WEBVTT 0:00:07.200000 --> 0:00:12.620000 This video which belongs to section 2 .0 of the Cisco Certified Technician 0:00:12.620000 --> 0:00:20.640000 Series in routing and switching is called Basic Cisco iOS Software Commands. 0:00:20.640000 --> 0:00:26.780000 In this video I'm going to be your instructor and my name is Keith Bogart 0:00:26.780000 --> 0:00:31.320000 and there's my contact information should you need to reach out to me 0:00:31.320000 --> 0:00:34.920000 with any questions or comments that you might have. 0:00:34.920000 --> 0:00:42.140000 So in the section 2.0 of the Cisco Certified Technician Blueprint it simply 0:00:42.140000 --> 0:00:47.820000 says that you should be able to use and interpret the basic Cisco iOS 0:00:47.820000 --> 0:00:49.260000 software commands. 0:00:49.260000 --> 0:00:53.000000 So I'm going to include here what those commands are, gives her like a 0:00:53.000000 --> 0:01:00.460000 high-level overview of what kind of output you would get from them. 0:01:00.460000 --> 0:01:05.780000 So let's start out with some initial configuration commands. 0:01:05.780000 --> 0:01:09.720000 These are the commands that I sometimes affectionately call convenience 0:01:09.720000 --> 0:01:14.460000 commands and that they're not really commands that you have to do but 0:01:14.460000 --> 0:01:18.220000 when configuring your router a switcher, switch if you put these commands 0:01:18.220000 --> 0:01:22.460000 in it will make your life easier in the future. 0:01:22.460000 --> 0:01:27.380000 So let's start with the first one which is the Logging Synchronous Command. 0:01:27.380000 --> 0:01:30.540000 Now this command is done under your console port and I'll show you how 0:01:30.540000 --> 0:01:35.200000 to get there in just a moment but the main idea behind this is that without 0:01:35.200000 --> 0:01:39.440000 the logging synchronous command if you're in the middle of typing some 0:01:39.440000 --> 0:01:43.280000 command or something and all of a sudden the router or switch decides 0:01:43.280000 --> 0:01:47.440000 to print out a syslog message like an interface is just come up or come 0:01:47.440000 --> 0:01:52.380000 down or any reason there's thousands of reasons why a syslog message might 0:01:52.380000 --> 0:01:57.160000 be printed out. It will interrupt what you're typing which can be kind 0:01:57.160000 --> 0:02:01.360000 of problematic if you don't exactly remember where you were to leave off 0:02:01.360000 --> 0:02:07.740000 so I'll give you an example of that. 0:02:07.740000 --> 0:02:10.600000 So first of all in order to check to see if the logging synchronous command 0:02:10.600000 --> 0:02:14.700000 has already been pre-configured on a device you can just issue the command 0:02:14.700000 --> 0:02:21.960000 show run and go all the way down to the console line. 0:02:21.960000 --> 0:02:28.100000 There we go and if it was configured it would be right underneath there 0:02:28.100000 --> 0:02:30.620000 in this case I don't see it. 0:02:30.620000 --> 0:02:33.820000 So let me show you an example of why we might want to use that. 0:02:33.820000 --> 0:02:37.980000 So I'm doing some configuration blah blah blah and let's say I'm done 0:02:37.980000 --> 0:02:42.100000 with my configuration and I say okay I'm going to go ahead and exit back 0:02:42.100000 --> 0:02:47.060000 out to privilege exec I want to issue the show running-config command 0:02:47.060000 --> 0:02:53.640000 and verify my configuration however my typing is kind of slow so I type 0:02:53.640000 --> 0:03:01.780000 exit and then show oh let's see look at that right there I wasn't done 0:03:01.780000 --> 0:03:07.060000 with typing show running-config and yet this syslog message interrupted 0:03:07.060000 --> 0:03:17.000000 me so it's now like okay well did I include the space did I not causing 0:03:17.000000 --> 0:03:20.720000 some issues another issue that we can see right here and this is going 0:03:20.720000 --> 0:03:25.300000 to be fixed by the next command is look at this I typed in an invalid 0:03:25.300000 --> 0:03:30.880000 command I typed in show run altogether without spaces and the default 0:03:30.880000 --> 0:03:33.980000 behavior of Cisco iOS is when you type in a command that doesn't recognize 0:03:33.980000 --> 0:03:38.860000 like that it thinks it's a name it thinks it's a name of a device and 0:03:38.860000 --> 0:03:43.420000 it tries to resolve that via DNS but let's take one thing at a time so 0:03:43.420000 --> 0:03:49.300000 now if I go back in I'm going to go to line con zero that takes me to 0:03:49.300000 --> 0:03:54.120000 my console port and that's where I'm going to type logging synchronous 0:03:54.120000 --> 0:04:05.200000 and now if I exit out exit show see knows that I had just type sh and 0:04:05.200000 --> 0:04:09.760000 it showed me my syslog I was interrupted but then it repeated what I typed 0:04:09.760000 --> 0:04:14.540000 and where I left off so I can keep typing what it was that I was looking 0:04:14.540000 --> 0:04:21.480000 for so that's where logging synchronous can really help you now that previous 0:04:21.480000 --> 0:04:24.780000 command that we that previous error