Cisco IOS Cheat Sheet

Josh -

Throughout various projects, i've had quite a lot of experience using Cisco IOS.

Commonly used for administering switches and firewalls, IOS is a simple command line interface which allows you to modify all aspects of the switch. However, it is quite complex and some features may not be very intuititve. Here, i've attempted to document a few useful commands for future reference.

General Commands

Elevate privileges

enable

Enter configuration shell to make changes

configure terminal

Save Config

copy running-config startup-config

Save Config (deprecated but works)

write

Enable cdp globally

cdp run

Disable cdp globally

no cdp run

VLANS

Shows the UNTAGGED vlans available on every port.

show vlan

Inspect each VLAN to see TAGGED vlans available on each port

show vlan id <int>

Make a vlan

(config)#vlan 3
(config-vlan)#name my-awesome-vlan
(config-vlan)#no shutdown

Setup port's TAGGED VLANs (Trunk)
"Native" specifies the VLAN tag assigned to inbound untagged traffic.

(config)#interface Gi0/48
(config-if)#switchport trunk encapsulation dot1q
(config-if)#switchport mode trunk
(config-if)#switchport trunk allowed vlan add 4
(config-if)#switchport trunk allowed vlan remove 1-3
(config-if)#switchport trunk native vlan 5

Set port's UNTAGGED VLAN

(config)#interface Gi0/1
(config-if)#switchport mode access
(config-if)#switchport access vlan 5

Configure multiple ports at once

(config)#interface range Gi0/1-24
(config-if)#<do whatever>

Delete VLAN

(config)#no vlan <vlan id>

Disable trunk on port

(config-if)#no switchport trunk encapsulation dot1q

Disable CDP on port/interface

(config-if)#no cdp enable

Disable dtp negotiation on port

(config-if)#switchport nonegotiate

Layer 3

Show routing table.

show ip route

Set IP addresses on a VLAN (assigned to a set of ports)

(config)#interface Vlan5
(config-if)#ip address 10.12.34.1 255.255.255.0
(config-if)#no shutdown

Set default route (layer 3) [net/mask/gw]

(config)#ip route 0.0.0.0 0.0.0.0 10.0.1.1

Resetting a switch

  • Hold the "MODE" button on the front of the switch whilst plugging in the power cable.
  • SYS LED will start flashing.
  • Open a serial terminal on 9600 or 115200 depending on model.
switch: flash_init

Initializing Flash...

flashfs[0]: 251 files, 3 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 15998976
flashfs[0]: Bytes used: 15995392
flashfs[0]: Bytes available: 3584
flashfs[0]: flashfs fsck took 10 seconds.
...done Initializing Flash.

switch: dir flash:

Directory of flash:/
    3  -rwx  15411751  <date>               c3750-ipbasek9-mz.122-58.SE2.bin
    5  drwx  7744      <date>               crashinfo_ext
    8  drwx  7744      <date>               crashinfo
  122  -rwx  1915      <date>               private-config.text
  251  -rwx  156       <date>               express_setup.debug
  252  -rwx  2649      <date>               config.text
  253  -rwx  3096      <date>               multiple-fs
  254  -rwx  676       <date>               vlan.dat

3584 bytes available (15995392 bytes used)

switch: rename flash:config.text flash:config.text.disabled

switch: boot

The switch will boot up. At some point it will ask:

Would you like to enter the initial configuration dialog? [yes/no]: 
yes

And from here you can configure the switch as normal.

Accessing the flash

List files

dir

Move

rename flash:myfile.txt  flash:myfile2.txt

Copy

copy flash:myfile.txt  flash:myfile2.txt

Delete file

delete flash:myfile.txt

Delete directory

rm  flash:myfiles/