iOS Command Modes Chapter 2

To encrypt passwords, use the

"service password-encryption" global configuration command. Gives you weak encryption as they appear in the configuration file, not as they go over the network. Just stop people from viewing passwords in the configuration file.

You call your manager to tell him you cannot access your router in another city over the Internet. He provides you with the information to access the switch through a telephone connection. This is called

AUX

CLI Line Editing

CLI Line Editing

Tab

Completes a partial command name entry

How to configure the routers . . .

Console cable and console port, and then get a Terminal program for the PC, press enter.

At the "More" prompt, Any Key....

Ends the display string, returning to privileged EXEC mode

Ctrl-U or Ctrl-X

Erases all characters from the curosor back to the beginning of the command line

Ctrl-K

Erases all characters from the cursor to the end of the command line

Esc D

Erases all characters from the cursor to the end of the word

Ctrl-D

Erases the character to the left of the cursor

Ctrl-W

Erases the word to the left of the cursor

You can move directly from one sub-configuration mode to another...

Ex. Switch (config-line)#interface FastEthernet 0/1 takes you to Switch(config-if)#

To configure the device the user must enter . . .

Global Configuration Mode

Two common sub-configuration modes you enter from global configuration mode are...

Line Configuration Mode - Used to configure console, SSH, Telnet, or Aux access. Interface Configuration Mode - Used to configure a switch port or router network interface

show running-config

Lists the complete configuration currently in RAM

Esc B

Moves the cursor back one word to the left

Esc F

Moves the cursor forward one word to the right

Left Arrow or Ctrl-B

Moves the cursor one character to the left

Ctrl-A

Moves the cursor to the beginning of the line

Ctrl-E

Moves the cursor to the end of command line

Enter

Moves you to user exec mode, the "Switch>" command prompt,

Mode allows access to all commands and features. The use can use any monitoring commands and execute configuration and management commands

Privileged EXEC Mode Switch# Router#

Up Arrow or Ctrl-P

Recalls command in the history buffer, beginning with the most recent commands

Ctrl-R or Ctrl-I

Redisplays the system prompt and command line after a console message is received

What two system files store the device configuration?

Startup-config (stored in NVRAM) Running-config (stored in RAM)

Global configuration mode is identified by . . .

Switch (config)#

Configure a Hostname

Switch#configure terminal Switch(config)#hostname SW-Floor-1 Sw-Floor-1(config)#

The prompt part in parens tells you what mode you are in , as in . . .

Switch(config-line)# Switch(config-if)#

You access the iOS by using another intermediary device over a network connection, it is called

Telnet/SSH

line console 0

This is the line command followed by the management line type and number you wish to access. Exit returns you to global configuration mode

Ctrl-Shift-6 is an all purpose break sequence

Use to abort DNS lookups, traceroutes, and pings.

Mode allows access to only a limited number of basic monitoring commands. Sometimes called "view-only" mode

User Exec Mode Switch> Router>

VTY lines that give remote access to the device are secured by entering

VTY mode using the "line vty 0 15" global configuration command

keyword

a specific parameter like ip protocols

control z

all the way back to privileged exec

ping command is followed by . . .

an ip address

traceroute is followed by . . .

an ip address

Ctrl-C in any configuration mode, is a break key . . .

and ends the configuration mode and returns to privileged exec mode. When in setup mode, aborts back to the command prompt

Switch#copy running-config startup-config

copies the config to non-volatile NVRAM

At the "More" prompt, Enter Key . .

displays the next line

At the "More" prompt, Space Bar....

displays the next screen

Privileged exec mode is sometimes called

enable

to secure privileged EXEC access, use

enable secret

Ctrl-Z in any configuration mode, is a break key, . . .

ends the configuration mode and returns to privileged exec mode

Backspace

erases previous

interface vlan 1

interface configuration mode

to secure user EXEC access, configure the console port using . .

line console 0, and then the "password" command, followed by login, to enable user EXEC access.

banner motd#

messge of the day 3 global configuration command. The # is called the delimiting character, entered before and after the message

enable

moves you to privileged exec mode, from the Switch> prompt the the Switch# prompt (privileged exec)

argument

not a predefined value, a value or variable you put down like 192.168.1.5

Securing Administrative Access requires.....

passwords for EXEC, Privileged EXEC, and remote Telnet access

Startup-config and running-config display most . . .

passwords in plain text

Delete to erase to the right of the cursor is not . .

recognized by terminal emulation programs

reload used in privileged exec mode does what?

restores the device to its previous configuration in case changed commands mess things up

exit

return me to privileged exec mode, type exit again, and you leave the console altogether.

disable

returns me to user exec mode

enter

returns you to the console connection Switch#

What does running-config do?

running-config is the image of the current configuration. Modifying a running configuration affects the operation of a Cisco device immediately. Ram is volatile, so when the device is powered off, running-config loses all of its content.

Hostnames should

start with a letter Contain no spaces End with a letter or digit Use only letters, digits, and dashes Be less than 64 characters in length

What does startup-config do?

startup-config contains all the commands that will be used by the device upon startup or reboot. It does not lose its contents when the device is powered off.

line console 0 (this is a sub-configuration mode)

takes from privileged exec mode to the management interface for the console port - Switch (config-line) #

end, control z

takes you all the way to privileged exec mode.

type exit again

takes you back to global config mode

You are in the equipment room with a new switch that needs to be configured, you should use . . .

the Console

Your manager gives you a sepcial cable and tells you to use it to configure . . . .

the Console

Downside to "reload"

the brief reload time takes the network down; the device will be offline.

configure terminal

to get to global configuration mode from the Switch# (priv exec) to Switch (config) #

line vty 0 15 (in sub configuration mode) that is, Switch (config) #line console 0 15

to virtual terminal management interfaces - looks like: Switch (config-line)# exit takes you back to global config.

How many VTY lines do Cisco switches support

up to 16, 0-15 specify the password using the "password" command., and enable access using "login"