Categories
Cisco IOS

Ports on an IOS device

Cisco uses the term interface to refer to physical ports on an IOS device. Interfaces can be configured with different settings, depending on the type of the interface and whether you are configuring an interface on a router or on a switch. For example, the Cisco 7201 Router has four GE physical ports (image source: Cisco):

cisco 7201 router

To display the router interfaces in IOS, use the show ip int brief command from the privileged exec mode:

show ip interface brief

In the output above we can see that this router has 2 physical interfaces – FastEthernet0/0 and FastEthernet0/1.

Consider the output for the Fa0/0 interface:

show ip interface fa

Here is a brief description of each column:

  • Interface – displays the type of the interface, in this case Fast Ethernet 0/0. The first zero specifies the physical slot on the router, while the second zero specifies the port number.
  • IP-Address – displays the interface’s IP address.
  • OK? – YES in this column signifies that the IP address is currently valid.
  • Methodmanual in this column means that the interface has been manually configured. DHCP means that the interface has been configured using DHCP.
  • Statusup indicates that the interface is administratively up.
  • Protocolup indicates that the interface is operational.

 

To configure a specific interface, use the interface TYPE SLOT/PORT command from the global config mode. This puts us in the interface submode, where we can configure various interface options:

interface command

In the example above you can see that we’ve configured the speed option for the interface Fast Ethernet 0/0.

By default, all ports on a Cisco switch are up and running as soon as you power-on the device. This means that all you need is to connect your devices and the switch and you are good to go. This isn’t the case with Cisco routers, however. You need to manually enable each interface on a router with the no shutdown interface mode command:

no shutdown command

Prerequisites for 200-301

200-301 is a single exam, consisting of about 120 questions. It covers a wide range of topics, such as routing and switching, security, wireless networking, and even some programming concepts. As with other Cisco certifications, you can take it at any of the Pearson VUE certification centers.

The recommended training program that can be taken at a Cisco academy is called Implementing and Administering Cisco Solutions (CCNA). The successful completion of a training course will get you a training badge.

Full Version 200-301 Dumps

Try 200-301 Dumps Demo

Categories
Cisco IOS

Run privileged commands within global config mode

Beginning with the IOS 12.3, the privileged-exec mode commands (such as show running-configuration, show interface status, etc.) can be executed within the global configuration mode and its submodes. This allows you to execute privileged-exec mode commands without needing to exit the current configuration mode. Here is an example that explains the usefulness of this feature:

ios command not found

In the example above you can see that we’re currently in the interface submode. We want to get more information about the interface with the show interface Fa0/1 command, but we got an error because the command is not available in this mode. However, if we use the do keyword in front of the command, the command will succeed:

do command

The command was now executed because of the do keyword. Notice that we’re still in the interface submode and we can continue with the interface configuration.

Prerequisites for 200-301

200-301 is a single exam, consisting of about 120 questions. It covers a wide range of topics, such as routing and switching, security, wireless networking, and even some programming concepts. As with other Cisco certifications, you can take it at any of the Pearson VUE certification centers.

The recommended training program that can be taken at a Cisco academy is called Implementing and Administering Cisco Solutions (CCNA). The successful completion of a training course will get you a training badge.

Full Version 200-301 Dumps

Try 200-301 Dumps Demo

Categories
Cisco IOS

Configure descriptions

Adding a description to an interface on a Cisco device doesn’t provide any extra functionality, but it is useful for administrative purposes, since it will help you to remember the interface function. A description of an interface is locally significant and can be up to 240 characters long. It can be set using the description command from the interface submode:

DEVICE(config) interface Fa0/1
DEVICE(config-if) description WAN to London

Example configuration:

description command

The description is displayed in the output of the show running-config command:

show running config description

To erase the description, use the no description interface mode command (or the shortcut no desc):

no description command

Prerequisites for 200-301

200-301 is a single exam, consisting of about 120 questions. It covers a wide range of topics, such as routing and switching, security, wireless networking, and even some programming concepts. As with other Cisco certifications, you can take it at any of the Pearson VUE certification centers.

The recommended training program that can be taken at a Cisco academy is called Implementing and Administering Cisco Solutions (CCNA). The successful completion of a training course will get you a training badge.

