Thursday, August 27, 2015

Basic Cisco IOS Commands for Routers and Switches

Basic Cisco IOS Commands for Routers and Switches
In this article, I will give you a short introduction to the Cisco Internetwork Operating System, also known as the IOS. This is the operating system that controls Cisco routers and switches and provides the interface to configure Cisco devices as well.
We will take a look at the various router command modes, set router passwords and banners, configure router hostnames and interface descriptions, and much more.
For details on how to connect to a Cisco router or switch, see an article on 'Steps to Back Up and Restore Configuration on CISCO Devices'. This article will show you with the basic commands for smoother and more linear path into more specialized stuff.

Overview of Router Modes

Once you login into a router you instantly enter the so-called user mode – the prompt [Router name] > appears. From this mode you can only see some statistic information.
To view and change the configuration of the router you have to enter into theprivileged mode by entering the enable command. Here are the steps:
RouterA>
RouterA>enable
RouterA#

To be able to make global changes to the configuration of the router you have to enter the global configuration mode. Once you achieve that, you are able to access any possible subsequent configuration mode and make global changes:
RouterA#configure terminal or config t for short
RouterA(config)#
Now you have the control of your device. If you need to modify your router’s configuration then you enter the appropriate configuration mode. For example, if you want to make a change to your Fastethernet interface 0/0 then you have to enter interface configuration mode and make your modifications from there. Here are the steps:
RouterA(config)# interface fastethernet 0/0
RouterA(config-if)#
Prompt RouterA(config-if)# indicates you are in interface configuration mode. At any time, and any mode you are in, you can insert a question mark ? and the router will automatically show all the possible commands or option parameters you can apply at that specific time.
RouterA(config-if)# ?
Interface configuration commands:
access-expression    Build a bridge boolean access expression
arp                  Set arp type (arpa, probe, snap) or timeout
backup               Modify backup parameters
ip                   Interface Internet Protocol config commands .
.
.
.
Below there is a list of the most important configuration modes along with the commands used to enter these modes:
IOS Commands 1

Name Your Router and Adjust its Clock

To apply an identity to your router, use the hostname command. To adjust the clock on the router use the clock set command. Always use the ? to help you correctly finish the command:
IOS Commands 2

Setting Banners

It’s a good idea to configure security notices to be displayed every time someone accesses your router. These notices are considered to be valid legal notices. The most useful banner is the so-called Message Of The Day(MOTD) banner.
This banner is displayed to every user connecting to the router either via telnet, console port or auxiliary port. This is how you can set it on your router:
RouterA(config)# banner motd ?
Line c banner-text c, where c is a delimiting character
RouterA(config)# banner motd # ***AUTHORIZED USERS ONLY***#

Setting Passwords

The first thing you need to set on your router, before you even modify its configuration, is the secret password which is used to secure privileged mode access to the router. This password uses strong encryption algorithms making it impossible to break.
It should really be your number one priority to make sure you have set this password on your router. Use the enable secret commands to apply it to your router:
RouterA(config)# enable secret TEST
For added security you can apply user mode passwords. When users access the router either remotely via telnet or via the console terminal then this kind of passwords prompts the users for authentication.
To set this password for users accessing the router remotely via telnet, use the line vty [first line number] [last line number] command. By default, Cisco IOS enables 5 virtual terminal lines – lines 0 through 4. The necessary steps to configure this are the following:
RouterA(config)# line vty 0 4
RouterA(config-line)#login
RouterA(config-line)#password TESTING
To set user mode password for the console line, perform the following:
RouterA(config)# line console 0
RouterA(config-line)#login
RouterA(config-line)#password TESTING
A couple of important commands you can use at the line configuration mode are the exec-timeout [minutes][seconds] and logging synchronouscommands.
The first one sets the timeout for the specific line and the second one stops annoying pop-up messages from disrupting whatever you are trying to type. Here is an example of how to apply these commands:
RouterA(config)# line console 0
RouterA(config-line)#exec-timeout 10 0
RouterA(config-line)#logging synchronous

