Lesson Contents
Most Cisco devices (including routers and switches) use a CLI (Command Line Interface) to configure the network device. The CLI is an interface, based on text. You type in configuration commands and use show commands to get the output from the router or switch. There are also GUIs (Graphical User Interface) for the routers, switches and firewalls but the majority of the work is done on the CLI.
This might sound dated but with so many commands that are available to use, the CLI is much easier to work with than any of the graphical interfaces. It’s also much easier to copy entire configurations from one device to another.
In this lesson, I’ll explain how to access the CLI and the basics of how Cisco IOS works.
Access to Cisco IOS CLI
Before we can enter any commands, we need access to the CLI. There are three options:
- Console
- Telnet
- SSH
The console is a physical port on the switch that allows access to the CLI. We typically use this the first time we configure the switch. Telnet and SSH are both options for remote access.
Console Cabling
On the switch, you will find one or two physical connectors for the console. Take a look at the picture below:
On the left side of this 2960 Catalyst switch, you see the light blue RJ45 port and a micro-USB port on the left of it. Older switches only have the RJ45 port, newer switches (and other devices) often have both options.
Even though it’s an RJ45 port, it’s not an Ethernet port. We use this connection to connect the switch to a serial port on your computer with the following cable:
This cable is called a Cisco console cable and you will need a serial port on your computer. Modern computers or laptops don’t have these serial ports anymore so you might have to use a serial-to-USB cable like this one:
This cable emulates a serial port and has a USB connection. Once you have connected your computer to the switch, we can start a terminal application to access the CLI.
Terminal Emulator
There are many terminal emulator applications. If you are new to this, the best one to start with is Putty. It’s free and allows you to connect using a serial connection, telnet and SSH. Once you have downloaded it, you will see the main screen:
Make sure you select the “Serial” option. The default speed is 9600 (baud rate). The COM port will depend on your computer, it might be COM1 but if you are unsure, check the device manager in Windows. Click on Start > Run and enter “devmgmt.msc”:
Here is the device manager:
Above you can see that on my computer, I have to use COM4. Change the COM port and click on Open to start the console:
Now is a good time to power on your switch or in case it is already powered on, pull the plug so it can reload.
First Boot
When the switch boots, you will see a lot of stuff on the console. First, it will initialize the flash memory:
Boot Sector Filesystem (bs) installed, fsid: 2
Base ethernet MAC Address: 00:11:bb:0b:36:00
Xmodem file system is available.
The password-recovery mechanism is disabled.
Initializing Flash...
flashfs[0]: 14 files, 4 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 15998976
flashfs[0]: Bytes used: 12794368
flashfs[0]: Bytes available: 3204608
flashfs[0]: flashfs fsck took 9 seconds.
...done Initializing Flash.
done.
Initializing the flash memory is required since it contains the IOS image (Operating System) of the switch. Its next step is to load the IOS image from the flash memory:
Loading "flash:/c3560-ipservicesk9-mz.122-55.SE10.bin"...@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
File "flash:/c3560-ipservicesk9-mz.122-55.SE10.bin" uncompressed and installed, entry point: 0x1000000
executing...
The IOS image is compressed so the switch uncompresses the image and loads it in RAM. You are then presented with some legal information and information about the switch:
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Cisco IOS Software, C3560 Software (C3560-IPSERVICESK9-M), Version 12.2(55)SE10, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2015 by Cisco Systems, Inc.
Compiled Wed 11-Feb-15 11:34 by prod_rel_team
Image text-base: 0x01000000, data-base: 0x02F00000
This tells us the version of the IOS image. IOS is now up and running, it also initializes the flash memory:
Initializing flashfs...
flashfs[1]: 14 files, 4 directories
flashfs[1]: 0 orphaned files, 0 orphaned directories
flashfs[1]: Total bytes: 15998976
flashfs[1]: Bytes used: 12794368
flashfs[1]: Bytes available: 3204608
flashfs[1]: flashfs fsck took 1 seconds.
flashfs[1]: Initialization complete....done Initializing flashfs.
