Cisco Basic Router Commands
Commands from my Professor
> enable
Enter privileged executive mode
# conf t
Configuration terminal
(config)# hostname …
Set device hostname
(config)# banner motd #…#
Set the message of the day. Message needs to be enclosed between ## or “”.
(config)# enable secret …
Set privileged executive mode password
(config)# service password-encryption
Encrypt passwords in run config
(config)# no ip domain-lookup
Disable DNS lookup
(config)# line con 0
(config-line)# password …
(config-line)# login
(config-line)# exit
Set line console 0 password, secure the console line
(config)# line vty 0 15
(config-line)# password …
(config-line)# login
(config-line)# exit
Secure the vty lines. Note: a switch uses vty 0 15 and a router uses vty 0 4.
(config)# interface g0/1
(config-if)# ip address 192.168.5.1 255.255.255.0
(config-if)# description Link from Switch to Router 1
(config-if)# no shutdown
(config-if)# exit
Add an ip address to a gigabit Ethernet interface and turn it on. Description line is optional.
(config)# int vlan 1
(config-if)# ip add 192.168.10.1 255.255.255.0
(config-if)# description HR LAN Switch
(config-if)# no shut
(config-if)# exit
Add an ip address to a vlan. Description line is optional.
(config)# ip default-gateway 192.168.10.1
Tell a switch the router interface used as the default-gateway.
(config)# end
Go back to privileged executive mode.
#copy run start
Save the running-configuration to the startup-configuration.
# show ip int brief
Shows a short list of all interfaces, their assigned ip addresses, and their current state (up/down)
# erase startup-config
Delete the configuration stored in NVRAM
# reload
Reboot the device
# show run
Displays the running configuration
(config)# login block-for 120 attempts 3 within 60
Prevents brute force attacks. Blocks login attempts for 120 seconds if there are three failed login attempts within 60 seconds.
(config)# line vty 0 4
(config-line)# exec-timeout 10
Will log the user out after the account has been idle for 10 minutes
(config)# ip domain-name …(domain-name)
(config)# crypto key generate rsa
(use a key size of at least 1024 bits)
(config)# username … secret …(password)
(config-line)# line vty 0 4
(config-line)# login local
(config-line)# transport input ssh
(config-line)# exit
This set of commands allows for remote access via secure shell.