CLI stand for Command line Interface.

Their is multiple ways.

1. BY Cable
2. Remotely

SO to connect by cable you have 2 port.

1. RJ45
2. USB Mini-B

• This Rollover wire is need to connect RJ45 to pc.
• one end in this pic have RJ45 port one and 2nd one is DD9 connector.
• now days no laptop have serial connector to connect DD9 connector so we need a adapter show in pic at right side.

After connect pc to cisco device we need an software PUTTY by we can access CTI.

Click on serial and configure the speed, data bites, stop bites and more as same as shown below. and press OK.

• These are the default setting to connect to CISCO device.

Router > = user EXEC mode Router# = privileged EXEC mode Router (config) # = global configuration mode

Their are 5 mode in device like we have 2 in Linux simple user and root user.

1. User EXEC Mode also called user mode

   • It show like Router> Router is Host name of device > it indicate you are in user exec mode

2. Privilege EXEC Mode

• Access to advanced commands.
• Allows entry into configuration modes.
• Entered by typing enable.
• It show like Router# Router is the Host name of device # it indicate you are root user.

3. Global Configuration Mode:

• Device-wide configuration changes. It show like router (config) # config mean you are in Global Configuration Mode.

To go in Global Configuration Mode First you have to go in Privilege EXEC Mode by command enable then use configure terminal command to go in Global Configuration Mode

configure terminal = conf t 4. Interface Configuration Mode:

• Configuration for specific interfaces (e.g., Ethernet).
• Accessed by typing interface <interface_id> in global configuration.

5. Line Configuration Mode:
   • Manage terminal lines (e.g., console, VTY).
   • Accessed by typing line <line_type> <line_number> in global configuration.

• Router is just the default host name of device. To change it use command: hostname YourNewHostname

must be in global configure mode

• To see all commands use ?

their is shortcut command of each and every command to use it just type the starting character of the command. ex: enable = en and enter. or press tab to see command. but is you only e it show and error like this % Ambiguous command : "e" it mean their is more command start with e.

• To see them all type e? conf t = configure terminal

To change password you should have Global Configuration Mode.

enable password? show a word password telling about shortcut. enable password ? it tell all the option in the command.

enable passowrd your_pass it change the password.

enable passowrd your_pass ? this ? search is their any further option or not if no it print <cr>

Enter Privileged EXEC Mode to see these files.

Lets discuss about 2 imp files.

1. Running-config: The current, active configure file on the device. As you enter commands in CLI , you edit the active configuration.
   • show running-config To see this running-config file.
2. startup-config= the configuration file that will be loaded up on restart of device.
   • show startup-config To see startup-config file.

Privileged EXEC mode is required to run this commands:

# all 3 command works same.
write
write memory
copy running-config startup-config

As password is stored in startup-config file as a plain text that can be security risk so we can use encryption to make it secure.

Global configuration mode is required to set up it.

service password-encryption It encrypted the password by CISCO preparatory encryption algorithm, how ever its not also secure

If you enable service password-encryption... • current passwords will be encrypted. • future passwords will be encrypted. • the enable secret will not be effected.

because it can be easy crack by a online tools as well. enable password CISCO this is the password store in startup-config file after use this command it get encrypted and shown like this. enable passsword 7 08026f6028 this 7 indicate CISCO preparatory encryption algorithm and further is password hash.

To make it more secure use command:

enable secret your_pass

This use the MD5 algorithm that's more secure. show like enable secret 5 $1$mERr$Y1CkLjkhsakdjh11 5 indicate the MD5 algorithm used.

if both used the both store but only enable secret command is valid.

no service password-encryption

If you disable service password-encryption... • current passwords will not be decrypted. • future passwords will not be encrypted.

1. Access the Router:

   • Connect to your router using a console cable or SSH.

2. Enter Privileged EXEC Mode:

   enable

3. Enter Global Configuration Mode:

   configure terminal

• Before Configuration:

  Router# show ip interface brief
  Interface              IP-Address      OK? Method Status                Protocol
  GigabitEthernet0/0     unassigned      YES unset  administratively down  down

• if you are in Global Configuration Mode: show ip interface brief not work it work in privilege EXCE mode , so to run from Global mode use : do show ip interface brief

4. Select the Interface: For example, if you want to configure GigabitEthernet0/0, enter:

   interface GigabitEthernet0/0

5. Assign the IP Address: For example, to set the IP address to 192.168.1.1 with a subnet mask of 255.255.255.0, enter:

   ip address 192.168.1.1 255.255.255.0

6. Enable the Interface: By default, many interfaces are administratively down. To enable the interface, enter:

   no shutdown

7. Exit Configuration Mode: To exit back to global configuration mode:

   exit

8. Save Your Configuration: To ensure the changes are not lost after a reboot, save the configuration:

   write memory

   or

   copy running-config startup-config

• After Configuration:

  Router# show ip interface brief
  Interface              IP-Address      OK? Method Status                Protocol
  GigabitEthernet0/0     192.168.1.1     YES manual up                    up

• Interface: The name of the interface (e.g., GigabitEthernet0/0).
• IP-Address: The assigned IP address of the interface (e.g., 192.168.1.1).
• OK?: Indicates whether the IP address configuration is valid (YES or NO).
• Method: The method used to assign the IP address (e.g., manual, DHCP, or unset).
• Status: The administrative status of the interface (up or down).
• Protocol: The operational status of the interface (up or down).

The command show interface g0/0 (or show interface GigabitEthernet0/0) provides detailed information about the specified interface on a Cisco device. Here's what you can expect from the output of this command:

• show interface description it give one more column description can be useful.
• show interface g0/0 give info of specific interface.

GigabitEthernet0/0 is up, line protocol is up
  Hardware is iGbE, address is 23:a2:bc:23:2c
  Internet address is 192.168.1.1/24
  MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec
     Reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive not supported
  Full-duplex, 1000Mb/s, media type is RJ45
  input flow-control is off, output flow-control is off
  Last input 00:00:01, output 00:00:01, output hang never
  Last clearing of "show interface" counters never
  Queueing strategy: fifo
  Output queue 0/40, 0 drops; input queue 0/75, 0 drops

1. Interface Status:

   • GigabitEthernet0/0 is up, line protocol is up: Indicates that the interface is running and able to send and receive data.

2. Hardware Type:

   • Hardware is Gigabit Ethernet: Specifies the type of interface hardware. like now iGbE indicate 1 Gigabit Ethernet.

• further in line its MAC address. First mac address is temp can be changed in CLI , BIA mac address is permanent.

3. IP Address:

   • Internet address is 192.168.1.1/24: Shows the IP address and subnet mask assigned to the interface.

4. MTU (Maximum Transmission Unit):

   • MTU 1500 bytes: The maximum size of a packet that can be transmitted over the interface.

5. Bandwidth and Delay:

   • BW 1000000 Kbit/sec, DLY 10 usec: Indicates the bandwidth and delay characteristics of the interface.

6. Reliability and Load:

   • Reliability 255/255: A measure of the reliability of the interface.
   • txload and rxload: Indicate the load on the interface in terms of transmitted and received traffic.

7. Encapsulation:

   • Encapsulation ARPA: The type of encapsulation used on the interface (in this case, Ethernet).

8. Duplex and Speed:

   • Full-duplex, 1000Mb/s: Indicates the duplex mode and speed of the interface.

9. Flow Control:

   • input flow-control is off, output flow-control is off: Shows whether flow control is enabled.

10. Traffic Statistics:

    • Provides information about input/output packets, drops, and last input/output times.