iOS Command Modes Chapter 2
To encrypt passwords, use the
"service password-encryption" global configuration command. Gives you weak encryption as they appear in the configuration file, not as they go over the network. Just stop people from viewing passwords in the configuration file.
You call your manager to tell him you cannot access your router in another city over the Internet. He provides you with the information to access the switch through a telephone connection. This is called
AUX
CLI Line Editing
CLI Line Editing
Tab
Completes a partial command name entry
How to configure the routers . . .
Console cable and console port, and then get a Terminal program for the PC, press enter.
At the "More" prompt, Any Key....
Ends the display string, returning to privileged EXEC mode
Ctrl-U or Ctrl-X
Erases all characters from the curosor back to the beginning of the command line
Ctrl-K
Erases all characters from the cursor to the end of the command line
Esc D
Erases all characters from the cursor to the end of the word
Ctrl-D
Erases the character to the left of the cursor
Ctrl-W
Erases the word to the left of the cursor
You can move directly from one sub-configuration mode to another...
Ex. Switch (config-line)#interface FastEthernet 0/1 takes you to Switch(config-if)#
To configure the device the user must enter . . .
Global Configuration Mode
Two common sub-configuration modes you enter from global configuration mode are...
Line Configuration Mode - Used to configure console, SSH, Telnet, or Aux access. Interface Configuration Mode - Used to configure a switch port or router network interface
show running-config
Lists the complete configuration currently in RAM
Esc B
Moves the cursor back one word to the left
Esc F
Moves the cursor forward one word to the right
Left Arrow or Ctrl-B
Moves the cursor one character to the left
Ctrl-A
Moves the cursor to the beginning of the line
Ctrl-E
Moves the cursor to the end of command line
Enter
Moves you to user exec mode, the "Switch>" command prompt,
Mode allows access to all commands and features. The use can use any monitoring commands and execute configuration and management commands
Privileged EXEC Mode Switch# Router#
Up Arrow or Ctrl-P
Recalls command in the history buffer, beginning with the most recent commands
Ctrl-R or Ctrl-I
Redisplays the system prompt and command line after a console message is received
What two system files store the device configuration?
Startup-config (stored in NVRAM) Running-config (stored in RAM)
Global configuration mode is identified by . . .
Switch (config)#
Configure a Hostname
Switch#configure terminal Switch(config)#hostname SW-Floor-1 Sw-Floor-1(config)#
The prompt part in parens tells you what mode you are in , as in . . .
Switch(config-line)# Switch(config-if)#
You access the iOS by using another intermediary device over a network connection, it is called
Telnet/SSH
line console 0
This is the line command followed by the management line type and number you wish to access. Exit returns you to global configuration mode
Ctrl-Shift-6 is an all purpose break sequence
Use to abort DNS lookups, traceroutes, and pings.
Mode allows access to only a limited number of basic monitoring commands. Sometimes called "view-only" mode
User Exec Mode Switch> Router>
VTY lines that give remote access to the device are secured by entering
VTY mode using the "line vty 0 15" global configuration command
keyword
a specific parameter like ip protocols
control z
all the way back to privileged exec
ping command is followed by . . .
an ip address
traceroute is followed by . . .
an ip address
Ctrl-C in any configuration mode, is a break key . . .
and ends the configuration mode and returns to privileged exec mode. When in setup mode, aborts back to the command prompt
Switch#copy running-config startup-config
copies the config to non-volatile NVRAM
At the "More" prompt, Enter Key . .
displays the next line
At the "More" prompt, Space Bar....
displays the next screen
Privileged exec mode is sometimes called
enable
to secure privileged EXEC access, use
enable secret
Ctrl-Z in any configuration mode, is a break key, . . .
ends the configuration mode and returns to privileged exec mode
Backspace
erases previous
interface vlan 1
interface configuration mode
to secure user EXEC access, configure the console port using . .
line console 0, and then the "password" command, followed by login, to enable user EXEC access.
banner motd#
messge of the day 3 global configuration command. The # is called the delimiting character, entered before and after the message
enable
moves you to privileged exec mode, from the Switch> prompt the the Switch# prompt (privileged exec)
argument
not a predefined value, a value or variable you put down like 192.168.1.5
Securing Administrative Access requires.....
passwords for EXEC, Privileged EXEC, and remote Telnet access
Startup-config and running-config display most . . .
passwords in plain text
Delete to erase to the right of the cursor is not . .
recognized by terminal emulation programs
reload used in privileged exec mode does what?
restores the device to its previous configuration in case changed commands mess things up
exit
return me to privileged exec mode, type exit again, and you leave the console altogether.
disable
returns me to user exec mode
enter
returns you to the console connection Switch#
What does running-config do?
running-config is the image of the current configuration. Modifying a running configuration affects the operation of a Cisco device immediately. Ram is volatile, so when the device is powered off, running-config loses all of its content.
Hostnames should
start with a letter Contain no spaces End with a letter or digit Use only letters, digits, and dashes Be less than 64 characters in length
What does startup-config do?
startup-config contains all the commands that will be used by the device upon startup or reboot. It does not lose its contents when the device is powered off.
line console 0 (this is a sub-configuration mode)
takes from privileged exec mode to the management interface for the console port - Switch (config-line) #
end, control z
takes you all the way to privileged exec mode.
type exit again
takes you back to global config mode
You are in the equipment room with a new switch that needs to be configured, you should use . . .
the Console
Your manager gives you a sepcial cable and tells you to use it to configure . . . .
the Console
Downside to "reload"
the brief reload time takes the network down; the device will be offline.
configure terminal
to get to global configuration mode from the Switch# (priv exec) to Switch (config) #
line vty 0 15 (in sub configuration mode) that is, Switch (config) #line console 0 15
to virtual terminal management interfaces - looks like: Switch (config-line)# exit takes you back to global config.
How many VTY lines do Cisco switches support
up to 16, 0-15 specify the password using the "password" command., and enable access using "login"