Cisco IOS CLI

Posted on by kotenkoo

CLI vs GUI

  • CLI (Command-Line Interface) – used to configure switches, routers, firewalls
  • GUI (Graphical User Interface) – graphical configuration interface

Connecting via Console Port

  • There are 2 console ports on Catalyst 2960:
    • RJ45
    • USB Mini-B
  • Rollover cable: RJ45 ↔ DB9 (serial port), called “rollover” because of the pinout:
    Pins: 1–8, 2–7, 3–6, 4–5, 5–4, 6–3, 7–2, 8–1
  • Terminal emulator: e.g. PuTTY
    • Connection type: Serial
    • Should be connected to CLI
  • Configure the serial line:
    • Speed (baud rate): 9600
    • Data bits: 8
    • Stop bits: 1
    • Parity: None
    • Flow control: None

CLI Modes

  • User EXEC Mode
    • Prompt: Router>
    • Very limited, cannot change configuration
    • “User mode” – usually not used for administrative tasks
  • Privileged EXEC Mode
    • Prompt: Router#
    • Can view configuration, restart device
    • Not used to change configuration
  • Global Configuration Mode
    • Prompt: Router(config)#
    • Used to make configuration changes

Configuration Files

Two types:

  • running-config – current, active configuration (can be edited via CLI)
  • startup-config – will be loaded upon device restart

To save configuration:

write write memory copy running-config startup-config

Password Encryption

Use enable secret instead of enable password (more secure)

service password-encryption

  • Encrypts current and future passwords
  • Does not affect the enable secret (already MD5-encrypted)

no service password-encryption

  • Current and future passwords will not be encrypted
  • enable secret remains unaffected

enable secret 5 xxx # Type 5: MD5 encryption enable password 7 xxx # Type 7: Cisco proprietary encryption

Common CLI Commands

Router> enable //Enter privileged EXEC mode
Router# configure terminal //Enter global configuration mode
Router(config)# enable password //Set password for privileged EXEC mode
Router(config)# service password-encryption //Encrypt enable password
Router(config)# enable secret //Configure a secure, always-encrypted password
Router(config)# do show running-config //View current configuration
Router(config)# do show startup-config //View saved configuration
Router(config)# write //Save current configuration
Router(config)# no //Remove a command or setting
Router(config)# exit //Exit configuration mode

📌 These are personal study notes. Please read the full disclaimer for more information.

Category: CCNA

Leave a Reply

Your email address will not be published. Required fields are marked *