11/30/2021»»Tuesday

Control Break Cisco

11/30/2021

Problems that you encounter during password recovery often occur because you are not sure about what the break key sequence is for the (non-Cisco) software you use. For software not listed in the table, and for additional information, refer to the documentation of the individual software packages. Control Break on a Switch (packet tracer 5.3) hi everyone! I m trying to get into ROMMON in a switch Cisco WS-C2950T-24 (using PT) but the Ctrl+C is not working (as at the router) also i tried Ctr+Pause and Ctrl+Alt+6, Ctrl +Supr. Tambien se usa para realizar uno de los pasos del password recovery de los routers de cisco. Cuado se reinicia el router con reload, se le da ctrl+break y despues de esto carga el romon. Si se usa todavia y si es en los Routers de cisco, pues si que tiene utilidad.

Cisco switches can be used as plug-and-play devices out of the box but they also offer an enormous amount of features. Although the main purpose of the switch is to provide inter-connectivity in Layer 2 for the connected devices of the network, there are myriad features and functionalities that can be configured on Cisco Switches.

In the following Cisco Switch Commands Cheat Sheet, I have tried to include the most important and frequently-used CLI commands that Cisco professionals encounter in real world networks. I know that the list is not exhaustive but I believe that the most useful commands are included. Make sure to download the whole commands cheat sheet in PDF format below so you can print it or save it on your computer for future reference.

NOTE: Other Cisco Command Cheat Sheet Posts:

The following commands will work on most Cisco switch models such as 4500, 3850, 3650, 2960, 3560 etc.

Verification Commands:

TestSwitch#show version

[Displays software and hardware information]

TestSwitch#show running-config

[Displays currently running configuration in DRAM]

TestSwitch#show start

[Displays configuration in NVRAM which will be loaded after reboot]

TestSwitch#show flash:

[Displays Flash memory information]

TestSwitch#show boot

[Displays boot path and image]

TestSwitch#show clock

[Displays the system clock]

TestSwitch#show interfaces

[Displays all interfaces configuration and status of line]

TestSwitch#show vlan

[Displays vlan number, name, status and ports associated with it]

TestSwitch#show vtp status

[Displays VTP mode, Number of existing vlans and config revision]

TestSwitch#show interface status

[Displays interface status, vlan, Duplex, Speed and type]

TestSwitch#show etherchannel

[Displays etherchannel information]

TestSwitch#show cdp neighbors

[Displays information of connected devices]

TestSwitch#show cdp neighbors detail

[Displays detailed information of connected devices]

TestSwitch#show mac address-table

[Displays current MAC address forwarding table and which MAC is learned on each switch port]

TestSwitch#show spanning-tree

[Displays spanning-tree state information, which interfaces are in active or blocking state etc]

Resetting the Switch

TestSwitch#delete flash:vlan.dat

[Deletes vlan database from flash memory so you can start adding new VLANs from scratch]

TestSwitch#erase startup-config

[Delete start-up file from NVRAM]

TestSwitch#reload

[Reboot the Switch]

Setting Host Names

TestSwitch#config t

Control Break Key Cisco

[Entering into Global Configuration Mode]

TestSwitch(config)#hostname MySwitch

[Enter the hostname of the switch]

MySwitch(config)#

Setting login credentials:

MySwitch(config)#username admin password csico1234

[create username and password for logging in to the switch]

MySwitch(config)#enable secret test1

[Sets encrypted secret password using MD5 algorithm. This is the enable password that you will be asked to enter when trying to enter into “enable” mode]

MySwitch(config)#service password-encryption

[Encrypt all the passwords using MD5]

Console Access:

MySwitch(config)#line con 0

[Enter into line console mode]

MySwitch(config-line)#password test3

[Set password on console]

MySwitch(config-line)#login

[Enable password checking on console]

Control Break On Mac Cisco

SSH/Telnet Access to the switch:

MySwitch(config)#line vty 0 4

[Enters line vty mode for all five virtual ports]

MySwitch(config-line)#transport input ssh

[Enable SSH]

MySwitch(config-line)#transport input telnet

[Enable telnet]

MySwitch(configiline)#password test3

[Set password]

Setting IP Address (To allow remote access to the switch):

MySwitch(config)#interface vlan1

[Enters vlan1, the native vlan]

MySwitch(config-if)#ip address 192.168.1.2 255.255.255.0

[Set IP address for management]

MySwitch(config-if)#exit

MySwitch(config)#ip default-gateway 192.168.1.1

[Exit path for the switch – gateway IP]

Interface description

MySwitch(config)#interface g0/1

MySwitch(config-if)#description TO SERVER

Duplex and Speed Settings

MySwitch(config)#interface g0/1

MySwitch(config-if)#speed 10

[Force 10Mbps Speed]

MySwitch(config-if)#speed 100

[Force 100Mbps Speed]

MySwitch(config-if)#speed auto

[Enable auto speed configuration]

MySwitch(config-if)#duplex auto

[Enable auto duplex configuration on switch port]

MySwitch(config-if)#duplex full

[Enable full duplex configuration on switch port]