Full Version 200-301 Dumps

Try 200-301 Dumps Demo

Categories
Cisco IOS

show command

We’ve already mentioned a couple of show commands in the previous sections, so you should already we somewhat aware of this command. This command is used to display the device’s configuration, statistics, command history, interface status… The show command is invoked from the enable mode and can accept a lot of parameters:

Floor1#show ?
aaa Show AAA values
access-lists List access lists
arp Arp table
cdp CDP information
class-map Show QoS Class Map
clock Display the system clock
controllers Interface controllers status
crypto Encryption module
debugging State of each debugging option
dhcp Dynamic Host Configuration Protocol status
dot11 IEEE 802.11 show information
file Show filesystem information
flash: display information about flash: file system
...
terminal Display terminal configuration parameters
users Display information about terminal lines
version System hardware and software status
vlan-switch VTP VLAN status
vtp Configure VLAN database

Here is a brief description of the most popular show commands:

  • show running-config – displays the running (current) configuration of your device:
  • show startup-config – displays the startup configuration of your device:
  • show ip interface brief – provides information about the interfaces on a router, including the logical (IP) address and status:
  • show history – shows the command history:
  • show interface INTERFACE – displays the status of the specified interface:
  • show version – shows information about the device, such as the IOS version running on the device, number of interfaces, device model, time of the last reboot, amount of memory available on the device, etc.

Prerequisites for 200-301

200-301 is a single exam, consisting of about 120 questions. It covers a wide range of topics, such as routing and switching, security, wireless networking, and even some programming concepts. As with other Cisco certifications, you can take it at any of the Pearson VUE certification centers.

The recommended training program that can be taken at a Cisco academy is called Implementing and Administering Cisco Solutions (CCNA). The successful completion of a training course will get you a training badge.

Full Version 200-301 Dumps

Try 200-301 Dumps Demo

Categories
Cisco IOS

IOS basic commands

In this article we will go through some basic IOS commands.

Hostname command

The hostname command is used to configure the device hostname. Because this command changes a device configuration, it must be entered in the global configuration mode. After typing the command, the prompt will change and display the new hostname.

Here is an example that shows you how to change a hostname of a device.
First, enter the global configuration mode by typing the enable command in the user EXEC mode and the configuration terminal command in the privileged EXEC mode. Once inside the global configuration mode, type the command hostname R1. Notice how the prompt was changed to reflect the configured value.

hostname command

No shutdown command

By default, all interfaces on a Cisco router are turned off. To enable an interface, the no shutdown command is used. You first need to enter the submode of the interface that you want to configure. You can do that by using the global configuration mode command interface INTERFACE_TYPE/ INTERFACE_NUMBER. You can get a list of available interfaces by typing the ‘?’ character after the interface command.

You may notice that the promt has changed to reflect the mode you are currently in. For the interface mode the HOSTNAME#(config-if) prompt is shown.

Once inside the interface mode, you can enable an interface by typing the no shutdown command.

no shutdown command

IP address command

The ip address interface mode command is used to assign an IP address to an interface. The syntax of this command is ip address IP_ADDRESS SUBNET_MASK. For example, if we want to assign an IP address of 10.0.0.1 with the subnet mask 255.0.0.0 to a interface, we would use the following command:

ip address 10.0.0.1 255.0.0.0

 
What if you had made a mistake and written the ip address 10.0.0.2 255.0.0.0 command instead of the command above? Well, you can remove the wrong IP address by typing the same command, but this time with the no keyword in front of it, in our case no ip address. You can remove any command from your IOS configuration by using the no keyword in front of the command.

ip address command

Setting up passwords

Each Cisco IOS device has the built-in authentication features. There are three basic ways to configure authentication on a device:

  • Configure a password for the console access – by default, the console access doesn’t requires a password. You can configure a password for the console access by using the following set of commands:

 

HOSTNAME(config) line console 0
HOSTNAME(config-line) password PASSWORD 
HOSTNAME(config-line) login

This will force a user to type the password when trying to access the device through the console port.

console password prompt

  • Configure a password for the telnet access – by default, the telnet access is disabled. You need to enable it. This is done using the following sequence of commands:

 

HOSTNAME(config) line vty FIRST_VTY LAST_VTY
HOSTNAME(config-line) password PASSWORD
HOSTNAME(config-line) login

The first command defines a range of virtual terminal sessions that you would like to configure. A virtual session can be a telnet or SSH session. Cisco devices usually supports 16 concurrent VTY sessions. So, this command usually looks like this: line vty 0 15.
The login command allows a remote access to a device. It is required in order for telnet to work.
telnet password

  • Configure a password for the privileged EXEC mode – from the privileged EXEC mode you can enter the global configuration mode and change the configuration of a device. Therefore it is important to prevent an unauthorized user from entering the global configuration mode. You can do that by setting up a password to enter the privileged EXEC mode. This can be done in two ways:

 

HOSTNAME(config) enable password PASSWORD
HOSTNAME(config) enable secret PASSWORD

Both of the commands above accomplish the same thing, but with one major difference. The enable secret PASSWORD commands encrypts the password, while the enable password PASSWORD command doesn’t, which means that an unauthorized user could just read a password from the device configuration:

enable password command

Notice how the password (cisco) is visible in the device’s configuration.