IOS starts with a POST (Power on Self Test) for some of the switch components:
POST: CPU MIC register Tests : Begin
POST: CPU MIC register Tests : End, Status Passed
POST: PortASIC Memory Tests : Begin
POST: PortASIC Memory Tests : End, Status Passed
POST: CPU MIC interface Loopback Tests : Begin
POST: CPU MIC interface Loopback Tests : End, Status Passed
POST: PortASIC RingLoopback Tests : Begin
POST: PortASIC RingLoopback Tests : End, Status Passed
POST: Inline Power Controller Tests : Begin
POST: Inline Power Controller Tests : End, Status Passed
POST: PortASIC CAM Subsystem Tests : Begin
POST: PortASIC CAM Subsystem Tests : End, Status Passed
POST: PortASIC Port Loopback Tests : Begin
POST: PortASIC Port Loopback Tests : End, Status Passed
Waiting for Port download...Complete
It then warns us about the cryptographic features:
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
You might be wondering what a switch has to do with cryptography. Depending on your IOS image, your switch is able to run SSH server. This allows encrypted remote access. Another feature that uses cryptography is SNMP version 3, this is used by network management software to read statistics from the switch. In certain countries, cryptography is forbidden or limited.
The final part of the boot process gives us some general information about the switch:
cisco WS-C3560-24PS (PowerPC405) processor (revision G0) with 131072K bytes of memory.
Processor board ID CAT0832N0G3
Last reset from power-on
1 Virtual Ethernet interface
24 FastEthernet interfaces
2 Gigabit Ethernet interfaces
The password-recovery mechanism is disabled.
512K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address : 00:11:BB:0B:36:00
Motherboard assembly number : 73-9299-01
Power supply part number : 341-0029-03
Motherboard serial number : CAT083107CZ
Power supply serial number : DTH08282MZA
Model revision number : G0
Motherboard revision number : E0
Model number : WS-C3560-24PS-S
System serial number : CAT0832N0G3
Top Assembly Part Number : 800-24791-01
Top Assembly Revision Number : K0
Version ID : N/A
Hardware Board Revision Number : 0x09
Switch Ports Model SW Version SW Image
------ ----- ----- ---------- ----------
* 1 26 WS-C3560-24PS 12.2(55)SE10 C3560-IPSERVICESK9-M
Above we can see the switch model, the interfaces it has, some serial numbers, etc. It ends with the following message:
Press RETURN to get started!
Now it’s up to us to configure the switch.
Depending if your switch already has a configuration or not, you might see the following message:
--- System Configuration Dialog ---
Enable secret warning
----------------------------------
In order to access the device manager, an enable secret is required
If you enter the initial configuration dialog, you will be prompted for the enable secret
If you choose not to enter the intial configuration dialog, or if you exit setup without setting the enable secret,
please set an enable secret using the following CLI in configuration mode-
enable secret 0 <cleartext password>
----------------------------------
Would you like to enter the initial configuration dialog? [yes/no]:
If there is no configuration, the switch will ask you if you would like to follow a wizard called the initial configuration dialog. If you see this, type “no” to continue so that we can start with a blank configuration. We will configure the device ourselves.
User and Enable mode (Privileged Exec Mode)
Once the switch has booted and we have pressed the enter key, we end up in what we call the user mode or user EXEC mode. In this mode, we have permission to use some simple commands but we are restricted to configure anything or use some more advanced commands.
Right now, the command line will show you this:
Switch>
The > symbol tells us that we are currently in user mode. To get full access to the switch, we have to enter privileged mode, also called enabled mode. Here is how to do this:
Switch>enable
Switch#
Above you can see that the > symbol changed to #. This tells us we are now in enabled mode, granting us full access to the switch. bliep…
Switch#disable
Switch>
The disable command lets you jump back to user mode.
