Cisco Router Cheat Sheet

This is a list of useful things that I’ve done using Cisco IOS via the command line interface. It’s really only for my own use, on my 861W, but in the case it comes in handy for someone else, here it is…

Show the configuration:

show config
! to show running configuration instead:
show running-conf

Save the active configuration to startup config:

copy running-config startup-config

Show the access lists:

sh ip access-lists

Editing an access list for telnet access:

!using netmask as an example
  ip access-list standard 23
    ! use 'no 10' to delete the original acl

Changing the router’s IP address:

!Changing router IP to as an example
ip dhcp excluded-address
ip dhcp pool ccp-pool
interface Vlan1
  ip address

Setting up DNS proxy and name servers to point at comcast:

ip domain name lan
ip name-server
ip name-server
ip dns server

Setting hostname for the router:

hostname scottsrouter

Setting local DNS entries

!puts smbaker4.lan and smbaker4 at
ip host smbaker4
ip host smbaker4.lan

Enable SNMP monitoring:

snmp-server community public ro
access-list 60 permit


! Let's assume you have an internal web server on port 80
! and you want it to be externally visible on port 8080 on the router
! and your WAN interface is FastEthernet4
ip nat inside source static tcp 80 interface FastEthernet4 8080

Show port-forwarding

! This will dump the whole NAT table. If you configured static port forwarding, then
! you ought to see your entries in there somewhere.
show ip nat translations

Show DHCP Leases

show ip dhcp binding

Useful SNMP variables:

useful snmp variables:
  new cpu:
    5s cpu use:
    1m cpu use:
    5min cpu use:
  older ones:
    pool name:
    pool used:
    pool free:
    where x=1: processor, x=2: io
  using snmpwalk:
    snmpwalk -Os -c public -v 1

Wireless access point stuff

The wireless accesspoint resides in the same box as the 861W but is a functionally separate device. If you gave it a separate IP address (you probably did) then you can telnet into your AP and configure it using IOS. The sections below will deal with access point stuff:

Changing the SSID of the router from ‘CISCO’ to ‘NETGEAR’:

interface Dot11Radio0
  ssid NETGEAR
    authentication open
dot11 ssid CISCO
  no authentication open
  no guest-mode
interface Dot11Radio0
  no ssid CISCO

Disabling and re-enabling the radio (good for testing multi-AP settings):

# disable radio
interface Dot11Radio0

# enable radio
interface Dot11Radio0
  no shutdown

Debugging DNS stuff

debug domain
terminal monitor

When DNS stops working for a domain

# not sure what the problem is, but sometimes it just stops returning A records
# for a particular domain. 
clear host *

See Also:

Comments (1)

  1. Kevin Walter says:

    Have reccomended this page to my lvel 6 undergraduate degree students as a source to be read.
    They have been tasked to set up a secure network using the 861W without documentation, therefore sites like yours are very useful, yours in particular is exceptionaL.
    Kevin Walter
    Course Leader BT/IT
    University of Gloucestershire

Leave a Reply

Your email address will not be published. Required fields are marked *