Service password-encryption command

By default,  passwords configured using the enable password command and passwords for the console or telnet access are stored in clear text in the configuration file. This presents a security risk because an attacker could easily find out passwords. The global configuration service password-encryption command encrypts all passwords configured.

It is important to note that this type of password encryption is not consider especially secure, since the algorithm used can be easily cracked. Cisco recommends using this command only with additional security measures.

Configuring banners

You can display a banner on a Cisco device. A banner is usually shown before the login prompt. It is usually some text that appears on the screen when a user connect to the device (e.g. some legal information).

The most commonly used banner is the Message Of The Day (MOTD) banner. This banner, if configured, is shown before the login prompt to every user that is trying to establish a session with the device. The following global configuration command is used to configure a MOTD banner:

hostname(config) banner motd DELIMITING_CHARACTER TEXT DELIMITING_CHARACTER

A delimiting character is a character of your choice. Its purpose is to signify the start and end of a text that will appear in the banner. For example, the command banner motd # Unauthorized access forbidden! # will show the following text: Unauthorized access forbidden!.

banner motd

Show version command

The show version command is used to display information about a Cisco device. The command can be entered in both the user EXEC and privileged EXEC mode. By using this command you can find out many useful information about your Cisco device, such as:

  • Software Version – IOS software version
  • System up-time – time since last reboot
  • Software image name – IOS filename stored in flash
  • Hardware Interfaces – interfaces available on device
  • Configuration Register value – bootup specifications, console speed setting, etc.
  • Amount of RAM memory – amount of RAM memory
  • Amount of NVRAM memory
  • Amount of Flash memory

 

The following example shows the output of the command:

show version command

Show history command

An IOS device stores, by default, 10 last commands you have entered in your current EXEC session. You can use the show history command from the user EXEC or privileged EXEC mode to display them.

show history command

You can set a number of command saved in the buffer for the current terminal session by using the terminal history size NUMBER command from the user EXEC or privileged EXEC mode.

NOTE
Another way to recall your command from the history buffer is by using the up arrow key on your keyboard. Most recent command is recalled first.

Show running-configuration & show startup-configuration commands

After you have changed the configuration of your device you can verify its configuration. To dispay the current configuration, type show running-configuration from the privileged EXEC mode. This show the configuration that is stored in a device’s RAM.

show running config

After you have stored your running configuration into the startup configuration, you can view the saved configuration using the show startup-config command from the privileged EXEC mode.

This command shows the configuration that is currenty stored in the device’s NVRAM. This configuration will be loaded next time the device is restarted.

show startup config

Prerequisites for 200-301

200-301 is a single exam, consisting of about 120 questions. It covers a wide range of topics, such as routing and switching, security, wireless networking, and even some programming concepts. As with other Cisco certifications, you can take it at any of the Pearson VUE certification centers.

The recommended training program that can be taken at a Cisco academy is called Implementing and Administering Cisco Solutions (CCNA). The successful completion of a training course will get you a training badge.

Full Version 200-301 Dumps

Try 200-301 Dumps Demo

Categories
Cisco IOS

Running & startup configuration

CIsco devices store commands in two configuration files:

  • startup configuration
  • running configuration

 

Immediately after you type a command in the global configuration mode, it will be stored in the running configuration. A running configuration resides in a device’s RAM, so if a device loses power, all configured commands will be lost.

To avoid this scenario, you need to copy your current configuration into the startup configuration. A startup configuration is stored in the nonvolatile memory of a device, which means that all configuration changes are saved even if the device loses power.

To copy your running configuration into the startup configuration you need to type the command copy running-configuration startup-configuration.

copy running startup config

Prerequisites for 200-301

200-301 is a single exam, consisting of about 120 questions. It covers a wide range of topics, such as routing and switching, security, wireless networking, and even some programming concepts. As with other Cisco certifications, you can take it at any of the Pearson VUE certification centers.

The recommended training program that can be taken at a Cisco academy is called Implementing and Administering Cisco Solutions (CCNA). The successful completion of a training course will get you a training badge.

