1
Router1(Config)# Line Vty 0 4
Router1(Config-Line)# Transport Input Ssh
Router1(Config-Line)# Login Local
Router1(Config-Line)# Exit
Router1(Config)# Crypto Key Generate Rsa Modulus 1024
Router1(Config)#Exit


CONCLUSION:

The Goal Of This Article Is To Give An Easy Way To Understand The “CISCO IOS BASIC ROUTER COMMANDS REFERENCE:" And Also We Hope This Guide Will Help Every Beginner Who Are Going To Start Cisco Lab Practice Without Any Doubts. Some Topics That You Might Want To Pursue On Your Own That We Did Not Cover In This Article Are Listed Here!

Hands - On Experience Is An Invaluable Part Of Preparing For The Lab Exam And Never Pass Up An Opportunity To Configure Or Troubleshoot A Router ( If You Have Access To Lab Facilities, Take Full Advantage Of Them) There Is No Replacement For The Experience You Can Gain From Working In A Lab, Where You Can Configure Whatever You Want To Configure And Introduce Whatever Problems You Want To Introduce, Without Risk Of Disrupting A Production Network. Thank You And Best Of Luck

This Article Written Author By: Mr. Premakumar Thevathasan - CCNA And CCNP (Routing & Switching), MCSE, MCSA, MCSA - MSG, CIW Security Analyst, CompTIA Certified A+ And Etc.

WARNING AND DISCLAIMER:

Routers Direct And Control Much Of The Data Flowing Across Computer Networks. This Guide Provides Technical Guidance Intended To Help All Network Students, Network Administrators And Security Officers Improve Of Their Demonstrated Ability To Achieve Specific objectives Within Set Timeframes.

We Cannot Provide Any Kind Of Advice, Explanation, Opinion, Or Recommendation And This Document Carries No Explicit Or Implied Warranty. Nor Is There Any Guarantee That The Information Contained In This Document Is Accurate. Every Effort Has Been Made To Make All Articles As Complete And As Accurate As Possible, But No Warranty Or Fitness Is Implied.

Your Access To The Website Is At Your Own Risk, It Is Offered In The Hopes Of Helping Others, But You Use It At Your Own Risk Only. The Author Will Not Be Liable For Any Special, Incidental, Consequential Or Indirect Any Damages Due To Loss Of Data Or Any Other Reason That Occur As A Result Of Using This Document. But No Warranty Or Fitness Is Implied. The Information Provided Is On An "As Is" Basic. All Use Is Completely At Your Own Risk. Your Access To The Website Is Subject To Our Terms Of Use.

Home Page Of - > The School Of Cisco Networking (SCN)

Page Of - > SCN InF4 TECH (IT Consultancy & Services)

About Us SCN Page

To Send Email @

Window Minimize / Window Maximize

Date & Time: Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)