Cisco Commands

User Modes in Cisco Switches: Understanding Access Levels (Modes

How to Configure a Switch

In Cisco switches, different user modes, or privilege levels, define the level of access a user has to various commands and configuration options. Understanding these modes is essential for managing the switch efficiently. Here are the primary modes:

1. User EXEC Mode (Basic Mode)

Prompt: Switch>

Access: This is the default mode when a user first logs into the switch. It allows basic monitoring commands, such as checking the status of interfaces, but no configuration changes can be made.

Commands: Basic diagnostic commands like ping, show, and traceroute.

2. Privileged EXEC Mode (Enable Mode)

Prompt: Switch#

Access: From User EXEC mode, typing the enable command moves the user to Privileged EXEC mode. In this mode, the user has access to more advanced monitoring commands and the ability to view configuration settings, but cannot make changes to the configuration.

Commands: Includes all User EXEC mode commands, plus more advanced diagnostic commands like show running-config, and commands for debugging and file manipulation.

3. Global Configuration Mode

Prompt: Switch(config)#

Access: By typing configure terminal from Privileged EXEC mode, the user enters Global Configuration mode, where they can make changes to the overall configuration of the switch.

Commands: This mode allows users to change settings such as IP addressing, hostname, and security settings.

4. Interface Configuration Mode

Prompt: Switch(config-if)#

Access: In this mode, the user can configure specific interfaces (e.g., FastEthernet, GigabitEthernet). It is accessed from Global Configuration mode by specifying an interface using commands like interface GigabitEthernet 0/1.

Commands: Allows configuring interface-specific settings like IP addresses, VLANs, and duplex modes.

5. VLAN Configuration Mode

Prompt: Switch(config-vlan)#

Access: This mode is used to configure Virtual LANs (VLANs). It is entered from Global Configuration mode by using the command vlan database or vlan vlan_id.

Commands: Used to assign VLAN IDs, configure VLAN names, and more.

6. Line Configuration Mode

Prompt: Switch(config-line)#

Access: Accessed from Global Configuration mode using the line command (e.g., line console 0 or line vty 0 4), this mode configures line-specific settings such as password protection and timeout settings.

Commands: Typically used to configure console or virtual terminal (VTY) lines for remote access and login security.

Each mode serves a specific purpose, and understanding when and how to use them allows for more efficient management and security of the switch.

Essential Cisco Switch Commands:

MODE and COMMAND

User EXEC Mode:

show version

show interfaces

ping [IP address]

traceroute [IP address]

Privileged EXEC Mode:

enable

show running-config

copy running-config startup-config

debug [command]

reload

Global Configuration:

configure terminal

hostname [name]

interface [type] [number]

ip address [IP address] [mask]

no shutdown

Interface Configuration:

switchport mode access

switchport mode trunk

switchport access vlan [vlan-id]

duplex full

speed 1000

VLAN Configuration:

vlan [vlan-id]

name [vlan-name]

Line Configuration:

line console 0

line vty 0 4

password [password]

DESCRIPTION

User EXEC Mode:

Displays the current software version and system uptime

Shows the status and statistics of all switch interfaces.

Sends ICMP echo requests to verify network connectivity.

Traces the route packets take to the destination.

Privileged EXEC Mode:

Enters Privileged EXEC mode.

Displays the current active configuration.

Saves the current configuration to be used at the next boot.

Enables debugging for a specific protocol or function.

Restarts the switch.

Global Configuration:

Enters Global Configuration mode.

Sets the hostname of the switch.

Enters the configuration mode for the specified interface (e.g., GigabitEthernet0/1).

Assigns an IP address to an interface.

Activates an interface.

Interface Configuration:

Configures an interface as an access port.

Configures an interface as a trunk port.

Assigns an access port to a specific VLAN.

Sets full-duplex mode for an interface.

Sets the interface speed to 1000 Mbps.

VLAN Configuration:

Creates a new VLAN or enters VLAN configuration mode for the specified VLAN.

Assigns a name to the VLAN.

Line Configuration:

Enters console line configuration mode.

Configures virtual terminal lines for remote access.

Sets a password for the specified line.

Enables password checking at login for the line.

Essential Cisco Switch Troubleshooting Commands:

COMMAND

show running-config

show startup-config

show interfaces

show ip interface brief

show vlan brief

show mac address-table

show spanning-tree

show log

show version

show processes cpu

show processes memory

show ip route

ping [IP address]

traceroute [IP address]

show cdp neighbors

debug [protocol/process]

show controllers

clear counters

show power inline

show environment

DESCRIPTION

Displays the current active configuration.

Shows the configuration that will be used on the next reboot.

Displays detailed information about all interfaces, including status and errors.