we saw show run where I forgot to 0:04:24.780000 --> 0:04:28.920000 include the space and right now it's trying to interpret that and try 0:04:28.920000 --> 0:04:34.840000 to resolve it via DNS what the moment if I hit enter enter any key on 0:04:34.840000 --> 0:04:39.480000 my keyboard I'm getting nothing I have I am locked out until it gives 0:04:39.480000 --> 0:04:48.480000 up so that brings us to our next command which is to prevent DNS resolution 0:04:48.480000 --> 0:04:55.020000 attempts for mistyped commands and as a no IP domain dash lookup command 0:04:55.020000 --> 0:05:06.320000 that's also a very useful command no IP domain dash lookup and now when 0:05:06.320000 --> 0:05:12.400000 I mistyped something I'm immediately given my prompt back it does not 0:05:12.400000 --> 0:05:18.440000 attempt to resolve that via DNS assuming I'm trying to tell net to some 0:05:18.440000 --> 0:05:24.080000 name show run another convenience command but one that people do all the 0:05:24.080000 --> 0:05:29.680000 time is to give a descriptive name to your router or your switch and that 0:05:29.680000 --> 0:05:34.260000 is the host name command that is also done from global configuration mode 0:05:34.260000 --> 0:05:43.420000 host name Keith dash switch now remember all these changes I'm making 0:05:43.420000 --> 0:05:48.060000 here are purely affecting the running config they're not being saved to 0:05:48.060000 --> 0:05:51.420000 the startup config in a previous video I showed you how to save your configuration 0:05:51.420000 --> 0:05:58.340000 but I will rehash that again in this video as well so what else do we 0:05:58.340000 --> 0:06:03.240000 want to look at how about some initial configuration commands for example 0:06:03.240000 --> 0:06:08.640000 configuring a banner this also is purely optional don't have to do it 0:06:08.640000 --> 0:06:13.740000 but the idea behind a banner is if you have a desire that when someone 0:06:13.740000 --> 0:06:17.820000 logs into your router switch you want to automatically present them with 0:06:17.820000 --> 0:06:21.980000 some kind of a message maybe a message that says this device owned by 0:06:21.980000 --> 0:06:27.300000 it get out now or maybe a message that says the entire lab will be shut 0:06:27.300000 --> 0:06:29.060000 down on Friday at 5 p.m. 0:06:29.060000 --> 0:06:32.980000 for air conditioning repair whatever it might be that is what we call 0:06:32.980000 --> 0:06:37.840000 a banner there are several different kinds of banners they they vary in 0:06:37.840000 --> 0:06:41.900000 when they take effect for example there's some banners are displayed when 0:06:41.900000 --> 0:06:45.440000 someone tell nets into a device there's some banners that display the 0:06:45.440000 --> 0:06:48.620000 moment someone connects to the console of the device the one I'm going 0:06:48.620000 --> 0:06:54.340000 to talk about is the method of the day or message of the day banner motd 0:06:54.340000 --> 0:06:59.900000 message of the day and very simply here's how it works once again from 0:06:59.900000 --> 0:07:06.540000 global configuration mode you type banner motd now the next thing you're 0:07:06.540000 --> 0:07:11.020000 going to type is what's called a delimiting character this is any character 0:07:11.020000 --> 0:07:16.400000 on your keyboard you know what's it used for well you type whatever character 0:07:16.400000 --> 0:07:21.280000 you want and then you type your message and then the next time you type 0:07:21.280000 --> 0:07:26.420000 that character again that's how ios knows that you're done with your message 0:07:26.420000 --> 0:07:30.420000 so the key thing is your delimiting character should be picked as something 0:07:30.420000 --> 0:07:37.220000 that is not going to be part of your message for example i'm going to 0:07:37.220000 --> 0:07:40.920000 use the delimiting character of the letter p and i'll show you how this 0:07:40.920000 --> 0:07:52.240000 is a problem now i say welcome to my router please leave now or die p 0:07:52.240000 --> 0:07:59.160000 okay so you might think okay well sisco ios knows p is the delimiting 0:07:59.160000 --> 0:08:02.900000 delimiting character and here it is i ended my line with the letter p 0:08:02.900000 --> 0:08:09.200000 but notice the letter p was also part of my message and so what what that 0:08:09.200000 --> 0:08:13.480000 actually means is the moment ios saw this letter p in the word please 0:08:13.480000 --> 0:08:18.760000 it stopped in other words my banner right now is only going to reference 0:08:18.760000 --> 0:08:30.240000 welcome to my router comma and that's it so i'm going to hit the enter 0:08:30.240000 --> 0:08:37.320000 key and there it is everything from the p and please on after that was 0:08:37.320000 --> 0:08:43.880000 discounted so what i really should have done was banner motd let's see 0:08:43.880000 --> 0:08:50.480000 here welcome to my router please leave now well how about the carrot symbol 0:08:50.480000 --> 0:09:01.700000 that's not part of my message welcome to my router please leave now carrot 0:09:01.700000 --> 0:09:12.140000 symbol again and now you can see that the entire