CCNA - Lammle Ch. 6 Cisco IOS
Differentiate user, privileged, and global configuration modes, both visually and from a command capabilities perspective.
-User mode, indicated by the routername> prompt, provides a command-line interface with very few available commands by default. User mode does not allow the configuration to be viewed or changed. -Privileged mode, indicated by the routername# prompt, allows a user to both view and change the configuration of a router. You can enter privileged mode by typing the command enable and entering the enable password or enable secret password, if set. -Global configuration mode, indicated by the routername(config)# prompt, allows configuration changes to be made that apply to the entire router (as opposed to a configuration change that might affect only one interface, for example).
Which of the following commands will configure all the default VTY ports on a switch? A. Switch# line vty 0 4 B. Switch(config)# line vty 0 4 C. Switch(config-if)# line console 0 D. Switch(config)#
.B. From global configuration mode, use the line vty 0 4 command to set all five default VTY lines. However, you would typically always set all lines, not just the defaults.
Using the Help and Editing Features
1. Log into your device and go to privileged mode by typing en or enable . 2. Type a question mark ( ? ). 3. Type cl? and then press Enter. Notice that you can see all the commands that start with cl . 4. Type clock ? and press Enter. 5. Set the clock by typing clock ? and, following the help screens, setting the time and date. The following steps walk you through setting the date and time: 6. Type clock ? . 7. Type clock set ? . 8. Type clock set 10:30:30 ? . 9. Type clock set 10:30:30 14 May ? . 10. Type clock set 10:30:30 14 May 2011. 11. Press Enter. 12 Type show clock to see the time and date. 13. From privileged mode, type show access-list 10 . Don't press Enter. 14. Press Ctrl+A. This takes you to the beginning of the line. 15. Press Ctrl+E. This should take you back to the end of the line. 16. The Ctrl+A takes your cursor back to the beginning of the line, and then the Ctrl+F moves your cursor forward one character. 17. Press Ctrl+B, which will move you back one character. 18. Press Enter, then press Ctrl+P. This will repeat the last command. 19. Press the up arrow key on your keyboard. This will also repeat the last command. 20. Type sh history . This shows you the last 10 commands entered. 21. Type terminal history size ? . This changes the history entry size. The ? is the number of allowed lines. 22. Type show terminal to gather terminal statistics and history size. 23. Type terminal no editing . This turns off advanced editing. Repeat steps 14 through 18 to see that the shortcut editing keys have no effect until you type terminal editing . 24. Type terminal editing and press Enter to re-enable advanced editing. 25. Type sh run , then press your Tab key. This will finish typing the command for you. 26. Type sh start , then press your Tab key. This will finish typing the command for you.
Erase an Existing Configuration
1. Start the switch up and when prompted, press Enter. 2. At the Switch> prompt, type enable . 3. If prompted, enter the username and press Enter. Then enter the correct password and press Enter. 4. At the privileged mode prompt, type erase startup-config . 5. At the privileged mode prompt, type reload , and when prompted to save the configuration, type n for no.
Contued...
11. Type interface f0/1 or int f0/1 (or even int gig0/1 ) and press Enter. This will allow you to configure interface FastEthernet 0/1 or Gigabit 0/1. 12. At the Switch(config-if)# prompt, type a question mark ( ? ). 13. If using a router, type int s0/0 , interface s0/0 or even interface s0/0/0 and press Enter. This will allow you to configure interface serial 0/0. Notice that you can go from interface to interface easily. 14. Type encapsulation ? . 15. Type exit . Notice how this brings you back one level. 16. Press Ctrl+Z. Notice how this brings you out of configuration mode and places you back into privileged mode. 17. Type disable . This will put you into user mode. 18. Type exit , which will log you out of the router or switch.
At which layer of the OSI model would you assume the problem is if you type show interface serial 1 and receive the following message? Serial1 is down, line protocol is down A. Physical layer B. Data Link layer C. Network layer D. None; it is a router problem.
A. If you see that a serial interface and the protocol are both down, then you have a Physical layer problem. If you see serial1 is up, line protocol is down , then you are not receiving (Data Link) keepalives from the remote end.
Recognize additional prompts available in other modes and describe their use.