Provides a quick overview of all interfaces, IP addresses, and their statuses.

Lists all VLANs and the associated ports.

Displays the MAC address table and the corresponding ports.

Verifies the spanning tree status and potential loops.

Shows system log messages (logs of events and errors).

Displays software version and system hardware details.

Displays CPU utilization by different processes on the switch.

Displays memory utilization details.

Displays the routing table and verifies routes.

Tests connectivity to a specific device or destination.

Traces the path packets take to a destination, identifying hops.

Displays neighboring devices discovered via Cisco Discovery Protocol (CDP).

Enables real-time debugging for specific protocols or processes.

Displays hardware-specific information (e.g., transceiver details).

Resets interface counters to help isolate new errors or issues.

Verifies PoE status and power consumption on PoE-enabled ports.

Checks system environmental status (e.g., temperature, power supplies).

MODE

Privileged EXEC

User/Privileged EXEC

Privileged EXEC

Essential Cisco Switch Commands for VLAN Configuration and Routing:

COMMAND

vlan [vlan-id]

name [vlan-name]

show vlan brief

interface vlan [vlan-id]

switchport mode access

switchport access vlan [vlan-id]

switchport mode trunk

switchport trunk allowed vlan [vlan-list]

show interfaces trunk

no vlan [vlan-id]

ip routing

ip route [destination] [mask] [next-hop]

show ip route

interface [interface-id]

ip address [ip] [subnet-mask]

show ip interface brief

router ospf [process-id]

network [network] [wildcard-mask] area [area-id]

router bgp [asn]

neighbor [ip] remote-as [asn]

show ip protocols

clear ip route *

show ip bgp summary

DESCRIPTION

Creates a VLAN with the specified ID.

Assigns a name to the created VLAN.

Displays a summary of all VLANs and their associated interfaces.

Enters interface configuration mode for the specified VLAN.

Sets the port to access mode (used for connecting end devices).

Assigns the port to a specific VLAN.

Configures a port as a trunk to carry multiple VLANs.

Specifies which VLANs are allowed on a trunk.

Displays trunk ports and allowed VLANs on those trunks.

Deletes a VLAN. Global Configuration

Enables IP routing on the switch.

Adds a static route to the routing table.

Displays the IP routing table.

Enters interface configuration mode.

Assigns an IP address to an interface.

Displays a summary of IP interfaces and their statuses.

Enables OSPF routing with the specified process ID.

Defines OSPF networks.

Configures BGP routing with a specific autonomous system number.

Adds a BGP neighbor with the specified IP and ASN.

Displays information about routing protocols in use.

Clears the routing table.

Displays a summary of BGP neighbors and status.

MODE

Global Configuration

VLAN Configuration

Privileged EXEC

Global Configuration

Interface Configuration

Privileged EXEC

Global Configuration

Privileged EXEC

Global Configuration

Interface Configuration

Privileged EXEC

Global Configuration

OSPF Configuration

Global Configuration

BGP Configuration

Privileged EXEC

Essential DHCP Commands for Cisco Switch Configuration and Troubleshooting:

COMMAND

ip dhcp pool [pool-name]

network [network] [subnet-mask]

default-router [router-ip]

dns-server [dns-ip]

lease [days] [hours] [minutes]

domain-name [domain-name]

host [ip] [mask]

excluded-address [start-ip] [end-ip]

ip dhcp excluded-address [ip-address]

show ip dhcp pool

show ip dhcp binding

show ip dhcp server statistics

clear ip dhcp binding [address]

clear ip dhcp conflicts

debug ip dhcp server packet

ip dhcp conflict logging

ip dhcp relay information trust-all

no ip dhcp conflict logging

DESCRIPTION

Creates a DHCP pool for assigning IP addresses.

Defines the network and subnet mask for the DHCP pool.

Specifies the default gateway for DHCP clients.

Specifies the DNS server for DHCP clients.

Defines the lease duration for DHCP clients.

Specifies the domain name for DHCP clients.

Assigns a fixed IP address to a specific host.

Excludes a range of IP addresses from the DHCP pool.

Excludes a single IP address from being assigned by DHCP.

Displays DHCP pool statistics and information.

Displays the list of IP addresses currently leased to DHCP clients.

Displays statistics about DHCP server operations.

Releases the IP address binding for a specific client.

Clears any DHCP address conflicts.

Displays real-time debugging information for DHCP packets.

Enables logging of DHCP address conflicts.

Configures the switch to trust DHCP relay info for all interfaces.

Disables logging of DHCP address conflicts.

MODE

Global Configuration

DHCP Pool Configuration

Global Configuration

Privileged EXEC

Global Configuration

Page updated

Report abuse