Basic IOS Commands for Routers and Switches
- select the contributor at the end of the page -
In today's article, I will give you a short introduction to the Cisco Internetwork Operating System, also known as the IOS. This is the operating system that controls Cisco routers and switches and provides the interface to configure Cisco devices as well.
We will take a look at the various router command modes, set router passwords and banners, configure router hostnames and interface descriptions, and much more.
For details on how to connect to a Cisco router or switch, see my article on How to Back Up and Restore Configuration on Cisco Devices. This article will show you with the basic commands for smoother and more linear induction into more specialized stuff.
Overview of Router Modes
Once you login into a router you instantly enter the so-called user mode - the prompt [Router name] > appears. From this mode you can only see some statistic information.
To view and change the configuration of the router you have to enter into the privileged mode by entering the enable command. Here are the steps:
RouterA>RouterA>enable
RouterA#
To be able to make global changes to the configuration of the router you have to enter the global configuration mode. Once you achieve that, you are able to access any possible subsequent configuration mode and make global changes:
RouterA#configure terminal or config t for shortRouterA(config)#
Now you have the control of your device. If you need to modify your router's configuration then you enter the appropriate configuration mode. For example, if you want to make a change to your Fastethernet interface 0/0 then you have to enter interface configuration mode and make your modifications from there. Here are the steps:
RouterA(config)# interface fastethernet 0/0RouterA(config-if)#
Prompt RouterA(config-if)# indicates you are in interface configuration mode. At any time, and any mode you are in, you can insert a question mark ? and the router will automatically show all the possible commands or option parameters you can apply at that specific time.
RouterA(config-if)# ?Interface configuration commands:
access-expression Build a bridge boolean access expressionarp Set arp type (arpa, probe, snap) or timeout
backup Modify backup parameters
ip Interface Internet Protocol config commands .
.
.
.
Below there is a list of the most important configuration modes along with the commands used to enter these modes:
Name Your Router and Adjust its Clock
To apply an identity to your router, use the hostname command. To adjust the clock on the router use the clock set command. Always use the ? to help you correctly finish the command:
Setting Banners
It's a good idea to configure security notices to be displayed every time someone accesses your router. These notices are considered to be valid legal notices. The most useful banner is the so-called Message Of The Day (MOTD) banner.
This banner is displayed to every user connecting to the router either via telnet, console port or auxiliary port. This is how you can set it on your router:
RouterA(config)# banner motd ?Line c banner-text c, where c is a delimiting character
RouterA(config)# banner motd # ***AUTHORIZED USERS ONLY***#
Setting Passwords
The first thing you need to set on your router, before you even modify its configuration, is the secret password which is used to secure privileged mode access to the router. This password uses strong encryption algorithms making it impossible to break.
It should really be your number one priority to make sure you have set this password on your router. Use the enable secret commands to apply it to your router:
RouterA(config)# enable secret TEST
For added security you can apply user mode passwords. When users access the router either remotely via telnet or via the console terminal then this kind of passwords prompts the users for authentication.
To set this password for users accessing the router remotely via telnet, use the line vty [first line number] [last line number] command. By default, Cisco IOS enables 5 virtual terminal lines - lines 0 through 4. The necessary steps to configure this are the following:
RouterA(config)# line vty 0 4RouterA(config-line)#login
RouterA(config-line)#password TESTING
To set user mode password for the console line, perform the following:
RouterA(config)# line console 0RouterA(config-line)#login
RouterA(config-line)#password TESTING
A couple of important commands you can use at the line configuration mode are the exec-timeout [minutes][seconds] and logging synchronous commands.
The first one sets the timeout for the specific line and the second one stops annoying pop-up messages from disrupting whatever you are trying to type. Here is an example of how to apply these commands:
RouterA(config)# line console 0RouterA(config-line)#exec-timeout 10 0
RouterA(config-line)#logging synchronous
Managing Router Interfaces
At the interface configuration mode, you can apply an IP address and subnet mask to an interface using the ip address command. You can also shutdown or activate an interface by using the shutdown or no shutdown commands respectively. These two commands are very basic and you will definitely use them all the time. Here is an example:
RouterA(config)# interface fastethernet 0/0RouterA(config-if)#ip address 192.168.10.1 255.255.255.0
RouterA(config-if)#no shutdown
It is a good idea to apply descriptions to your connected interfaces as well. This will be very helpful, especially when you're troubleshooting things. Simply use the description command, like this:
RouterA(config)# interface fastethernet 0/0RouterA(config)# description CONNECTION TO CENTRAL SWITCH
Displaying and Verifying Things
There is one privileged mode command that you will find yourself using extensively. I am talking about the show command which has a broad usage, including:
- Viewing routers configuration
- Verifying interfaces configuration
- Viewing interfaces status
Here are a few important show commands you will find helpful to use:
- RouterA# show running configuration
- RouterA# show clock
- RouterA# show interfaces
- RouterA# show ip interfaces brief
- RouterA# show interfaces description
Go Ahead and Ride Your Router
Now that you have learned the basic commands for configuring your routers and switches go ahead and give it a try! Try to apply the knowledge you gained from this article into practice, and remember that it is vitally important to set your enable secret first.
Security is something you don't have the privilege to underestimate. Also note that you should save your router's configuration file at regular intervals to both your router's NVRAM and external server.
If you need help with this, take a look at my article on Backing up and Restoring Configuration on Cisco Devices for details on how to perform and store backups.
Ready to test your skills for the Cisco Certified Network Associate certification exam? See how they stack up with this assessment from Smarterer. Start this CCNA test now.
