Global Configuration Commands

Global Configuration Commands

Command                                          Description

config-registerregister                     Alters the configuration register.

boot system location                       Specifies location to load IOS.

hostname hostname                         Changes the name of the Cisco router or switch.

banner motd char banner char           Creates a message of the day login banner.

ip host name ipaddress                    Configures a static mapping of a hostname to an IP address.

ip name-server ip                            Specifies a DNS server IP address for dynamic name resolution.

ip domain-lookup                                      Enables automatic name resolution.

ip domain-name                                        Assigns a domain name to a Cisco device.

global configuration commands

Securing the IOS

First and foremost, ensure that you physically secure access to your Cisco devices so that there are no intentional or unintentional disruptions or access to the device itself.

To secure user EXEC access to your console port:

Router(config)#lineconsole 0

Router ( conf ig – line )#login

Router(config-line)#passwordpassword

 

To secure user EXEC access to your aux port:

Router(config)#lineaux 0 Router ( conf ig – line )#login Router(config-line)#passwordpassword

To secure user EXEC access to all five Telnet lines:

Router(config)#linevty 0 4

Router ( conf ig – line )#login

Router(config-line)#passwordpassword

To secure access to privileged EXEC mode:

Router(config)#enablesecret password Router(config)#enablepassword password

Theenable secret global configuration command encrypts the password using a MD5 hash.If theenable secret andenable password commands are used at the same time, theenable secret password is used.

To encrypt the enable password and the line passwords, use the service password-encryptioncommand.

configuration commands

SSH

To secure terminal access to the Cisco device, use SSH over Telnet. The steps to configure SSH are as follows:

  1. Configure a hostname on the device other than the default hostname.
  2. Configure a domain name for the Cisco device.
  3. Generate an RSA key (recommended to be at least 1024 bits) with the crypto key generate command.
  4. Create a username/password combination with the username username password password command.
  5. (Optional) Limit the vty lines to allow SSH with only the transportinput SSH command.

 

Interface Configuration Commands

 

Command                             Description

ip address ipsubnetmask    Assigns an IP address to an interface.

no shutdown                            Administratively enables an interface.

full-duplex

clock rate speed                     Sets the timing speed of the network on a DCE interface in bps.

bandwidth speed                   Sets the logical bandwidth setting for routing protocols in Kbps. ip address dhcp

Switch Commands

 Switch Configuration Commands

Command                                 Description

interface range media range Configures several interfaces with the same parameters.

ip address ipaddress               Assigns an IP address to a VLAN interface.

ip default -gateway ip Sets the gateway of last resort for a Layer 2 switch. Changes the speed of an autosensing link in Mbps. Sets the duplex of a switchport.

The copy Command

Thecopy command is used to copy files from one location to another. For example, to save the current configuration, we copy the running-config in RAM to the startup-config in NVRAM using the copy running-configstartup-configcommand.

Thecopy command is used to copy files between our device and a TFTP server. For instance,copy flashtftpbacks up the IOS in flash to a TFTP server.copy flashtftpcan be usedto upgrade, downgrade, or restore an IOS back onto our device. Before copying to a TFTP server, follow these steps:

  1. The TFTP server must have the TFTP service running.
  2. Our device must be cabled correctly. If a switch, plug the TFTP server into the switch with a straight-through Ethernet cable. If going directly between a router and the TFTP server, use a cross-over cable.
  3. You must have IP connectivity to the server.
  4. There must be enough room on the TFTP server and your device’s memory to store these files.

 

The show Command

  General show Commands
Command                                  ModeOutput
show running-config              PrivilegedCurrent active configuration in RAM.
show startup-config               PrivilegedConfiguration stored in NVRAM that is loaded on reboot.
show interfaces              User and privilegedStatus of the interfaces as well as physical and logicaladdress, encapsulation, bandwidth, reliability, load,MTU, duplex, broadcasts, collisions, and frame errors.

Status of the interfaces and their logical addresses.

Microcode of the interface including DCE/DTE cable

show ipinterfacebriefUser and privilegedshow controller               User and privileged
show flash                      User and privilegedFilenames and sizes of IOS files stored in flash memory.
show version                  User and privilegedIOS version, system uptime, amount of RAM, NVRAM,flash memory, and configuration register.

 

Interface Status

  Interface Status Values
Layer 1Layer 2 (Line Protocol)Possible Symptoms
UpUpUpDownNone. Interface is functional.Encapsulation mismatch, lack of clocking on serial
DownDownCable is disconnected or attached to a shutdown inter‑face on the far-end device.
Administratively downDownLocal interface was not enabled with the no shutdown

 

Copyright ©2010 -  2019 Ciscoforall.com | Privacy Policy