Additional modes are reached via the global configuration prompt, routername(config)# , and their prompts include interface, router(config-if)# , for making interface settings; line configuration mode, router(config-line)# , used to set passwords and make other settings to various connection methods; and routing protocol modes for various routing protocols, router(config-router)# , protocols.
Which of the following commands will display the current IP addressing and the layer 1 and 2 status of an interface? (Choose two.) A. show version B. show interfaces C. show controllers D. show ip interface E. show running-config
B, D. The commands show interfaces and show ip interface will show you the layer 1 and 2 status and the IP addresses of your router's interfaces.
What is the problem with an interface if you type show interface g0/1 and receive the following message? Gigabit 0/1 is administratively down, line protocol is down A. The keepalives are different times. B. The administrator has the interface shut down. C. The administrator is pinging cable is attached.
B. If an interface is shut down, the show interface command will show the interface as administratively down. (It is possible that no cable is attached, but you can't tell that from this message.)
You type Switch# sh r and receive a % ambiguous command error. Why did you receive this message? A. The command requires additional options or parameters. B. There is more than one show command that starts with the letter r . C. There is no show command that starts with r. D. The command is being executed from the wrong mode.
B. The % ambiguous command error means that there is more than one possible show command that starts with r . Use a question mark to find the correct command.
Using the given output, what type of interface is f0/0? BW 100000 Kbit, A. 10 MB 1000 MB
B. We can see that the bandwidth is 100000 Kbit, which is 100,000,000. Kbit means to add three zeros, which is 100 Mbits per second, or FastEthernet.
Describe the configuration and use of banners.
Banners provide information to users accessing the device and can be displayed at various login prompts. They are configured with the banner command and a keyword describing the specific type of banner.
Differentiate the enable password and enable secret password.
Both of these passwords are used to gain access into privileged mode. However, the enable secret password is newer and is always encrypted by default. Also, if you set the enable password and then set the enable secret, only the enable secret will be used.
Which two of the following commands are required when configuring SSH on your router? (Choose two.) A. enable secret password B. exec-timeout 0 0 C. ip domain-name name D. username name password password E. ip ssh version 2
C, D. To configure SSH on your router, you need to set the username command, the ip domain-name , login local , and the transport input ssh under the VTY lines and the crypto key command. However, SSH version 2 is suggested but not required.
If you delete the contents of NVRAM and reboot the switch, what mode will you be in? A. Privileged mode B. Global mode C. Setup mode D. NVRAM loaded mode
C. If you delete the startup-config and reload the switch, the device will automatically enter setup mode. You can also type setup from privileged mode at any time.
running-config command comes from ___________. A. NVRAM B. Flash C. RAM D. Firmware
C. Once the IOS is loaded and up and running, the startup-config will be copied from NVRAM into RAM and from then on, referred to as the running-config.
Which of the following commands sets the privileged mode password to Cisco and encrypts the password? A. enable secret password Cisco B. enable secret cisco C. enable secret Cisco D. enable password Cisco
C. The enable secret password is case sensitive, so the second option is wrong. To set the enable secret password, use the enable secret password command from global configuration mode. This password is automatically encrypted.
Which of the following prompts indicates that the switch is currently in privileged mode? A. Switch(config)# B. Switch> C. Switch# D. Switch(config-if)
C. The prompts offered as options indicate the following modes: Switch(config)# is global configuration mode. Switch> is user mode. Switch# is privileged mode. Switch(config-if)# is interface configuration mode.
Which command will show you whether a DTE or a DCE cable is plugged into serial 0/0 on your router's WAN port? A. sh int s0/0 B. sh int serial 0/0 C. show controllers s 0/0 D. show serial 0/0 controllers
C. The show controllers serial 0/0 command will show you whether either a DTE or DCE cable is connected to the interface. If it is a DCE connection, you need to add clocking with the clock rate command.
If you wanted administrators to see a message when logging into the switch, which command would you use? A. message banner motd B. banner message motd C. banner motd D. message motd
C. The typical banner is a message of the day (MOTD) and is set by using the global configuration mode command banner MOTD.
Which of the following commands displays the configurable parameters and statistics of all interfaces on a switch? A. show running-config B. show startup-config C. show interfaces D. show versions
C. With the show interfaces command, you can view the configurable parameters, get statistics for the interfaces on the switch, check for input and CRC errors, and verify if the interfaces are shut down.