Full Version 200-301 Dumps

Try 200-301 Dumps Demo

Categories
Cisco IOS

Get help in IOS

You can use the question mark to display a list of commands available in the prompt you are in:

ios list of commands

If the output spans more than one page, press the spacebar to display the following page of commands, or press Enter to go one command at a time. To quit the output, press q.

To display only commands that start with a particular character or a string of characters, type the letters and then press the question mark:

ios commands letter

In the picture above you can see that we’ve displayed all commands that start with de.

If the command is more than one word long, you can use the question mark to display the next command in a string:

ios more than one command

In the picture above you can see that we’ve displayed all commands that can follow the command debug. We then displayed all commands that can follow the commands debug eigrp.

You can also autocomplete a command. Just type the first few characters and press Tab. If there is only a single match, IOS will complete the command.

You don’t have to type an entire word to finish a command. Just can type just the first letter or a couple of letters, and if there is only a single match, IOS will understand what are you trying to accomplish. For example, you can type sh ip int b instead of a longer version, show ip interface brief:

ios command shortcut

Note that we were able to execute the command above because each set of characters had only one match in the list of commands. If we’ve typed sh ip in b instead, IOS would not have understood our intention:

ambiguous command ios

The % Ambiguous command: “show ip in b” message was displayed because the third keyword, in, has more than one meaning (inspect or interface).

Prerequisites for 200-301

200-301 is a single exam, consisting of about 120 questions. It covers a wide range of topics, such as routing and switching, security, wireless networking, and even some programming concepts. As with other Cisco certifications, you can take it at any of the Pearson VUE certification centers.

The recommended training program that can be taken at a Cisco academy is called Implementing and Administering Cisco Solutions (CCNA). The successful completion of a training course will get you a training badge.

Full Version 200-301 Dumps

Try 200-301 Dumps Demo

Categories
Cisco IOS

IOS command modes

We’ve already learned that IOS has three main command modes: the user exec, privileged exec, and the global configuration modes. Each of these modes serves a different purpose and has its own set of commands. In this lesson we will describe each of this modes in more detail.

User EXEC mode commands

Initially, a user logs into the User Exec mode. This is the mode with the least number of commands. You can get a list of all available commands by typing the character ?.

user exec mode commands

As you can see, most of the commands available are used to show statistics and perform some basic troubleshooting. The prompt on the left side of the screen always displays the device hostname (R1 in this case), followed by the character >.

All commands can be abbreviated to their first letters of the command name. For example, you can abbreviate ping by typing pin, because no other command in the User EXEC mode IOS mode begins with these letters.

Privileged EXEC mode commands

This IOS mode is also called enable mode because you must enter the enable command from a user EXEC mode if you want to access this mode. You can use more commands in the privileged EXEC mode than you were able to use in the user EXEC mode. You can save a device configuration or reload a device in this mode. You can also enter a third mode, the configuration mode. The access to the privileged EXEC mode is usually protected with a password.

The prompt for this mode shows # after the device hostname.

privileged exec mode commands

Global configuration mode commands

To change a device configuration, you need to enter the global configuration mode. This mode can be accessed by typing configure terminal (or conf t, the abbreviated version of the command) from the enable mode. The prompt for this mode is hostname(config).

Global configuration mode commands are used to configure a device. You can set a hostname, configure authentication, set an IP address for an interface, etc. From this mode you can also access submodes, for example the interface mode, from where you can configure interface options.

You can get back to a privileged EXEC mode by typing the end command. You can also type CTRL + C to exit the configuration mode.

global configuration mode commands

Submode commands

A global configuration mode contains many submodes. For example, if you want to configure an interface you have to enter that interface configuration mode. Each submode contains only commands that pertain to the resource that is being configured.

To enter the interface configuration mode you need to specify which interface you would like to configure. This is done by using the interface INTERFACE_TYPE/INTERFACE_NUMBER global configuration command, where INTERFACE_TYPE represents the type of an interface (Ethernet, FastEthernet, Serial…) and INTERFACE_NUMBER represents the interface number, since CIsco devices usually have more than one physical interface. Once inside the interface configuration mode, you can get a list of available commands by typing the “?” character. Each submode has its own prompt. Notice how the command prompt was changed to Router(config-if) after I’ve entered the interface submode:

interface mode commands

Prerequisites for 200-301

200-301 is a single exam, consisting of about 120 questions. It covers a wide range of topics, such as routing and switching, security, wireless networking, and even some programming concepts. As with other Cisco certifications, you can take it at any of the Pearson VUE certification centers.

The recommended training program that can be taken at a Cisco academy is called Implementing and Administering Cisco Solutions (CCNA). The successful completion of a training course will get you a training badge.