message is displayed 0:09:12.140000 --> 0:09:18.480000 so that's what a banner is or a message of the banner and to undo that 0:09:18.480000 --> 0:09:24.440000 you can just simply say no banner motd you don't have to copy the whole 0:09:24.440000 --> 0:09:30.500000 banner back in again now this is something you're probably going to be 0:09:30.500000 --> 0:09:36.920000 doing a lot adding ip addresses to an interface now keep in mind that 0:09:36.920000 --> 0:09:41.420000 any interface whether it be an interface on the knit card of your laptop 0:09:41.420000 --> 0:09:46.580000 on the Wi-Fi card built into your smartphone or on a router's interface 0:09:46.580000 --> 0:09:51.480000 any interface that has an ip address also needs to have a subnet mask 0:09:51.480000 --> 0:09:56.640000 an ip address without a subnet mask completely useless there's no way 0:09:56.640000 --> 0:10:00.240000 for the device to know in that 32-bit address which of the bits of the 0:10:00.240000 --> 0:10:05.380000 networking bits and which of the bits are the host bits now is the time 0:10:05.380000 --> 0:10:09.140000 i am recording this video right now in order to add an ip address in the 0:10:09.140000 --> 0:10:14.100000 subnet mask both components have to be added in dotted decimal notation 0:10:14.100000 --> 0:10:18.940000 so you can see here step number one which isn't really shown as you go 0:10:18.940000 --> 0:10:23.860000 into global configuration mode step number two is you tell the router 0:10:23.860000 --> 0:10:28.880000 or switch which interface you want to get into and then you add your ip 0:10:28.880000 --> 0:10:38.040000 address and subnet mask so let me get into a router here okay so i will 0:10:38.040000 --> 0:10:41.780000 so that's global configuration mode right there now i'll go into one of 0:10:41.780000 --> 0:10:46.220000 my interfaces with the interface fast ethernet zero slash zero so i'll 0:10:46.220000 --> 0:10:51.380000 go into my very first fast ethernet interface and that's right type ip 0:10:51.380000 --> 0:11:01.420000 address and give it some address followed by some subnet mask so the key 0:11:01.420000 --> 0:11:05.500000 takeaway there is you have to think to yourself where is this ip address 0:11:05.500000 --> 0:11:10.640000 going to be applied on what physical or what logical interface and then 0:11:10.640000 --> 0:11:15.200000 from global configuration mode you need to get into that interface and 0:11:15.200000 --> 0:11:24.520000 then apply the ip address all right let's take a look at some commands 0:11:24.520000 --> 0:11:28.920000 that that monitor certain things for example what if i want to see what 0:11:28.920000 --> 0:11:32.700000 ip addresses i have on my interfaces and whether those interfaces are 0:11:32.700000 --> 0:11:37.640000 up or down or administratively shut down well for that i use the show 0:11:37.640000 --> 0:11:45.780000 ip interface brief command and that'll work on both routers and switches 0:11:45.780000 --> 0:11:59.340000 let me go ahead and do it on a router here show ip interface brief it's 0:11:59.340000 --> 0:12:04.120000 a great command you can see it shows you the interface name and number 0:12:04.120000 --> 0:12:09.440000 the ip address it has or maybe doesn't have one at all tells you if that 0:12:09.440000 --> 0:12:13.700000 ip address was manually configured which it probably was some other options 0:12:13.700000 --> 0:12:19.580000 are DHCP or serial line ARP and also shows you the status of the interface 0:12:19.580000 --> 0:12:25.480000 in this case status is up up or is this one is administratively down so 0:12:25.480000 --> 0:12:32.200000 show ip interface brief how about displaying the physical layer status 0:12:32.200000 --> 0:12:38.100000 of interfaces for example on this interface right here i can see that's 0:12:38.100000 --> 0:12:44.380000 up i can see it has an ip address but what is the speed of that interface 0:12:44.380000 --> 0:12:49.660000 what's the bandwidth what is the duplex is it half duplex full duplex 0:12:49.660000 --> 0:12:56.060000 does it have any errors has it any fcs errors or drops so i can do that 0:12:56.060000 --> 0:13:02.020000 by typing show interface and then the interface i'm concerned with show 0:13:02.020000 --> 0:13:08.240000 interface fast ethernet zero zero in this case and here we can see once 0:13:08.240000 --> 0:13:12.100000 again it reinforces that the interface is up gives me information like 0:13:12.100000 --> 0:13:15.500000 the MAC address if i if i need to know the MAC address of the interface 0:13:15.500000 --> 0:13:19.880000 reinforces if the interface has an ip address or not and that gives me 0:13:19.880000 --> 0:13:24.160000 a lot of lower level stuff for example the MTU the bandwidth on the interface 0:13:24.160000 --> 0:13:28.400000 what type of encapsulations being used there in this case is doing full 0:13:28.400000 --> 0:13:34.280000 duplex one hundred megabits per second and then down here the last section 0:13:34.280000 --> 0:13:40.520000 shows me all of my error counters if there's any errors whatsoever as 0:13:40.520000 --> 0:13:46.580000 well as statistics about packets input