Which command will delete the contents of NVRAM on a switch? A. delete NVRAM B. delete startup-config C. erase flash D. erase startup-config E. erase start
D. The erase startup-config command erases the contents of NVRAM and will put you in setup mode if the switch is restarted. Option E is wrong because you must type in the full command!
You try to telnet into SF from router Corp and receive this message: Corp# telnet SF Trying SF (10.0.0.1)...Open Password required, but none set [Connection to SF closed by foreign host] Corp# Which of the following sequences will address this problem correctly? A. Corp(config)#line console 0 Corp (config-line)#password password Corp (config-line)#login B. SF (config)#line console 0 SF(config-line)#enable secret password SF(config-line)#login C. Corp(config)#line vty 0 4 Corp (config-line)#password password Corp (config-line)#login D. SF (config)#line vty 0 4
D. To allow a VTY (Telnet) session into your router, you must set the VTY password. Option C is wrong because it is setting the password on the wrong router. Notice that you have to set the password before you set the login command. Remember, Cisco may have you set the password before the login command.
What command do you type to save the configuration stored in RAM to NVRAM? A. Switch(config)# copy current to starting B. Switch# copy starting to running C. Switch(config)# copy running-config startup-config D. Switch# copy run start
D. To copy the running-config to NVRAM so that it will be used if the router is restarted, use the copy running-config startup-config command in privileged mode ( copy run start for short).
You type the following command into the switch and receive the following output: Switch# show fastethernet 0/1 ^ % Invalid input detected at '^' marker. Why was this error message displayed? A. You need to be in privileged mode. B. You cannot have a space between fastethernet and 0/1 . C. The switch does not have a Fastethernet 0/1 interface. D. Part of the command is missing.
D. You can view the interface statistics from user mode, but the command is show interface fastethernet 0/0 .
6.1: Erasing an Existing Configuration Lab 6.2: Exploring User, Privileged, and Configuration Modes Lab 6.3: Using the Help and Editing Features Lab 6.4: Saving a Configuration Lab 6.5: Setting Passwords Lab 6.6: Setting the Hostname, Descriptions, IP Address, and Clock Rate
Do these commands on cisco device
Understand how to troubleshoot a serial link problem.
If you type show interface serial 0/0 and see down , line protocol is down, this will be considered a Physical layer problem. If you see it as up, line protocol is down, then you have a Data Link layer problem.
Understand how to verify your router with the show interfaces command.
If you type show interfaces , you can view the statistics for the interfaces on the router, verify whether the interfaces are shut down, and see the IP address of each interface.
What are the responsibilities of the IOS?
It is responsible for: -network protocols and providing supporting functions, -connecting high-speed traffic between devices, -adding security to control access and preventing unauthorized network use, -providing scalability for ease of network growth and redundancy, -supplying network reliability for connecting to network resources.
Access and utilize editing and help features.
Make use of typing a question mark at the end of commands for help in using the commands. Additionally, understand how to filter command help with the same question mark and letters. Use the command history to retrieve commands previously utilized without retyping. Understand the meaning of the caret when an incorrect command is rejected. Finally, identify useful hot key combinations.
Privileged, and Configuration Modes
Plug the switch in, or turn the router on. If you just erased the configuration as in Hands-on Lab 6.1, when prompted to continue with the configuration dialog, enter n for no and press Enter. When prompted, press Enter to connect to your router. This will put you into user mode. 2. At the Switch> prompt, type a question mark ( ? ). 3. Notice the -more- at the bottom of the screen. 4. Press the Enter key to view the commands line by line. time to quit. 5. Type enable or en and press Enter. This will put you into privileged mode where you can change and view the router configuration. 6. At the Switch# prompt, type a question mark ( ? ). Notice how many options are available to you in privileged mode. 7. Type q to quit. 8. Type config and press Enter. 9. When prompted for a method, press Enter to configure your router using your terminal (which is the default). 10. At the Switch(config)# prompt, type a question mark ( ? ), then q to quit, or press the spacebar to view the commands.
7. If you wanted to determine if serial interface 0/2 on your router should provide clocking, what command would you use?
