A router is a layer 3 device used to forward packet from one network to another. It forwards the packet through one of its port on the basis of destination IP address and the entry in the routing table. By using routing table, it finds an optimized path between the source and destination network.
User execution mode –[Router>]
As soon as the interface up message appears and press enter, the router> prompt will pop up. This is called user execution mode. This mode is limited to some monitoring commands.
Router>
Some important command in User Execution Mode
1.) [ping] To check the network connection using ICMP echo message.
2.) [enable] To use in move User Execution Mode to Privileged Mode.
3.) [telnet] To use in take CLI remote(Not Secure and port number TCP UDP 23).
4.) [ssh] To use in taking CLI remote(Very Secure with RSA Security and port number 22).
5.) [?] To use in help.
Example
Router>?
Exec commands:
access-enable Create a temporary Access-List entry
access-profile Apply user-profile to interface
attach attach to system component
call Voice call
clear Reset functions
connect Open a terminal connection
crypto Encryption related commands.
disable Turn off privileged commands
disconnect Disconnect an existing network connection
enable Turn on privileged commands
exit Exit from the EXEC
help Description of the interactive help system
lock Lock the terminal
login Log in as a particular user
logout Exit from the EXEC
mrinfo Request neighbor and version information from a multicast
router
mstat Show statistics after multiple multicast traceroutes
mtrace Trace reverse multicast path from destination to source
name-connection Name an existing network connection
pad Open a X.29 PAD connection
ping Send echo messages
ppp Start IETF Point-to-Point Protocol (PPP)
release Release a resource
renew Renew a resource
resume Resume an active network connection
rlogin Open an rlogin connection
set Set system parameter (not config)
show Show running system information
slip Start Serial-line IP (SLIP)
ssh Open a secure shell client connection
systat Display information about terminal lines
tclquit Quit Tool Command Language shell
tdm TDM
telnet Open a telnet connection
terminal Set terminal line parameters
traceroute Trace route to destination
tunnel Open a tunnel connection
udptn Open an udptn connection
where List active connections
x28 Become an X.28 PAD
x3 Set X.3 parameters on PAD
Router>
Privileged mode –[Router#]
As we type enable to user mode, we enter into Privileged mode where we can view and change the configuration of router. Different commands like show running-configuration, show IP interface brief etc can run on this mode which are used for troubleshooting purpose.
Router> enable
Router#
Some important command in Privileged Mode.
1.) [write] To save the running configuration on memory.
2.) [telnet] [ssh] [ping]
3.) [configuration terminal] To move in Privileged Mode to Configuration Mode.
4.) [show] To check the configuration.
[show ip interface brief] To check all IPv4 Interface.
[show ipv6 interface brief] To check all IPv6 Interface.
[show ip route] To check the IPv4 routing table.
[show ipv6 route] To check the IPv4 routing table.
[show ip interface] To check the IPv4 interface information.
[show ipv6 interface] To check the IPv4 interface information.
[show clock] To check the time and date.
5.) [reload] To reload the device.
6.) [no] To use in remove the command.
7.) [exit] To exit from current mode.
8.) [erase] To use erase the filesystem.
[erase startup-config] To use in erase the all save configuration.
[erase /all] erase all file from NVRAM.
9.) [delete] To use in delete the file.
[delete flash] To use delete the flask.
10.) [copy] To use in copy the file.
11.) [clock] To set the clock.
[clock set hh:mm:ss MM DD YYYY] To set the date.
12.) [debug] To use in debugging function(Real time packet flow).
[debug ip icmp] To check ICMP transactions for IPv4.
[debug ip access-list] To check access-list operation for IPv4.
[debug ipv6 icmp] To check ICMP transactions for IPv6.
[debug ipv6 access-list] To check access-list operation for IPv6.
13.) [? / help]
Example
Router#?