Full Version 200-301 Dumps

Try 200-301 Dumps Demo

Categories
Cisco IOS

Power on a Cisco device

When you first power-on a newly purchashed Cisco device, it will perform a power-on self-test (POST) to discover the hardware components and verify that all components work properly. If the POST is successful, the device will enter the setup mode. This mode presents a step-by-step dialog to help you configure some basic parameters, such as the device hostname, passwords, interface IP address, etc. To enter the setup mode, power on your device and type yes when prompted to make a selection:

ios setup mode

The wizard guides you through the initial configuration of your device and will create an initial configuration file. The setup mode is useful when you are unfamiliar with the IOS CLI, but once you learn the basics of CLI, you probably won’t use this mode ever again.

NOTE
You can enter the setup mode at any time from the command line by typing the setup command from the privileged mode. To exit the setup mode without saving any changes, press CRTL+C.

Prerequisites for 200-301

200-301 is a single exam, consisting of about 120 questions. It covers a wide range of topics, such as routing and switching, security, wireless networking, and even some programming concepts. As with other Cisco certifications, you can take it at any of the Pearson VUE certification centers.

The recommended training program that can be taken at a Cisco academy is called Implementing and Administering Cisco Solutions (CCNA). The successful completion of a training course will get you a training badge.

Full Version 200-301 Dumps

Try 200-301 Dumps Demo

Categories
Cisco IOS

Cisco IOS overview

IOS (Internetwork Operating System) is a multitasking operating system used on most Cisco routers and switches. IOS has a command-line interface with the predetermined number of multiple-word commands. This operating system is used to configure routing, switching, internetworking and other features supported by a Cisco device.

NOTE
Previous versions of Cisco switches ran CatOS, a discounted version of a CLI-based operating sytem.

 

Below you can see how IOS looks like when a Cisco device is started for the first time:

ios initial screen

 Accessing the IOS

There are three most common ways to access the IOS:

1. Console access – this type of access is usually used to configure newly acquired devices. These devices usually don’t have an IP address configured, and therefore can not be accessed through the network. Most of the Cisco devices have a physical console port. This port can be connected to a computer using a rollover cable, a special type of cable with pins on one end reversed on the other end of the cable. The rollover cable is a serial cable, which means that you can’t just plug it in an Ethernet port on your computer. You will need an adapter that converts an interface on your computer (usually a 9-pin serial interface) into RJ-45.

NOTE
Newer Cisco devices usually include a USB console port, since serial ports are rare on modern PCs.

 

2. Telnet access – this type of access used to be a common way to access network devices. Telnet is an terminal emulation program that enables you to access IOS through the network and configure the device remotely. The device that is being configured needs to have an Telnet server installed and an IP address configured.

Telnet uses a well known TCP port 23. One of the biggest disadvantages of this protocol is that is sends all data as clear-text, which includes the passwords! This is the reason why this type of access is usually not used anymore. Instead, SSH is usually used.

3. SSH access – like Telnet, this access type enables you to configure devices remotely, but it adds an extra layer of security by encrypting all communications using public-key cryptography. SSH uses well known TCP port 22. 

IOS modes

IOS has many different modes. There are three main modes any many submodes. We will describe the three main modes and one submode.

  • user EXEC mode – the default mode for the IOS CLI. This is the mode that a user is placed in after accessing the IOS. Only basic commands (like ping or telnet) are available in this mode.
  • privileged EXEC Mode – this mode is accessed by typing the enable command from the user EXEC mode. This mode can be password protected. In this mode a user can view and change a device’s configuration.
  • global configuration mode – this mode can be accessed by typing the configure terminal command from the privileged EXEC mode. It is used to change the device’s configuration.

 

A global configuration mode can have many submodes. For example, when a user wants to configure an interface, he will have to enter the interface submode by entering the interface INTERFACE_TYPE INTERFACE_NUMBER command (e.g. interface FastEthernet 0/1 ) from the global configuration mode. This submode can have many commands that are specific for the interface.

Let’s describe each of the modes mentioned above in more detail.

Prerequisites for 200-301

200-301 is a single exam, consisting of about 120 questions. It covers a wide range of topics, such as routing and switching, security, wireless networking, and even some programming concepts. As with other Cisco certifications, you can take it at any of the Pearson VUE certification centers.

The recommended training program that can be taken at a Cisco academy is called Implementing and Administering Cisco Solutions (CCNA). The successful completion of a training course will get you a training badge.

Full Version 200-301 Dumps

Try 200-301 Dumps Demo