Cisco IOS Command Reference

Quick reference guide for essential CCNA commands

Basic Configuration Commands

enable
Enters privileged EXEC mode
User EXEC
configure terminal
Enters global configuration mode
Privileged EXEC
hostname [name]
Sets the device hostname
Global Config
Example:
hostname Router1
enable secret [password]
Sets encrypted enable password
Global Config
service password-encryption
Encrypts all plaintext passwords
Global Config
copy running-config startup-config
Saves running configuration to NVRAM
Privileged EXEC
write memory
Alternate command to save configuration
Privileged EXEC

Interface Configuration

interface [type][number]
Enters interface configuration mode
Global Config
Example:
interface GigabitEthernet0/0
ip address [ip] [mask]
Assigns IP address to interface
Interface Config
Example:
ip address 192.168.1.1 255.255.255.0
no shutdown
Enables the interface
Interface Config
shutdown
Disables the interface
Interface Config
description [text]
Adds a description to the interface
Interface Config
speed [10|100|1000|auto]
Sets interface speed
Interface Config
duplex [auto|full|half]
Sets duplex mode
Interface Config

VLAN Configuration

vlan [vlan-id]
Creates a VLAN and enters VLAN config mode
Global Config
Example:
vlan 10
name [vlan-name]
Names the VLAN
VLAN Config
switchport mode access
Sets port to access mode
Interface Config
switchport access vlan [vlan-id]
Assigns port to a VLAN
Interface Config
switchport mode trunk
Sets port to trunk mode
Interface Config
switchport trunk allowed vlan [vlan-list]
Specifies allowed VLANs on trunk
Interface Config
switchport trunk native vlan [vlan-id]
Sets native VLAN for trunk
Interface Config

Routing Configuration

ip route [network] [mask] [next-hop|exit-interface]
Configures a static route
Global Config
Example:
ip route 192.168.2.0 255.255.255.0 10.1.1.2
ip route 0.0.0.0 0.0.0.0 [next-hop]
Configures default route
Global Config
router ospf [process-id]
Enables OSPF routing
Global Config
network [network] [wildcard-mask] area [area-id]
Specifies networks for OSPF
Router Config
Example:
network 192.168.1.0 0.0.0.255 area 0
router eigrp [as-number]
Enables EIGRP routing
Global Config
router rip
Enables RIP routing
Global Config
version 2
Sets RIP version 2
Router Config

DHCP Configuration

ip dhcp pool [name]
Creates DHCP pool
Global Config
network [network] [mask]
Specifies DHCP network range
DHCP Config
default-router [ip-address]
Sets default gateway for clients
DHCP Config
dns-server [ip-address]
Sets DNS server for clients
DHCP Config
ip dhcp excluded-address [start-ip] [end-ip]
Excludes addresses from DHCP pool
Global Config
ip helper-address [ip-address]
Forwards DHCP broadcasts to server
Interface Config

Security & ACL Commands

access-list [number] [permit|deny] [source] [wildcard]
Creates standard ACL
Global Config
Example:
access-list 10 permit 192.168.1.0 0.0.0.255
access-list [number] permit [protocol] [source] [dest] [port]
Creates extended ACL
Global Config
ip access-group [acl-number] [in|out]
Applies ACL to interface
Interface Config
switchport port-security
Enables port security
Interface Config
switchport port-security maximum [number]
Sets max MAC addresses allowed
Interface Config
switchport port-security violation [shutdown|restrict|protect]
Sets violation mode
Interface Config
line vty 0 4
Enters VTY line config for remote access
Global Config
login local
Requires local username/password
Line Config
transport input ssh
Allows only SSH access
Line Config

Show & Verification Commands

show running-config
Displays current configuration
Privileged EXEC
show startup-config
Displays saved configuration
Privileged EXEC
show ip interface brief
Shows summary of interface status
Privileged EXEC
show ip route
Displays routing table
Privileged EXEC
show vlan brief
Shows VLAN information
Privileged EXEC
show interfaces [interface]
Shows detailed interface information
Privileged EXEC
show mac address-table
Displays MAC address table
Privileged EXEC
show ip protocols
Shows routing protocol information
Privileged EXEC
show cdp neighbors
Shows connected Cisco devices
Privileged EXEC
show version
Shows system version and hardware info
Privileged EXEC
show access-lists
Displays configured ACLs
Privileged EXEC

Troubleshooting Commands

ping [ip-address]
Tests connectivity to a host
Privileged EXEC
traceroute [ip-address]
Traces path to destination
Privileged EXEC
debug ip routing
Shows routing updates in real-time
Privileged EXEC
undebug all
Disables all debugging
Privileged EXEC
show logging
Displays system log messages
Privileged EXEC
Advertisement