Exec commands:
access-enable Create a temporary Access-List entry
access-profile Apply user-profile to interface
access-template Create a temporary Access-List entry
archive manage archive files
attach attach to system component
audio-prompt load ivr prompt
auto Exec level Automation
beep Blocks Extensible Exchange Protocol commands
bfe For manual emergency modes setting
calendar Manage the hardware calendar
call Voice call
cd Change current directory
clear Reset functions
clock Manage the system clock
cns CNS agents
configure Enter configuration mode
connect Open a terminal connection
copy Copy from one file to another
crypto Encryption related commands.
ct-isdn Run an ISDN component test command
debug Debugging functions (see also 'undebug')
delete Delete a file
dir List files on a filesystem
disable Turn off privileged commands
disconnect Disconnect an existing network connection
enable Turn on privileged commands
eou EAPoUDP
erase Erase a filesystem
event Event related commands
exit Exit from the EXEC
format Format a filesystem
fsck Filesystem check
help Description of the interactive help system
hw-module Slot level commands
isdn Run an ISDN EXEC command on an ISDN interface
lock Lock the terminal
login Log in as a particular user
logout Exit from the EXEC
microcode microcode commands
mkdir Create new directory
monitor Monitoring different system events
more Display the contents of a file
mpls MPLS commands
mpoa MPOA exec commands
mrinfo Request neighbor and version information from a multicast
router
mrm IP Multicast Routing Monitor Test
mstat Show statistics after multiple multicast traceroutes
mtrace Trace reverse multicast path from destination to source
name-connection Name an existing network connection
no Disable debugging functions
pad Open a X.29 PAD connection
ping Send echo messages
ppp Start IETF Point-to-Point Protocol (PPP)
pwd Display current working directory
redundancy Redundancy Facility (RF) exec commands
release Release a resource
reload Halt and perform a cold restart
rename Rename a file
renew Renew a resource
restart Restart Connection
resume Resume an active network connection
rlogin Open an rlogin connection
rmdir Remove existing directory
rsh Execute a remote command
send Send a message to other tty lines
set Set system parameter (not config)
setup Run the SETUP command facility
show Show running system information
slip Start Serial-line IP (SLIP)
squeeze Squeeze a filesystem
ssh Open a secure shell client connection
start-chat Start a chat-script on a line
systat Display information about terminal lines
tarp TARP (Target ID Resolution Protocol) commands
tclquit Quit Tool Command Language shell
tclsh Tool Command Language shell
tdm TDM
telnet Open a telnet connection
terminal Set terminal line parameters
test Test subsystems, memory, and interfaces
traceroute Trace route to destination
tunnel Open a tunnel connection
udptn Open an udptn connection
undebug Disable debugging functions (see also 'debug')
undelete Undelete a file
upgrade Upgrade software
verify Verify a file
voice Voice Commands
where List active connections
which-route Do OSI route table lookup and display results
write Write running configuration to memory, network, or terminal
x28 Become an X.28 PAD
x3 Set X.3 parameters on PAD
Router#
Global configuration mode –[Router(config)#]
As we type configure terminal to the user mode, we will enter into the global configuration mode. Commands enter in these modes are called global commands and they affect the running-configuration of the router. In this mode, different configuration like making local database on router by providing username and password, can set enable and secret password etc.
Router# configuration terminal
Router(config)#
Some important command in Global Configuration Mode.
1.) [aaa] To configure the AAA Secure feature.
2.) [access-list] To configure the access list for inbound and outbound traffic.
3.) [banner] To configure the welcome note.
[banner motd #welcome note!#] To configure the banner "welcome note!"
4.) [hostname] To configure the device name.
[hostname NAME] To configure the host name "NAME".
5.) [ip] To configure the layer 3 protocol for IPv4 like DHCP, BGP, EIGRP, OSPF, RIP etc.
6.) [ipv6] To configure the layer 3 protocol for IPv6 like DHCP, BGP, EIGRP, OSPF, RIP etc.
7.) [interface] To configure the interface like IP address, state, MTU, clock rate, power, bandwidth.
Interface Slot / Module / Interface
Gigabit Ethernet 1000 MB
Fast Ethernet 100 MB
Ethernet 10 MB
[interface Gigabit0/0/0] To select the interface using this format EthType Slot / Module / Interface
[bandwidth] To configure the bandwidth for interface.
[ip address IP_Address Subnet_Mask] To configure the IPv4 address on selected interface.
[ipv6 address IP_Address and Prefix] To configure the IPv6 address on selected interface.
[full-duplex] To configure the interface behave as full duplex mode.
[half-duplex] To configure the interface behave as half duplex mode.
[shutdown] To configure the interface state.
