Cisco Commands Cheat Sheet

The internal workings of a hard drive
Skylar McGonigle | 2022-07-22 | 6 min read

OS: Cisco IOS

Admin Commands

! Enables Privileged Mode
enable

! Writes a configuration
write

! Reboots the device
reload

! Reboot in 10 minutes
reload in 10
reload cancel

ARP (Address Resolution Protocol)

! Confirm all connected devices are in the ARP table
show arp

! This will ping all the devices in that subnet and add them to the ARP table
ping XXX.XXX.XXX.255

! Clear ARP table
clear arp-cache

Backup Config

copy running-config flash:Backup-YYYY-MM-DD

BGP (Border Gateway Protocol)

! Resets the BGP
clear ip bgp

! BGP Logging
show logging | include bgp

! Show BGP Config
show run | sec bgp

show ip bgp summary
show ip bgp neighbors XXX.XXX.XXX.XXX advertised-routes

Cancel Commands

Ctrl+C
Ctrl+X
Ctrl+Shift+6

Cellular

! Display the RSSI
show cell 0 radio	

! Displays the cellular profile
show cell 0 profile

! Allows you to make configuration changes
conf t									      
  int cell 0
    shutdown
    exit

! Change the cellular band
show cellular radio "interface number" band
conf t
  controller_cell "interface number"
    lte modem band-select band-indices "band" slot ?
show run | sec controller
show inventory

! Force the modem to UMTS
conf t									      
  int cell 0
    shutdown
    end
cell 0 lte technology umts
conf t									      
  int cell 0
    no shutdown
    end

! Force the modem to LTE
conf t									      
  int cell 0
    shutdown
    end
cell 0 lte technology lte
conf t									      
  int cell 0
    no shutdown
    end

show cell 0 radio history

Clear

clear counters gigabitEthernet 1

Clock / NTP

show clock
show ntp associations
show ntp associations detail
show ntp config
show ntp 
show run | sec ntp

Configuration

! Shows the running config
show run

! Shows software and firmware version
show version

Copy

! From PC to Device
copy scp: flash:
remote host: XXX.XXX.XXX.XXX
"Username"
filename: ie4000-universalk9-tar.152-4.EA6.tar

! From Device to PC
copy flash:/ie40... scp:
Enter
XXX.XXX.XXX.XXX
"Username"
Enter
"Password"

Crypto / Tunnels

! Show tunnel stats
show crypto ipsec sa

! Should display QM_IDLE
show crypto isakmp sa

! Displays the tunnels
show crypto ikev2 sa

! Flush the ISAKMP database  
clear crypto isakmp
clear crypto ipsec sa

! Resets the tunnels
clear crypto ikev2 sa

! Clear all crypto sa's
clear crypto sa

Debugging

! Turn on debugging
conf t
  logging console debugging
  exit
terminal monitor  

! Debug BGP
debug ip bgp

! Debug SSH
debug ip ssh

! Turns on tunnel debug
debug crypto isakmp

! Checks if the NTP authentication is working
debug ntp validity

! Turns off all debugging
undebug all
conf t
  no logging console debugging
  exit
terminal no monitor

Errors (err-disabled)

! List port errors on all interfaces
show interfaces status err-disabled

Factory Reset / Erase Configuration

! Soft Reset
write startup-config
delete vlan.dat
reload

! Hard Reset
! 15.5(3)M5 or Earlier
The device must be booted to password prompt before you reset the device.
Once you see the password prompt, long press the reset button for 30 seconds until this message appears.

! 15.6 or Later
Power off the device and simultaneously press the reset button while you apply power to the device.
Hold the reset button for about 30 seconds until the Protocol over Ethernet (PoE) light comes on and then release the button.

Hardware Test

show env all
show flash:
show post
show version

Firmware Update

! On the PC
MobaXterm > Servers > TFTP > Point to the directory with the IOS version

! Set the static IP
10.0.0.10
255.255.255.0
Plug into port 1 on the switch
! May need to enable MobaXterm in the firewall

! On the Swtich
en
conf t
int vlan 10
ip address 10.0.0.1 255.255.255.0
no shutdown
int gig 0/1
switchport mode access
switchport access vlan 10
no shutdown
end

copy tftp://10.0.0.1/c3560c405ex-universalk9-mz.152-2.E10.bin flash:

! If it's a "bundle" package run the following
bundle install flash:xxxxx"bundle"xxxxx

conf t
boot system flash:c3560c405ex-universalk9-mz.152-2.E10.bin
end
write
reload

Interfaces

! List the port status and description
show interfaces status

! List interface and IP addresses
show ip int br

! Show interface config
show run gi 1/1

! Shows all interface configs
show run | sec int

! Turn on a port
int gigabitethernet 0
  no shutdown

! Shutdown a port
int gigabitethernet 0
  shutdown

LED's

show platform led

NAT

debug ip nat
terminal monitor

conf t
interface TunnelXX
ip nat outside
exit

interface vlanXX
ip nat inside
exit

ip nat inside source static "Inside IP" "Outisde IP" extendable

Packet Capture

! Turn on
monitor capture buffer BUF size 2048 max-size 1518 linear
monitor capture point tcp POINT both filter ipv4
monitor capture point associate POINT BUF
monitor capture point start POINT
show monitor capture buffer all parameters
show monitor capture buffer BUF dump

! Turn off
monitor capture point stop POINT
no monitor capture point tcp POINT both filter ipv4
no monitor capture buffer BUF
no monitor capture point tcp POINT both filter ipv4

Ping

ping XXX.XXX.XXX.XXX

! Ping from a VLAN
ping XXX.XXX.XXX.XXX source vlan1

! Ping from a VRF
ping vrf OWAN XXX.XXX.XXX.XXX

Port Security

show port-security

! Displays the port security on the designated port
show port-security int gig1/9

! Clear port security
clear port-security
conf t
  int gig1/1
    shut
    no shut
    end

Restore Config

! Replaces the current configuration with an older one
config replace flash:Backup-XX-XX-X

Routing / Routes

! Displays all the IP routes
show ip route

! Lists the routes for a VRF
show ip route vrf "VRF Name"

! Configuration
show run | sec ip route

Serial

! Confirm the serial connection
show raw-socket tcp session

SLA

! Configuration
show run | sec sla

! Shows the SLA Sumamry
show ip sla summary

! Shows the status of the SLA
show track

! Keep alive command
ip sla 1                            
      icmp-echo XXX.XXX.XXX.XXX source-interface GigabitEthernet0
      request-data-size 10
      frequency 20
ip sla schedule 1 life forever start-time now
exit

SSH

ssh "Username"@XXX.XXX.XXX.XXX

! SSH from a VRF
ssh -vrf "VRF Name" -l "Username" XXX.XXX.XXX.XXX

Transceiver

! Show optical levels
show interface gigabitEthernet 1/1 transceiver detail

WLAN / Wifi / Wi-fi

service-module wlan-ap 0 statistics

Turn off domain lookup

no ip domain-lookup

VLAN

! Change VLAN Name
conf t
  vlan 10
  name LAN
  end
write

! Assign IP Address to VLAN
conf t
  int vlan 10
  description LAN
  no shutdown
  ip address 192.168.10.3 255.255.255.0
  end
write

! Lists Trunk Ports
show int trunk    	

show vlan

VRF (Virtual Routing and Forwarding)

! Lists the routers VRF's
show vrf

! Lists the Routes for that VRF
show ip route vrf "VRF Name"

WANMON

show run | include wan 
  event manager environment wanmon_if_list1 {Cellular0 {ipsla 100} }
  event manager policy tm_wanmon.tcl authorization bypass