Home | Site Map | Cisco How ToNet How To | Wireless |Search | Forums | Services | Donations | Careers | About Us | Contact Us|

Cisco useful commands

Cisco Router, Firewall, VPN, SDM, ASA and Switch

Cisco useful commands

Postby blin » Mon Nov 16, 2009 8:58 pm

Web Cisco Useful Commands ...
Useful Commands. Can I schedule to reload Cisco PIX · Command to find devices directly connected Cisco equipment · How to schedule to reload Cisco router ...
www.howtocisco.com/cisco/usefulcommands.htm

"term mon" - show real time log, use
How to Configure and Troubleshoot Cisco
http://www.howtocisco.com

Tablet and Smartphone Setup Guide
http://www.quicksetupguide.com
blin
Site Admin
 
Posts: 3649
Joined: Wed Dec 31, 1969 7:00 pm
Location: Chicago, USA

Re: Cisco useful commands

Postby lifelong76 » Mon Feb 22, 2010 4:05 am

Hi according to me one of the most important abilities a network administrator can have is the know-how to get information out of his network devices so he can find out what's going on with the network. In most networks, the staple of information gathering has been the "show" commands. Here are my top ten commands to know and love:
• Show version: Start simple; this command gives up time, info about your software and hardware and a few other details.
• Show ip interface brief: This command is great for showing up/down status of your IP interfaces, as well as what the IP address is of each interface. It's mostly useful for displaying critical info about a lot of interfaces on one easy to read page.
• Show interface: This is the more popular version of the command that shows detailed output of each interface. You'll usually want to specify a single interface or you'll have to hit 'page down' a lot. This command is useful because it shows traffic counters and also detailed info about duplex and other link-specific goodies.
• Show ip interface: This often overlooked command is great for all the configuration options that are set. These include the switching mode, ACLs, header compression, ICMP redirection, accounting, NAT, policy routing, security level, etc. Basically, this command tells you how the interface is behaving.
• Show ip route: This indispensable command shows your routing table, which is usually the primary purpose of the box. Get to know the options on this command.
• Show arp: Can't ping a neighbor? Make sure you're getting an arp entry.
• Show running-config: This is an easy one. It tells you how the box is configured right now. Also, "show startup-config" will tell you how the router will be configured after the next reboot.
• Show port: Similar to the show interface command on routers, this command gives you the status of ports on a switch.
• Show vlan: With the trend toward having lots of VLANs, check this command to make sure your ports are in the VLANs you think they are. Its output is very well designed.
• Show tech-support: This command is great for collecting a lot of info. It basically runs a whole bunch of other show commands, and spits out dozens of pages of detailed
output, designed to be sent to technical support. But, it's also useful for other purposes.
lifelong76
 
Posts: 4
Joined: Thu Nov 15, 2007 12:06 am

Re: Cisco useful commands

Postby chicagotech » Wed Jun 02, 2010 7:19 pm

Show a single port configuration, for example,
sh run int g0/1
Building configuration...

Current configuration : 126 bytes
!
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 2 mode active
end
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
chicagotech
Site Admin
 
Posts: 7149
Joined: Mon Nov 27, 2006 1:24 pm
Location: Chicago USA

Re: Cisco useful commands

Postby guest » Mon Jun 20, 2011 8:39 pm

To show the command line start a command or word, using show run | begin, for example,
Switch#sh run | begin vlan 600
switchport trunk native vlan 600
switchport mode trunk
spanning-tree portfast
....
Tablet and Smartphone Setup Guide
http://www.quicksetupguide.com

Troubleshooting Vista Wireless
http://chicagotech.net/
guest
 
Posts: 10191
Joined: Mon Nov 27, 2006 1:10 pm

Re: Cisco useful commands

Postby guest » Mon Jun 20, 2011 8:41 pm

to Show all command lines with a word, use show run | incl, for example
Switch#sh run | incl vlan 600
switchport trunk native vlan 600
Tablet and Smartphone Setup Guide
http://www.quicksetupguide.com

Troubleshooting Vista Wireless
http://chicagotech.net/
guest
 
Posts: 10191
Joined: Mon Nov 27, 2006 1:10 pm

Re: Cisco useful commands

Postby guest » Mon Jul 25, 2011 10:45 am

To show uptime, run show tech-support.
Tablet and Smartphone Setup Guide
http://www.quicksetupguide.com

Troubleshooting Vista Wireless
http://chicagotech.net/
guest
 
Posts: 10191
Joined: Mon Nov 27, 2006 1:10 pm

Re: Cisco useful commands

Postby chicagotech » Mon Jul 25, 2011 4:48 pm

To configure range ports, use int range command. For example,
conf t
int range g0/20 - 24
no shutdown
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
chicagotech
Site Admin
 