Erasing the Switch Configuration
If you are using used hardware, it’s possible that the previous owner did not erase the configuration of the switch. To start with a clean slate, we’ll wipe the configuration of the switch before we continue. Here’s how to do this:
Switch#erase startup-config
Erasing the nvram filesystem will remove all configuration files! Continue? [confirm]
[OK]
Erase of nvram: complete
Type erase startup-config and the switch will ask you to remove all configuration files. Between the brackets, you see confirm. If you see anything between [] you only have to press enter. You don’t have to type “confirm”.
Switches also store VLAN (Virtual LAN) information in another file. What a VLAN is and what it does is something that we will cover in another lesson, for now, let’s just make sure it is deleted. Here’s how to do it:
Switch#delete flash:vlan.dat
Delete filename [vlan.dat]?
Delete flash:vlan.dat? [confirm]
Type delete flash:vlan.dat to delete the file. You only have to press enter to confirm what Cisco IOS tells us between the brackets. If you get an error that there is no such file, do not worry. It means someone else already deleted the VLAN information and you can continue.
Type reload and the switch will reboot:
Switch#reload
Proceed with reload? [confirm]
Once the switch has reloaded, we can try something else…
Show commands
The show command is probably the most used command for Cisco IOS. We can use it to fetch any information from the switch. Let’s start with a simple example, let’s say we want to see some general information about the switch:
Switch#show version
Cisco IOS Software, C3560 Software (C3560-IPSERVICESK9-M), Version 12.2(55)SE10, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2015 by Cisco Systems, Inc.
Compiled Wed 11-Feb-15 11:34 by prod_rel_team
Image text-base: 0x01000000, data-base: 0x02F00000
ROM: Bootstrap program is C3560 boot loader
BOOTLDR: C3560 Boot Loader (C3560-HBOOT-M) Version 12.2(44)SE5, RELEASE SOFTWARE (fc1)
Switch uptime is 54 minutes
System returned to ROM by power-on
System image file is "flash:/c3560-ipservicesk9-mz.122-55.SE10.bin"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
cisco WS-C3560-24PS (PowerPC405) processor (revision G0) with 131072K bytes of memory.
Processor board ID CAT0832N0G3
Last reset from power-on
1 Virtual Ethernet interface
24 FastEthernet interfaces
2 Gigabit Ethernet interfaces
The password-recovery mechanism is disabled.
512K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address : 00:11:BB:0B:36:00
Motherboard assembly number : 73-9299-01
Power supply part number : 341-0029-03
Motherboard serial number : CAT083107CZ
Power supply serial number : DTH08282MZA
Model revision number : G0
Motherboard revision number : E0
Model number : WS-C3560-24PS-S
System serial number : CAT0832N0G3
Top Assembly Part Number : 800-24791-01
Top Assembly Revision Number : K0
Version ID : N/A
Hardware Board Revision Number : 0x09
Switch Ports Model SW Version SW Image
------ ----- ----- ---------- ----------
* 1 26 WS-C3560-24PS 12.2(55)SE10 C3560-IPSERVICESK9-M
Configuration register is 0xF
The show version command gives us a lot of information about the switch, including the model, IOS image, and more. What if we want to see what MAC addresses the switch has learned? There is another command for that:
Switch#show mac address-table dynamic
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
1 0050.568e.d3c8 DYNAMIC Fa0/12
Total Mac Addresses for this criterion: 1
The show mac address-table dynamic command tells us all MAC addresses that the switch has learned. In this example, it only learned one MAC address on interface Fa0/12 (FastEthernet port 12).
What if we want to see the entire configuration of the switch? There’s a show command for that:
Switch#show running-config
Building configuration...
Current configuration : 1237 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Switch
!
boot-start-marker
boot-end-marker
!
!
!
!
no aaa new-model
system mtu routing 1504
!
!
!
!
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
no ip address
!
ip classless
ip http server
ip http secure-server
!
!
!
!
!
line con 0
line vty 5 15
!
end
The show running-config command gives us the entire active configuration of the switch. Even though we haven’t configured anything yet, there is a basic configuration.