as well as packets output that 0:13:46.580000 --> 0:13:55.300000 is the show interface command now on routers router interfaces are always 0:13:55.300000 --> 0:13:59.860000 layer three interfaces we call them routed interfaces we don't even really 0:13:59.860000 --> 0:14:04.440000 column that we just call them interfaces now on a switch especially a 0:14:04.440000 --> 0:14:08.520000 multi-layer switch and most of the switches that Cisco sells are multi 0:14:08.520000 --> 0:14:14.680000 -layer switches a switch's interface could be a switch port which means 0:14:14.680000 --> 0:14:18.260000 there's no IP information on it it doesn't even understand IP it's just 0:14:18.260000 --> 0:14:23.340000 part of a VLAN it's switching layer two frames back and forth that's a 0:14:23.340000 --> 0:14:28.300000 switch port or it could be a routed interface like an interface on a router 0:14:28.300000 --> 0:14:32.720000 or it could be a trunk it could be a variety of things so how do i see 0:14:32.720000 --> 0:14:38.240000 what the switch port operating mode is on a switch interface and if it's 0:14:38.240000 --> 0:14:42.500000 trunking some trunking information well i can do that same command i just 0:14:42.500000 --> 0:14:46.460000 did before show interface but this time use the special keyword of switch 0:14:46.460000 --> 0:14:57.040000 port on the end of that interface so for example so here if i go on to 0:14:57.040000 --> 0:15:08.320000 show interface fast ethernet zero slash ten switch port so unlike just 0:15:08.320000 --> 0:15:11.540000 the show interface command which shows me a lot of low level physical 0:15:11.540000 --> 0:15:16.240000 layer information like errors encounters this one gives me more layer 0:15:16.240000 --> 0:15:21.420000 two feature information so it tells me switch port enabled in other words 0:15:21.420000 --> 0:15:25.460000 this is not a routed port i can't put an IP address on here this is a 0:15:25.460000 --> 0:15:30.580000 layer two switch port it tells me that right now operationally it's operating 0:15:30.580000 --> 0:15:39.180000 as concerned the native VLAN is VLAN4 and there's a whole bunch of other 0:15:39.180000 --> 0:15:42.860000 good stuff in here from this command as well now what if i did the same 0:15:42.860000 --> 0:15:46.500000 command on a port that's a routed port a port that's like a port on a 0:15:46.500000 --> 0:15:50.680000 router where i put an IP address well i'll get absolutely nothing back 0:15:50.680000 --> 0:15:55.700000 because this command here with the keyword switch port assumes that the 0:15:55.700000 --> 0:15:59.540000 interface you're looking at is a switch port for example if i do show 0:15:59.540000 --> 0:16:05.920000 interface fast ethernet zero slash one switch port it says switch port 0:16:05.920000 --> 0:16:11.740000 disabled this is not a switch port because if i actually take a look at 0:16:11.740000 --> 0:16:17.020000 it you can see i actually typed in the no switch port command which converted 0:16:17.020000 --> 0:16:21.640000 it into a layer three routed interface which allowed me to put an IP address 0:16:21.640000 --> 0:16:27.440000 and subnet mask on it also if you have a question if you might say hey 0:16:27.440000 --> 0:16:31.580000 i wonder if my switch has any VLAN trunks i'm not sure which interfaces 0:16:31.580000 --> 0:16:34.880000 if any of them are VLAN trunks you can get a high level summary of this 0:16:34.880000 --> 0:16:44.700000 with a show interface trunk command show interfaces trunk and we can see 0:16:44.700000 --> 0:16:50.080000 here that i've got four trunks these four ports right here are currently 0:16:50.080000 --> 0:16:55.160000 trunking you can see the end means they dynamically negotiated to 802 0:16:55.160000 --> 0:16:59.880000 .1q trunking encapsulation it also gives you information about the native 0:16:59.880000 --> 0:17:05.080000 VLAN on each trunk which VLANs are allowed in the event that you may have 0:17:05.080000 --> 0:17:10.480000 manually stripped off certain VLANs from the trunk and which VLANs are 0:17:10.480000 --> 0:17:17.560000 actually configured and active in the switch right now how about monitoring 0:17:17.560000 --> 0:17:24.040000 of routing protocols how do i see my routing table with IP it's just simply 0:17:24.040000 --> 0:17:34.620000 show IP route and if you have learned of any routes they're going to be 0:17:34.620000 --> 0:17:39.020000 in here so the first part of show IP route gives you a key which means 0:17:39.020000 --> 0:17:42.800000 because every single route is prefenced by some sort of a letter and this 0:17:42.800000 --> 0:17:46.720000 key up here will tell you what that letter means so for example we can 0:17:46.720000 --> 0:17:51.840000 see that r means rip so here's a route that was learned via rip we can 0:17:51.840000 --> 0:17:58.460000 see that o is ospf and ia is ospf inter -area so we've got an ospf inter 0:17:58.460000 --> 0:18:05.840000 -area route d what's that what we can see right here d is eijrp now if 0:18:05.840000 --> 0:18:09.720000 you do happen to be running ipv6 in your network the same command will 0:18:09.720000 --> 0:18:16.100000 work