Cisco DudeI thought I’d get started with a little bit of basic Cisco. I’m constantly referring to my own notes on these commands. Here are some basics.

Let’s assume that you already know how to log into the device and have the necessary passwords to get you into Enable mode to configure your Cisco IOS device.

 Perhaps the first and most basic command is simply: show run - which will display the running configuration on the device.

Backup Your Cisco Device

To backup your configuration before you start, download and start-up a free tftp software on your workstation (solarwinds is great). Install and run. Note the default directory. 

On your Cisco device type the following command:

copy startup-config tftp:<ip address of your workstation running tftp software>

Editing Extended Access Lists

Here is one that really threw me for a loop when I started digging into a very lengthy firewall configuration on a Cisco device. There was a very long extended access list, which is really just a normal access-list except this one had a few hundred lines. If you tried to edit the access-list directly, it would wipe out all those lines! And, wouldn’t you know the first time I touched that firewall, I did just that! Thank goodness for not saving changes and being able to reboot the firewall to the old config. NEVER SAVE YOUR CHANGES UNTIL YOU HAVE VERIFIED THEY WORK! Once confident your changes are good, type write mem to save them. Remember to always back anything you work on up before you modify it.

To edit an extened access-list, you need to know what the line numbers are underneath it. If you have an extended access list 21, type show access-list 21. This will display all the line numbers contained in access list 21. (Note, these line numbers get re-numbered automatically by the Cisco IOS). Find the line number you want to edit. Let’s say it is 13.

From config mode type: ip access-list extended 21

(config)# ip access-list extended 21

This will bring you into a new config mode for extended access lists:

(config-ext-nacl)#

To remove a line, just type no and the line number:

(config-ext-nacl)# no 13

To add a line, type a new line number and the command for that line:

(config-ext-nacl)# 14 permit tcp any host 10.10.10.1 eq www

Modifying Interfaces

One of the most common things I’ve ever needed to modify are individual ports on a switch - usually to change the Vlan, or perhaps change the speed or duplex settings manually.

Type config terminal (or config t) to get into config mode.

Type Interface and the name of the interface (you can see the name of the interface from the show run command or show interface command. It might be something like FastEthernet 0 port 3 or GigabitEthernet 1 port 11

Type:

(config)# interface FastEthernet0/3 (or for short type Fa0/3)

This will bring you into (config-if)# mode.

If you are configuring a range of ports, you could do this from config mode:

(config)# interface range FastEthernet0/0 – 10

Other commands you can use at the (config-if)# mode prompt are:

no shutdown - this will turn the interface on, which by default is turned off.

You can also ‘reset’ or ‘bounce’ the port by using the shutdown command followed by the no shutdown command if you are having some type of issue with that port.

You can give the port an IP address:

ip address 10.10.10.1 255.255.255.0

Or you can tell it to use DHCP:

ip address dhcp

As with any Cisco command, you can type a ? after it to see all the available commands.

You can add a description, which is always helpful:

(config-if)# description This port is for the IT vlan

Or perhaps:

 (config-if)# description ISP WAN interface. For support call 800 555 1234 contract number xyz123

You can use the speed and duplex commands to configure the speed and duplex settings of the interface:

 (config-if)# speed 100

 (config-if)# duplex full

The switchport command allows you to put a port into a certain vlan:

 (config-if)# switchport access vlan 10 (this would make the port available on vlan 10 as long as trunking is configured to support vlan 10 on the switch)