In all these Cisco lessons, you will see a LOT of show commands that I use to explain things. There are also debug commands. These show commands only produce “static” information. If you want to see changes, you have to use the same show command a couple of times. Debug commands allow us to see things in real-time. You will see some examples of debug commands in other lessons.
Configuration
When you take a new switch out of the box, it will work right away with its default (empty) configuration. It will behave just like any other unmanaged switch, it will start learning MAC addresses and forwards Ethernet frames.
However, you probably want to make some changes to the configuration of your switch. Change its default hostname, perhaps add an IP address so you can manage it remotely, etc.
To do this, we have to use configuration mode. In this mode, we can make changes to the configuration of the switch. Here’s how you enter configuration mode:
Switch>enable
First, you need to make sure you are in enable mode. Now you can use the following command:
Switch#configure terminal
With the configure terminal command, we enter configuration mode. Now we can make changes to the switch.
Let’s start with something simple, let’s change the name of our switch with the hostname command:
Switch(config)#hostname SW1
SW1(config)#
You can see this is applied immediately. Our switch is now called SW1.
The command above was executed in “global” configuration mode. When we want to make changes to interfaces or console settings, we have to dive into one of the configuration sub modes. Let me give you an example, let’s say we want to add a password to the console:
SW1(config)#line console 0
SW1(config-line)#password cisco
SW1(config-line)#login
First, we use the line console 0 command to dive into the line configuration. You can recognize this because it shows (config-line). I used the password command to specify a password (cisco) and the login command to tell the switch to ask for this password. Next time you access the console, it will ask for this password.
If I want to get back to global configuration, I have to type exit or press CTRL+Z:
SW1(config-line)#exit
SW1(config)#
I’m now back in the global configuration mode.
Let me give you one more example, let’s say we want to make changes to one of our interfaces:
SW1(config)#interface FastEthernet 0/1
SW1(config-if)#
First, I use the interface command and specify the interface that I want to make changes to. You can see we are now in the interface sub-mode as it shows (config-if) to us.
I can now make some changes to this interface, let’s try a few commands:
SW1(config-if)#description CONNECTION_TO_DESKTOP
SW1(config-if)#duplex full
SW1(config-if)#speed 100
Above you can see I added a description and changed the duplex/speed settings of this interface. If I want to get back, I can use the exit command or CTRL-Z:
SW1(config-if)#exit
SW1(config)#
The first time, it jumps back to global configuration mode. The second time I do it, we jump back to enable mode and exit the configuration mode:
SW1(config)#exit
SW1#
Here is a picture to help you visualize the different modes and how to move from one to another:
Saving the configuration
We entered a couple of commands but once we pull the power plug, everything is gone…
Why? Everything we configure on our switch is applied to the running configuration. This configuration is only active in RAM, pull the plug and it’s gone.
If we want to save our configuration, we have to save it as the startup configuration which is saved in NVRAM. Next time we boot our switch, it will look for the startup configuration and use that.
Here’s how to copy our running configuration to the startup configuration:
SW1#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]
0 bytes copied in 1.182 secs (0 bytes/sec)
Use the copy command to copy the running configuration to the startup configuration.
Here’s a simple illustration to help you visualize the two configuration files:
Help Features
You have now seen the basics of Cisco IOS. We used some show commands and a few configuration commands. The CLI has some tricks up its sleeve to make your life easier. Let’s discuss these…
Question Mark
Not sure what the command was again or how to type it? The question mark is your friend. If you use it, it will tell you all possible commands:
SW1#?
Exec commands:
access-enable Create a temporary Access-List entry
access-template Create a temporary Access-List entry
archive manage archive files
beep Blocks Extensible Exchange Protocol commands
cd Change current directory
clear Reset functions
clock Manage the system clock
cns CNS agents
configure Enter configuration mode
The question mark works in user, enable and configuration mode so go ahead and try it everywhere. It also helps you finding out which commands are possible. For example:
SW1#cl?
clear clock
If I type cl? then the CLI tells me there are two possible commands:
- clear
- clock
Let’s take a closer look at the clock command as it’s a great example to explain the question mark a bit more. If I want to set the time, what format should it be? It could be 18:00, 6PM, 6:00PM or anything else. the question mark will help us figure out what the command requires:
SW1#clock ?
set Set the time and date
First, it tells us that we need to use clock set. Let’s try that:
SW1#clock set ?
hh:mm:ss Current Time
Clock set tells us that time should be in hh:mm:ss format so let’s enter that:
SW1#clock set 14:05:00 ?