8.) [line] To configure the VTY, TTY, Console, AUX mode.
[line con 0] To select the console line where console 0 is the physical console port on the switch/router you plug into.
[transport input none] To configure the remote protocol priority
[login local] To user database LOCAL
[line aux 0] To select the auxiliary line.
[transport input none] To configure the remote protocol priority
[login local] To user database LOCAL
[line vty 0 4] To select the VTY and The term “vty” stands for Virtual teletype. VTY is a virtual port and used to get Telnet or SSH access to the device.The abstract “0 – 4” means that the device can allow 5 simultaneous virtual connections which may be Telnet or SSH.
[transport input none] To configure the remote protocol priority
[login local] To user database LOCAL
9.) [username Username privilege 15 password PASSWORD] To add and remove users with access lavel from Local User Database.
10.) [service password-encryption] This command obscures all clear-text passwords in the configuration using a Vigenere cipher.
11.) [enable password PASSWORD] To configure the enable password for device.
12.) Secure Shell Hash
[hostname R1] Set the host name.
[ip domain-name NETWORK.LOCAL] Set the doman name.
[crypto key generate rsa] Generate the RSA Key.
[ip ssh version 2] Set the SSH protocol version.
[line vty 0 4] Allow the five user at a time.
[transport input ssh] Set the Protocol.
[login local] Set the login from Local Database.
[username admin password my_password] Create the user in Local database.
12.) [? / help]
Example
Router(config)#?
Configure commands:
aaa Authentication, Authorization and Accounting.
aal2-profile Configure AAL2 profile
access-list Add an access list entry
alias Create command alias
appfw Configure the Application Firewall policy
application Define application
archive Archive the configuration
arp Set a static ARP entry
async-bootp Modify system bootp parameters
atm Enable ATM SLM Statistics
backhaul-session-manager Configure Backhaul Session Manager
banner Define a login banner
bba-group Configure BBA Group
beep Configure BEEP (Blocks Extensible Exchange
Protcol)
boot Modify system boot parameters
bridge Bridge Group.
buffers Adjust system buffer pool parameters
busy-message Display message when connection to host fails
call Configure Call parameters
call-history-mib Define call history mib parameters
call-manager-fallback SRST for Cisco Call Manager fallback. For Call
Manager Express configuration use the
'telephony-service' command
call-router Call route parameter
carrier-id Name of the carrier associated with this trunk
group
cdp Global CDP configuration subcommands
chat-script Define a modem chat script
class-map Configure QoS Class Map
clns Global CLNS configuration subcommands
clock Configure time-of-day clock
cns CNS agents
config-register Define the configuration register
configuration Configuration access
connect cross-connect two interfaces
control-plane Configure control plane services
crypto Encryption module
default Set a command to its defaults
default-value Default character-bits values
define interface range macro definition
dial-control-mib Define Dial Control Mib parameters
dial-peer Dial Map (Peer) configuration commands
dialer Dialer commands
dialer-list Create a dialer list entry
diffserv Differentiated Services (COPS)
dnsix-dmdp Provide DMDP service for DNSIX
dnsix-nat Provide DNSIX service for audit trails
do To run exec commands in config mode
downward-compatible-config Generate a configuration compatible with older
software
dspint Select a dspfarm to configure
dss Configure dss parameters
enable Modify enable password parameters
end Exit from configure mode
eou EAPoUDP Global Configuration Commands
event Event related configuration commands
exception Exception handling
exit Exit from configure mode
fastether global dec21140 controller configuration
fax Configure fax parameters
file Adjust file system parameters
flow-sampler-map Flow sampler configuration
frame-relay global frame relay configuration commands
ftp-server FTP Server configuration commands
gatekeeper Enter gatekeeper configuration mode
gateway Gateway
gw-accounting Enable voip gateway accounting.
