Cisco Cheat Sheet
Enter enable mode:
en
Enter Global Config (use this mode for 99% of the configuration, must be in enable mode):
conf t
Set port back to default
default int G0/4
Encrypts all passwords on the device:
service password-encryption
Configure enable password (or secret in this case):
enable secret ________
Create user with highest privilege:
username _____ priv 15 password ______
Generate RSA key for SSH (needed if you plan to use SSH):
cry key generate rsa mod 2048
Generic console interface configuration configured for local user login and 20min timeout:
line con 0
exec-timeout 20 0
login local
VTY line configuration for SSH/Telnet. 20min timeout using local users:
line vty 0 4
exec-timeout 20 0
transport input telnet ssh
login local
line vty 5 15
exec-timeout 20 0
transport input telnet ssh
login local
Add VLAN to VLAN Database and name it:
vlan _ (VLAN number)
name _______ (VLAN name)
Configure an SVI (think VLAN interface) with an address:
Interface vlan _ (VLAN number)
des ________ (description, ex. Guest Wireless)
ip add 10.69.69.69 255.255.255.0
Enable IP Helper for DHCP (must be within an SVI):
ip helper-address _________ (IP Address of DHCP server)
Begin switchport configuration:
Int f0/1 (This would access interface FastEthernet 0/1)
Configure switching interface for access:
Switchport mode access
Switchport access vlan __
Configure switching interface for trunking:
Switchport trunk encap dot1q
Switchport mode trunk
Switchport trunk allow vlan ___,___,___ (VLAN number separated by “,” like 5,10,15)
Switchport trunk allow vlan add
Switchport trunk native vlan __
(optional, configures untagged VLAN for this interface. You likely won’t need)
Enable shutdown interface:
no shut
(from within the interface)
Save your configuration:
write
or copy run start
(both work, write is easier)
Enable routing on layer 3 switch:
ip routing
Configure static route:
ip route 192.168.1.0 255.255.255.0 10.10.10.1
(this example routes any traffic destined for 192.168.1.0/24 to 10.10.10.1)
Configure default route:
ip route 0.0.0.0 0.0.0.0 10.10.10.1
(this would route all unknown traffic to 10.10.10.1)
Useful show commands (can be done from enable naturally, to use these in global config put “do” in front):
sh run
(shows running config)
sh ip int bri
(shows interface addressing and status)
sh int des
(shows interface descriptions)
sh vlan
(shows vlan database)
sh int trunk
(shows trunks and tagged VLANs)
sh ip route
(routing table)
sh mac add
(mac address table)
sh run int f0/1
(shows configuration for interface FastEthernet 0/1)