Managing Router Interfaces

At the interface configuration mode, you can apply an IP address and subnet mask to an interface using the ip address command. You can also shutdown or activate an interface by using the shutdown or no shutdown commands respectively. These two commands are very basic and you will definitely use them all the time. Here is an example:
RouterA(config)# interface fastethernet 0/0
RouterA(config-if)#ip address 192.168.10.1 255.255.255.0
RouterA(config-if)#no shutdown
It is a good idea to apply descriptions to your connected interfaces as well. This will be very helpful, especially when you’re troubleshooting things. Simply use the description command, like this:
RouterA(config)# interface fastethernet 0/0
RouterA(config)# description CONNECTION TO CENTRAL SWITCH

Displaying and Verifying Things

There is one privileged mode command that you will find yourself using extensively. I am talking about the show command which has a broad usage, including:
  • Viewing routers configuration
  • Verifying interfaces configuration
  • Viewing interfaces status
Here are a few important show commands you will find helpful to use:
  • RouterA# show running configuration
  • RouterA# show clock
  • RouterA# show interfaces
  • RouterA# show ip interfaces brief
  • RouterA# show interfaces description

5 Cisco IOS Commands Every Network Admin Should Know


There are 5 commands that every Cisco network administrator should know. These are core administration commands that will help you to really know what is going on.
If you are new to Cisco networking, these are good commands to memorize. On the other hand, even if you are a seasoned administrator, you may find a few commands in this article on which you could use a refresher. We will start the list at the bottom and move to #1.

IOS Command #5 – show interfaces

It is important to know what interfaces are on your router, important statistics about those interfaces, and whether they are up or down. The show interfaces command is a very verbose command that provides a lot of output. You may have to pick through that output to find what you are looking for; just about everything to do with interfaces is shown in the output from this command. For example: errors on an interface, bandwidth utilization, and interface speed.
This command can be abbreviated as sh int.

IOS Command #4 – copy running-config startup-config

Once you make your configuration changes, you need to save those changes. This command copies the configuration in RAM that you have been modifying to the configuration in flash. By copying it to flash, it will be saved when the router is powered off and restarted.
A shortcut for this command is wr (short for write memory).

IOS Command #3 – show ip route

Once you know that your interfaces are up and you have saved your configuration, you need to know if you have full network reach-ability. In other words, are your routing protocols working? What static routes have you entered? With the show ip route command, you can find out.
This command can be abbreviated sh ip ro.

IOS Command #2 – show ip interface brief

We saw the show interfaces command. This is the show ip interface brief command. So, you are only showing information about the interfaces as it pertains to the IP protocol. You are also asking for brief output. This command gives you the best summary of the status and IP addresses of your interfaces.
This command can be abbreviated sh ip int brie
And the #1 most important command that every network administrator should know is…

IOS Command #1 – show running-config

With the show running-config command, you see the entire router’s config. It’s that simple. You see the IP addresses, interfaces, passwords (that are in clear text), routing protocols, and other settings.
This command can be abbreviated sh ru or wr t.

Summary

Using the Cisco IOS is all about knowing what command to type in order to do what you need to do. The 5 commands shown in this post are just a few of the thousands of possible Cisco IOS commands. However, In my view these commands are some of the core commands that every network administrator should know.


Posted by at No comments:

Steps to Back Up and Restore Configuration on CISCO Devices

Steps to Back Up and Restore Configuration on CISCO Devices


Sooner or later in your networking career, you will realize that there is nothing more important than backing up your system’s configuration. Days, or even months of hard work can disappear in a matter of seconds. That’s why it is so important to always take the measures to prevent this from happening.
Performing backups often is important but also testing them can be invaluable because you need to make sure that you can rely on them when needed.
So let’s know how to connect to a Cisco router by using telnet and console access. Then we will see how to perform configuration backup to a TFTP server and how to restore the backup in case it is needed.

Connecting to a Cisco Router Using Console

Step 1: Attach a console cable to the console port (Rj-45) located at the back of the router.
Step 2: Open a new HyperTerminal instance from Start-All Programs-Accessories-Communications-HyperTerminal, enter a random name to this connection and choose the com port to use for connecting to the router. Adjust the following port settings to the com port:
Bits per second: 9600 
Data bits: 8 
Parity: none 
Stop bits: 
Flow control: Hardware
Step 3: After pressing [Enter] a few times you will see the Router> prompt. Go to menu view-font of the hyperterminal and select courier font with font size 14.
Write enable to enter into privileged mode (after issuing the correct enable secret). Here are the steps:
[Router name]>
[Router name]>enable
Password: ……….
[Router name]#