with just a slight modification show ipv6 route so either show ip 0:18:16.100000 --> 0:18:22.500000 route for your ip version for routing protocol or show ipv6 route i'm 0:18:22.500000 --> 0:18:25.420000 not running ipv6 in here so i'm not going to demonstrate that for you 0:18:25.420000 --> 0:18:31.000000 okay maybe you wonder what routing protocols are currently running on 0:18:31.000000 --> 0:18:36.160000 my router right now for example maybe you say hey i thought i had rip 0:18:36.160000 --> 0:18:41.700000 and ospf running on my router but i'm only seeing ospf routes did somebody 0:18:41.700000 --> 0:18:46.260000 forget to configure rip well you can use the command show ip protocols 0:18:46.260000 --> 0:18:53.600000 to display that once again even though i'm doing this on a switch don't 0:18:53.600000 --> 0:18:57.600000 be misled this is a layer three switch so it's capable of all the same 0:18:57.600000 --> 0:19:11.240000 routing that routers are capable of doing show ip protocols so i've actually 0:19:11.240000 --> 0:19:16.420000 configured a lot of stuff on here so you can see here that the first routing 0:19:16.420000 --> 0:19:21.700000 protocol list is eijrp gives a lot of good information about that protocol 0:19:21.700000 --> 0:19:29.300000 like the eijrp autonomous system number the k-values the router id the 0:19:29.300000 --> 0:19:33.920000 administrative distances for eijrp further on beneath that you can see 0:19:33.920000 --> 0:19:40.360000 it's running ospf and shows you information about ospf as well and it's 0:19:40.360000 --> 0:19:44.300000 also running rip so this is a good command to see what routing protocols 0:19:44.300000 --> 0:19:51.080000 are currently active on my device now for those routing protocols that 0:19:51.080000 --> 0:19:59.020000 do create neighbor relationships like ospf eijrp isis and bgp you can 0:19:59.020000 --> 0:20:04.460000 use the show ip protocol and the neighbor command to see do you have any 0:20:04.460000 --> 0:20:08.180000 neighbor relationships for example on my particular switch i'm running 0:20:08.180000 --> 0:20:13.880000 eijrp and ospf in order for that to actually work my switch needs to form 0:20:13.880000 --> 0:20:18.720000 an eijrp neighbor relationship with another device running eijrp and with 0:20:18.720000 --> 0:20:23.100000 another device running ospf has it done so well i can use this command 0:20:23.100000 --> 0:20:30.120000 right here to do that show ip eijrp neighbor just the fact that i see 0:20:30.120000 --> 0:20:34.820000 anything shows me it is it does have an eijrp neighbor i can see the address 0:20:34.820000 --> 0:20:40.440000 of my eijrp neighbor the interface where i learned it and how long i've 0:20:40.440000 --> 0:20:45.860000 had an eijrp neighbor you can do the same thing for ospf show ip ospf 0:20:45.860000 --> 0:20:51.440000 neighbor shows me having ospf neighbor and as you learn more about these 0:20:51.440000 --> 0:20:55.940000 routing protocols you'll learn what these various pieces of information 0:20:55.940000 --> 0:21:02.480000 under each column stand for do i have any other sysco devices connected 0:21:02.480000 --> 0:21:08.140000 most not all but most sysco devices certainly routers and switches by 0:21:08.140000 --> 0:21:13.700000 default run a sysco proprietary protocol called the sysco discovery protocol 0:21:13.700000 --> 0:21:19.120000 cdp and basically what cdp does is it just periodically about once every 0:21:19.120000 --> 0:21:24.700000 minute or so sends out a cdp message saying hey here i am here's my host 0:21:24.700000 --> 0:21:29.000000 name here's what kind of device i am here's my host software i'm running 0:21:29.000000 --> 0:21:33.300000 and so if i'm sitting on a sysco device i can see if it has learned of 0:21:33.300000 --> 0:21:38.200000 any incoming cdp messages from directly connected neighbors now cdp messages 0:21:38.200000 --> 0:21:42.120000 do not hop from one device to the other so when i issue this command show 0:21:42.120000 --> 0:21:46.480000 cdp neighbor i will only see devices that are directly connected to me 0:21:46.480000 --> 0:21:53.900000 if they're also running cdp i won't see any devices beyond them so for 0:21:53.900000 --> 0:22:01.120000 example here you can do show cdp neighbor and you can see i've learned 0:22:01.120000 --> 0:22:05.560000 quite a few cdp neighbors it shows me that the name which defaults to 0:22:05.560000 --> 0:22:09.860000 the host name of the device the local interface is the interface on my 0:22:09.860000 --> 0:22:14.740000 device to the one i'm on right now that learned of this neighbor and the 0:22:14.740000 --> 0:22:20.500000 port id over here is the remote interface for example on my local interface 0:22:20.500000 --> 0:22:24.120000 i'm connected to some sort of device looks like it's a router because 0:22:24.120000 --> 0:22:29.880000 it's got an r here called client-router2 i am connected to him on fast 0:22:29.880000 --> 0:22:35.760000 ethanet02 but if i found fast ethanet02 and i trace that cable the other 0:22:35.760000 --> 0:22:40.120000 end of that cable will be connected to that router's fast ethanet00 interface 