Posts: 7149
Joined: Mon Nov 27, 2006 1:24 pm
Location: Chicago USA

Re: Cisco useful commands

Postby blin » Wed Jun 05, 2013 11:31 am

If you want logging messages from IOS to appear on the your terminal then you need to use the ‘terminal monitor‘ command. O turn terminal log off, use this command: terminal no monitor. For example
ADM_SER_3560_1#terminal monitor
ADM_SER_3560_1#
000210: Jun 4 22:18:03: %LINEPROTO-5-UPDOWN: Line protocol on Interface Gigabit
Ethernet0/33, changed state to down
000211: Jun 4 22:18:04: %LINK-3-UPDOWN: Interface GigabitEthernet0/33, changed
state to down
ADM_SER_3560_1#
000212: Jun 4 22:18:07: %LINK-3-UPDOWN: Interface GigabitEthernet0/33, changed
state to up
000213: Jun 4 22:18:08: %LINEPROTO-5-UPDOWN: Line protocol on Interface Gigabit
Ethernet0/33, changed state to up
ADM_SER_3560_1#
000214: Jun 4 22:19:09: %LINEPROTO-5-UPDOWN: Line protocol on Interface Gigabit
Ethernet0/33, changed state to down
000215: Jun 4 22:19:10: %LINK-3-UPDOWN: Interface GigabitEthernet0/33, changed
state to down
ADM_SER_3560_1#
How to Configure and Troubleshoot Cisco
http://www.howtocisco.com

Tablet and Smartphone Setup Guide
http://www.quicksetupguide.com
blin
Site Admin
 
Posts: 3649
Joined: Wed Dec 31, 1969 7:00 pm
Location: Chicago, USA

Re: Cisco useful commands

Postby blin » Thu Feb 09, 2017 1:13 pm

To show the status of AnyConnect connection from a user
ip/pri/act# show vpn-sessiondb anyconnect filter name blin

Session Type: AnyConnect

Username : blin Index : 193
Assigned IP : 192.168.10.14 Public IP : 98.246.110.254
Protocol : AnyConnect-Parent SSL-Tunnel DTLS-Tunnel
License : AnyConnect Premium
Encryption : RC4 AES128 Hashing : none SHA1 SHA1
Bytes Tx : 182520628 Bytes Rx : 100899388
Group Policy : chicagotechvpn Tunnel Group : chicagotechvpn
Login Time : 17:22:06 CST Tue Feb 7 2017
Duration : 20h:57m:09s
Inactivity : 0h:00m:00s
NAC Result : Unknown
VLAN Mapping : N/A VLAN : none
How to Configure and Troubleshoot Cisco
http://www.howtocisco.com

Tablet and Smartphone Setup Guide
http://www.quicksetupguide.com
blin
Site Admin
 
Posts: 3649
Joined: Wed Dec 31, 1969 7:00 pm
Location: Chicago, USA

Re: Cisco useful commands

Postby blin » Thu Feb 09, 2017 1:15 pm

To show group policy
ip/pri/act# show run group-policy chicagotechvpn
group-policychicagotechvpn internal
group-policy chicagotechvpn attributes
wins-server value 10.0.0.106 10.0.0.93
dns-server value 10.0.0.106 10.0.0.93
vpn-tunnel-protocol ikev1 ssl-client ssl-clientless
split-tunnel-policy tunnelspecified
split-tunnel-network-list value chicagotechvpn_splitTunnelAcl
default-domain value Chicagotech.net
How to Configure and Troubleshoot Cisco
http://www.howtocisco.com

Tablet and Smartphone Setup Guide
http://www.quicksetupguide.com
blin
Site Admin
 
Posts: 3649
Joined: Wed Dec 31, 1969 7:00 pm
Location: Chicago, USA

Re: Cisco useful commands

Postby blin » Thu Feb 09, 2017 1:19 pm

To show VPN split Tunnel

ip/pri/act# show access-list chicagotechvpn_splitTunnelAcl
access-list chicagotechvpn_splitTunnelAcl; 1 elements; name hash: 0x5b222b32
access-list chicagotechvpn_splitTunnelAcl line 1 standard permit 10.0.0.0 255.255.0.0 (h itcnt=0) 0x7d4c1d5a
How to Configure and Troubleshoot Cisco
http://www.howtocisco.com

Tablet and Smartphone Setup Guide
http://www.quicksetupguide.com
blin
Site Admin
 
Posts: 3649
Joined: Wed Dec 31, 1969 7:00 pm
Location: Chicago, USA

Re: Cisco useful commands

Postby blin » Thu Feb 09, 2017 1:20 pm

To show IP address on ASA firewall
ip/pri/act# show ip
System IP Addresses:
Interface Name IP address Subnet mask Method
Ethernet0/0 outside 111.111.152.130 255.255.255.128 CONFIG
Ethernet0/1 inside 10.0.0.1 255.255.0.0 CONFIG
Ethernet0/2 dmz1 172.16.80.1 255.255.0.0 CONFIG
Ethernet0/3 failover 10.10.1.1 255.255.255.0 unset
Management0/0 management 192.168.1.1 255.255.255.0 CONFIG
Current IP Addresses:
Interface Name IP address Subnet mask Method
Ethernet0/0 outside 111.111.152.130 255.255.255.128 CONFIG
Ethernet0/1 inside 10.0.0.1 255.255.0.0 CONFIG
Ethernet0/2 dmz1 172.16.80.1 255.255.0.0 CONFIG
Ethernet0/3 failover 10.10.1.1 255.255.255.0 unset
Management0/0 management 192.168.1.1 255.255.255.0
How to Configure and Troubleshoot Cisco
http://www.howtocisco.com

