0% found this document useful (0 votes)
530 views5 pages

(CCNA) Cisco Commands Cheat Sheet #2

This document provides a cheat sheet of Cisco commands for CCNA students. It covers commands for configuring port security, VLANs, trunks, VTP, STP, CDP and their verification. Examples are given for making interfaces access or trunk ports, setting port security, adding VLANs, configuring the root bridge, enabling CDP, and showing CDP, VLAN, port security and STP information. The cheat sheet is intended to help students learn and remember important Cisco commands.

Uploaded by

Md IrfAN
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
530 views5 pages

(CCNA) Cisco Commands Cheat Sheet #2

This document provides a cheat sheet of Cisco commands for CCNA students. It covers commands for configuring port security, VLANs, trunks, VTP, STP, CDP and their verification. Examples are given for making interfaces access or trunk ports, setting port security, adding VLANs, configuring the root bridge, enabling CDP, and showing CDP, VLAN, port security and STP information. The cheat sheet is intended to help students learn and remember important Cisco commands.

Uploaded by

Md IrfAN
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

[CCNA] Cisco Commands Cheat Sheet #2

CCNA RnS, Cisco, Network September 19, 2013 Comments: 5

Continuing our Cisco Commands Cheat Sheet for CCNA students, this is our 2nd post.

Cisco Commands Cheat Sheet #1


Cisco Commands Cheat Sheet #3
Cisco Commands Cheat Sheet #4
Cisco Commands Cheat Sheet #5

Configuring port security:

Make the switch interface as access port:

1 SW1(config-if)# switchport mode access

Enable port security on the interface:

1 SW1(config-if)# switchport port-security

Specify the maximum number of allowed MAC addresses:

1 SW1(config-if)# switchport port-security maximum 1

Define the action to take when violation occurs:

1 SW1(config-if)# switchport port-security violation shutdown ! options: shu

Specify the allowed MAC addresses:

The sticky keyword is used to let the interface dynamically learns and configures the MAC addresses
of the currently connected hosts.

1 SW1(config-if)# switchport port-security mac-address 68b5.9965.1195 ! opti

Verify and troubleshoot port security:

Shows the entries of the mac address table:

1 SW1# show mac-address-table

Overview of port security of all interfaces:


1 SW1# show port-security

Shows detailed information about port security on the specified interface:

1 SW1# show port-security interface fa0/5

Configuring VLANs:

Create a new VLAN and give it a name:

1 SW1(config)# vlan 10
2 SW1(config-vlan)# name SALES

Assign an access interface to access a specific VLAN:

1 SW1(config)# interface fastEthernet 0/5


2 SW1(config-if)# switchport mode access
3 SW1(config-if)# switchport access vlan 10

Configuring an auxiliary VLAN for cisco IP phones:

1 SW1(config)# interface fastEthernet 0/5


2 ! accessing vlan 10 (data) and 12 (VoIP)
3 SW1(config-if) #switchport access vlan 10
4 SW1(config-if) #switchport voice vlan 12

Configuring Trunks:

1 SW1(config)# interface fastEthernet 0/1


2 SW1(config-if)# switchport mode trunk ! options: access, trunk, dynamic au
3 SW1(config-if)# switchport trunk allowed vlan add 10 ! options: add, remov

Securing VLANs and Trunking:

Administratively disable unused interfaces:

1 SW1(config-if)# shutdown

Prevent trunking by disabling auto negotiation on the interface:

1 SW1(config-if)# nonegotiate ! or hardcode the port asan access port


2 SW1(config-if)# switchport mode access

Assign the port to an unused VLAN:

1 SW1(config-if)# switchport access vlan 222


Configuring VTP:

Configure VTP mode:

The transparent VTP mode is used when an engineer wants to deactivate VTP on a particular switch

1 SW1(config)# vtp mode server ! options: server, client, transparent

Configure VTP domain name:

1 SW1(config)# vtp domain EXAMPLE ! case-sensitive

Configure VTP password (optional):

1 SW1(config)# vtp password cisco ! case-sensitive

Configure VTP pruning (optional):

1 SW1(config)# vtp pruning ! only works on VTP servers

Enable VTP version 2 (optional):

1 SW1(config)# vtp version 2

Verify and troubleshoot VLANs and VTP:

Lists information about administrative se ing and operation status of interface:

1 SW1# show interfaces if switchport

Lists all the trunk ports on a switch including the trunk allowed VLANs:

1 SW1# show interfaces trunk

Lists information about the VLANs:

1 SW1# show vlan {brief | id | name | summary}

Lists VTP configuration (mode, domain-name, version, etc) and revision number:

1 SW1# show vtp status

Shows the VTP password:

1 SW1# show vtp password

STP optimization:

Hard coding the root bridge (changing bridge priority):


1 SW1(config)# spanning-tree vlan 1 root primary
2 SW1(config)# spanning-tree vlan 1 root secondary
3 ! Priority must be a multiply of 4096
4 SW1(config)# spanning-tree [vlan 1]priority 8192

Changing the STP mode:

1 SW1(config)# spanning-tree mode rapid-pvst ! options: mst, pvst, rapid-pvs

Enabling portfast and BPDU guard on an interface:

Portfast and BPDU guard are enabled only on interfaces connected to end user hosts

1 SW1(config-if)# spanning-tree portfast


2 SW1(config-if)# spanning-tree bpduguard enable

Changing port cost:

1 SW1(config-if)# spanning-tree [vlan 1] cost 25

Bundling interfaces into an etherchannel:

1 SW1(config-if)# channel-group 1 mode on ! options: auto, desirable, on

STP verification and troubleshooting:

Shows detailed info about STP state:

1 SW1# show spanning-tree

Shows STP info only on a specific port:

1 SW1# show spanning-tree interface fa0/2

Shows STP info only for a specific VLAN:

1 SW1# show spanning-tree vlan 1

Shows info about the root switch:

1 SW1# show spanning-tree [vlan 1] root

Shows info about the local switch:

1 SW1# show spanning-tree [vlan 1] bridge

Show the state of the etherchannels:

1 SW1# show etherchannel 1

Provides informational messages about the changes in the STP topology:

1 SW1# debug spanning-tree events


Enabling or disabling CDP:

Enabling CDP globally on a switch:

1 SW1(config)# cdp run

Disabling CDP on a given interface:

1 SW1(config-if)# no cdp enable

Using CDP for network verification and troubleshooting:

Shows global information about CDP itself:

1 SW1# show cdp

Shows information about CDP on a specific interface:

1 SW1# show cdp interface fa0/2

Shows information about the directly connected cisco devices including interfaces names
capabilities:

1 SW1# show cdp neighbors

Shows detailed information about the neighboring cisco devices including device address and
version of IOS they run:

1 SW1# show cdp neighbors detail


2 ! OR
3 SW1# show cdp entry *

Shows detailed information about the specified entry only:

1 SW1# show cdp entry SW2

Enjoy !

You might also like