MySwitch(config-if)#duplex half

[Enable half duplex configuration on switch port]

Setting Web-based interface for configuration (GUI):

MySwitch(config)#ip http server

[Enable HTTP server]

MySwitch(config)#ip http port 80

[Set port number for HTTP]

Port-Security

MySwitch(config)#interface g0/1

[Enter the interface to set port-security]

MySwitch(config-if)#switchport port-security

[Enable port security on the interface]

MySwitch(config-if)#switchport port-security mac-address sticky

[Interface converts all MAC addresses to sticky secure addresses]

MySwitch(config-if)#switchport port-security maximum 1

[Only one MAC address will be allowed for this port]

MySwitch(config-if)#switchport port-security violation shutdown

[Port will shut down if violation occurs]

MySwitch(config-if)#exit

MySwitch(config)#exit

MySwitch#show port-security

[Verifying Port security]

Save current configuration

MySwitch(config)#copy running-config startup-config

PortFast

“Portfast” bypasses the Spanning Tree states and brings the port up as quickly as possible. Use it only if you connect a regular host (e.g Computer) on the port. Do not use this command when the port is trunk or if you connect other switches on the specific port.

MySwitch(config)#interface FastEthernet 0/1

MySwitch(config-if)#spanning-tree portfast

Configuring VLANs

MySwitch(config)#vlan 20

[Create a Layer2 VLAN with id 20]

MySwitch(config-vlan)# name testvlan

[Enter a name for the vlan]

MySwitch(config-vlan)#exit

MySwitch(config)#exit

MySwitch#show vlan brief

[Verify the vlan database]

Assigning access ports to a vlan

MySwitch(config)#interface g0/1

MySwitch(config-if)#switchport mode access

[Set the interface in switch access mode]

MySwitch(config-if)#switchport access vlan 20

[Assign the port to vlan 20]

MySwitch(config-if)#exit

The following commands will select a range of interfaces (from 1 to 24) and add all of them to vlan20

MySwitch(config)#interface range gigabitEthernet 0/1-24

Cisco

MySwitch(config-if)#switchport mode access

MySwitch(config-if)#switchport access vlan 20

MySwitch(config-if)#exit

Configuring trunk port

MySwitch(config)#interface g0/2

MySwitch(config-if)#switchport trunk encapsulation dot1q

[Configure the port to support 802.1Q Encapsulation (default is negotiate)]

MySwitch(config-if)#switchport mode trunk

[Set the interface in permanent trunking mode]

MySwitch(config-if)#switchport trunk native vlan 20

[Specify native vlan for 802.1q trunks – OPTIONAL]

MySwitch(config-if)#switchport trunk allowed vlan 2-5

[vlans 2 to 5 are allowed to pass through the trunk]

MySwitch(config-if)#switchport trunk allowed vlan add 7

[add also vlan 7 in the allowed vlans]

MySwitch(config-if)#switchport trunk allowed vlan remove 3

[remove vlan 3 from the allowed vlans in the trunk]

MySwitch#show interface g0/2 trunk

[Verify the trunk ports and associated vlans on the specific interface]

DOWNLOAD THE CHEAT SHEET AS PDF FILE

Related Posts

For whatever historical reason (I used to know, but I’ve forgotten ) the break character for Cisco IOS command line is Ctrl-Shift-6 and X. Now, that is a pain to type and I often makes mistakes because it takes four fingers in coordinated fashion (lets face it, I’m not a world class athlete, and using four fingers is beyond my physical capability). So I have a habit of repeating it about five times …just to make sure.

Break

Most importantly, when you are using a Cisco terminal server to access a router on a test bench (or study rack) and you hit the break sequence, the session snaps back to terminal server as if you had issued the command there. Annoying right ?

Control

So now I have connected over to a neighboring router, and foolishly attempted to ping something that doesn’t exist:

Now I hit the break key because I’m impatient and

That right, I have shifted the console back to the first router.

Solution

My solution on my test bench has been to change the escape character on the routers (but not on the terminal server).

Works for Telnet/SSH too

A common practice when making routing changes is to telnet to the nearest router, then jump to to remote router and make the routing changes. This way, if the routing doesn’t work exactly right you still have a console session running.

This has the same problem. If you hit break to shut out a ping command, or interrupt a DNS lookup, your console will snap back to the original router.

Control Break Cisco Webex

There are two ways to change the escape sequence / break character on Cisco IOS.

Change the break character for the current session

This sequence changes it only for current SSH/Telnet session that you are using. Changes are lost when you exit the session.

See that? My personal choice is Ctrl-W because it’s easy to type and doesn’t conflict with much else in the ASCII characters

Change the break permanently

Changing it back

For those people who will rush off and test this on a live router (oh yes, Elizabeth, they do exist):

Generally, I wouldn’t recommend making this a default, because other people will have to work on your network eventually and this is the sort of thing that can have unexpected problems. But the settings for the current session is a neat trick and can save a lot of time in complex networks.

CCIE Mendicants may choose to use this also, but you need to be consistent about putting into your configuration across all devices. Might be a bit tricky.

Hope it’s useful.