Sandbox99 Chronicles

Introduction to Cisco CLI

The Cisco CLI is the primary interface for interacting with Cisco routers and switches. It’s a text-based interface where you type commands to perform various tasks. The CLI operates in different modes, each with its own set of commands and prompt. Understanding these modes is crucial for navigating and configuring Cisco devices effectively.

The most common modes you’ll encounter are:

• User EXEC Mode: This is the initial mode after logging in, offering limited monitoring commands. The prompt usually ends with >.
• Privileged EXEC Mode: Provides access to all EXEC commands, including those for viewing system information and entering configuration modes. The prompt usually ends with #. You typically enter this mode by typing enable.
• Global Configuration Mode: Used for making global changes to the device. You enter this mode from Privileged EXEC mode by typing configure terminal. The prompt usually ends with (config)#.
• Interface Configuration Mode: Used for configuring individual interfaces (e.g., GigabitEthernet, Serial). You enter this mode from Global Configuration mode by typing interface <interface_type> <interface_number>. The prompt usually ends with (config-if)#.
• Line Configuration Mode: Used for configuring console, auxiliary, and virtual terminal (VTY) lines. You enter this mode from Global Configuration mode by typing line <line_type> <line_number>. The prompt usually ends with (config-line)#.

Cisco Command Line Cheat Sheet

This cheat sheet focuses on fundamental commands that are frequently used in day-to-day Cisco device management.

Navigating Modes

enable
# Enter Privileged EXEC mode from User EXEC mode.

disable
# Exit Privileged EXEC mode and return to User EXEC mode.

configure terminal (or conf t)
# Enter Global Configuration mode.

exit
# Exit the current configuration mode and return to the previous mode.

end
# Exit any configuration mode and return directly to Privileged EXEC mode.

Basic Device Information & Management

show version
# Display the device's IOS version, uptime, and hardware information.

show running-config (or sh run)
# Display the currently active configuration.

show startup-config (or sh start)
# Display the configuration that will be loaded on the next reload.

copy running-config startup-config (or copy run start)
# Save the current running configuration to NVRAM, making it persistent across reloads.

reload
# Restart the device. (You will be prompted to save changes if you haven't already).

hostname <name>
# Set the device's hostname (in Global Configuration mode).

banner motd # <message> #
# Set the Message Of The Day banner (in Global Configuration mode). The # can be any character not in the message itself.

Interface Configuration

interface <interface_type> <interface_number>
# Enter interface configuration mode (e.g., interface GigabitEthernet0/1).

description <text>
# Add a description to the interface.

ip address <ip_address> <subnet_mask>
# Assign an IP address and subnet mask to the interface.

no shutdown
# Enable an interface (bring it up).

shutdown
# Disable an interface (bring it down).

duplex <auto|full|half>
# Set the duplex mode.

speed <auto|10|100|1000>
# Set the interface speed.

show ip interface brief (or sh ip int br)
# Display a summary of IP addresses and interface status.

Password and Security

enable secret <password>
# Set an encrypted password for Privileged EXEC mode (in Global Configuration mode). This is preferred over enable password for security.

line console 0
# Enter console line configuration mode.

password <password>
# Set a password for the console line.

login
# Require a password for console access.

line vty 0 4
# Enter VTY (Telnet/SSH) line configuration mode for lines 0 through 4.

transport input <all|ssh|telnet|none>
# Specify allowed incoming transport protocols.

logging synchronous
# Prevent console messages from interrupting your typing.

Viewing & Troubleshooting

show ip route
# Display the IP routing table.

show mac address-table (or sh mac address-table)
# Display the MAC address table (on switches).

ping <ip_address>
# Test network connectivity to a destination IP address.

traceroute <ip_address>
# Trace the path to a destination IP address.

show interfaces
# Display detailed information about all interfaces.

show cdp neighbors detail
# Display detailed information about directly connected Cisco Discovery Protocol (CDP) neighbors.

clear line console 0
# Clear the console line, useful if a session is hung.

debug <protocol>
# Enable debugging for a specific protocol (use with caution in production environments as it consumes CPU resources).

no debug all (or undebug all)
# Disable all debugging.

Help & Autocompletion

?
# Get help on available commands or options at the current prompt.

command ?
# Get help on the arguments for a specific command (e.g., show ?).

Tab key
# Autocompletes commands or keywords.

Final Thoughts

For any network engineer, a personalized cheat sheet isn’t just a convenience; it’s a critical tool for efficiency, accuracy, and quick problem-solving. While the commands listed above provide a solid foundation, your ultimate cheat sheet should be dynamic and tailored to your specific role, network environment, and the challenges you most frequently encounter.

Here’s what every network engineer should ensure their cheat sheet covers:

• Core Navigation & Management: Commands for moving between CLI modes, saving configurations, and performing basic device reloads are non-negotiable. These are your everyday essentials.
• Interface Configuration: Quick access to commands for bringing interfaces up/down, assigning IPs, setting descriptions, and configuring speed/duplex is vital for both initial setup and troubleshooting connectivity.
• Verification & Troubleshooting: Commands like show ip interface brief, show ip route, ping, and traceroute are your first line of defense when diagnosing network issues. Include your most frequent show commands for quick diagnostics.
• Context-Specific Commands: Don’t just list generic commands. If you frequently work with OSPF, include your go-to show ip ospf neighbor or show ip protocols commands. If you manage VLANs extensively, ensure your VLAN creation and assignment commands are easily accessible.
• Security & Access Control: Basic password configuration, remote access (SSH/Telnet) setup, and ACL (Access Control List) commands are fundamental for securing your devices and controlling network access.
• Vendor-Specific Nuances: While this cheat sheet focuses on Cisco, if you work with multiple vendors (e.g., Juniper, Fortinet, Palo Alto), create separate sections or integrate key commands that differ significantly.
• Personal Notes & Reminders: Beyond just commands, include little reminders about common gotchas, specific device quirks, or even your preferred order of operations for certain tasks. These personalized insights can save you significant time.
• “What to do when X happens” Scenarios: Think of common problems you face. How do you quickly check if an interface is down? What’s your go-to command sequence when a new route isn’t appearing? Documenting these mini-workflows is incredibly powerful.

Remember, your cheat sheet is a living document. Continuously update it as you learn new commands, encounter different network scenarios, and refine your troubleshooting methodologies. The more you customize it to your daily tasks, the more invaluable it becomes in ensuring you can recall commands quickly and efficiently, even under pressure.