help Description of the interactive help system
hostname Set system's network name
http HTTP Config
hw-module Slot level commands
identity Identity Configuration Commands
interface Select an interface to configure
ip Global IP configuration subcommands
ipc Configure IPC system
ipv6 Global IPv6 configuration commands
isis Global ISIS configuration subcommands
ivr ivr utility command
ixi IXI Config command
kerberos Configure Kerberos
key Key management
kron Kron interval Facility
l2tp-class l2tp-class configuration
lane Configure LAN Emulation
li-view LI View
line Configure a terminal line
load Load Protocol
logging Modify message logging facilities
login Enable secure login checking
login-string Define a host-specific login string
map-class Configure static map class
map-list Configure static map list
memory Configure Memory
memory Configure memory management
memory-size Adjust memory size
menu Define a user-interface menu
mgcp Enable Media Gateway Control Protocol
microcode configure microcode
mls mls global commands
mmoip Multi Media Over IP
modemcap Modem Capabilities database
monitor Monitoring different system events
mop Configure the DEC MOP Server
mpls Configure MPLS parameters
mpoa MPOA global configuration commands
mrcp MRCP(Real Time Streaming Protocol) configuration
mta Configure the Mail Transfer Agent
multilink PPP multilink global configuration
netbios NETBIOS access control filtering
network-clock-select Network clock select
no Negate a command or set its defaults
ntp Configure NTP
num-exp Dial Map Number Expansion configuration commands
oer Optimized Exit Routing configuration submodes
oer-map Create oer-map and enter oer-map command mode
parser Configure parser
password Configure encryption password (key)
policy-manager Policy Manager configuration commands
policy-map Configure QoS Policy Map
ppp PPP global configuration
pppoe-forwarding enable pppoe forwarding
priority-list Build a priority list
privilege Command privilege parameters
process Configure process
process-max-time Maximum time for process to run before
voluntarily relinquishing processor
prompt Set system's prompt
proxy Proxy configuration
pseudowire-class Pseudowire-class configuration
queue-list Build a custom queue list
random-detect-group Configure random-detect class
rbe Commands for Routing RFC 1483 Ethernet
encapsulated packets
redundancy Enter redundancy mode
regexp regexp commands
resource Configure Embedded Resource Manager (ERM)
resume-string Define a host-specific resume string
rif Source-route RIF cache
rlm Configure a specific rlm
rlogin Rlogin configuration commands
rmon Remote Monitoring
route-map Create route-map or enter route-map command mode
router Enable a routing process
rtsp RTSP(Real Time Streaming Protocol) configuration
sasl Configure SASL
scheduler Scheduler parameters
scripting Configure options for scripting languages
secure Secure image and configuration archival commands
security Infra Security CLIs
service Modify use of network based services
sgbp SGBP Stack Group Bidding Protocol configuration
signaling-class Configure signaling class
sip-ua SIP User Agent (UA)
snmp Modify non engine SNMP parameters
snmp-server Modify SNMP engine parameters
source-bridge Source-route bridging ring groups
srcp Enable Simple Resource Coordination Protocol
ssg Service Selection Gateway
stacks Configure stacks
standby Global HSRP configuration commands
state-machine Define a TCP dispatch state machine
su-mac SU mac for sid-to-vc forwarding
su-tag Tag name for sid-to-vc forwarding
subscriber Subscriber configuration
subscriber-policy Subscriber policy
subscription ASNL based Subscriptions configuration
syscon Configure System Controller
table-map Configure Table Map
tacacs-server Modify TACACS query parameters
tag-switching Dynamic Tag Switching commands
tarp Global TARP configuration subcommands
telephony-service Configure Cisco Call Manager Express
template Select a template to configure
terminal-queue Terminal queue commands
tftp-server Provide TFTP service for netload requests
tgrep Enable TGREP
time-range Define time range entries
track Object tracking configuration commands
translate Translate global configuration commands
translation-rule Global digit manipulation and translation
trunk Global trunk configuration
username Establish User Name Authentication
vc-group Define a Frame Relay VC group
virtual-profile Virtual Profile configuration
virtual-template Virtual Template configuration
vlan VLAN commands
vm-integration enable in-band DTMF integration with voicemail
systems
voice Global voice configuration
voip-incoming Global incoming VoIP configuration
vpdn Virtual Private Dialup Network
vpdn-group VPDN group configuration
vpdn-template vpdn-template configuration
vty-async Enable virtual async line configuration
warm-reboot Warm reboot allows quick reload in case of a
crash or by request
webvpn SSL VPN Commands
x25 X.25 Level 3
x29 X29 commands
xot Global XOT commands
xsm Configure XSM
Router(config)#
Thanks
UConfigIt