Connecting to a Cisco Router Using Telnet

Note that in order to be able to telnet onto a router, a telnet password must have been configured on the router and also telnet access should not be disabled on the specific router.
Before installing a new router you must provide a password for the telnet access on the router, otherwise you will not be able to telnet to it.
Use the console to connect to the router:
[Router name] enable
Password: ……….[insert enable secret here]
[Router name]# sh run
Press [enter] until you see a sentence like: line vty 0 4 (see the example below). Below this sentence you should see a password. If not then you should provide a password. If a password is set but no exec line is seen like in the example below, then telnet is blocked and you should unblock it.
Example:
Line vty 0 4
Password surpass
No exec

a. To Provide a telnet Password

Router#config t
Router(Config)#line vty 0 4
Router(Config)#login
Router(Config)#password [password name]
Press [Ctrl][z] and issue sh run to ensure that password has been set

b. To Unblock telnet Access on Router

Router#config t
Router(Config)#line vty 0 4
Router(Config)#exec
C:\>telnet 10.176.100.2
Password: ……….
[Router name]>enable
Password: ……….
[Router name]#

Backing Up Router Configuration

To copy the configuration from the router to the TFTP server you can use thecopy run tftp command. It will backup the router configuration thats stored in DRAM. Then you will be asked to enter the address of the TFTP server and the name of the destination file on TFTP server like this:
[Router name] #copy run tftp — to copy the running configuration to TFTP server
Address or name of remote host []? 172.16.10.2 — the ip address of TFTP server
Destination filename [routername-confg]? /Backup/Router01.cfg — the folder path on the server where the configuration file will be stored)

Restoring Router Configuration

In this section I’ll show you how to restore a running router with basic configuration and also how to restore a new router with no basic configuration — both of which scenarios you’ll probably run into.

1. Restoring a Running Router with Basic Configuration

In case the router has the basic configuration (i.e. router ports are assigned to subnet), use the command copy TFTP run and then complete the rest of the requirements like this:
[router name]# show run — to see the running configuration
[router name]#copy tftp run — to copy the configuration file from TFTP server to the running configuration of the router
Address or name of remote host []?172.16.10.2 — TFTP server address
Source filename[]?/Backup/Router01.cfg — the configuration file to be copied to the router
[router name]#show run
[router name]#show interfaces
[router name]#copy run start
We issue show run command to verify that the configuration has been copied to the router. Use show interfaces command to ensure that the interfaces where we have cables connected to them are up. Issue the command copy run start to copy the configuration from running configuration (DRAM) to Startup configuration (NVRAM).
The following is an example of what you will see on the screen when you issue the show interfaces command:
Vlan1 is up, line protocol is up
.
.
.
fastethernet 0/1 is up, line protocol is up
.
.
.
fastethernet 0/2 is down, line protocol is down
.
.
.
Usually fastethernet ports are brought up on their own as soon as the ethernet cable is attached to them. In case a certain port is still down after we have connect a cable in it we use:
[Router name]#config t
[Router name](config)#int fastethernet0/[router port]
[Router name](config-if)#no shutdown

2. Restoring a New Router with No Basic Configuration

a. Provide basic router configuration

In case we install a new router with no configuration, then we have to incorporate this router into the subnet before restoring the final configuration. We have to assign an IP address and subnet mask to interface Vlan1.
First we have to go through the old configuration files either from the old router or from the tfrp server and look for the IP address and subnet that the router was configured with, on its previous location. This information will look like this:
interface vlan1
ip address [ip address] [subnet]
Make a note of both IP address and subnet and then log onto your new router with the console cable using a hyperterminal. Issue passwords and then issue the following:
[Router name]#config t
[Router name](Config)#int vlan1
[Router name](Config-if)#ip address [ip address] [subnet]
[Router name](Config-if)#no shutdown
Press [CTRL][Z]
[Router name]# show run — to see that IP address on vlan1 has been set

b. Copy configuration from TFTP server to the router

[Router name] #copy TFTP run
Address or name of remote host []?172.16.10.2
Source filename[]?/Backup/Router01.cfg
[router name]#show run
[router name]#show interfaces
[router name]#copy run start

This article has all the details of backing up and restoring configuration files on Cisco switches/routers. 

Note:
  • Always do backups at frequent intervals.
  • Always save them in safe and secure places.
  • Always test them to see that they will operate as expected in case of real need.
Cheers :) 
Posted by at No comments:
Subscribe to: Posts (Atom)