<1-31> Day of the month
MONTH Month of the year
Now it tell us that it needs a day and month. Let’s try the month first:
SW1#clock set 14:05:00 November ?
<1-31> Day of the month
We still have to enter the day, let’s do that:
SW1#clock set 14:05:00 November 8 ?
<1993-2035> Year
Finally, we have to enter the year. Let’s do this:
SW1#clock set 14:05:00 November 8 2016 ?
<cr>
Now we only see <cr> which means that the clock command has everything it needs. Remove the question mark and hit enter:
SW1#clock set 14:05:00 November 8 2016
SW1#
The clock is now configured.
Abbreviation
There is no need to type the exact command for CLI to accept it. You can also shorten commands. For example, I just used copy running-config startup config but I don’t have to type the entire thing. This will also work:
SW1#copy run st
After the copy command, there is only one parameter that starts with “run” which is running-config. The only parameter that starts with “st” is startup-config. Once you get more experience with the CLI and become familiar with the different commands, you will automatically use this more often.
Errors and incomplete commands
In a perfect world, we would remember everything and make no spelling errors. In real life, this happens all the time. Luckily for us, the CLI has something to help. Let’s try the clock command again:
SW1#clock set 14:05:00 8
% Incomplete command.
The switch tells us that the command is incomplete. This is because I didn’t add a month or year, when this happens…use the question mark to figure out what the command requires.
What if I make a typing error?
SW1#clock set 14:05:00 8 11
^
% Invalid input detected at '^' marker.
The CLI complains but does show the ^ symbol to tell me where I made an error. When this happens, remove whatever you typed in above the ^ symbol and use the question mark:
SW1#clock set 14:05:00 8 ?
MONTH Month of the year
This tells me that I should have typed November, not 11.
Keyboard Shortcuts
There are a couple of useful keyboard shortcuts that you can use for the CLI.
Cisco IOS keeps a history of previously entered commands. All you need to do is press the up and down arrow keys to browse through your previous commands.
With the left and right arrow keys, you can move the cursor one character in either direction. If you want to make some changes to a very long command that you are trying to enter, it might be a bit annoying to keep one of the arrow keys pressed. Instead, try the CTRL+A or CTRL+E combinations. This will make the cursor jump to the start or end of the line.
No idea how to spell a certain command? The TAB button will auto-complete commands for you. For example, try typing this:
SW1#show mac ad
And then hit the TAB button. The CLI will auto-complete it to:
SW1#show mac address-table
This saves some typing and you don’t have to think about silly things like remembering if the command has a space or dash in between.
Do command
If you are in the configuration mode, you will face the following issue if you try a show command:
SW1(config)#show version
^
% Invalid input detected at '^' marker.
Why? The command is typed correctly but the problem here is that this is a command for the enable mode, not the configuration mode.
You could exit the configuration mode but instead, you can add do in front of the show command:
SW1(config)#do show version
Cisco IOS Software, C3560 Software (C3560-IPSERVICESK9-M), Version 12.2(55)SE10, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2015 by Cisco Systems, Inc.
Problem solved!
Output Modifiers
What if you want to get the output of a show command but you don’t have to see everything? For example, look at the following show command:
SW1#show version
Cisco IOS Software, C3560 Software (C3560-IPSERVICESK9-M), Version 12.2(55)SE10, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2015 by Cisco Systems, Inc.