Router# show controllers serial 0/2
Setting a Hostname
Router#config t Router(config)#hostname RouterA RouterA(config)#
What command is used to set a serial interface to provide clocking to another router at 1000 Kb?
Router(config)# clock rate 1000000
Setting Passwords
Set your enable secret password by typing enable secret password (the third word should be your own personalized password) and pressing Enter. Do not add the parameter password after the parameter secret (this would make your password the word password ). An example would be enable secret todd . Remove the secret password. Go to privileged mode, type config t , and press Enter. Type no enable secret and press Enter. Log out and then log back in again; now you should not be asked for a password. 7. One more password used to enter privileged mode is called the enable password. It is an older, less secure password and is not used if an enable secret password is set. Here is an example of how to set it: config t enable password todd1
Describe the use of setup mode.
Setup mode is automatically started if a router boots and no startup-config is in NVRAM. You can also bring up setup mode by typing setup from privileged mode. Setup provides a format for someone who does not understand how to configure a Cisco router from the command line.
How would you set the name of a switch to Sales
Switch# config t Switch(config)# hostname Sales
If you type show int fastethernet 0/1 and notice the port is administratively down, what commands would you execute to enable the interface?
Switch# config t Switch(config)# int f0/1 S witch(config-if)# no shutdown
If you wanted to set the enable secret password to cisco , what command(s) would you type?
Switch# config t Switch(config)# enable secret cisco
If you wanted to set the user-mode password to todd for the console port, what command(s) would you type?
Switch# config t Switch(config)# line console 0 Switch(config)# password todd Switch(config)#login
If you telnet into a switch and get the response connection refused, password not set , what commands would you execute on the destination device to stop receiving this message and not be prompted for a password?
Switch# config t switch config)# line vty 0 15 switch(config-line)# no login
If you wanted to delete the configuration stored in NVRAM, what command(s) would you type?
Switch# erase startup-config
You want to reinitialize the switch and totally replace the running-config with the current startup-config. What command will you use?
Switch# reload
What command would you use to see the terminal history size?
Switch# show terminal
Set the hostname of a router.
The command sequence to set the hostname of a router is as follows: enable config t hostname Todd
Describe how to view, edit, delete, and save a configuration.
The show running-config command is used to view the current configuration being used by the router. The show startup-config command displays the last configuration that was saved and is the one that will be used at next startup. The copy running-config startup-config command is used to save changes made to the running configuration in NVRAM. The erase startup-config command deletes the saved configuration and will result in the invocation of the setup menu when the router is rebooted because there will be no configuration present.
Identify the information provided by the show version command.
The show version command will provide basic configuration for the system hardware as well as the software version, the names and sources of configuration files, the configuration register setting, and the boot images.
List the options available to connect to a Cisco device for management purposes.
The three options available are the console port, auxiliary port, and in-band communication, such as Telnet, SSH and HTTP.
Set the Telnet password on a router.
To set the Telnet password, the sequence is as follows: enable config t line vty 0 4 password todd login
Set the console password on a router.
To set the console password, use the following sequence: enable config t line console 0 password todd login
Set the enable secret on a router.
To set the enable secret, you use the global config command enable secret. Do not use enable secret password password or you will set your password to password password . Here is an example: enable config t enable secret todd
Saving a Configuration
Type copy run start and press Enter. Type copy running , press Tab, type start , press Tab, and press Enter. Type copy running-config startup-config and press Enter.
Understand the boot sequence of a router.
When you first bring up a Cisco router, it will run a power-on self-test (POST), and if that passes, it will look for and load the Cisco IOS from flash memory, if a file is present. The IOS then proceeds to load and looks for a valid configuration in NVRAM called the startup-config. If no file is present in NVRAM, the router will go into setup mode.
A Telnet connection is not possible until _____ and ______
an IP address has been configured and a Telnet password has been configured.
Banner MOTD Command
config t banner motd # This is an motd banner#
IP Address to an Interface
config t int f0/1 ip address 1.1.1.1 255.255.0.0 no shutdown
Login Banner Command
config t banner login # This is a login banner #
Bandwidth and Serial link
config t int s0/0 bandwidth 1000 clock rate 1000000
Description Command
config t int f0/1 ip address 2.2.2.1 255.255.0.0 no shut description LAN link to Finance