Cisco Switch Commands Cheat Sheet

Cisco switches can be used as plug-and-play devices out of the box but they also offer an
enormous amount of features. Although the main purpose of the switch is to provide inter-
connectivity in Layer 2 for the connected devices of the network, there are myriad features
and functionalities that can be configured on Cisco Switches.
In the following Cisco Switch Commands Cheat Sheet, I have tried to include the most
important and frequently-used commands that Cisco professionals encounter in real world
networks. I know that the list is not exhaustive but I believe that the most useful commands
are included. Make sure to download the whole command cheat sheet in PDF format at the
end of the article so you can print it or save it on your computer for future reference.
The following commands will work on most Cisco switch models such as 4500, 3850, 3650,
2960, 3560 etc.

Verification Commands:
TestSwitch#show version [Displays software and hardware information]

TestSwitch#show running-config [Displays currently running configuration in DRAM]

TestSwitch#show start [Displays configuration in NVRAM which will be loaded after reboot]

TestSwitch#show flash: [Displays Flash memory information]

TestSwitch#show boot [Displays boot path and image]

TestSwitch#show clock [Displays the system clock]

TestSwitch#show interfaces [Displays all interfaces configuration and status of line]

TestSwitch#show vlan [Displays vlan number, name, status and ports associated with it]

TestSwitch#show vtp status [Displays VTP mode, Number of existing vlans and config revision]

TestSwitch#show interface status [Displays interface status, vlan, Duplex, Speed and type]

TestSwitch#show etherchannel [Displays etherchannel information]

TestSwitch#show cdp neighbors [Displays information of connected devices]

TestSwitch#show cdp neighbors detail [Displays detailed information of connected devices]

TestSwitch#show mac address-table [Displays current MAC address forwarding table and which MAC is
learned on each switch port]

TestSwitch#show spanning-tree [Displays spanning-tree state information, which interfaces are in

active or blocking state etc]
Resetting the Switch
TestSwitch#delete flash:vlan.dat [Deletes vlan database from flash memory so you can start adding
new VLANs from scratch]

TestSwitch#erase startup-config [Delete start-up file from NVRAM]

TestSwitch#reload [Reboot the Switch]

Setting Host Names

TestSwitch#config t [Entering into Global Configuration Mode]

TestSwitch(config)#hostname MySwitch [Enter the hostmane]

Setting login credentials:

MySwitch(config)#username admin password csico1234 [enable username and password for login to the switch]

MySwitch(config)#enable secret test1 [Sets encrypted secret password using MD5 algorithm. This
is the enable password that you will be asked to enter when trying to enter into “enable” mode]

MySwitch(config)#service password-encryption [Encrypt all the passwords using MD5]

Console Access:
MySwitch(config)#line con 0 [Enter into line console mode]

MySwitch(config-line)#password test3 [Set password on console]

MySwitch(config-line)#login [Enable password checking]

SSH/Telnet Access to the switch:

MySwitch(config)#line vty 0 4 [Enters line vty mode for all five virtual ports]

MySwitch(config-line)#transport input ssh [Enable SSH]

MySwitch(config-line)#transport input telnet [Enable telnet]

MySwitch(configiline)#password test3 [Set password]

Setting IP Address (To allow remote access to the switch):
MySwitch(config)#interface vlan1 [Enters vlan1, the native vlan]

MySwitch(config-if)#ip address 192.168.1.2 255.255.255.0 [Set IP address which is the management IP of device]

MySwitch(config-if)#exit

MySwitch(config)#ip default-gateway 192.168.1.1 [Exit path for the switch – gateway IP]

Interface description
MySwitch(config)#interface g0/1

MySwitch(config-if)#description TO SERVER

Duplex and Speed Settings

MySwitch(config)#interface g0/1

MySwitch(config-if)#speed 10 [Force 10Mbps Speed]

MySwitch(config-if)#speed 100 [Force 100Mbps Speed]

MySwitch(config-if)#speed auto [Enable auto speed configuration]

MySwitch(config-if)#duplex auto [Enable auto duplex configuration on switch port]

MySwitch(config-if)#duplex full [Enable full duplex configuration on switch port]

MySwitch(config-if)#duplex half [Enable half duplex configuration on switch port]

Setting Web-based interface for configuration (GUI):

MySwitch(config)#ip http server [Enable HTTP server]

MySwitch(config)#ip http port 80 [Set port number for HTTP]

Port-Security
MySwitch(config)#interface g0/1 [Enter the interface to set port-security]

MySwitch(config-if)#switchport port-security [Enable port security on the interface]

MySwitch(config-if)#switchport port-security mac-address sticky [Interface converts all MAC addresses to sticky
secure addresses]

MySwitch(config-if)#switchport port-security maximum 1 [Only one MAC address will be allowed for this port]

MySwitch(config-if)#switchport port-security violation shutdown [Port will shut down if violation occurs]

MySwitch(config-if)#exit
MySwitch(config)#exit

MySwitch#show port-security [Verifying Port security]

Save current configuration

MySwitch(config)# copy running-config startup-config

PortFast
“Portfast” bypasses the Spanning Tree states and brings the port up as quickly as possible. Use it only if you
connect a regular host (e.g Computer) on the port. Do not use this command when the port is trunk or if you
connect other switches on the specific port.
MySwitch(config)# interface FastEthernet 0/1

MySwitch(config-if)# spanning-tree portfast

Configuring VLANs
MySwitch(config)#vlan 20 [Create a Layer2 VLAN with id 20]

MySwitch(config-vlan)# name testvlan [Enter a name for the vlan]

MySwitch(config-vlan)#exit

MySwitch(config)#exit

MySwitch#show vlan brief [Verify the vlan database]

Assigning access ports to a vlan

MySwitch(config)#interface g0/1

MySwitch(config-if)#switchport mode access [Set the interface in access mode]

MySwitch(config-if)#switchport access vlan 20 [Assign the port to vlan 20]

MySwitch(config-if)#exit

The following commands will select a range of interfaces (from 1 to 24) and add all of them to vlan20

MySwitch(config)#interface range gigabitEthernet 0/1-24

MySwitch(config-if)#switchport mode access

MySwitch(config-if)#switchport access vlan 20

MySwitch(config-if)#exit
Configuring trunk port
MySwitch(config)#interface g0/2

MySwitch(config-if)#switchport trunk encapsulation dot1q [Configure the port to support 802.1Q

Encapsulation (default is negotiate)]
MySwitch(config-if)#switchport mode trunk [Set the interface in permanent trunking mode]

MySwitch(config-if)#switchport trunk native vlan 20 [Specify native vlan for 802.1q trunk - OPTIONAL]

MySwitch(config-if)#switchport trunk allowed vlan 2-5 [vlans 2 to 5 are allowed to pass through the trunk]

MySwitch(config-if)#switchport trunk allowed vlan add 7 [add also vlan 7 in the allowed vlans]

MySwitch(config-if)#switchport trunk allowed vlan remove 3 [remove vlan 3 from the allowed vlans in the trunk]

MySwitch#show interface g0/2 trunk [Verify the trunk ports and associated vlans on the specific interface]

http:/www.networkstraining.com for more Cisco Technical

Tutorials and Configuration Examples