Compiled Wed 11-Feb-15 11:34 by prod_rel_team
Image text-base: 0x01000000, data-base: 0x02F00000
ROM: Bootstrap program is C3560 boot loader
BOOTLDR: C3560 Boot Loader (C3560-HBOOT-M) Version 12.2(44)SE5, RELEASE SOFTWARE (fc1)
[output omitted]
This produces quite some output. What if I only want to see the IOS version that this switch has? We can use some output modifiers:
SW1#show version ?
| Output modifiers
At the end of your show command, add the | symbol. Let’s look at our options:
SW1#show version | ?
append Append redirected output to URL (URLs supporting append operation
only)
begin Begin with the line that matches
count Count number of lines which match regexp
exclude Exclude lines that match
format Format the output using the specified spec file
include Include lines that match
redirect Redirect output to URL
tee Copy output to URL
The two I personally use most often are begin and include. Let’s try both:
SW1#show version | include IOS
Cisco IOS Software, C3560 Software (C3560-IPSERVICESK9-M), Version 12.2(55)SE10, RELEASE SOFTWARE (fc2)
Include will only show me the line that have “IOS” in them.
Begin will start the output with the word you are looking for. For example, let’s say I am only interested in the interface configuration from the running configuration. Here’s how to do this:
SW1#show running-config | begin interface
interface FastEthernet0/1
description CONNECTION_TO_DESKTOP
speed 100
duplex full
!
interface FastEthernet0/2
!
interface FastEthernet0/3
[output omitted]
Instead of seeing the entire running configuration, it will skip the first part of the output and starts with the interfaces instead.
Conclusion
You have now learned the basics of Cisco IOS and how to connect to the CLI. Here are some of the things we discussed:
- How to connect to a Cisco Catalyst switch with a console cable.
- How to use the terminal emulator (Putty) to connect to your switch.
- The bootup sequence.
- The difference between user mode, enable mode (privileged mode) and the configuration mode.
- What show commands are.
- Some examples of configuration commands.
- How to delete the startup configuration.
- How to use CLI features like auto complete, the question mark and output modifiers.
I hope this lesson has been useful, the best thing to do now is to boot up a switch and try all of this by yourself.
Hi from Paris,
I’m a Cisco beginner and I tried to modified password on Catalyst 2960S POE
After typing line console 0 I get
CiscoPOE(config-line)# password Molenaar
so far so good
But then following your example I type
CiscoPOE(config-line)# login
I get % incomplete command.
Could you explain me why ?
What did I miss ?
Hello Francois
IOS routers use various AAA (Authentication, Authorization, and Accounting) models to implement passwords and other parameters. By default, Cisco IOS devices use an AAA model that allows passwords to simply be defined using the process that Rene describes, and that you have attempted to implement. However, there are other models as well.
If you look in your configuration, you will likely find the following command:
... Continue reading in our forumaaa new-model
. It is this command that is not allowing you to simply enter the commandlogin
above. This model requires an AAA dHello Laz,
Just great, the no aaa new-model worked fine.
After entering
CiscoPOE(config-line)# login
" no error, followed by"
CiscoPOE(config-line)#password Kosmos55+
“But I forgot to write mem and after Ctrl + Z and putty again”
Iogin as : network
" I get a new info"
network@ip's password: Kosmos55+
Access denied
What did I miss or what did I mess should i say ?
Hello Francois
If you made changes to the console and logged out, you should be able to log back in with the new username and password that have been configured. Even if you didn’t save your configuration, since the device is still powered on, the changes you made should be in effect. If you’re not able to log in, then there is an error somewhere. If you reboot the device, then any changes you made will be lost, so you should be able to log in again the same way you did originally.
I hope this has been helpful!
Laz
Hello from Paris,
I just got 2 Cisco 1841 and after successfully turn it to its default factory settings with
answering no to “do you want to save configuration”
After that I rename the router in Router1 with ip on fa0/1 192.168.1.253 255.255.255.0
As I got a message in loop
*Jan 1 00:26:44.271: %ENVMON-3-FAN_FAILED: Fan 1 is malfunctioning
I got rid of it by
... Continue reading in our forumRouter1(config)#no logging console
And finally saved the config by
Router1#write
and
Router1# copy running-config startup-config
And guess what happ