0:22:40.120000 --> 0:22:46.420000 you can also use the command show cdp neighbor detail and get even more 0:22:46.420000 --> 0:22:53.520000 detailed information about those cdp neighbors show version very useful 0:22:53.520000 --> 0:22:57.260000 command to see what ios version you're running as well as all sorts of 0:22:57.260000 --> 0:23:13.760000 other information show version so here in show version it shows that this 0:23:13.760000 --> 0:23:19.280000 is a catalyst 3560 shows you the feature set or technology train that's 0:23:19.280000 --> 0:23:27.120000 in use also shows you it's running 12255 se9 software this is some critical 0:23:27.120000 --> 0:23:29.920000 information that the syscode tack will need to know if you're dealing 0:23:29.920000 --> 0:23:34.440000 with them when troubleshooting a case also shows you how long that device 0:23:34.440000 --> 0:23:39.460000 has been turned on three hours and 33 minutes the last time it was turned 0:23:39.460000 --> 0:23:44.520000 on was due to a power on so it wasn't a crash or anything gives you a 0:23:44.520000 --> 0:23:47.300000 lot of other good information as well it types of interfaces and modules 0:23:47.300000 --> 0:23:57.940000 it has part numbers and serial numbers and it also if i do this for example 0:23:57.940000 --> 0:24:05.300000 on a router at the very bottom of the show version command you also see 0:24:05.300000 --> 0:24:09.960000 information about your configuration register that's a topic i'm going 0:24:09.960000 --> 0:24:19.280000 to talk about in the next video the configuration register so syscode 0:24:19.280000 --> 0:24:22.640000 routers and switches have lots of different types of memory we've talked 0:24:22.640000 --> 0:24:28.040000 in earlier videos i've talked about nvram, dram, flash memory, raw memory 0:24:28.040000 --> 0:24:33.240000 so directory all will show you what type of memories in the device and 0:24:33.240000 --> 0:24:43.000000 what files are stored there so for example if i do this in my switch d 0:24:43.000000 --> 0:24:55.500000 -i-r and then all so the switch starts with flash memory so here's my flash 0:24:55.500000 --> 0:24:59.940000 memory and as can be expected in the flash memory is my syscode iOS software 0:24:59.940000 --> 0:25:06.420000 image system memory is the same as dram that's the same thing as dram 0:25:06.420000 --> 0:25:11.280000 and in dram we know we can expect to find our running config that's in 0:25:11.280000 --> 0:25:15.900000 there now switch this switch also has something called temp-sis i've no 0:25:15.900000 --> 0:25:18.720000 idea what that is i've never needed to know it's got a whole bunch of 0:25:18.720000 --> 0:25:23.440000 other junk in there and then nvram we can see my startup config is in 0:25:23.440000 --> 0:25:29.120000 there so that was all the result of using the d-i-r space all directory 0:25:29.120000 --> 0:25:36.100000 all command and these two commands you're probably familiar with show 0:25:36.100000 --> 0:25:43.700000 startup config and show running dash config so show startup dash config 0:25:43.700000 --> 0:25:49.500000 will show you what configuration file will be used the next time this 0:25:49.500000 --> 0:25:57.020000 device power cycles in this case the star configurations not present and 0:25:57.020000 --> 0:26:02.140000 we can see that right here because the start configuration says zero however 0:26:02.140000 --> 0:26:06.800000 if i do show running config i do have a running config in this device 0:26:06.800000 --> 0:26:12.700000 which tells me that when this thing was first powered on it had no startup 0:26:12.700000 --> 0:26:16.900000 configuration at all some changes have been made to it clearly you know 0:26:16.900000 --> 0:26:21.900000 ei jr p ospf rip have been added to it but those changes have not been 0:26:21.900000 --> 0:26:28.960000 saved if they had been saved i would have a startup config which leads 0:26:28.960000 --> 0:26:32.800000 me to my next slide how do i save those changes from the running config 0:26:32.800000 --> 0:26:36.160000 to the startup config because we know that all this stuff will be lost 0:26:36.160000 --> 0:26:45.440000 when the power goes out i need to save that well there are two ways you 0:26:45.440000 --> 0:26:52.160000 can do it uh the long way is the copy running dash config a space startup 0:26:52.160000 --> 0:26:58.380000 dash config or you can simply type right memory or even just wr for right 0:26:58.380000 --> 0:27:03.260000 they both do the exact same thing so the copy command the way it works 0:27:03.260000 --> 0:27:10.380000 is copy after the copy is your from location what am i copying from well 0:27:10.380000 --> 0:27:20.920000 i'm copying from my running config for example to a tftp server i could 0:27:20.920000 --> 0:27:25.220000 do it like this copy running config tftp and then it would prop me it's 0:27:25.220000 --> 0:27:28.820000 say okay what's the IP address of the tftp server but i'm not going to 0:27:28.820000 --> 0:27:33.400000 do that in this case i'm going to do copy running config and i want to 0:27:33.400000 --> 0:27:38.180000 save it to the startup config that says okay do