Tablet and Smartphone Setup Guide
http://www.quicksetupguide.com
blin
Site Admin
 
Posts: 3649
Joined: Wed Dec 31, 1969 7:00 pm
Location: Chicago, USA

Re: Cisco useful commands

Postby blin » Thu Feb 09, 2017 1:21 pm

To show capture capin in ASA firewall
ip/pri/act# show capture capin

16 packets captured

1: 14:21:23.393870 192.168.108.14.53285 > 10.0.0.142.1433: . 669272795:669272 796(1) ack 3351200323 win 64904
2: 14:21:23.394312 10.0.0.142.1433 > 192.168.108.14.53285: . ack 669272796 wi n 63904 <nop,nop,sack sack 1 {669272795:669272796} >
3: 14:21:24.454566 10.0.0.142.1433 > 192.168.108.14.53285: . 3351200322:33512 00323(1) ack 669272796 win 63904
4: 14:21:24.519870 192.168.108.14.53285 > 10.0.0.142.1433: . ack 3351200323 w in 64904 <nop,nop,sack sack 1 {3351200322:3351200323} >
5: 14:21:36.124505 192.168.108.14.53274 > 10.0.0.142.1433: . 2420442521:24204 42522(1) ack 2530933926 win 64904
6: 14:21:36.124978 10.0.0.142.1433 > 192.168.108.14.53274: . ack 2420442522 w in 64220 <nop,nop,sack sack 1 {2420442521:2420442522} >
7: 14:21:36.250765 10.0.0.142.1433 > 192.168.108.14.53274: . 2530933925:25309 33926(1) ack 2420442522 win 64220
8: 14:21:36.316771 192.168.108.14.53274 > 10.0.0.142.1433: . ack 2530933926 w in 64904 <nop,nop,sack sack 1 {2530933925:2530933926} >
9: 14:21:36.976039 192.168.108.14.53272 > 10.0.0.142.1433: . 2657117802:26571 17803(1) ack 1588133845 win 64300
10: 14:21:36.976328 10.0.0.142.1433 > 192.168.108.14.53272: . ack 2657117803 w in 64881 <nop,nop,sack sack 1 {2657117802:2657117803} >
11: 14:21:37.512775 10.0.0.142.1433 > 192.168.108.14.53272: . 1588133844:15881 33845(1) ack 2657117803 win 64881
12: 14:21:37.574189 192.168.108.14.53272 > 10.0.0.142.1433: . ack 1588133845 w in 64300 <nop,nop,sack sack 1 {1588133844:1588133845} >
13: 14:21:53.466208 192.168.108.14.53285 > 10.0.0.142.1433: . 669272795:669272 796(1) ack 3351200323 win 64904
14: 14:21:53.466498 10.0.0.142.1433 > 192.168.108.14.53285: . ack 669272796 wi n 63904 <nop,nop,sack sack 1 {669272795:669272796} >
15: 14:21:54.528643 10.0.0.142.1433 > 192.168.108.14.53285: . 3351200322:33512 00323(1) ack 669272796 win 63904
16: 14:21:54.591476 192.168.108.14.53285 > 10.0.0.142.1433: . ack 3351200323 w in 64904 <nop,nop,sack sack 1 {3351200322:3351200323} >
16 packets shown
How to Configure and Troubleshoot Cisco
http://www.howtocisco.com

Tablet and Smartphone Setup Guide
http://www.quicksetupguide.com
blin
Site Admin
 
Posts: 3649
Joined: Wed Dec 31, 1969 7:00 pm
Location: Chicago, USA

Re: Cisco useful commands

Postby blin » Thu Feb 09, 2017 1:24 pm

To show the status of VPN client (192.168.108.14 in our case) to access internal server (10.0.0.143 in our case)
ip/pri/act# capture capin i in m ip h 192.168.108.14 h 10.0.0.143
ip/pri/act#
ip/pri/act#
ip/pri/act#

Or

ip/pri/act# show capture asp | in 192.168.108.14
ip/pri/act#
ip/pri/act#
ip/pri/act#

Note: the result shows the client 192.168.108.14 never reaches to the server 10.0.0.143. It could be a routing issue.
How to Configure and Troubleshoot Cisco
http://www.howtocisco.com

Tablet and Smartphone Setup Guide
http://www.quicksetupguide.com
blin
Site Admin
 
Posts: 3649
Joined: Wed Dec 31, 1969 7:00 pm
Location: Chicago, USA


Return to Cisco

Your Ad Here

Who is online

Users browsing this forum: No registered users and 1 guest