you want your running 0:27:38.180000 --> 0:27:42.860000 config when you're saving it to be called startup config absolutely i 0:27:42.860000 --> 0:27:47.320000 do so i just hit enter now that exact same thing can be done with just 0:27:47.320000 --> 0:27:52.480000 two key strokes wr it's the exact same thing is copy running config to 0:27:52.480000 --> 0:28:00.820000 start config and say i'm setting a router back to factory defaults here 0:28:00.820000 --> 0:28:03.320000 are the commands to do that i'm not going to go into the details of that 0:28:03.320000 --> 0:28:06.480000 because i actually demonstrated that in the previous video when i was 0:28:06.480000 --> 0:28:09.480000 talking about saving configuration files so i'm not going to spend any 0:28:09.480000 --> 0:28:14.720000 detailed time here going about that a couple more things let's talk a 0:28:14.720000 --> 0:28:21.280000 little bit about some real basic security commands so we want to secure 0:28:21.280000 --> 0:28:25.860000 the enable password we know that when someone first gains console access 0:28:25.860000 --> 0:28:30.240000 to my router and my switch they're going to be in user exec mode not a 0:28:30.240000 --> 0:28:33.620000 lot of damage they can do from user exec mode because they can't configure 0:28:33.620000 --> 0:28:39.180000 anything but if they issue the enable command and get right into privilege 0:28:39.180000 --> 0:28:43.220000 exec well from there they've got full access they can do anything they 0:28:43.220000 --> 0:28:46.980000 want to my router my switch so i probably want to password protect that 0:28:46.980000 --> 0:28:51.780000 level either with an enable password or an enable secret password what's 0:28:51.780000 --> 0:28:56.440000 the difference well functionally they both do exactly the same thing whether 0:28:56.440000 --> 0:29:00.820000 i do enable password or enable secret it simply means that when someone 0:29:00.820000 --> 0:29:04.980000 types the enable command they're going to be given a password prompt and 0:29:04.980000 --> 0:29:09.960000 they're going to type in between the two of these things is really historical 0:29:09.960000 --> 0:29:15.560000 in nature the enable password came out first and we can see if i type 0:29:15.560000 --> 0:29:22.940000 enable password and then put some password on there like sisco well now 0:29:22.940000 --> 0:29:26.800000 if i get in here and i try to enable i'm prompted with a password prompt 0:29:26.800000 --> 0:29:31.760000 and i have to type sisco it has to be exact the case it is case sensitive 0:29:31.760000 --> 0:29:37.020000 now what some people perceived as a problem with the enable password was 0:29:37.020000 --> 0:29:42.540000 that if i need to send my configuration to someone to look it over like 0:29:42.540000 --> 0:29:46.260000 maybe sisco tack or another co-worker and i just issued the show running 0:29:46.260000 --> 0:29:51.740000 config command you'll see that your enable password is right here in plaintext 0:29:51.740000 --> 0:29:56.240000 so now you may have inadvertently given away your enable password that's 0:29:56.240000 --> 0:29:59.940000 the main problem with it so then later on i'm not sure how much time elapsed 0:29:59.940000 --> 0:30:04.140000 but later on some sisco engineers said well we should have it to wear 0:30:04.140000 --> 0:30:08.300000 when they type in the password it's automatically encrypted for them so 0:30:08.300000 --> 0:30:12.820000 it doesn't show up in plaintext format and that's what the enable secret 0:30:12.820000 --> 0:30:20.020000 is for enable secret i'll just use the word i and e for that and now you 0:30:20.020000 --> 0:30:23.840000 can see when i look at my show running config output the enable secret 0:30:23.840000 --> 0:30:30.180000 has been hashed with an md5 hashing algorithm now this is not uncrackable 0:30:30.180000 --> 0:30:35.780000 it's just extremely difficult to uncrack that so i should say to crack 0:30:35.780000 --> 0:30:40.360000 that so it's just more secure now in this particular case if you happen 0:30:40.360000 --> 0:30:45.880000 to have both an enable secret and an enable password the enable secret 0:30:45.880000 --> 0:30:50.640000 always takes priority it's basically like the enable password isn't doing 0:30:50.640000 --> 0:30:55.560000 anything so if i try to get out right now and now i type enable if i try 0:30:55.560000 --> 0:31:01.500000 typing sisco c-i-s-c-o it won't take it it's expecting me to type in i 0:31:01.500000 --> 0:31:06.160000 and e which is my enable secret and the way you undo those or get rid 0:31:06.160000 --> 0:31:14.000000 of them is simply by typing no enable secret and no enable password and 0:31:14.000000 --> 0:31:21.680000 that gets rid of them you can also put a password on your console port 0:31:21.680000 --> 0:31:25.980000 so if anybody connects to the console now presumably your routers and 0:31:25.980000 --> 0:31:29.620000 switches are locked away in a wiring closet or a lab somewhere where only 0:31:29.620000 --> 0:31:33.720000 people who have special keycard access can get to them but if you have 0:31:33.720000 --> 0:31:36.860000 a lab where a lot of people use that lab from different departments or 0:31:36.860000 --> 0:31:39.920000 different parts of the company you might have routers or switches within 0:31:39.920000 --> 0:31:43.820000 that lab that you don't want anybody getting to even if they're physically 0:31:43.820000 --> 0:31:48.020000 in front of it so by putting a password on the console you can lock them 0:31:48.020000 --> 0:31:51.220000 out you very careful with that though if you put a password on the console 0:31:51.220000 --> 0:31:57.760000 because you could also inadvertently lock yourself out as well and the 0:31:57.760000 --> 0:32:01.420000 last things i want to talk about as far as securing sisco devices are 0:32:01.420000 --> 0:32:07.140000 some more passwords and this is putting a password on your telnet connection 0:32:07.140000 --> 0:32:11.200000 so someone's trying to telnet in to your router we want to make sure that 0:32:11.200000 --> 0:32:15.260000 they're presented with a password prompt so you have two choices for this 0:32:15.260000 --> 0:32:23.560000 in the first option we're going into our vty lines line vty 04 now this 0:32:23.560000 --> 0:32:27.940000 means in this particular platform there are there's the potential of having 0:32:27.940000 --> 0:32:32.920000 up to five simultaneous telnet sessions happening i'm not sure when that 0:32:32.920000 --> 0:32:36.760000 would ever happen that five people would be telnetted into this one box 0:32:36.760000 --> 0:32:40.800000 all at the same time i suppose it could happen but that's what this means 0:32:40.800000 --> 0:32:45.780000 the first person's going to get vty 0 second person's going to get vty 0:32:45.780000 --> 0:32:51.240000 1 all the way up to vty 4 and then under my vty line i'm going to put 0:32:51.240000 --> 0:32:55.700000 password and then whatever i want my password to be now if i do it like 0:32:55.700000 --> 0:33:00.220000 that that means anybody and everybody that telnet sent to this device 0:33:00.220000 --> 0:33:05.220000 will be prompted for a password and they'll all have the exact same password 0:33:05.220000 --> 0:33:09.300000 now that could be problematic imagine from moment that i have a fairly 0:33:09.300000 --> 0:33:14.740000 large staff of let's say 25 network admins in my company on all of my 0:33:14.740000 --> 0:33:21.440000 hundreds of routers and switches i put a password of sisco 1 2 3 and now 0:33:21.440000 --> 0:33:24.860000 i have to fire one of my network admins because i've found them doing 0:33:24.860000 --> 0:33:29.400000 some unethical stuff in the company well as they walk away they still 0:33:29.400000 --> 0:33:33.320000 know that sisco 1 2 3 is the password which means now they have to get 0:33:33.320000 --> 0:33:38.040000 into every single device change the password on every single device and 0:33:38.040000 --> 0:33:42.240000 let all the remaining network admins that still work for me know what 0:33:42.240000 --> 0:33:46.680000 the new password is that's kind of a hassle so what might be better is 0:33:46.680000 --> 0:33:49.980000 the second option and the second option you can see here that at the global 0:33:49.980000 --> 0:33:55.040000 configuration level we're starting by creating unique username and password 0:33:55.040000 --> 0:34:00.420000 statements for each person so in my particular case i might have 25 unique 0:34:00.420000 --> 0:34:05.860000 username and password statements and then when somebody logs in via telnet 0:34:05.860000 --> 0:34:10.520000 they're presented with a username and a password prompt and if i happen 0:34:10.520000 --> 0:34:13.820000 to lay somebody off or fire them i'll just get rid of that one username 0:34:13.820000 --> 0:34:17.280000 and password prompt and it won't affect the other people in my company 0:34:17.280000 --> 0:34:20.420000 so let me just show you some demonstrations of this and then we'll finish 0:34:20.420000 --> 0:34:25.540000 that up for this video so first of all i'm going to go ahead and go into 0:34:25.540000 --> 0:34:37.100000 line vty 04 and i'm going to say password sisco so now when someone tries 0:34:37.100000 --> 0:34:43.920000 to telnet in they get the password prompt and as long as they know the 0:34:43.920000 --> 0:34:53.400000 correct password they're in there they go now instead i'm going to type 0:34:53.400000 --> 0:35:02.620000 username keith password sisco and go back to my vty lines i'm going to 0:35:02.620000 --> 0:35:10.640000 say no password instead i'm going to say log in local that means hey when 0:35:10.640000 --> 0:35:15.060000 somebody logs in there is authentication information but it's not here 0:35:15.060000 --> 0:35:20.240000 under the vty look at the global configuration level to find that information 0:35:20.240000 --> 0:35:29.080000 so now when i get out if i try to telnet into that same device now i get 0:35:29.080000 --> 0:35:32.860000 a username prompt type in the username it is case sensitive type in the 0:35:32.860000 --> 0:35:38.880000 password oh i think i messed up because i use the capital c in sisco it 0:35:38.880000 --> 0:35:44.180000 should have been a lower case c let's try it again keith c-i-s-c-o and